last executing test programs:

3m8.451909669s ago: executing program 32 (id=23):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_int(r0, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4)
write$tun(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000000111ff00000000000000000000000000000000ff0200000000000000000000000000014f194e20"], 0x4b)

2m53.050995944s ago: executing program 0 (id=84):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x0)
chown(&(0x7f00000003c0)='./file0\x00', r0, 0xee01)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
chdir(&(0x7f00000001c0)='./bus\x00')
rmdir(&(0x7f0000000380)='./file0/../file0\x00')

2m52.780754095s ago: executing program 0 (id=85):
sendmsg$rds(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x20000800}, 0x4000008)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x5, 0x12, 0x0, 0x3}, 0x9c)
r0 = syz_io_uring_setup(0x466c, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RENAMEAT={0x23, 0x30, 0x0, r3, 0x0, 0x0, r3})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f0000000100)={0x2, r3, 0x2c, {0xd464, 0x7}, 0x2}, 0x1)

2m52.418549037s ago: executing program 0 (id=87):
r0 = io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xfdcf, 0x2, 0x2})
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$uinput_user_dev(r1, &(0x7f0000000a80)={'syz1\x00', {0xfffd}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400], [0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x185], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x3cc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x88], [0x4, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4a9c, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2ec2, 0x0, 0x0, 0x4]}, 0x45c)
ioctl$UI_SET_RELBIT(r1, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x2)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x1)
ioctl$UI_DEV_CREATE(r1, 0x5501)
close_range(r0, 0xffffffffffffffff, 0x0)

2m51.484288047s ago: executing program 0 (id=89):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file1/file4\x00', &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

2m50.449275376s ago: executing program 0 (id=93):
creat(&(0x7f0000000000)='./file0\x00', 0x108)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006340)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x1, 0xffffffff80000000, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x0, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0xa4901, 0x0)
write$tcp_congestion(r2, &(0x7f00000000c0)='lp\x00', 0xfffffdef)
dup2(r2, r0)

2m49.812869838s ago: executing program 0 (id=97):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$kcm(0x29, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0)
pwritev(r3, &(0x7f0000000040)=[{&(0x7f0000000480)="db", 0x1}], 0x1, 0x4000001, 0x0)
sendfile(r2, r3, 0x0, 0x8000fb00)

2m49.100118892s ago: executing program 33 (id=97):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$kcm(0x29, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0)
pwritev(r3, &(0x7f0000000040)=[{&(0x7f0000000480)="db", 0x1}], 0x1, 0x4000001, 0x0)
sendfile(r2, r3, 0x0, 0x8000fb00)

2m22.028737931s ago: executing program 6 (id=234):
r0 = creat(&(0x7f0000000240)='./file0\x00', 0x40)
close(r0)
r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, 0x930, 0x6000002, 0x4018831, r0, 0x0)
r2 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6c9ecbf09d6dd7be5a06dfd645630500c1a303434a36bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffdc0fb243c3111dda42112650cc", 0x0, 0x48)
read$char_usb(r0, &(0x7f0000000380)=""/190, 0xbe)
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000ffa000/0x3000)=nil, 0x3000})

2m21.703163667s ago: executing program 6 (id=235):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[], 0x12f4}, 0x1, 0x0, 0x0, 0x48051}, 0x240000c4)
r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x5867, 0x10, 0xfffffffc, 0x24d}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000001800)=""/216, 0xd8}, {&(0x7f0000000400)=""/84, 0x54}], 0x2})
io_uring_enter(r2, 0x100847c0, 0x0, 0x1, 0x0, 0x0)

2m20.469846958s ago: executing program 6 (id=242):
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$inet(r3, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000002540)="955232d6c924037daed352087a08237337131faef13945bfaaa58d01e5f858e96271cde18577054eb145e62abd8150646072c75137606c9eca87c894182ee54fa975990ac5f7b8f2ced1bc37588f08efcfba84054e1bf5de3ae4fe95d64222f92b12be73478c249144accca8d10df2f204b2905167cb97972c40265e6b4af404adc8f6cf85253346cfeb6eb585e3f0692ab9d35d7850e3d62a948b5c9b", 0x9d}, {&(0x7f00000001c0)="96607e121729ff5ba084661b14fc7202e7b54c2be7983a4e4e11a8906105f36f652d7135bda20b939abb9b959973ca1f755aa9e545c8fb8876d07fa49e24824ff9719993882242846b", 0x49}, {&(0x7f0000000500)="648a6282c6e91b973836904a4a88affa0c371dd1b9c133c5e594714579d6bb3addfd43e78272aef64427ce5467d6994320cf139092452c7944ddab49e459f7e0c73f890e9e2463bd3390e20b1e472bd2aedb47094547a767a098a94a402e6aba65c0ef07eaa87f8663c763d9bb491243eb129eec434e5603956c8333a6ecdf4d3a601b9c8d3d63e3a4a57b38033e2b004f6c3e45f1645c3b7ca0d5ba5eea059b5aa4f0f80ac66904076cc60e47e1afc7d81ad937dee5efc0580e38d96cf0f53808f37d5a8811b07165e8b9aabceac06e4fa7f7668b8832877783a727a1fa8b972bfaeb232cf3e9b500965820f4adf64f1e5eddd65f5734fb43644347e98af7eb6abe95dcb6ed1acc22c8abdd5ea116242d5b7b2ecff3d9c635bce6a377112b4adbd75b71fcc8a6e3693c82ed7fd11ad63683cc89f0a35b", 0x108}, {&(0x7f00000007c0)="a96a428426d96522dbf395b96cda5289bbfe3d97be8f413c48ec17c91194c66443ac9ed513c32242f54abb9a8ad671c6786dd7161962a8cf0dc4c7c0a1f86f7d1b17cc1660980f64e0b66a61b77eed3c8497ff551a20db0aa749c5ed3d49c05b1f787665fc8ed059d872289988b78549f8e5f01c2dab0e462f618669d1ca60666c010a55e46421284abe14fdfa39da550161c5410c37fbd11866c3e2f710e557408f5c4a5d494e87bcacc70ecbc69322da9f6a2388ffece43aeee909aa68d00e2137407fbcf0e749eb6ef98960c1ed54e532722c05c0038e8a9c25a560b3569cc7928a66d41c3dcf80263869467cd8a905d56a7b327d0354d81554f98b1e85ae5d86502a1b3ed1e250f71cb5c5b7aa755326d9d6ab836db15f6107023fe99229e48a9008bd8ed0141577f1f1ea58b10e6ceeacfe98ff142e57f0dd1c88ae37752e200657282cda4177730d24a77a941e21675fa53da47992cce0a954ae826fff35039dc74bd9d0e5973ee99b00200cff625fb828ebc36189f3013291fe121a0810e1008854633b5890b810817609e8311f2e34cf3b78d666a1207a4fdbf77cc2d87410bb8533054f39eeff0602c72476ea86bbd68e3bf4976c16a3a8d60b4fa1c1ff02275718e1f7028119bcb785b0d95369dea71f559a32891ad8b3ef21b0f43f8db1f88fc0984c24ea1a38bc89b3b23c4cf9a67ad08f3fb635736350dfb726f8177efadd377073ba05878ab62d2a18481922e6c48f09f057aba001fb8eb233eb23a67e74d006bdaad1fa9a8a622c17947f34b89d0fc0a6dd3a7b6fa0beabb98875112036ab1ec22090369dc72d3c385b2679f0b99af9bcc6ef785c0b51473d8864ec867ea3c754856199152f000b2afe739b5c568c1619d2af08fb2fc6844fac0035cceb0d0656d3af9bbd686fd99275e7f81aeafd33481c5778b279e5870348ec4495684bdcb71c0c8131cdc8330159d8c92adb613dac99fedb3c50c22243ee61ebb8645f94cd0994b02c5f5b544887b11b2fd3655e115889ebeb8617eb1cdb5dbec30c407ee4f09d17d2ecca77b25604cfbd308a91b0b2e8cd1249a2e1f441989657efc8584ceb7e443f2ae30191c5623b06fac91bab61a40f31f2863b4b508998ded6abd8f55e503401c2e9e298655d50ab3f775f9159d0765b4ee1fef3aa1fe608d5dade41cd16a3c1ec7868b18ff3f1449d3900f7d77489c1bb4cdb99beac51942f8a7c4ab3e3a43e13b6c69b63623a970aec5426b58c63d9ffc229efb58e7b58eb27a12b91c4a0f253e1d5f13e59ffcecb003c5e46b1cc236b9fe508b37c3f2046c53eabbc2a7b1f2c0d04a86ba8918239e1dda997c5612fb43dc86905f79f1503ac47d5ea8399dc5d5cc284a3a789d77cc5e887ce3c25ae3f7a636429873970930ebdeec9690b62f46f480a4a102cfa3ce2a61f056bedf3ca698c4f2666bf55f035daca9fb2efcfd96d18cb7afd6e2592e460c4638f261a4a7a85c290c78a921edbc01e2d7a60c6b6a2608fb52f31b73471dd610f3703242273de21261656df6cd8c3847c730819e402933a40a4c560d9651a95764179f4a1a39e60c80deece7b0eacbafd5efe40eee56424b3e0921524397bd4f554e4a0ccc6e9b2be09e0ae6810a9fef7b027ee3cff9b5e674f793579eac25cee7c4e9351a8d7412e2c6cf9ba4082059a35878771744b8d0c572e10250035630b30db9030bf67c6dca054f6a219c51984f37ec9a2e2ac6e85d97475e5821bbb376af98e1e180cd94c22a2246dc757da46421b85487b7291f68fa595451999c32c869cbabcfe6be628f0909bb62ee174c97bef3f92fbb1072d66b5d28427b1695913bb86759fc20c74acf75df87ded19a81966e7dda1be3cec73f23df8b255ceff270af0ee99253426f5d4866afd89766c498652d5c5f6d4d3d6fbb52931b10613ba80a3d8a23464c30414e89897b90d5e0c90f0c72931b5ad4cbf69c0fc2eda242a56a789af5f4f0f0fb51f26c7a102ce6e0b76cf3a1f84de55f21df446ec9b9409cd1fb919b02a515994166e7ae29ad0783e0adf2c4296ed7fc19c84378a35e83f739a3e370faef047ef39fc7926ebf06f09db535aae1d5558f83f1e434556de25e6d2aa78d4eac784a7407521e1626d038d652d0320c0558c42e9e9ac731404c26248934d23dd3a8812de7622c230888db650f7846770ddc8059447fd03ccf862574d9b548054afb63e32986caf80a57fc2fa01d904ec94ad1c8b6cb56cb782b47b5a5626ab094c196e2e1f9fd25a39ec1ad45a7ae94c9ae64ac4bb45c828295c195fbfed9171d142fb8ece8af614953ad5ca1e5d65c52c4d9633c458b5e788bfd3469328b9e6e4df03f3da9e5d3d11284e791a67d0856666ee21f8ea4b1d76d7a1f07863756029a4b5cb820edb63dc0efe6fc2577a79383f280f241b35dff9cfb92cf04451f5767f95e5d5ff0c808acddf406127e9ceb8d1f55749a5781e9b185e45072d181d069c715febebc1ab63126697d145d63b3a41ba202a387dcfdfbb96de0d05454fecc286fd296bb10d498b49d3bcdeda3035699837dfac86ce61641ee7105f4b441031bea7ae0d1787bf772cfa2f48c3062d232b23b5b328e6ea9e0de0130db2500e37d28a52c490b2fa9d39c3d5c9b8a298f2aeb348b962fee1d6a7d6d2c661113c2b8101f39dba91a3199bab5b70f5bed7871580b54bf34f2851c14b69e16ad97223ab8eb0b2725e00efa7b1e75264a65ad61cfca62f6d5d651c193c123f9bf77b3aed591e8161b767fc2977b56f3849362559dffd3414ef1e5cb2d611f7bb3d7d4c28c0a6de2993eb89c0805622f9fe4136e856e103d931aae07469efc077f9dd6df11c1eeba7468ca78e2e8027b2f672f9b965a6d88756b531321fb181702794ce58299b0cd34e481dc6760b4f9b32cfae5e0a35b4a19a4dbd26870bcb8ccb7724a294b10697763d6b3f7141bf7ca09d0871dceaf364f5aca649d77203328b8ad463a144961595e978043be434cd08dd5120bc36c5d895745ce5cc10f9a7f22baad125d60beaeb8c98279f5b3a363eda42bfc9fef669b2f4fb663700dcc5a47515b9adec65cc99cfea4cc2246dcdff878eae17441c69f4127c49fdd7935bb0c0c8053c9b788aa74a7ff174b7fc8b36ddc5ffa89fe7a98a14805ce96447e00a8b32b3f46af448aa29f326d03477bde78b147fec195cc5b253becf53a80f08ddde4529c2f53f40eb59f8598ed0c045dd60cb8ee90669091d1e2e970791f687db9b28c43c74813b6364b3a0f5762bfaa867bcdd7d44d0eccc1e0149b6ba5c4412b16493330a41352c682dfd88aff599459c6d7beb392925338e9bb1469f59dc833d0e685dc8ac9fc708123d1a1d483e6ccd45f58edac266f5517f5711402a83bacb634e4a28e8d32121be30a2aaeb2adc5cc3e2b0d15cd94b4fab7f37ffa77e477099ea6dd6167e292921f5957fc4e2f3c7a1396e60154bb638dccb5fd0d7bedc36591901dbd5cf63914c401fc79036f4a26f7b4df5fd776b7ef156c33a180ec8615ec6f24659794da3af2cb75a5905b891a0b269405d4471fbeb3e90b19f502f0b36a32f9f8bbac6a1fa6fb7a50cb563b4fa41d0f2639da50773356cce00000000000000016721701a47a54d76c93fbd00f408c270897159bf168ab2ec326978f48f7d845b6e64d856de829fd8b45b86489abb7537e372df0ddc96ed4826ee76b28d8999d7e170b1db1dc9316d51504f7cf7740f354f0255f83a31ef9c8e70d33a256e909bad11ae1217f66260dc5c52682a6e84fec98221de47463b6d37b6a100fe5893b668d316b78f1cc0f67c481c50e275d4613a0b2acf73f86898b2506dc72b427e0476ab342f3c18b0949ee09c2d56154fc7b36a44c0771851186e83619f73945258dfe80304a591b2fe7057e80a2127c5e8b00c6d4809e72d931ffd7bce4b4d9fce0cf6135c47ad63fd7f9ed8beba4de84c087fcd42eaf8474a01bd752bba36dd487c0ae725f8e7ec695aa2958616f6c59413f235f176300a9457d3caf0b4e972b6b9339b4de6e7bf29aa1af48de7a834700a9c999c0198b3f6234aee737c96e02120b79725322aafe19139cc725db0b578cfccd8666b66ae8e034e4240768f03e0ff8ee072245b28f42ceb784133e99071b36709992fa81a9736d89018a2b361877a2fb05bceb0bfa5ee0eb7fc5d78c534f6ea4edcd0f530067c530f7bea92bddc9c61b268d5bc1ad3ff852ab93f3e810002133d0d8e16b1d71e1db2bdb91d416a6bfcb4864d58da1758abff7ca03d379bd48b03f019c33c434bdf25822465ae322b38ae83dd90597db8c781f48efedb66da368f3d9f67f27612c51c07b9aeb419c32ff028a77e3abc5bd531d7bb29bd1c6c1119820abfd881f660e5a7072cdbc0e888d97cbc2105782204f34d093c1e0e6195e51e2e8b639a0f656aa21e29d0fa2a2f868b77995e7ada252a30a31b219be7c1b107ddd737654546340e424f13521ed73f0ed33ad3664f1b9b68eee0f7255119d585c09a2467b22de08104a37202cb737e934b1bdb83102b680d9cfd21c55fd00e33fba7651b2c36a87272945c371303c7e4ca181c1f7d2fe09815c1732d8d777e7b9a430d6b237c7c9fc8758e8456fb4e6ffc2aa421ab5942204e54cb52197e14aae9ae34376ac1d56d009f07babcb3d3492c87faf3e44bdd7d16dbce8148e2c7cb44d30ca29908aaf7c9ef39e791a9a988a5381942e3daf05f85be245f4ef26b08d83b1c1b58892b462783dc27602d8931d3232e5be295d479f9600cc4c3ed2e6a2fbb925c602d251b13f2ec2b7ca99fcd4bc2aa6115ddb0b842ed35c70d867734ee7518fd5299e07818f024a1682aacaa4e28d9f5db71006beb8bcc1e3a43cf27fb3d9475fbd632912d83f4e95b4390068f55f2f832a2e2c9f4ba5ca59d185a655375c6f5779d9fe5a47d1f417cf6f6405eab89f755f9a90623270c2b2a444b6b79662964199f7bedd2a2939e03ec6a334b78a6166ebf70562819a273bb6de9a3d7c2383a569cbeb08859e742ec5f947d1817c2dbfa3b72e5d3afdc4582cad9e25ba954234522bd33e6c6d3fda50a90a33f5c8d7746f3c7c70fd3b7", 0xffffff50}], 0x4}}], 0x1, 0x4044805)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, &(0x7f0000000580)="17", 0x59a, 0x10008034, 0x0, 0x0)
splice(r2, 0x0, r1, 0x0, 0x10000008ebc, 0x0)
splice(r0, 0x0, r3, 0x0, 0x8000000000025a5, 0x0)

2m19.465955589s ago: executing program 6 (id=247):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1/file0\x00', 0x111)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x201008, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, 0x0)

2m19.192763502s ago: executing program 6 (id=248):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
r2 = syz_io_uring_setup(0x507, &(0x7f0000000140)={0x0, 0x1184, 0x80, 0x0, 0x45}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
waitid$P_PIDFD(0x3, r1, 0x0, 0x4, 0x0)

2m18.705433059s ago: executing program 6 (id=253):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r1, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
readv(r0, &(0x7f0000000000)=[{&(0x7f00000003c0)=""/150, 0x96}], 0x1)

2m18.32249044s ago: executing program 34 (id=253):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r1, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
readv(r0, &(0x7f0000000000)=[{&(0x7f00000003c0)=""/150, 0x96}], 0x1)

1m51.958680786s ago: executing program 7 (id=390):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x51, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000002c0)=[@text32={0x20, 0x0, 0xfffffffffffffd69}], 0x1, 0x6fcef00345e8684, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m51.74997649s ago: executing program 7 (id=391):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0xfffe, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6}]}, 0x10)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000002c0)={@val={0x0, 0x86dd}, @val={0x3, 0x0, 0xa, 0x0, 0x8d}, @mpls={[], @ipv6=@tipc_packet={0x8, 0x6, "09c2b4", 0x68, 0x6, 0xff, @private1, @mcast2, {[@dstopts={0x5e, 0x6, '\x00', [@generic={0x4, 0x2f, "ae6ce7126305a7a2c5ef39e2bef2ed4e6a567a6f04cafdc1a2d7ed4643a8b7d38c45a725fe866a672f993f794bbb47"}]}], @payload_named={{{{{0x28, 0x0, 0x0, 0x0, 0x1, 0xa, 0x2, 0x2, 0x4886, 0x0, 0x3, 0x9, 0x0, 0x2, 0x8, 0x0, 0x0, 0x4e23, 0x4e20}, 0x1}, 0x4, 0x4}}}}}}}, 0x9e)

1m51.619712053s ago: executing program 7 (id=392):
socket$kcm(0x2, 0x200000000000001, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000340), 0x40402, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7737, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

1m50.240972243s ago: executing program 7 (id=397):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x12b)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='configfs\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
move_mount(r0, &(0x7f0000000080)='./file0/file0\x00', r0, &(0x7f0000000040)='./file0/../file0\x00', 0x0)

1m50.148542921s ago: executing program 7 (id=398):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xcd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80003, 0x0, 0x0, 0x0, 0x200, 0x20000, 0x40000000000, 0x7fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb63, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x6, 0x3, 0x0, 0x100000001]})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
getpeername(r1, 0x0, 0x0)
getpid()
r2 = openat$nvram(0xffffffffffffff9c, 0x0, 0x4100, 0x0)
write$binfmt_script(r2, 0x0, 0x0)

1m49.858870475s ago: executing program 7 (id=400):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000340)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="08030000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="000200008000000008000a00", @ANYRES32=r4, @ANYBLOB="140012800b00010067656e6576650000040002"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0xaf36698d040a68eb, 0x70bd05, 0x25dfdbff, {0x0, 0x0, 0x0, r4, 0x4c00, 0x10000}}, 0x20}, 0x1, 0x0, 0x0, 0xc4}, 0x40)

1m49.243754343s ago: executing program 35 (id=400):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000340)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="08030000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="000200008000000008000a00", @ANYRES32=r4, @ANYBLOB="140012800b00010067656e6576650000040002"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0xaf36698d040a68eb, 0x70bd05, 0x25dfdbff, {0x0, 0x0, 0x0, r4, 0x4c00, 0x10000}}, 0x20}, 0x1, 0x0, 0x0, 0xc4}, 0x40)

54.000088301s ago: executing program 1 (id=702):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0x9361, 0x0)

53.846205353s ago: executing program 1 (id=705):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040)={0xb000001c})
epoll_pwait(r3, &(0x7f00000000c0)=[{}], 0x1, 0xfff, 0x0, 0x0)
close(r1)

53.602083127s ago: executing program 1 (id=707):
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'veth0_virt_wifi\x00'}}, 0x1e)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
close(r1)
connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x3, @broadcast, 'vxcan1\x00'}}, 0x1e)

53.398286801s ago: executing program 1 (id=708):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000003c0)={0x2, 0x3, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})
close_range(r0, 0xffffffffffffffff, 0x0)

53.335563193s ago: executing program 1 (id=710):
mkdir(&(0x7f0000000080)='./file1\x00', 0x18)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='devpts\x00', 0x0, 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r1}, './file0\x00'})

53.214981881s ago: executing program 1 (id=712):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @private=0xa010100}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
write(r1, &(0x7f0000000000)="ea", 0x1)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
sendto$inet6(r1, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_route(r1, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[], 0x28}}, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8)

38.167499084s ago: executing program 36 (id=712):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @private=0xa010100}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
write(r1, &(0x7f0000000000)="ea", 0x1)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
sendto$inet6(r1, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_route(r1, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[], 0x28}}, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8)

25.95123881s ago: executing program 8 (id=874):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
read$FUSE(r0, &(0x7f0000002880)={0x2020}, 0x2020)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x48000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f00000006c0)="f3440fc7b729000000f20f5f0d00000080460f5ba4b07a000000470f38c9403736460fc7b10f240000660f3881078fa9189021ce860401c05ef3440f0966b881000f00d8", 0x44}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

25.676823015s ago: executing program 8 (id=876):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
setreuid(0x0, 0xee01)
setsockopt$sock_int(r0, 0x1, 0x800000000f, &(0x7f0000000080)=0x7, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000280)={0xa, 0x4e22, 0x1, @loopback, 0xfffffffc}, 0x1c)
listen(r0, 0x0)
listen(r1, 0xffffff2b)

25.548056414s ago: executing program 8 (id=878):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
creat(&(0x7f0000000440)='./file0/file0\x00', 0x188)
lsetxattr$security_capability(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000100), &(0x7f0000000880)=@v3={0x3000000, [{0x20102, 0x7}, {0x7, 0x9}], 0xee01}, 0x18, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
creat(&(0x7f0000000140)='./file0\x00', 0x0)
lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180), &(0x7f00000001c0)=@v3={0x3000000, [{0x3ff, 0xfffffffe}, {0xc6, 0x1}], 0xee01}, 0x18, 0x1)

25.38694064s ago: executing program 8 (id=879):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r1, &(0x7f0000003480)={0x2020}, 0x2020)

25.133134493s ago: executing program 8 (id=881):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff, 0x1], 0x0, 0x10, 0x8000}, 0x94)
r0 = socket$kcm(0x11, 0x2, 0x0)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f00000000c0)=r0, 0x8)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0xb1}]})
close(r0)
r2 = socket$kcm(0x11, 0x2, 0x0)
r3 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r3, 0x107, 0x12, &(0x7f00000000c0)=r2, 0x8)

24.706791685s ago: executing program 8 (id=885):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)

24.174249677s ago: executing program 37 (id=885):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)

9.406513719s ago: executing program 2 (id=959):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e20, @empty}, 0x10)
fcntl$setstatus(r0, 0x4, 0x40800)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r1, 0x2000009)
sendfile(r0, r1, 0x0, 0x7ffff004)

9.29006685s ago: executing program 2 (id=971):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000001180)=0x2000000)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r0, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)=0x9)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080)=0x7)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000840))
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_FORWARD(r2, 0x40084149, &(0x7f0000000340)=0x6)

4.96247984s ago: executing program 3 (id=994):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = socket(0x840000000002, 0x3, 0xff)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x4e22, @remote}, 0x10)
sendmmsg$inet(r1, &(0x7f0000005240)=[{{0x0, 0xfffffdef, 0x0, 0x0, 0x0, 0x0, 0x10}, 0xfffffdef}], 0x4000095, 0x401eb94)
r2 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r2, 0x2c9ab000)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
fadvise64(r3, 0x18, 0x0, 0x4)

3.962955147s ago: executing program 3 (id=999):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040), 0x10)
listen(r1, 0x3)
r2 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080), 0x10)
r3 = accept4$unix(r1, 0x0, 0x0, 0x0)
recvfrom$unix(r3, &(0x7f0000000140)=""/263, 0x40000, 0x0, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3.728259553s ago: executing program 5 (id=1001):
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000080), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r1=>0x0})
sendmsg$can_bcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="0500000000e0ffffffffffff", @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000008001"], 0x48}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x1d, r1}, 0x10, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYRES32=r0], 0x48}}, 0x0)

3.662670459s ago: executing program 3 (id=1003):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="0100"], 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0xc0a2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.602696898s ago: executing program 5 (id=1004):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f00000004c0), &(0x7f0000000000), 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x39, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x43}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80)

3.413734489s ago: executing program 5 (id=1007):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='percpu_alloc_percpu\x00', r0}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='percpu_alloc_percpu\x00', r2, 0x0, 0x180000}, 0x18)
close(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

3.338737362s ago: executing program 3 (id=1008):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
fallocate(r1, 0x0, 0x0, 0x10fff9)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x7000001, 0x12, r1, 0x0)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000080))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1})
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa07, &(0x7f0000000280)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}})

3.20470845s ago: executing program 3 (id=1010):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
socket$kcm(0x10, 0x2, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

3.137639131s ago: executing program 4 (id=1011):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x1d, 0x2, 0x6)
socket$inet6(0xa, 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

2.724912646s ago: executing program 9 (id=1014):
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000780)="e1e62499f5bbff0fb5d14fa14c243abec59f1a9a0b9313fdedf99b4435ae823fa5615d6b415fe526edfc9c9ef73ea0846607fdebd5a5069ac96154b23956715f68fea647c446d7324a677c22695d365075ce06792cb79473a2bf1a0c293ec21130b20d0d68aafc337b74a96cd4b23c34e8bd294962205dde627f7a9fe0508a5b2c06025e123b11167fc697449fa6339d4a29558b318b8daddf44131cf69394d57a1faecc38ba86377d26afbf63eb2bdabdbbcd0795423cb14cf163d3acf0c704d44c356813466bd96be3e8c4149e771c96d3790961cd5ddaf4f249b7417f56cb7d344b37e2659e4eb60f20a621c9901b5ce6af2f5c6d8775c16e4f1eba1313d4cb32af436c2a6d947525a9695be06e4660ae288e0ff2280848b70c5f480931c7dce160d9b4d5921dd067b4003ec80932be2cdb24624e8f460ff5224cc1344dd76763e22f4a6750aa03e3ce23fc2f6a69fdae9be4f4a8c973a195575ee1b1f34fdfda17820bbbef734dff833a6b4c5460071deace35b2a03edb22eac10eb0c3f262b23bfa1ecbe2bd51b418d8167ef8f1a6b8f463b0557b6670357d66251b19e367c66c1f150c95d15db0c23563d99b02504cf0070133792fed28e2d63b95d091224396b17d4314d603bc24de0a28f2d146765d4260225fdcf486db8e6ce16cdaae1a1f06b228e858c7bdf1d71a15c07e23a42b1d43c9c2599c62945d980444e9b70b8a8405e8b61e9df9514860bc8cafe70d8deb32d39ac07b8e6d43efa28b330a8f4f988407f1b3185713a6dac5320aba4b0a142c5b5f00b83d0f455d316f40a6a35df6e93965cd9d26649aaf7b80e9875e10136e7c0d7a18ca946133046e4b4f224890a0f4b77e45f036a3831c70b9eff97523151eb9dc6ce844b8e9ee8bfac165892b2e1bd88d3b77c1e200af342af9609d10a02466ab1fa667512f88dd61f04c00b9a98887c6cdec58e6c45c6c8eb16e3f99d6a980389078bdec7426eacbb45e5958b1fd66f4a49795b68977c9b84f4b8cf8d1db2277557d5c042e94841ed848d4707e7138dea28ccb7b349f7fb70403a650913fd6c89ddadae76baeeb3b9dd27063d7c900407f4b22f749c4df02a4851320c74199030f01ccfd3827c061fc1c75a0329dad06a4645381e266be21078398b165e1e1e5a5610f55263190b03f0582ec79caa91510d9e3300fed4ccb2756d2b96471af273cec441fadc3504b1c36a17d3edc11839fc134ef42a14acefa77b05782c8fcff36514f7fadb4e44c9a50d329f9a73c894421e98280f3214a269c89eb79be62e7825dc383164e869c8ddc8fe877f0cf698feeca638099f1db108b31f46173fb285b254b3998b7ab4b68c9f04a54c61dce3714b22838c886f2e99f2c8f0b523b41178f58a3674c692b6a8a46abc4b498742c6d56738227862bd6cdac85c5f9d8a91420f2f0974e82e77d7023bb5d2611337960103dc006b03c878ed9719651f9ed6862225d8c195501453a369063dc179dbf34dfd7262bf907d8595fd5c29179a28c7ff2c0634f416d3c26894ad94e3aa9a39638296be7b0b4546a23c6b53c234678a5377c3554d604d7b1dad7a21a904c208d35a5db3a723759a921d450d99d8d120c052391cdd5555d4a10355f747c15574af72a44e0be9e97a564ff8559a8f5c6536646b4ef34c7ed84937324df8bff0ee7f872ff96380dfb9ef0fe65856ae734234ffd68eee540fd581cd2e818f2401992c8ce5608709a45dded05690da38ab77ccc9c16c4c2475772ca5aaae4df77b8d97159539c76638b089be6cf2a5fb81a93bf86fb60887678d786550d4cc0a5956c07b64c03dc3455bd0afa65dd5fa2ab364c8463abd1659ae1e78b6ffd459e85fd19acd555d2a54dd233086c86536d1b1c380e6cab49d24faccadd47fb701c2e57fa275fe3064571e2761a8ab016d7837d7ea4d757224e86c5cefb90b67ca3929b9c804014567a89ead2a1193c1da04dec8b6ecc9b9c6e54ce495471fedf41f1658ee78950efdcd8f5fb751740592176679f1e5cd590fda31a91dec92f6eb9cfaa84753301bb5b1dbf3df7e4d407c7ec5207a53650e254449d1b2edb760909a96813929fb3bde0b8adb09e9ae5182892691276833a540bea1807e6ada697e8aba0fe4d8f380ee9e4e05d44190ccc62d57c5c87a7d93804401bf013d79f94efa6e4f7401fec3b9802a9cce8c909751ccbe1a69f6ef84e45fe46085ec182ac96b65e5f844ce99dbb04c770f2ddaa3f5d2ddea180f83f813c30937df7bc05fa7fdb728fbb35f2d7209ffc318fd71fa4843d20489175e2ca84b6949ed4419be38f3794bb3eaa8893aadd6037654c8aa4e405b5f9299996169cb5c07b357e31d9ddd42cc4b299c6a274c8b3a40ce5eba06bc0e325f237cbbe2c026140d5c451eafcb8af900b050d8ae568c7e1471aed75e75e0626bac90a05920df896e0127520275521f7e2e0a8883bfe66716c0778041b16ae8ba56074081a2ac8e30f1316fb70728994565642d8ecb04f178d3f569b5d3c12e7b33dc3fffb6d78548224a40cda4acdee5c1ee0e733a3301955994186c812f6e25f2e052d38f11e7bb501bb4a8eae93affca8df939423eb4c726c640c631283fa75480f31f42dcf221ad7bd22f8369f37f41c6fa20d44cb7a4d211cbd15139bf88a1bbe694ff726513fdc97c539f144d6959552172042c08f03b2a03e8fc583181ee97cee2d8bc4eba662922829e21e61ce7f6b3b636fe8c8e7bcd19ff5fa0d3b305ee298f2219391eb075508cec3bb0b85d53d102f0f797cca85db286d7a36536862275c10aa36c272fd96900782fb8666cf20858f7ddf9ab01c30156e14e190c47e7c17dc0948bae26ae7baf580a59615f64f50e00f263efa506c3871d712a7f02ce6407c07422de1bcae106a07c1881ab4f81e1dbbab7039562b6cf92c517324ac00352bd0be5ff4cca24b2f3026888213ebe5e5e6a2bd169b1ae3dcf7c0093336fcea7eac2bd2f918034db80311d18aad56f916d58b133b27a320f7749327dfce5574e32935de51edb50b64fa0adb187757576bf9c40f1b4851b3901b97e4458de49816664a1f50865e37f4ed240765088737f2f5fbb7c851a1ef5607849f590e01a86bf7ede085ecb6517b678ac87022350338ee5222690babda46ee0c4c80689fc2c7c4ad4dbe66696a60013575fdf1f5d23971e19b0ffca27b96bc7c2520fce5bd3a50f81518e1f60eea9bd893298b21f1e090ad54a0ce0a537ad9a697cde0b47c52424ffb024b3a69f021681dacfeb7cca843e88a48ce31966e702d7b5125b98b2c15528b83ae7752c21b243454cd343b3392412b676dd0bd62debbcbe8f61b060faecab1d02d968a56668b175f750fe99bcdc4b81250b36189caeac40e4dad52668e2a0e37e0347d6ac563ef45bfb5881714428a7893747d1e5bdc6a0a1da4904889757910d693e06224cb948c242078bb02b2bd8cb592c14a78e89a50753a7c65c217168e86739a26f53e78bcc9b10fed36723b02a1aacb65166015e42f8b84fb5e4092ff01d0e5cb8ac5a1e1d37fbf048853b1ff5fa4f830e31a545f7ae0235dfe5c87fea124cb5eb51d4aa48b37492c2319e0d1ea80eb08f8d609f20c2414127322995bf5d7d81736e42b6c0bf1e48cccbf1a81dd74a8e42774d17fd45bc776df065a88de5e38196af6944a72aa49090baf02a7b3c4e567a4abe8b2d1e411457b4c24954f27c63e0774d0c23847fc1635ecc4023c660862680d7c4446b58bf0defaa574c1601d684a520579076cca0d11ff6364624c2daabb39889b46f4e158d57437561adfa4ae44e35e7df6038a77ea468b142aba6fd8232dfeca890f9f24e6d4acd590024bc45c497248a76e5052f0d5523e31a66b0eb91d1e47113d94382215c328b7ad0fc570f1798c3c86f67dbf6d5cdb51b46100636e0b2ec56b95264fa7a4375d9799e555eb7f5de6b1d31859b525d9a0917bd2e2547758a634a24119039ecd873bfb5392c0472b270f5c0365958ba507d01dc7238365930cceb8a93a197d81ea48d4aa1a9c72c375a69439587a15562a5af5f5958f1690302fe4990220c8e39ec2af804038d574d4c2c4a1f3d0ecf3a0a2a29fe49e42b176b5993e6631ef103da65729ca86ba7bfb135ecfd8684273a657cf8e96c6a42a329398e05f9d8211dcb50f48ceef8d55cf8128749a00dba427d841826910cc5599fc1338419c16b9abb511d6633a8d74d972aa6ce89fe7fd89f18c16af2158bff6fad4df7cfe0d3272ae103172a863defc9954a97bac8d579c35cb6aa2dafc9731cccf80f2397e326e311785cbf7fb2f4f3e2698d80c3359ca1ee212cef03cf597621795307043ab4c3ab771115a11400ab521d9b35405407852a012b4a7a576b7ab0bbb44f7958c75ec9ba88dc4643913cbd240fdeb18dd25e379b8c46ffceda399049295e078b77bf5b8aa12df34a2c77a5c08b2e2f1b26489caa757492ae198e9d437c38c2be2ca78b9d884100b4ea25b4165fd80b3cd84e68a7e9e9b058fd6c3893dd532f121d2df7039852a1117d57c9ca390624535d6c21db3f4b7a25e3ae0c6a4c0be962acbed1749f73ad2049c95124925059f5320b31779e4e07fd429656289678e14a85da75ad668b49a602cc107e6dedf63707fa058cc6bfa43a9d3def22a1db203a83640e30f4e0158f29abb43b9c67e4ea9edde093ab3cac1843eee620d6c85e2c35b15e33e5c4039e363e8b4086a83ae7551b849708e30a1227e9eee43ef777dbded881810042d34e1fcae29ca29a0d3e641d6edff1698f32aa4a8f222e8a1227675bfc9cfa344cce39f76b25e48bab91848f7c89afe8a38dad66abc750b51b078ed60dd5d689e7551f1f4ec3acd4f3133b2e840dc5beaa3171c5b047b7f7b019e155990a51b115e7b366bfce2b8eb891b7cc7d405c89cbb4146b9169ec35845e3f785435debc92b7721ff82b974adb136cd6d8dfce739eb49ba36d3787b1515ddf977dce1ff9e5b7ae788343af2aa01ba002c35f09d0ddfcdf4c4a1678460f140268fe927bcf84f132afb528d2bf9572b8177c34d201a56f1eeadf48456dd38f95efeb46d75403e9bf6e95b4bac54826bb5e72b925fb50030dd38c7310678b5202362e9bb18f10e9ebcd34769f07dce19f3b8f3baeb00c465adcc2e1c03a7d34118585cb9f612c74369cb40cb2f1cfaed9457d297c0df396446b60be2ce8b660653ff68daf50fcb4290f8446fca109129cb8e7291050d142cfdfcb0303263dba7204e90cda1c023b6e3ee9c0267975927818f11551418fe02143afe91c331a205113471e7e5fc3f83bca3c1c981b50aaa6dc22d9aa715abc360f6374646a0907caf8645120cf3888ea4fc9cd1f92ee29ac384f57b7d052e323e71c6096de3ccd4997166ba1bae24b449906831c9c996c7024342ddde5e578af4f1a0134bc224221898c0ba87f21ff28601f61a8af63058ac7578984ef51568005972c2d9c1fddf120fbe9447f9152cf1e51fa5106ae835c17c2e55b55c9be17daffe641cf326045ad7c841bb44f25e20f186f59b5150c02022930f83b8960632cbd8ad5011e0560278952ed8f9c39d4cfbbe76657c01b7bf9c6ff70a973249e17f3b34e748ce7fb1e49f76be3aef11da26c7dad1054a1c7e0d4da76694ebc85fd51185a38a0dcee74a5eb49ae1fb9d78c799464c7c49eafcdacf70711ed716ed7819cd1a312ef80a4a2095381c679db84c30049578d34364ef63a1fdaf0aa4eaa9771b4dfbcdf8f4542a118ddc81649d3a537ef5f7ff489c6e772e57d6ef6b6e5f2f2c8a0fad8e4d46a12ea70ad5798977ab14c1fdf8f190a694a8f4733cda285a7a712fa0d32acf89567837aa6ffcf03493656cdb7bfd0c47005ba126c70af1924ca30601ab0fc4aaa4ea4d0570c5ddd03c2a5e731fa77c1d24e85c1235e10c1575dcd2d34bafbed490094fc2538df08d178502d27c953d2e0af5e3d829a0d5132cc5ee1b9d2519a95787e91836ef1d29e92bb1b662c138a49f8a77829f9dde0943ca82a4466275dac744b92dd75493a0a040a19e77a225b9e21e94d445415483aa67d2b2839de965b4c4803c61680e32e7e4deac5afa877ddc26a34d486499697d6268701ff391f4bd04612066ed9386abdfb3a6234f8705aa3e298bde969f9bcc16af97fc107d0e565d2b9659ab0e3029b1e195ba1a517ae0484352ce366fc0bdf1b5517aa878d6b8a09b7c01e0d6c52c74a0113a97afc505d47d65dcae6db63e014838af156e72021b09c6db109a59c4166c9cc8ad5207878348a58f65b77de388ec8296373f3dd8acdb7c04bce3032fffd3032cf724376ddefe642a54e6624ff147ffb28fa4fcc351eef9051a86f4b93c30d7515ea247fe0ce484f9b39e1b8e051fd7babc9800e55bce6ae1c08e64fede1cd264678509e94bfc4f3409206c4ef05181f47a1abae8ba185772913c13fa0fe4d36a4239595cbe5cb38643e74966cf2cac2c0cde26f49a60925f238b60434f67b28d9e01df9c23984ce8c6c3a40b4f69c1750a99e6ba451f2429565d38e21993f982f9eb4c7ec77b03ac472327fd43e30f8ec565710f1964aaef8683a0c5526a8994de98db77b550a620ec894ee07a706d092eebd9d692b0feca7ae8c13434f947814c84e5a159f2f9314970ca864f261a2a16f3f3352f8d1e1f19dc6292a586e57326ded4e5cc1f17562d175e755e9fa62dfc817bafa4896e611b897ac7bcccc2fcbfd7a5576478b503f7add397c03ddbe6150846324b12544ad783da46ec793e7f37dabde9426d044cedd50440d1b26782233b1612390d4fdd249737f250c3ce1731a825b0cb9341f847a568d8e82b81f883eb90e146d792a2a46cd07518858e6d64b07db16c1d002f3d2cce2bc5f3ae150379c923555170a07c6663e4adede0649ac47c044f1a65657eda07a0b5cb16966b5e9f11ff04dd6bba7a0b0bdcf03e0a15424198b267ac0f89ef01022ec38a7d26d355e0d8d6b794b472352d932093bc91349618ff1e8f956916b5d8e4cbf658fe5ada42cdef4ca5407a997b67e4e1347b90d43c78825b558eda995447f6008eebfc9775814921f72cf243d3156fda3dddc1874f2c0a651ccfd1c77b10f57cd86b32d9c1612b53c69e5172e9045c0689391c90c97bf1a1b902546763336e0f76be74b269c4bf72c030f1040413d4de5fa65ba9f4109e37a3c387e729394f765dbc2e6b769fc5995c7e3c5fa509c07cdf9acbe99dc5cad14640bffad695f0404b066496d87fd6ffc0bea12bad489858169a0c63141fa5857ac1e8b454362fe15a7e55ac371da68cf6a291d41784883658d0c5bb5e6db28b205204e0db38881c4ae83b37dcf945c6d09aea33506ae051287e066f787925bf7d57587e849655969e5677eedc372448e6f2a2f8ce6bdd4def434bd9a2bed09c93c96877dd5e7773a699ed9feda02372e2d82ea0ecbed08ade26c7744dc5276a0e817bd3bd4383790929b79719002bd4df059006fb755877c85d51d433b35b5d9c3769d7c1101e871c7d2d51bf579a10bb9664e60ce918e23655935a7f89db15a0d88e6663a3ba02dae1210a4d7d7eff522c3d4fa3f5fc4c36346185d0ef55c8910a52d41fe3e4a792e8e1fe35af1a15a8c91b06e64fd36f7725c34dd8468422ed96c2e2fc5faf1a7c51b01e9c216f82aa11f8da041804461303a40578cb5f9fd49c0b6abd420581ba4461a6013500552f8d2379f960c6f680fa66eca3faf97504fc6916f84319f554a24829c4cae9c63be3bb3d2c7176b93063d37c3df69c8ac6c0fa43ad9a8274b94ee35dd8a69c3b560dd57353ce9c8188e9db8652544d32fbd2d931ceb0484eb1b27ba74c237dbc1e81b6a867ded6400b3dc0cf973790c03ef6bb69ebc76bb175233793a123ff009d16d1e43fa6f15303ad5169ca42b3ef9f9630b92e03e9a6cd32ec08dbc8abd342931b617bd37ef8e09b68713757e39bcf24f4b95f9972d5b7680e22e7fc421b67e27d3cd97cea6ee1ae78ab792751d317fc317e39545e4a2eebd72c1298b84452de9bc6f6d13d0ec0d7faa52e3b59134531f82214548e6202416f1aa43d65bc1e10fbb1737ebfe51c862dfe6bcc064695ef87f90eeaa011fce5903f6c7af9ba34a627165e909c2f9060055c496a506487249810745b53d137860f0a9ae482932c579511c736d0db447e0941cb8b32bc8e5aeeb0abdcebe66ac420b77f981b1dcde605299caf0171cdb722f42072e3fa1376ff3b3ebc747597822c9c07bb7f76b3e1ef89d4c8155af4c1fcd95272bf93ca058eae43b71997edf14d3f09edb495c7ce361c78ff8dc8cc95a639ce0332b955bd66d9a4ff4c882297338172622cc3a05f2bf02eb8103b32083c42d64259df53d0ba3e4cf80307eb0e00380213370d6a7ce33e685237949fc14657b6eead581de144fe6ab1d318efe2e14823ad3bac3f83819c1810a0c49664c7400af906f6c670e41b94582551cefd8462ae86e1ae10b1f56e48e2591737c0336985f09ce751f68924760daa1881417ea27db9ecfa7580ff9c2879a267d5db8b88d6f984563038c25254cdb88a1fa5240b76cbe0614ab1d4e81072d26ce1d0b1c4b1780e201937fcfd6db6a4561315e1e6be0a381fdecfb42cacb575a5d86aff6a92a4454637ad249d24573ccea9d71ed580eeae16a09f79e27ddf38a281c8779f945720b067a10005cdc04d3f7b483df35d4bc0503a0c66cdb87b3f58c6e367cbb902236ab95cc817b79969865e6a9cde65d543f6f624b5f9e53e4b07b43d77ca7bb503d7a39a35114152f804c78bc9211f61c2f0eb3842c0d1e9a9b3b4585318a007490ad0343ce1368ae5582da587af3c4c156ed943acbd977ec6060047a8fd89005af9ab41302ec3a72c88030fec45013d35efc5ecbd7ff5b41c6bef7ce7adddd7cc322c6ea213f1b7dba5a844f630c63bb5a3662be935d013b3d4104da390d87c127651d1abe3d2b183cf51720f1d3eab3342c6414d5b8d09e635b618712b510e6fbf4376df28870087ad2be875994e1538729dccbeebd3f532814db319e961b3ab3c718f5025bf68c6a366a180f638b074ee966ccb9db4cf321af69d3c5e654146d3c73a47a48a2df1d6dbf27f6e863978d64ba8e59ddfcdf45e485b44ef5025690dfc85d3f8b0fed638f8017d81b82f4bcaa6dab7ad10ce1ac59a6ec59725521b17ae5212e7bf1e71cc4be8d9c57bcccaea6afc256b9947c618616ae75df1952b683e9382f9b69a86b214007fab11c10dc4758e809880fa3ccc4a4966a333af9652d10aeb2830c9cc0c4dd1c50b5b19830cb5ad0bba23927c72097084002acc317c134b467e8ef66481d295af5216ba2b2227463ff4c52cc8ba8f84dc940edb9384394f66c3683821677635baefe43d09e53f421307a22a675c89b7704b93d26b68aa601f12b98c80522672be8fb44114f5ee4577609792d4a8731765316f46d08e25936a38535925462fd884fb699e6024a27c66f45a00d2c941da5c1213cc7fb08470450af51c9b9e366630c4deff3b0aad756750d8e9a0570170a111d8d9dfb26ca6df846e5e0e960dd76223e3e5a356241420cb63fe7638afb2b393c89f3784463313dd0502ce2582fe494c33358b228df38d673801a13aef8ccbfb601499b05eab9fc1ea79ff0457136b8505f5a0828b14cabc11da7d8064a1ea6512a5235440f18e424509eaa917901fc04d403a0ac0c009ddfd54fc64c87b93395271b3d6645775029bf2b5ccc97ccaded244ca5970f6cf5c7885a411e45de398c6b06f3553e25604bf7dcf10a080e836864875d2949496f0256c60919fca02970cc6b866c799284a111b61251a8335a4dda28997cf73eef8423a8edc5ea103d50ad85da49a82a5eef5e1adfeb2b674ab274b3e1d7c425b19ff279de9514f4f9178893bad99fd9b27b99e8d07f98166d9c24cc7761f37449354a07904334a36c86429b96b906bb9aaf854d5512a2f2139cc4076832d2cd1f3aafa601680c6ed9a729c4388a760ec3e660e3a9a3b6c0e842aacdf3f8a1558b090053f99721dab91d8200d4fd49efb89db83a7c8683e666632dd8f8e50665d27890b214c14feee115579a9799d42babf78830611654826a4fb5f352964e4f0f6fcd8beff16301ffd8e69979c635b1e00254492f1e2a9683eb14abd24e25f9c7a973befd88024811203b8c5891edb1224e68aed33264f1c195137e9dfac078dee77dad6f1aaf618447f7126c2e63637573163a104111991e81213bd9de6ae8a47185c3d37b52202077e93b4e97d9b5514a58079c45b10de04d38d7f2af2115e33b98d46011e5fb3d52092daed0a8a6f98ec79e6a9ddb7469f66c44d5ce7f76013aacb1e162c874134064bf0faf37236c6104598967cb18bcb99aea6f0fe0fb1c42706663b0adc7ee75d0a5f4be66a9ac60f9e9b4d71d4408e777b763163f5695f8852bb567b1cd12e056a61d5c16443622a5730a34a5d4b2146e19b366d2aaaf2c11abdf69e304387b9951093d404a5da6ffcdc161282b625f32eec22b02e1830daa3c5f692cd0e7be3d59efe1671a1e28381e506699fe5cf533ec2854a27b91079e3efb6aeb9886f8a040e4d37210929e02ca7a06d74d4ea884aca97b9b592afdcd5758662f4b258988248117f3db349c5e76cdeb89e598950f465497d138b7b810611198e5ea7ebcb8bf347c41b5c704e1ab3618454039177a929aa60f882b1d27a55454ae08c5077c468e8de8de555f558c9d0cda133698044686d3d4f8c36edae2ee9e6cc430355d45b40ee99366a63b50d5fbd71b6403324807e822afdee6788a3ce97a79da4b730e6079d1d9f62b35ea4e6859c569e6f7ced8e029358ed5c8b6db16a37f7bdbe8969429759681001fbb5f963acb46d3398d59ba92cb435e0ae954f33be138e45007dc1c1acb8f4b3816b2e35f93341587364ef6473992aeda5cef90557b13a48fcb760c704e732937ff455fed55e84cfbf2d7232271706029e2bbdd08d7262541fe62df2d8b6b8f36ec6582fcb3364a256a72b701cb74a85b4c0ed0339b05c41157d8324903772066e393868aa77f923b46b9f4e5109d34a250c5e579c9882029e6c10e19750b315747f665fdcc89f6335614f9668d4fdb233907ff2d0a9b1fc342ee609926431b667728afac5d01690d4fe4d514ccceff7a9b62cbe7046d6d20e128a09f2c2ea684e318086dd470369058dcefefe314a2dd275d06dc7d05ce96076e10139596833f522e962f503906b647a6852481d90176737c0d5e193127792e3bb0543f3c3d37bfc0724744d8b0abc32e1b62a0b40466ed8e74a072838abba492654a7d6c4821e4918575079f71ce332258b72f7a84c51769386415c1719df530277d7028703deb53e3f86b266914042965c0b08905bb96559253e46173a4054bd9d12fe3bcc6abb2a8de808039b039bc8abdea0b055f525e8f1f11a02fd3102a3c1587beafff1c57ad32c8721cccc3525c673472d898bfae25b12346121ac46e18c4ab29ae51e11481d4c59f9a5627dacf9940ee538c88100e8a2b09ca2831cc269adbc1b0aab0b3a80c101be80fcb972838ba49465bd947c60122ebfc7d1ed6c5ce35426a3f7", 0x2000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x8, 0x8, 0x4000000000000e51, 0x1, 0x5479, 0x103d, 0x200000000006, 0x0, 0x32a, 0xfffffffffffffffe, 0xffffffff, 0x1, 0x40000000009, 0x8000000000004, 0x800000068], 0x2000, 0x180d54})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.678942126s ago: executing program 5 (id=1015):
mkdir(&(0x7f00000000c0)='./file1\x00', 0x154)
capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000040)={0x200000, 0x200000})
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f0000000280)={0x8, 0x3, 0x8000000000000000, 0x2, 0x9, 0xfffffffffffffffb, 0x0, 0x0, 0x982d})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, 0x0, 0x118)
fallocate(r1, 0x0, 0x0, 0x1021f0)

2.403791737s ago: executing program 5 (id=1016):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000280)='contention_end\x00', r0}, 0x18)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r2, &(0x7f0000000240)="94", 0x1)
close(r3)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
tee(r1, r4, 0x8f5, 0x0)

2.330846686s ago: executing program 9 (id=1017):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfc, 0x2ffffffff}, 0xc)
r1 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xfffa, 0x2}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x800}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x84}]}}]}, 0x44}}, 0x24004000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.206906887s ago: executing program 3 (id=1018):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000006c0)={0x1, &(0x7f0000000500)=[{0x6, 0x43, 0x0, 0x7fff0000}]})
r1 = syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0xff, 0x20, 0x8, [{{0x9, 0x4, 0x0, 0xfd, 0x1, 0x7, 0x1, 0x1, 0x5, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0x4, 0x0, 0xb}}}}}]}}]}}, 0x0)
syz_usb_control_io$printer(r1, &(0x7f0000001100)={0x14, 0x0, &(0x7f0000000300)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io(r1, &(0x7f0000000180)={0x2c, 0x0, &(0x7f0000001480)=ANY=[@ANYBLOB="0003840000000403"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_ep_read(r1, 0x1, 0x0, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, &(0x7f0000001680)="f31552c51ef8205abfa9f8ff810b310cabf01c94d4ce91d436423cf90c15d97c1217cc21e800e1a7c1ffe6b70eb4e86ad3d217ad07e656cdbdf756ca5078b27a12acf51c89b2f433714da7b7730ef423c41b606e3950b8", 0x57)
close_range(r0, 0xffffffffffffffff, 0x0)

2.046422349s ago: executing program 5 (id=1019):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x490420, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x100}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x20c01, 0x99)
ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x40806685, &(0x7f0000000180)={0x81, 0x3})

2.017924921s ago: executing program 9 (id=1020):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a000000050000000200000004"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x6, 0x4, 0x4, 0x5}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

1.911871153s ago: executing program 9 (id=1021):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000bc0)={0x10c, 0x14, 0x400, 0x70bd29, 0x25dfdbfb, {0x22, 0x8}, [@INET_DIAG_REQ_BYTECODE={0x3d, 0x1, "4146d23073695a99b67c41433d3cf7a440d55ebb963032f168e3cc55422a9a3b895dc07bf3b650bb9ed4f29c7eadf1197102e687aee61e0e79"}, @INET_DIAG_REQ_BYTECODE={0x4}, @INET_DIAG_REQ_BYTECODE={0xb3, 0x1, "e1a96bba69fecc573ecdd9a4277e1f7a6f8db1206a49528437231a8c1ffc88aed8883df0b15b675423ea7893fb29eba80e3a74715724f41a1d931557bb326ee2ea8ff29598a726429dd334ad502b890c357c22159242cafb596b9ce573465d55229e3728ee92cee8d3c3f2577d839bff031b5e9eaaf28c841a693563e0c6c2ba8350d7a3ff7851d78ef8dc40764fc00d7da33d7a6199f2791b403dd9a0dd93a2e259baf527567e5a1c5d571fcedd42"}]}, 0x10c}, 0x1, 0x0, 0x0, 0x8001}, 0x40)
getpid()
ioctl$sock_inet_SIOCSIFDSTADDR(r1, 0x8918, 0x0)

1.270419744s ago: executing program 9 (id=1022):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe3, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcb776f6, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7357c35c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x9, 0x0, 0x0, 0x5, 0x4, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1cd5a44b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], 0x1, 0x400})
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000100)=0x80000)
ppoll(&(0x7f00000000c0)=[{r0}, {r0, 0x202}], 0x2, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000140)={@local})

1.268897945s ago: executing program 4 (id=1023):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ppoll(&(0x7f0000000200)=[{r1, 0x6600}], 0x1, 0x0, 0x0, 0x0)
connect$unix(r1, &(0x7f0000000340)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

422.838495ms ago: executing program 2 (id=1024):
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_dev$tty20(0xc, 0x4, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ffff", @ANYRES16=r2, @ANYRESDEC], 0x52)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x80, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_9p2000}]}})

405.044451ms ago: executing program 2 (id=1025):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x2000002, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00', 0x49})
write$sndseq(r1, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1001a)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000440)={0x1, 0x20000006})
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
close_range(r0, 0xffffffffffffffff, 0x400000000000000)

338.265773ms ago: executing program 9 (id=1026):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f00000004c0)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2002004}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000002140)="59f1e4552e75986be30344c577df27f4b4a41646039fbf9beda7bf5a572121f6414ca8bd405e18b655af5c5e013e0c7388225a727cc1eb4eb7c7cd47b2c3d353dec75184436dfd9933bd374d8dfd322d0a5b705731fba628d06c11ab04e155f747b67108a4e376b5711565b653281ada57116b0dbf782e6f343532ef258b42d65df4a96f83b00ce9c66eb1a1ab23f2039927adfe99a3872de7a80ec34aa05b8be26021e61d2e1509d903f77783525e515ae5051541be24502d5123d1a08e06d959aae764ee7bed31361802c486a3f9fbb3824a21fc1b73f95d88167f7659cd90bbb4b7eb78c21e01a9da912544402618285e461cc1c9a1ada2f273d3799feb3d90e373c4f0132554fc3ebe0b8557d521e89f66531514ca337bb1149f86158e7ac94d88fc583a59b7ead0fc249ae26a4ef2ff5bab62209000575441363025553f5012b8eea50bb087202114f8b48ab602fe3fd952bf9886dcc41a9d6c22bfd543f7dec92f32758b99cd239cb69a2fe1c4560426e101666b862aec3e235fd308a6e7560aa2207cc185acabd03b20d4091ff7936120b450b1db200228cd435c434c2626f641cdd8180946982d665352ee755358afa123e7fd9a202e912c528929067ce785f3ba1877968a047f56dfb7cef747d59feeabcff03e73aa3dd3dafb367f32758de4d98dfe15737ba1cb7400ee5bdf4220d6e667c651757d4f8bf536771309d6dfa928e59c9171fa7a710a6d308e757775ce029e0724971c8d7782e29b8ca82de04e883ba042f92e6f7c6b2e627e1242e1f2033ca5bcc81797ba39359e320139cfcf6335086cd646b842e13ab0f90d2fa92ae3cdbeac38deebfc485b2f10f4e29507c858046ae009df144c4ab38ae70e25cccff11078408d7ef4d7bb262310fec1663f1a1dc035864a40616b4690c841c986630ccb784d7af382fef327e7e64817a48db2eae499584fb6cb758a4da7967d283c7400e87657443148a94a352bc46154849a9d6eaf85e4e5556c648017e7f5456be988abcbbcf4a5e2228d2cebf144229fb8b8b6ad244be8f6ccfecfa6df74278761bae6be823eeb6cd08bd0bc01283d04fb719f546cf4d2de5388d1f90eec21674d35c9e295cb1bff104689395cdb6349efcf3d3d99e0141b7bdd4f0ef24fdd6afc35fdca10ade6d539bf1e32ca2e5ab5223e4e975a3cdbfa604dc7904755919905e3ab5e4a1932e2cd7741dd80f4993d0822bbeaf7ea70541e7d18af5a36aa1b928b801bf5a8652adac57dd76f0b7d0629a9fa493db118d6420a18236ca92487cf1b751477bd7b66b6ab97a280306f921493eb9a6172a70cb4f62526c09bd73d148faefe36c47275a0b8822b71c6b09dc80dce0b130ede61296ea03951a563bbf020c75aeea843b95d134bd7228915c22c6e34579bf71479eb4185bf4d11f9735093d9b9d5f18f443a1925f59d2041ff9f6a017eebe9923e5b46de296ba24c25019591cde699475c075904b97f01a639dee3bfce62ecabd2ce078e5fd84b8733392e42e77a6dbb0f51fb0fc59cd7286b6912a8796cdb22e6c3949f6052a014c17b73b3cce6e531127173569d70f07d76359755a6d8bb239f135becb8524ff638452db9d7786e6c52efaa254590a9bfe6bcd485ae8b7114948d58d8c0b9620eb9ace67211e0f7eb4e75740b51f23c0d59903cf2bbcdba9fb516afb8c64cab133c51c0ccca855eba033cc4eb08bbc7632f427f6fb8de4a11bc292aa090503e96a2ae414d5c8907e599874c7e9ffbb8e57ed9b1564ea52f09afffeddb8da0a9ed228da5bbae4a1ef608a0d327cdd7f19fac5d342c31088bbd05cf87c1bb73c55db60087e058c21d313c899071a38ac027e7c2704516b2cbeeb3c18771ecaec46d90c18aaf7cc207cecd60faf27fa4fbea3fecf0dc67336263870e21a1ef39c35e89254fd02bb75848f3729450a08990a410331ac720c1b9c3859a436d65899158caacff7aea71f3bb34e69d954994b698e608836a52b88d8ae8303fb918956e13bc1bb99f955c72474d53ab8ba2ee131730f7fb7dcc4ebcf14b9c3c0553a783d6123c3b9a3cd5ff9c6c2d588c38bae6e81b5f0dabc3b4f6b2d9805474453f66e3f6bbc29b64604374ec82a602109cce44bf4ca88a8b0ea2dd27a49f70eb481f3fb59a4ec5cd0b2196c05a96905cbd0f3b01b579401d20f12aabffc6f9e869af2fb43b0c3362f67a015dbe51b33281236326c3cf93f466a07f5baa29cac348ee7c17088aca34bff6844cc60c5f9376c4869afef5e14b74d780ba0fe5ba3f919d6e3ad2c5a9b259c3a79da133173f107bc2fdf426cdbc144a96a33951bdbc43d5b5a6a5c4e8aeb90816cbde9ffcec6630ca37ae6ccddcd61dc6893b75fc6d951be9d2144b6ae4bf739ddce3400456f0bed97dcec4330b717f590ae2f30cde4203d592a4abc864b27fce63bff3da754425fa0caa91e173f8f99fb0c81910df88b01e2e4918e424322149a283a69a04effe4da0cb417126d674d802455a67bb72aa88f1a6beba6a82f9f0529caff162285679cff18c0a9387abd6ac70135ddd07d04c8cc18143c57bdbf5676feacfb5afcdde7233abc411ad08372a885ee2047017c51167112b1dfb4c3a06a829c8c57c2e6d55c85ed97063c9a5843aa299ff3c63e61440baa42b696adf218d37b39231314acc6ffff7b23d16c8762562ef8a056e31c385d57f8fda45862034abf4487d6abd7816ebda9a7aa8bcd753508babb0d4c08cc25ee88fe3a5eb26842ef5a0687f5bd5c3f0b29e4723fbacfd852f3e194e47ffcc9fefea63b972cb9f3293956ee71308ad6ccb891d760469a62c5864069cefa60b247c5366b32d864d5d63a495209627b1b36b9db1bc0979e13dbf2f7203ba69596ad6cd991dc22cadd0fc55ce89db7fed238b082674458c8fa10398e6fe69b50b8cc8df9324180305fc4c17c3f0ecab996c44f8bb2eb575bbe4300e1c93c39a34ce0f255522f4bad18b6f7ed2b5d712baf19c39bfd974dea6181511e4bce407a38e2ce591f989001bcbff570f78649b8d80d7c51d9415dfe8871f1c4161e685d9a361ee2c3f7386c7d89570ae6894f59219c9e53059a13149fe6f3d37f982c503e11f9a90fff483e3b2e4016f376fbf81a3a95d666460fa0c3f6e873ed7ba2e9b6da20b62eec19de014c540b9dc4c3c25995c0435fa5dac1d5cefd66b248db8cc951a84913341e308a318bf94d1d49e12d80053712d3d68fb4acbf8c07ff3ab721c982b114f98edb9e693afed4c80892d8d75484cf228a41fb9af3e59a31c802bb5883d88f5d804806a1747bee00a1347edffc1d832d5e01d15dcd4c7e21f35c47e90761904d0381b56e8200d69338edba5f5e5992d2439143846e1295aa77dd0745c1f33b02b108e987a3d675d8bd593ad22b49068a6f91478a807275b05261dd14553a112fc85cab73dceea1fd31a319db40ff6646afce5a9dc0588747afc06bd36c4326a5f495a12c4eb6ca44e4b23dc52836336832e267db22165554caf7925cf13c84685ee31bfd19fb988a42a2d931fe0212a64e6ffcf9fcaaeeb9fd211a529364abb1a915811a46c41289da4a3a730942d4e0b9534944ec993555d96fcfb68e4f85c53c297f1ea34781b55b69b25bbdf4f0cfc9572e924adfd354b4c291d77d802bfbdc7d7b24f1d266cabc9ecf63ea5b48d5e7f30d8ce1ee4ad861537c441667405b8223e81ba71f55e09d0e92f1c4233227eb276db865b23c8d28df9b2738f025b59d10a118e156b04da94a15b7d8393783dbbb29131603bd11397625c8cb5d8a86cabf660906bf714079f9261c901815688b76afbc65962aeba08e940c20931ea1e3b875427afbb608634eda3f7f69da64906616f24a8a750abf2da50c1e47cec369ffa25d4c199caf1da2f51ebeca7de266e7550dc12019f0e7dcd8f814c2095b12cbf94404e3343e032ebdb8b598febec6390c84fdb65c3eda086c341c09321d1ee471896be010214de39a658cf48585660010578290b3349f0233e301dce10a9dcaa372ade8a4a7170e68522add35f6cdb23c688ba42b425775f077bd0d9f6706722499763efb84c98ee3717b293b26eb46d097a7af1e8097cec825a2d92cb1038980a8a73a7a351001a6efabf812b00788bb950e8b88784054a299906786b7dbd25c9d8ef4146e45b84611d65e7ad898ac1d234574d174acb1d23d8e206518fa40e521bd3c3953c95aedf265c3755243374ce36500a62dd57a94ac22aa6c9b6d79edbad8c0633263f9ffc04524d23e64a18a22cfc1d9ff00eab75a48cffa364f025b31fc632d4ba3f1a829e78b08a9297d59b9ac9c2ae3fe7ef21a0bdc4ee34477654b4bb80b30e117dd846a4f71750f76cf93afb134eb28e0409b92016ce47871fd2a531b2b05d7684421f524833f7a9ac4a02d8c92a1c83150fbb6c68edf0c4ecc833c9e2e058c91f8f9ba81ee48ba5fb71132bb84c4e4993561b0f0ee77405a5573df396469fa5a1a761a9398e618221bdb888a9f2f07a1e9247fc7e3ff2d72bdad77654645171fc89cf4e93d6eaae95f4e7bd9dc75c1b1fc5c7926aa0d0c70b7b442ab657e734fb39660b058403057f94ae3e9b96233647216e29b891272e4403e3a155e4f77fb227cd56a3e3856969cf3ce85d1aca889c2cb1ddfab9cfdcaba80e2411243e8370757725e2875bceebec0d8174ecdda380dd8bcf63cfc619ebfd4b562949e32c8ae7173d630df595b79afc5b0c2ba6e9613ebdc3912db74a1c41bbd4c50428e1dfeff661fe3c3cbcd8fbe4a6d1c02d2b06068e3fe7fa5fb63eed98361baa5c075ea1694a575551818d3ca4988dd080df8c604f2fcaf0d3d3bd922f142ecd2b88efec2563686447750a1e814926e037c2e4d2c530bae36a0cba4b9b42d21b63d6ff403f1a5bea1a169eb494192a7adcb0787759a944043d0df72d57d775e9604a5236775b44d9553dd186f63512bfd3d4b65667f8d715bc9c100a0855e2ed963da442e0ef54b809b2e794eb9b29daea42a84c2d45c220a1ab3242bf7e2f41754feaba92998b834391aee0005c3b5bf05ca648577d77712c6a2107c0d017b1828b82a63ac32587023ae8214e55b907a08c774d12be071ae593716426038f326b45e565900ae67778cfed493dd873b613d457837bf505622d6270f7c2177b8b0048ada47e3fc97a913552d9b65be45a914c29fe5e2e398c9dc7d541f8244c9ce1fdb8d20547471ae840cdf88e4362e05b3091a80c3b32afec6747b05033f98456bb0503240d63b18d1756bd24656def9f79e6bbaca8084caf07dfd17d77f98343fb3f141f788ed0a9397f0a591023c332f4a16e468643b8dffb950f798d7cb165757b18ffa1863898de59c892b148d268b4d0ec3e5f2e4790358cbe0a40007a4be6cb789ac11badcf369f1aff5c458b5c9514b24cfc395b4b4f0df30ab6b3228feb960d545d027a76abfecf455b673be7caadf0d0f2544cb5473ecbc3a339b08652b444a3b5a28d834e63ae4d831d5abb077297428bc3b6542477fb6d4ffdb1398349cea95e7d6131184e7d793603582e81253974e10f8f947d339d2fdfa4c8871b33403cc23b2e225462d29d0450f285433c75959774fe65058188cc54488bc23a20880a0b786e6cc4622c5621f427af5dc294420c07c268cb04eef4400fcaf6fd1a500504fe59cd3c44836a0b477a62d05c8f43e96962a367cbae1f88dd4f4c22e0c7d2afea8a2de91917599f6db37449474048ba84f144532af50b65cdaba868f50f079a4a495d2ee921d835badc2ac45e2521dfc559bbc664f6f27446a6d5afcc8c0d90d68f991dd503291d7687f64641fd052c73be1786b507252749fd788c0c8edf25ab5efe9ddb2a67ec7e24f22f9fe28966d64338b691222c7cc493a9a5c10430ce0f074703047757a9abed0ee0cca14c20cfa9cb521f0e4e91e886e4b1285ffc996912ca7c9f81f2e8e64454fe6846ff44dd21c294b888d52c37bc386ba8cd7f7c0fedcd524ebf603f0a5b5f19be9c7e0f6da5d0ddbc2543d1adf46f5d0140d40c8798f8baa4ba49d99aa0171ffc797e3f919b21a37d3ca8b7a729781aa262d68a0451a2705f59f18268387fdecaed03045fd6f1759a694a5224c46f7a4c6c4eab6b11089b114e5a78546c258f23a2b80fe7f9503d006799d2b8fed769d87e9dafaf6f923ad1be071538789b771d13125049b58a2f2c4f91a5cedbfd725e419e8b640b9d704f48b96efab1b249784bed0e6c3c938b5ce66b6766ca0bbea73aa3a514a57ad7d1907f72072128be570e016a2a5b5754f60e2b0bcc3bd9a4ed21fe4e9b4655ca22656ab6cccf5091a1f85251e51f59094762252c996d9609430cfba1d160702643060cf386f3c3ab02eb5943326312444ebc0e5df143dfa8e868fafb719fbe1f5b355c472adc7694967522e39c1b162b57d49aeda122bc4a60393bba6db3f083751a41f9aa2d6cb59038f94b896a5623f82bad390d2b729f66d5f87b72cc9b54a2f08b3e7ad321310e8f79556ed4dd0c8a058e6a434b6a3fdf28a6b669b53694c16a72e14c1bce34f81c67071152d75ee8f146e465849a7b3eefc2fddb779fa34685effe59432444b3a6fc237da95fc7655aad861aa319a75880e53858ca6a7dad341b2643918e69e3c81969fecf6cdecec304c519ddd0f54b659ed7f9c3782c58202ba393c3811aa1f34d710db2cd0bd1478db3b3445c5d20811dfeb0e4bc3434ae4fa3518c9c36ebcc73d2e40a1701496f82d186309885af32b9694a7a6616bba665b94bff24ab493488c9a53cf1de2eaac644cd0f8d9ef4930f8bf56797b5ac4abc8132f62125905f7e18db3048a90c4a4779b5e29815830fb4093956bda4e2596bb8956c45313ce4e4662143a95779e5c23933e9312372e29c00ee668e82c7d4de290a5a6a66b85e6738528a58b4d169221a0ac5367196cea76c58b4c236b7da73ae1ce463656941f322d4cdec390d91d813c2c9bd70b10151673585457016c0d302f23f323c4a118fcc32a8076be44606d3241bfa66e78178c8d991093d9dd5d93d3eb455ed085eb5e88d83f3a47ce9c5fa7f9035df5c407eb27daa231c538ab58765668ed5a80e8f8a3a4470181b9f15b56d5c4a43708e7287775ee1e991c8e28af2afefef93b19ce3c4a1cf5d25e9b232f424a312cd4883230ffb071343986092141ea12e9647e5f5ab4e70de17d17756eec8ff64328c0050794c568baf183dce6c798e9b01dc53e76c4b9a0b61f1b65cfb74152d9936e05505df63048cd62cec15a97ec79995c5381b0491e65661c2804cc7a5cba0f418d5ec420ecdcf1363cc48777ac6a9901a30d6aed7bb62651480da8f84c93a61bd66ee6f218f2999d052e7e3fbcb002b57bf3c1292cf75a52a164d5c7f1265f1c7f881683dc8d6572853eef350f3834f888a1ab0eff22ee3b93ec2d82f93ddcb5b915f2c273a296be81f3ea3d5e9855863fb5cdc7289770111d02a7e0ee6558e46e754a5c11e4d36c55946fbc62d0c89f87156e33db0ac968dfb67c3a43a55328996a73cce287d518d45f5753f45051bba90d6dd06d95bd14c13d7707bc1afb44595da6783a48d6675c8e28affea30a55ee55a904d9ffb31e9c4fe04fe3dcdbb459d62d36156b2c6aa015b20205f6222008692f6be91ae531afafba348725ba820bb9fb2b93d3013e3f4766dec362a1e0cf40534eb1a18168c18afe08dfdd65e9953869353ba14cd1daaed1fc0c0ae1fc8deaa98c79b74ebd2043b18076dae9c2b4625ca9459a354ce3571b8c33870cc291983da1c0f32f87133192564e6c22abce03fdde7a7cca192d623253e99d5d1ee2f5e4c6535cb027eaae8fb1486ebd7c09881a14c88494a03030f5dba58f7e45a78905b10a5645409ea754162aeae8551d1026021da8685d4cbafbcb0ad980a1a16199be14b11434b0cd62a559b8584cd373bf9f959641059b17a654523cf3f3e7fd94a809e44a21ce2242cce6f79a32dd5443b79df68ddbbdc73eef492ef6a9f093f3131874064f89f26ff32eda7e6451081990a022a0fe52f189cd1deba409dcc090f91d10fa769d1bd75d11ec22b6e85405cbf9b3256e4f8913d7b8eda2945069e219fb4abca2a191e024d5af78e75cdbe0d9d5471a1d8e8aeb9e0a00274d4474ab6b0ebbb66d41bfc1683642c88a1155c91a7eb2295c4b9aa93eb0e77dc5a928e1698490de1226c65a7ef79fa9237dc9f7fdb8fcf9b54658ee3c714b14297fcaa1371c22e746151608f6f1f49bfdddce0ce24e6fc8da8f8dec534e5fe36106c81f25250be3fc496a4df508e79f49c7a4341d50bb6f96289afab14dbf4e8802a14ae82705a75e18330884c9bb1152792249a68ced40afc63deeb59daf9711484b982ec2675f5d9239f182849c4780046460e59aed8cdaaee156544370962771ced877365d37723bd9f935e8192ffd677348db41e3884704b5cbc6002c32111c9168dfcbbcc1c1ae3fd907b494a1fc7a8da0077517b55cc86393f61b07cf71408c47c9f4ca78c9cd48bf62c3b48232f74fa04f4e1fe9e5a4b88e94cae83397ca74948acc002afad739a3891c16c102fe026e2d1ac172a8b0f8c26689d99c371e275671b4f7ba1a08f7e955175b0dd88bdc63f6c1416fdaad20924c7dfec72d961b7fdde56de6ec0c11d43abf60fba174f4a689a1ff15016e7bbe378255f6724fac6a877a00d34a44b85c332ffb3b48101cb6137ccbb5e79f0e0ebe144800c8eb8ee3540cd23def571a4419908604a4217e4da5c72ac49c188e050c6c154df8f1ae2275a6bf123da80196a01cabbd699b215e6e1d7762c299d22e5b72dc1d17fafc2b42bf8c1546694772a2bd9a5f1f75504906c649988f88dd1f1236ab3e92907da0b87b7b674f5f3856c2d0996c20795a2cf7eca5b8dbbb4715dd4e67ce6ef38848bd50389686f17c059070fd9f1bfbd0409e3df16e7a73fb115c66cebb217cd01c5967c774143aa11d9815f2b0f9030f012bb8df1548a4e495e3553ea8524d374772a287beb18a7e88c88f4678e8835f35ee901eba3276b55095122d36a4da666e3b2a70114bc7c8faa5c73b89744c47aa138463c619a322e4dd8e4414ab12b143d2465401cafd97f500b2b035ee96f87131b3c5acbd7d336d926973e70b7c409372a1bb270e0666831de3fb5f059d25cb733106554ad892b2d46f5b33b00ae6198573c4c57b059266f806943e864a34a2b830003bdb7447fd105244bb975b0d7f1b6e25a72ac98a6fa3be7e3b430701633b95f8560620a58caa3366b0ddef41d153452417e4a5b48cfde67e6525d23c538a90d87f9b3cbd4205ccb30ebbbd54a00c4b0fb30cba4d02c5f108cb25af1cd791711d244c87de9738afd56401755ad8f5e62198d28164475997d7719f91ed7685829c6d536a090353b0b2de436d27e9f1fecb09917c1a3e7cbbe33024a74883790c9d18c2349a3f748f6362a79b92b95f1b3e8ddf118c87fc389c1ca08786b81513b62ebefb9fe472ff79eddbfa06d6569faaa1b8df516e2d0365256bf012da3571c6bc8589c49e0573da6d9ea1f7ad35840450a9f334d5d2cf9aa343dcc0f9864129bc548914507b30075d1a153d98af8a6def82e5c8619d9656f8ed0598b3463632c1cfa8ce86cbb90c772cf1298709fab835fe07b755a955f0d05c0f4dbffecaa7f6b1b6d40fffda03965021fd8f1316b62ee8e2bf6fffa01bc2740c066b7655d39f4be9d96f39713fab5ba34fc5431cd86c7384ee9177c20bf5ed5b9242b5abaefd4429a73195c166366527daaad6ce29136edf7fa974415fdeca13adb617e35d357d9c8d76953b6704bd04c391eb3070b1536342224577305c75b69cbe622e308722b3b76fdd3ad0ee69e7cef96a9cd267a92d846863b97862613b2ff5667559ed286e2fe6805a3a09ffc25e4df4b58302844e747a65310d4eb9d64c1b31995a2df3dce8026426e445b60520933fea52f4a9fc8e15033b75e5f412866f4c75371b6cb6436acb118d62752da91b64f15d40c8263bdc6ab718020442bc9cb8005ff30e90ca8bb4f489b0eb4218d323b39022fc542dcc16841899d094d4a5bf134281a330efdfb2445bb31d818b11d9abfd0e58c6497d2db7ac72a26d068b6b4b62de8d291188d4de82d9e53f3cf597e9c383a308a6a52814269c18a18b654bbf4db4502c11856637400b8c2ec3aa0127a659efcaaf5377adf69cb3d9ec65130864cd49320a8ac21aeb31c1c08f92a483c70318870b0107b4ac6070575e548bf70a25d1b220d8192697bbcf891521e4217efb59429c9ca2638a6eb13845d74a91ce45471e8df8f9d8a3a4ea4c8fab267017294f8054e43af04394dd3cbd35b6e60911f049d0f1048d1941effae8ed0ef726efeabe24607e3036e95297f7ee8d3bade2ca8cc431504524b6b40bfff220cc60f9f64376ad5b5fa7cd8dbc3baf145d6ff4ac00a4a8fc2de132af0e2d84302d02c5677b927d76094d38c8b644c1480c6dbcb7274d15362a3ec973cbe40086137160e6447ebaeec5aeeee932ef2bb03fd0754a7708968f2bba76ce16209e7bf1de26971f8c112581f9c417828a4a0fe4b6f243b939e8c4a7595230039f3f81fb64d84227c3725cde10c89d6413354e53811b2cbfc8a0d27dfb11884af23522a51a68f5415ba529690561df7d3f3d053166fc97e6c931d80968477384da3107cb5321b88940c3602a25195b870af1d956f749ecf6f0321f0bdead7cac3627d2895db23f74a244ba8cef7a7d1ff04f5258d45f5e1aa4a4baa83a36abb0e5fc94104e32314ef739725d83de8d0027218b7aea54c6de45dac43f955dd2ae4f7b89774219f12a25a7d47213d545357d7a0977486f8bbad66d8ef36bc26671c1a9c2a54d35e2e303b7cc4e3c431c2068ac10e6168ff1a0c023bf68868a20f20612ef5062ccc978332f2a97b58b0b92cbefa1ce73815776ef3e658145074592a463e5fce30fb89d3657906129fbbf369f0a7af4d9f1f153b0a840dfb80607da59ab2f01e72413d364f0c4f90a13b313b03df460696a8506c6c1dc6964918093274054bb9b46b7373a30efdea62c115fe9fd396c989c53c31402ee4b6bf6d9db19bf75906a0fd0e807f7e6cb7c5ef4daf0b21edcbf2f64605ccb7b5238bef39231d470d1542da1eab747084516fb6ef188308e62658540bf37e10215f26e2b1cab4d91a2a429e51bc270cb07c4628a8fe4066192893253d22b3a24edb3f3d02e227c613067231da02b449dc5ecce6a6e605ee5708817b2b72453fcf0f4e04f0c22996871d01cc3684e2b73573604366ca12a604f450edd6e113f4d1bda649939270c0ca493eafce9f46547b2ca1dcd8a63ec6053b99a2705a26c71df3a9dc7a347152dfc55b036701e9f7dffbe9138e6f619daff7721ab2c79e41c7f7fc829e3a22c2fc286f08a0117fc53d63d7c241aed27350badef0ff11ffee83920d62fb09f6be8ae44eab4273560e0ff14096afd10580306ab96cf9998da75e1dd04a9f70023673935a470c015762480b4182c32cf4715d7cdec146b1c8f50709c8a704922900bd1941e1e8172981b373f5de5260e84a498ec8110d55de18c99a5310ec0a7c69fcf54c8b70", 0x2000, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000d40)={0xb0, 0x0, 0x0, [{{0x5, 0x0, 0x0, 0x0, 0x0, 0x4, {0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x4}}, {0x0, 0x0, 0x4, 0x0, '..^\''}}]}, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r2, 0x0, 0x0)

286.869509ms ago: executing program 4 (id=1027):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
r3 = landlock_create_ruleset(&(0x7f0000000080)={0x9008, 0x1, 0x3}, 0x18, 0x0)
landlock_restrict_self(r3, 0x0)
landlock_restrict_self(r2, 0x0)
connect$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

247.618415ms ago: executing program 2 (id=1028):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, &(0x7f0000000a40)="48b808000000000000000f23c80f21f8350c0080000f23f848b800000000008000000f23c80f21f8350c00b0000f23f88fa970913b66b8a8000f00d065420f070f5c6fd1b805000000b9a72800000f01c1470f01c9d166be0f84383a159b", 0x5e}], 0x1, 0x11, 0x0, 0x0)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

210.909109ms ago: executing program 4 (id=1029):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200009b1aecb60000000000000000850000007500000095"], 0x0}, 0x94)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x6, 0x400, 0x9, 0x1}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r0}, &(0x7f0000000700), &(0x7f0000000740)=r1}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x43}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80)

74.908802ms ago: executing program 4 (id=1030):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
recvmmsg(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}, 0xa1}], 0x1, 0x50, 0x0)

9.8861ms ago: executing program 4 (id=1031):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x100)
r0 = timerfd_create(0x0, 0x800)
r1 = syz_io_uring_setup(0xd3, &(0x7f0000000480)={0x0, 0x6776, 0x8, 0x22, 0x335}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0x103, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000240)=[{0x0}], 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffff}, 0x94)
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)
timerfd_settime(r0, 0x3, &(0x7f000000b000)={{}, {0x0, 0x989680}}, 0x0)
clock_settime(0x0, &(0x7f0000000040)={0x77359400})

0s ago: executing program 2 (id=1032):
syz_usb_connect$cdc_ecm(0x2, 0x0, 0x0, &(0x7f0000000240)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x310, 0x82, 0x7, 0xbb, 0xff, 0x1}, 0x0, 0x0})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000000040)=ANY=[@ANYBLOB='\b\x00\x00\x00'])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

an_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.677622][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.684631][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.710660][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.723642][ T5831] team0: Port device team_slave_1 added
[   90.748442][ T5816] hsr_slave_0: entered promiscuous mode
[   90.754973][ T5816] hsr_slave_1: entered promiscuous mode
[   90.761007][ T5816] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   90.768856][ T5816] Cannot create hsr debugfs directory
[   90.776601][ T5829] team0: Port device team_slave_1 added
[   90.821075][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.828143][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.854160][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.909020][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.917160][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.943665][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.036664][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0
[   91.043635][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.069873][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.083210][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.090675][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.121486][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.168439][ T5825] hsr_slave_0: entered promiscuous mode
[   91.174949][ T5825] hsr_slave_1: entered promiscuous mode
[   91.180972][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   91.191341][ T5825] Cannot create hsr debugfs directory
[   91.369181][ T5831] hsr_slave_0: entered promiscuous mode
[   91.377854][ T5831] hsr_slave_1: entered promiscuous mode
[   91.383861][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   91.391542][ T5831] Cannot create hsr debugfs directory
[   91.486192][ T5829] hsr_slave_0: entered promiscuous mode
[   91.492496][ T5829] hsr_slave_1: entered promiscuous mode
[   91.500300][ T5829] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   91.508556][ T5829] Cannot create hsr debugfs directory
[   91.771823][ T5820] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   91.818616][ T5820] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   91.859551][ T5820] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   91.902337][ T5820] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   91.983593][ T3080] cfg80211: failed to load regulatory.db
[   92.053417][ T5816] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   92.065571][ T5816] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   92.083747][ T5816] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   92.109317][ T5816] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   92.136993][ T5138] Bluetooth: hci0: command tx timeout
[   92.196444][ T5825] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   92.215055][ T5138] Bluetooth: hci1: command tx timeout
[   92.228126][ T5825] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   92.240655][ T5825] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   92.252600][ T5825] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   92.295740][ T5138] Bluetooth: hci2: command tx timeout
[   92.383969][ T5138] Bluetooth: hci3: command tx timeout
[   92.394359][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   92.410456][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   92.447595][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   92.455109][ T5138] Bluetooth: hci4: command tx timeout
[   92.490864][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   92.511082][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.599930][ T5820] 8021q: adding VLAN 0 to HW filter on device team0
[   92.621136][ T5829] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   92.646676][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.654065][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.676275][ T5816] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.689191][ T5829] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   92.703173][ T5829] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   92.727949][ T5829] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   92.766319][ T5816] 8021q: adding VLAN 0 to HW filter on device team0
[   92.783299][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.792485][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.799686][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.870143][ T1024] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.877305][ T1024] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.899721][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.906928][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.929102][ T5825] 8021q: adding VLAN 0 to HW filter on device team0
[   92.973134][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.980320][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.024270][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.031524][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.226633][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.350779][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   93.380875][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.430214][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.437406][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.528629][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.535829][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.592843][ T5829] 8021q: adding VLAN 0 to HW filter on device team0
[   93.640042][ T1024] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.647258][ T1024] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.719429][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.726686][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.758376][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.783484][ T5816] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.872137][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.033190][ T5820] veth0_vlan: entered promiscuous mode
[   94.135716][ T5820] veth1_vlan: entered promiscuous mode
[   94.159902][ T5825] veth0_vlan: entered promiscuous mode
[   94.215951][ T5138] Bluetooth: hci0: command tx timeout
[   94.264278][ T5825] veth1_vlan: entered promiscuous mode
[   94.297719][ T5138] Bluetooth: hci1: command tx timeout
[   94.345995][ T5820] veth0_macvtap: entered promiscuous mode
[   94.375294][ T5138] Bluetooth: hci2: command tx timeout
[   94.408984][ T5820] veth1_macvtap: entered promiscuous mode
[   94.457748][ T5138] Bluetooth: hci3: command tx timeout
[   94.522356][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.536753][ T5138] Bluetooth: hci4: command tx timeout
[   94.553613][ T5825] veth0_macvtap: entered promiscuous mode
[   94.566367][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.581573][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.607026][ T5825] veth1_macvtap: entered promiscuous mode
[   94.628506][ T5820] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.640571][ T5820] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.650329][ T5820] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.662069][ T5820] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.697229][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.734213][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.787911][ T5816] veth0_vlan: entered promiscuous mode
[   94.812308][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.863437][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.883828][ T5816] veth1_vlan: entered promiscuous mode
[   94.889651][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.914350][ T5831] veth0_vlan: entered promiscuous mode
[   94.921464][ T5825] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.931225][ T5825] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.941584][ T5825] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.951850][ T5825] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.993540][ T5831] veth1_vlan: entered promiscuous mode
[   95.072561][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.098427][ T5816] veth0_macvtap: entered promiscuous mode
[   95.107889][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.111890][ T5829] veth0_vlan: entered promiscuous mode
[   95.164103][ T5816] veth1_macvtap: entered promiscuous mode
[   95.199121][ T5829] veth1_vlan: entered promiscuous mode
[   95.214844][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.230205][ T5831] veth0_macvtap: entered promiscuous mode
[   95.236995][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.248096][ T5820] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   95.272676][ T5831] veth1_macvtap: entered promiscuous mode
[   95.301749][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.411248][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.426540][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.430390][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.453390][ T5932] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   95.461749][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.472283][ T5829] veth0_macvtap: entered promiscuous mode
[   95.490147][ T5829] veth1_macvtap: entered promiscuous mode
[   95.531162][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.559953][ T5816] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.585368][ T5816] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.594131][ T5816] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.605952][ T5816] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.640569][ T5831] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.669561][ T5831] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.695118][ T5831] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.703876][ T5831] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.760859][ T5936] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   95.790415][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.848932][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.909798][ T5938] uprobe: syz.3.4:5938 failed to unregister, leaking uprobe
[   95.931662][ T5829] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.944347][ T5829] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.953803][ T5829] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.999209][ T5829] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.306195][ T5138] Bluetooth: hci0: command tx timeout
[   96.381376][ T5138] Bluetooth: hci1: command tx timeout
[   96.466036][ T5138] Bluetooth: hci2: command tx timeout
[   96.535089][ T5138] Bluetooth: hci3: command tx timeout
[   96.615528][ T5138] Bluetooth: hci4: command tx timeout
[   96.696005][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.703871][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.857307][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.893613][ T1024] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.902058][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.937132][ T1024] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.970394][ T3016] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.985435][ T3016] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.687890][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.714287][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.733208][ T1024] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.788269][ T1024] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.966570][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.695295][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   99.284735][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   99.804770][ T5810] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   99.992718][ T5810] usb 4-1: Using ep0 maxpacket: 8
[  100.000495][ T5920] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  100.089131][ T5810] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  100.139511][ T5810] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.254623][ T5920] usb 2-1: Using ep0 maxpacket: 16
[  100.342098][ T5920] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  100.517661][ T5810] usb 4-1: config 0 descriptor??
[  100.532821][ T5920] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  100.573023][ T5920] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.596938][ T5920] usb 2-1: Product: syz
[  100.601207][ T5920] usb 2-1: Manufacturer: syz
[  100.637350][ T5920] usb 2-1: SerialNumber: syz
[  100.638663][   T59] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.664871][ T5920] usb 2-1: config 0 descriptor??
[  100.703265][ T5920] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  100.750898][ T5920] em28xx 2-1:0.0: DVB interface 0 found: bulk
[  100.795760][ T5989] netlink: 12 bytes leftover after parsing attributes in process `syz.0.24'.
[  100.874159][   T59] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.978475][   T59] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.164075][   T59] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.234631][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  101.332965][ T5920] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  101.516361][   T59] bridge_slave_1: left allmulticast mode
[  101.523058][   T59] bridge_slave_1: left promiscuous mode
[  101.531321][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.545785][ T3080] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  101.586115][   T59] bridge_slave_0: left allmulticast mode
[  101.591856][   T59] bridge_slave_0: left promiscuous mode
[  101.605029][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.714699][ T3080] usb 3-1: Using ep0 maxpacket: 32
[  101.732339][ T3080] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  101.780968][ T3080] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  101.865190][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  101.877252][ T3080] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  101.886524][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  101.894206][ T3080] usb 3-1: Product: syz
[  101.899526][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  101.908579][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  101.918311][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  101.926984][ T3080] usb 3-1: Manufacturer: syz
[  101.932115][ T3080] usb 3-1: SerialNumber: syz
[  101.952569][ T3080] usb 3-1: config 0 descriptor??
[  101.965725][ T5995] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  102.076843][ T5920] em28xx 2-1:0.0: read from i2c device at 0xa0 failed with unknown error (status=65)
[  102.111699][ T5920] em28xx 2-1:0.0: board has no eeprom
[  102.212536][ T3080] usb 3-1: USB disconnect, device number 2
[  102.350820][ T5920] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  102.372029][ T5920] em28xx 2-1:0.0: dvb set to bulk mode.
[  102.385713][ T6001] em28xx 2-1:0.0: Binding DVB extension
[  102.425310][ T5920] usb 2-1: USB disconnect, device number 2
[  102.433168][ T5920] em28xx 2-1:0.0: Disconnecting em28xx
[  102.445145][ T5810] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  102.524458][ T5810] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  102.559981][ T5810] asix 4-1:0.0: probe with driver asix failed with error -71
[  102.606058][ T5810] usb 4-1: USB disconnect, device number 2
[  102.663283][ T6001] em28xx 2-1:0.0: Registering input extension
[  102.688985][ T5920] em28xx 2-1:0.0: Closing input extension
[  102.749965][ T5920] em28xx 2-1:0.0: Freeing device
[  102.778405][ T3080] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  102.841657][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  102.859688][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  102.873427][   T59] bond0 (unregistering): Released all slaves
[  102.967926][ T3080] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  103.017118][ T3080] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  103.053287][ T3080] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  103.099848][ T3080] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  103.187299][ T3080] usb 3-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  103.242443][ T3080] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.346244][ T3080] usb 3-1: config 0 descriptor??
[  103.653016][ T6019] bridge_slave_0: left allmulticast mode
[  103.664330][ T6019] bridge_slave_0: left promiscuous mode
[  103.695464][ T6019] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.732563][ T6019] bridge_slave_1: left allmulticast mode
[  103.782241][ T6019] bridge_slave_1: left promiscuous mode
[  103.797835][ T6019] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.846530][ T6019] bond0: (slave bond_slave_0): Releasing backup interface
[  103.888500][ T6019] bond0: (slave bond_slave_1): Releasing backup interface
[  103.974688][ T5138] Bluetooth: hci0: command tx timeout
[  103.991042][ T6019] team0: Port device team_slave_0 removed
[  104.045695][ T6019] team0: Port device team_slave_1 removed
[  104.096597][ T6019] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.139491][ T6019] batman_adv: batadv0: Removing interface: batadv_slave_0
[  104.163756][ T6019] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.206821][ T6019] batman_adv: batadv0: Removing interface: batadv_slave_1
[  104.403805][ T3080] usbhid 3-1:0.0: can't add hid device: -71
[  104.452062][ T3080] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  104.512701][ T3080] usb 3-1: USB disconnect, device number 3
[  104.780716][ T6040] evm: overlay not supported
[  104.980249][ T6046] syz.3.37 uses obsolete (PF_INET,SOCK_PACKET)
[  105.036993][   T30] audit: type=1326 audit(1750939882.045:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6042 comm="syz.0.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32e198e929 code=0x7fc00000
[  105.287668][ T5951] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  105.466728][ T5951] usb 3-1: Using ep0 maxpacket: 32
[  105.529462][ T5951] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  105.608075][ T5951] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  105.647986][   T30] audit: type=1326 audit(1750939882.665:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6042 comm="syz.0.36" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32e198e929 code=0x7fc00000
[  105.685320][ T5951] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  105.746981][ T5951] usb 3-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  105.805092][ T5951] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.805250][   T59] hsr_slave_0: left promiscuous mode
[  105.840015][ T5951] usb 3-1: config 0 descriptor??
[  105.884275][   T59] hsr_slave_1: left promiscuous mode
[  105.906175][ T6060] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  105.935559][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  105.974640][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  106.015748][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.060135][ T5138] Bluetooth: hci0: command tx timeout
[  106.065764][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  106.204703][   T59] veth1_macvtap: left promiscuous mode
[  106.210589][   T59] veth0_macvtap: left promiscuous mode
[  106.228980][   T59] veth1_vlan: left promiscuous mode
[  106.244638][   T59] veth0_vlan: left promiscuous mode
[  106.381237][ T5951] input: HID 0458:5011 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5011.0001/input/input6
[  106.557088][ T5951] input: HID 0458:5011 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5011.0001/input/input7
[  106.673593][ T5951] kye 0003:0458:5011.0001: input,hiddev0,hidraw0: USB HID v9.00 Mouse [HID 0458:5011] on usb-dummy_hcd.2-1/input0
[  106.841452][ T6078] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  106.885900][ T6078] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  107.031516][ T5951] usb 3-1: USB disconnect, device number 4
[  107.502188][   T59] team0 (unregistering): Port device team_slave_1 removed
[  107.587629][   T59] team0 (unregistering): Port device team_slave_0 removed
[  107.613309][ T6082] netlink: 64 bytes leftover after parsing attributes in process `syz.0.46'.
[  108.134916][ T5138] Bluetooth: hci0: command tx timeout
[  108.304470][ T5951] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  108.929241][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  108.941209][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  108.963428][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  108.974992][    T0] NOHZ tick-stop error: local softirq work is pending, handler #382!!!
[  108.983943][ T5951] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  108.997609][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  109.015023][ T5951] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  109.026877][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  109.047620][ T5951] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  109.061387][ T5951] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  109.090207][ T5951] usb 1-1: SerialNumber: syz
[  109.340351][ T6061] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  109.381635][ T5951] usb 1-1: 0:2 : does not exist
[  109.529310][ T5951] usb 1-1: USB disconnect, device number 2
[  109.951563][ T5865] udevd[5865]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  110.215355][ T5138] Bluetooth: hci0: command tx timeout
[  110.267048][ T6002] chnl_net:caif_netlink_parms(): no params data found
[  111.044868][ T6000] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  111.341251][ T6000] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  111.352556][ T6000] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.394065][ T6002] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.405562][ T6000] usb 3-1: config 0 descriptor??
[  111.422944][ T6002] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.477006][ T6002] bridge_slave_0: entered allmulticast mode
[  111.520338][ T6002] bridge_slave_0: entered promiscuous mode
[  111.564543][ T6002] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.604874][ T6002] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.605934][ T6139] netlink: 12 bytes leftover after parsing attributes in process `syz.3.61'.
[  111.612189][ T6002] bridge_slave_1: entered allmulticast mode
[  111.649625][ T6002] bridge_slave_1: entered promiscuous mode
[  111.659106][ T6000] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  111.934605][ T6002] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  111.945142][ T6000] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[  112.004572][ T6000] [drm] Initialized udl on minor 2
[  112.019657][ T6002] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  112.275651][ T6000] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  112.324684][    T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  112.338299][ T6000] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  112.346383][ T3080] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  112.398895][ T6002] team0: Port device team_slave_0 added
[  112.407081][ T3080] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  112.425508][ T6000] usb 3-1: USB disconnect, device number 5
[  112.448841][ T6002] team0: Port device team_slave_1 added
[  112.456511][ T3080] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  112.514666][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  112.570050][    T9] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.634453][    T9] usb 4-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.705012][    T9] usb 4-1: config 0 interface 0 has no altsetting 0
[  112.721987][    T9] usb 4-1: New USB device found, idVendor=0458, idProduct=5015, bcdDevice= 0.00
[  112.760572][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.787364][ T6002] batman_adv: batadv0: Adding interface: batadv_slave_0
[  112.800177][    T9] usb 4-1: config 0 descriptor??
[  112.809082][ T6002] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.848165][ T6002] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  112.920031][ T6002] batman_adv: batadv0: Adding interface: batadv_slave_1
[  112.939022][ T6002] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.973820][ T6002] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  113.228377][    T9] kye 0003:0458:5015.0002: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  113.238948][ T5881] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  113.280403][    T9] kye 0003:0458:5015.0002: unknown main item tag 0x0
[  113.303128][    T9] kye 0003:0458:5015.0002: unknown main item tag 0x0
[  113.323124][ T6002] hsr_slave_0: entered promiscuous mode
[  113.328465][    T9] kye 0003:0458:5015.0002: unknown main item tag 0x0
[  113.335558][ T6002] hsr_slave_1: entered promiscuous mode
[  113.336407][ T6002] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  113.336445][ T6002] Cannot create hsr debugfs directory
[  113.384654][    T9] kye 0003:0458:5015.0002: unknown main item tag 0x0
[  113.391496][    T9] kye 0003:0458:5015.0002: unknown main item tag 0x0
[  113.398287][    T9] kye 0003:0458:5015.0002: unknown main item tag 0x0
[  113.406042][    T9] kye 0003:0458:5015.0002: unknown main item tag 0x0
[  113.430969][    T9] kye 0003:0458:5015.0002: hidraw0: USB HID v0.04 Device [HID 0458:5015] on usb-dummy_hcd.3-1/input0
[  113.458764][    T9] kye 0003:0458:5015.0002: tablet-enabling feature report not found
[  113.472576][ T5881] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  113.480853][ T5881] usb 1-1: config 0 has no interface number 0
[  113.498803][ T5881] usb 1-1: config 0 interface 41 has no altsetting 0
[  113.514668][    T9] kye 0003:0458:5015.0002: tablet enabling failed
[  113.526926][ T5881] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  113.565130][ T5881] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.573191][ T5881] usb 1-1: Product: syz
[  113.597776][ T5881] usb 1-1: Manufacturer: syz
[  113.614483][ T5881] usb 1-1: SerialNumber: syz
[  113.629803][ T5881] usb 1-1: config 0 descriptor??
[  113.643014][    T9] usb 4-1: USB disconnect, device number 3
[  114.157839][ T6179] Driver unsupported XDP return value 0 on prog  (id 16) dev N/A, expect packet loss!
[  114.324112][ T6002] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  114.332465][ T6185] netlink: 2028 bytes leftover after parsing attributes in process `syz.3.73'.
[  114.355300][ T6185] netlink: 24 bytes leftover after parsing attributes in process `syz.3.73'.
[  114.380777][ T6002] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  114.418349][ T6002] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  114.490426][ T6002] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  114.499687][ T5881] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  114.848620][ T6002] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.917583][ T6203] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  114.930259][ T6002] 8021q: adding VLAN 0 to HW filter on device team0
[  114.971989][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.979248][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  115.051791][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  115.059024][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  115.752791][ T5881] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  115.786873][ T5881] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): Failed to reset PHY: -71
[  115.805867][ T5881] CoreChips 1-1:0.41: probe with driver CoreChips failed with error -71
[  115.851159][ T5881] usb 1-1: USB disconnect, device number 3
[  116.001246][ T6002] 8021q: adding VLAN 0 to HW filter on device batadv0
[  116.962825][ T6002] veth0_vlan: entered promiscuous mode
[  117.002570][ T6002] veth1_vlan: entered promiscuous mode
[  117.152485][ T6002] veth0_macvtap: entered promiscuous mode
[  117.180893][ T6002] veth1_macvtap: entered promiscuous mode
[  117.317739][ T6002] batman_adv: batadv0: Interface activated: batadv_slave_0
[  117.398422][ T6259] input: syz1 as /devices/virtual/input/input8
[  117.450026][ T6002] batman_adv: batadv0: Interface activated: batadv_slave_1
[  117.631801][ T6002] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.719107][ T6002] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.767886][ T6002] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.799619][ T6002] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.131303][ T1319] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.154151][ T1319] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.315495][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.340193][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  119.729641][   T36] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.994670][   T36] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.279865][   T36] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.475601][   T36] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.330117][   T36] bridge_slave_1: left allmulticast mode
[  121.350077][   T36] bridge_slave_1: left promiscuous mode
[  121.374050][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.406807][   T36] bridge_slave_0: left allmulticast mode
[  121.428447][   T36] bridge_slave_0: left promiscuous mode
[  121.449879][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.144025][ T5823] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  122.163265][ T5823] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  122.179891][ T5823] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  122.188631][ T5823] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  122.211099][ T5823] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  122.477624][ T6349] TCP: out of memory -- consider tuning tcp_mem
[  123.355382][   T51] Bluetooth: hci0: command 0x0405 tx timeout
[  123.369709][ T6367] process 'syz.3.115' launched './file2' with NULL argv: empty string added
[  123.925107][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  123.970035][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  124.053398][   T36] bond0 (unregistering): Released all slaves
[  124.092622][ T6382] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  124.294520][   T51] Bluetooth: hci3: command tx timeout
[  125.624557][   T36] hsr_slave_0: left promiscuous mode
[  125.653554][   T36] hsr_slave_1: left promiscuous mode
[  125.673166][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  125.713514][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  125.748853][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  125.765345][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  125.850563][   T36] veth1_macvtap: left promiscuous mode
[  125.872203][   T36] veth0_macvtap: left promiscuous mode
[  125.881914][   T36] veth1_vlan: left promiscuous mode
[  125.901225][   T36] veth0_vlan: left promiscuous mode
[  126.375840][   T51] Bluetooth: hci3: command tx timeout
[  127.684335][   T36] team0 (unregistering): Port device team_slave_1 removed
[  127.986392][   T36] team0 (unregistering): Port device team_slave_0 removed
[  128.460069][   T51] Bluetooth: hci3: command tx timeout
[  129.289690][ T6485] binder: BINDER_SET_CONTEXT_MGR already set
[  129.298243][ T6485] binder: 6484:6485 ioctl 4018620d 200000000040 returned -16
[  130.105836][ T6476] syz_tun: entered promiscuous mode
[  130.114761][ T6476] vlan2: entered promiscuous mode
[  130.260892][ T6497] =======================================================
[  130.260892][ T6497] WARNING: The mand mount option has been deprecated and
[  130.260892][ T6497]          and is ignored by this kernel. Remove the mand
[  130.260892][ T6497]          option from the mount to silence this warning.
[  130.260892][ T6497] =======================================================
[  130.383520][ T6497] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  130.536683][   T51] Bluetooth: hci3: command tx timeout
[  130.673558][ T6345] chnl_net:caif_netlink_parms(): no params data found
[  130.971289][ T6345] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.010437][ T6345] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.052914][ T6345] bridge_slave_0: entered allmulticast mode
[  131.076101][ T6345] bridge_slave_0: entered promiscuous mode
[  131.103283][ T6345] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.123435][ T6345] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.138301][ T6345] bridge_slave_1: entered allmulticast mode
[  131.157164][ T6345] bridge_slave_1: entered promiscuous mode
[  131.362433][ T6345] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  131.403912][ T6345] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  131.522965][ T6345] team0: Port device team_slave_0 added
[  131.565273][ T6345] team0: Port device team_slave_1 added
[  131.703090][ T6345] batman_adv: batadv0: Adding interface: batadv_slave_0
[  131.711181][ T6345] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  131.737480][ T6345] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  131.776105][ T6345] batman_adv: batadv0: Adding interface: batadv_slave_1
[  131.797608][ T6345] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  131.838802][ T6345] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  131.997863][ T6345] hsr_slave_0: entered promiscuous mode
[  132.036117][ T6345] hsr_slave_1: entered promiscuous mode
[  132.042581][ T6345] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  132.071216][ T6345] Cannot create hsr debugfs directory
[  132.103272][ T6544] tipc: Started in network mode
[  132.119683][ T6544] tipc: Node identity ., cluster identity 4711
[  132.128649][ T6544] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  132.470600][ T6552] FAT-fs (nullb0): bogus number of reserved sectors
[  132.477883][ T6552] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  132.940630][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  132.947475][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  133.158465][ T6554] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  133.490940][ T6571] binder: BINDER_SET_CONTEXT_MGR already set
[  133.514792][ T6571] binder: 6570:6571 ioctl 4018620d 200000000040 returned -16
[  133.536104][ T6571] binder: 6570:6571 ioctl c0306201 200000000500 returned -22
[  133.611202][ T6574] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  133.659268][ T6345] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  133.737843][ T6345] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  133.791479][ T6345] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  133.836264][ T6582] netlink: 4 bytes leftover after parsing attributes in process `syz.5.168'.
[  133.869566][ T6577] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  134.090913][ T6345] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  134.114666][ T6588] kvm: kvm [6585]: vcpu2, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x60000000800
[  134.153707][ T6588] kvm: kvm [6585]: vcpu2, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x60000002201
[  134.569022][ T6345] 8021q: adding VLAN 0 to HW filter on device bond0
[  134.653876][ T6345] 8021q: adding VLAN 0 to HW filter on device team0
[  134.732517][ T6437] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.739820][ T6437] bridge0: port 1(bridge_slave_0) entered forwarding state
[  134.817242][ T6411] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.824504][ T6411] bridge0: port 2(bridge_slave_1) entered forwarding state
[  135.148808][ T6620] netlink: 12 bytes leftover after parsing attributes in process `syz.3.176'.
[  136.530266][ T6345] 8021q: adding VLAN 0 to HW filter on device batadv0
[  137.396641][ T6681] binder: 6680:6681 ioctl c0306201 200000000700 returned -22
[  138.178093][ T6345] veth0_vlan: entered promiscuous mode
[  138.250726][ T6345] veth1_vlan: entered promiscuous mode
[  138.378101][ T6345] veth0_macvtap: entered promiscuous mode
[  138.429143][ T6345] veth1_macvtap: entered promiscuous mode
[  138.595126][ T6345] batman_adv: batadv0: Interface activated: batadv_slave_0
[  138.633448][ T6345] batman_adv: batadv0: Interface activated: batadv_slave_1
[  138.673438][ T6345] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.707367][ T6345] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.747244][ T6345] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.788877][ T6345] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  139.322182][ T6437] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.378286][ T6437] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.410824][ T6434] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.459325][ T6434] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.993898][ T6741] bridge: RTM_NEWNEIGH with invalid ether address
[  140.374935][ T5810] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  141.054692][ T5810] usb 6-1: unable to get BOS descriptor or descriptor too short
[  141.080709][ T5810] usb 6-1: unable to read config index 0 descriptor/start: -71
[  141.093423][ T5810] usb 6-1: can't read configurations, error -71
[  142.431807][ T6781] Zero length message leads to an empty skb
[  142.595476][ T5826] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  142.749426][ T6792] netlink: 8 bytes leftover after parsing attributes in process `syz.3.215'.
[  142.822417][ T5826] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  142.865198][ T5826] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  142.924258][ T5826] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  142.944250][ T5826] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.970275][ T5826] usb 2-1: Product: syz
[  142.975114][ T5826] usb 2-1: Manufacturer: syz
[  142.980044][ T5826] usb 2-1: SerialNumber: syz
[  143.157358][ T6800] loop8: detected capacity change from 0 to 7
[  143.198817][ T6800]  loop8: [POWERTEC] p1 p2 p3 p4
[  143.211316][ T6800] loop8: p1 size 8519680 extends beyond EOD, truncated
[  143.225073][ T6800] loop8: p2 size 3670016 extends beyond EOD, truncated
[  143.235776][ T6800] loop8: p3 start 3932160 is beyond EOD, truncated
[  143.242447][ T6800] loop8: p4 start 524288 is beyond EOD, truncated
[  143.261703][ T5826] usb 2-1: 0:2 : does not exist
[  143.277985][ T5826] usb 2-1: unit 6 not found!
[  143.341724][ T5826] usb 2-1: USB disconnect, device number 3
[  143.531349][ T5865] udevd[5865]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  143.604302][ T6006] udevd[6006]: inotify_add_watch(7, /dev/loop8p2, 10) failed: No such file or directory
[  143.623945][ T5865] udevd[5865]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[  145.096211][    T9] TC_ACT_REPEAT abuse ?
[  146.623377][ T6854] binder: 6847:6854 ioctl c0306201 200000000040 returned -22
[  147.294880][    T9] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  147.464935][ T5810] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  147.484686][    T9] usb 3-1: Using ep0 maxpacket: 16
[  147.522327][    T9] usb 3-1: config 0 has an invalid interface number: 109 but max is 0
[  147.544694][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  147.574421][    T9] usb 3-1: config 0 has no interface number 0
[  147.596458][    T9] usb 3-1: New USB device found, idVendor=0421, idProduct=0094, bcdDevice=28.8e
[  147.619564][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.624574][ T5810] usb 4-1: Using ep0 maxpacket: 16
[  147.644903][    T9] usb 3-1: Product: syz
[  147.647692][ T5810] usb 4-1: config 0 has no interfaces?
[  147.657913][    T9] usb 3-1: Manufacturer: syz
[  147.682857][    T9] usb 3-1: SerialNumber: syz
[  147.687113][ T5810] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  147.736881][ T5810] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.743948][    T9] usb 3-1: config 0 descriptor??
[  147.785523][ T5810] usb 4-1: config 0 descriptor??
[  148.002345][ T6861] TC_ACT_REPEAT abuse ?
[  148.039827][ T6861] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.085407][ T6861] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.133614][    T9] rndis_host 3-1:0.109: More than one union descriptor, skipping ...
[  148.164148][    T9] usb 3-1: bad CDC descriptors
[  148.186246][    T9] cdc_acm 3-1:0.109: More than one union descriptor, skipping ...
[  148.237924][    T9] usb 3-1: USB disconnect, device number 6
[  148.612778][ T6874] cgroup: fork rejected by pids controller in /syz6
[  148.724463][    T9] usb 4-1: USB disconnect, device number 4
[  148.944532][ T5826] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  149.104461][ T5826] usb 2-1: Using ep0 maxpacket: 32
[  149.113320][ T5826] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.144467][ T5826] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  149.171460][ T5826] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  149.191744][ T5826] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.247973][ T5826] usb 2-1: config 0 descriptor??
[  149.292590][ T5826] hub 2-1:0.0: USB hub found
[  149.466714][ T5826] hub 2-1:0.0: 1 port detected
[  149.587522][ T5881] TC_ACT_REPEAT abuse ?
[  150.096148][ T5826] hub 2-1:0.0: activate --> -90
[  150.297626][ T5881] usb 2-1: USB disconnect, device number 4
[  150.788144][ T6437] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.934784][ T5826] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  150.958125][ T6437] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.098547][ T6437] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.104407][ T5826] usb 3-1: Using ep0 maxpacket: 16
[  151.124142][ T5826] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  151.162708][ T5826] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  151.197924][ T5826] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  151.213193][ T5826] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.237651][ T5826] usb 3-1: Product: syz
[  151.250870][ T5826] usb 3-1: Manufacturer: syz
[  151.267583][ T5826] usb 3-1: SerialNumber: syz
[  151.331731][ T6437] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.506042][ T5826] usb 3-1: 0:2 : does not exist
[  151.543589][ T5826] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  151.645787][ T5826] usb 3-1: USB disconnect, device number 7
[  151.822112][ T5865] udevd[5865]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  151.844528][ T6437] bridge_slave_1: left allmulticast mode
[  151.851660][ T6437] bridge_slave_1: left promiscuous mode
[  151.888969][ T6437] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.980458][ T6437] bridge_slave_0: left allmulticast mode
[  152.019607][ T6437] bridge_slave_0: left promiscuous mode
[  152.040406][ T6437] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.566137][ T5138] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  152.581739][ T5138] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  152.589870][ T5138] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  152.599478][ T5138] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  152.608212][ T5138] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  152.811373][ T7000] mmap: syz.1.262 (7000) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  153.061743][ T7006] netlink: 8 bytes leftover after parsing attributes in process `syz.2.263'.
[  154.421730][ T6437] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  154.485343][ T6437] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  154.525206][ T6437] bond0 (unregistering): Released all slaves
[  154.696746][ T5138] Bluetooth: hci3: command tx timeout
[  154.955232][   T10] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  155.125697][   T10] usb 2-1: Using ep0 maxpacket: 8
[  155.175622][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  155.207293][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  155.243955][   T10] usb 2-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  155.265762][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.305147][   T10] usb 2-1: config 0 descriptor??
[  155.647869][ T6437] hsr_slave_0: left promiscuous mode
[  155.675951][ T6437] hsr_slave_1: left promiscuous mode
[  155.691576][ T6437] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  155.744452][ T6437] batman_adv: batadv0: Removing interface: batadv_slave_0
[  155.854701][ T6437] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  155.862167][ T6437] batman_adv: batadv0: Removing interface: batadv_slave_1
[  156.013183][ T6437] veth1_macvtap: left promiscuous mode
[  156.055577][ T6437] veth0_macvtap: left promiscuous mode
[  156.061331][ T6437] veth1_vlan: left promiscuous mode
[  156.092936][ T6437] veth0_vlan: left promiscuous mode
[  156.774676][ T5138] Bluetooth: hci3: command tx timeout
[  156.869756][ T7079] netlink: 4 bytes leftover after parsing attributes in process `syz.2.282'.
[  156.994492][ T5881] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  157.118307][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805d4d8000: rx timeout, send abort
[  157.178329][ T5881] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  157.229943][ T5881] usb 4-1: config 0 interface 0 has no altsetting 0
[  157.249868][ T5881] usb 4-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  157.262767][ T5881] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.281126][ T5881] usb 4-1: Product: syz
[  157.291244][ T5881] usb 4-1: Manufacturer: syz
[  157.301382][ T5881] usb 4-1: SerialNumber: syz
[  157.318788][ T5881] usb 4-1: config 0 descriptor??
[  157.363222][ T5881] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  157.421401][ T5881] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  157.451655][ T5881] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  157.485572][ T5881] usb 4-1: media controller created
[  157.580629][ T5881] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  157.615029][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805d4da800: rx timeout, send abort
[  157.627520][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805d4d8000: abort rx timeout. Force session deactivation
[  157.811473][ T5881] DVB: Unable to find symbol tda10046_attach()
[  157.829205][ T5881] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  157.842721][ T5881] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  157.906144][    C0] TC_ACT_REPEAT abuse ?
[  157.913651][   T10] usbhid 2-1:0.0: can't add hid device: -71
[  157.926152][   T10] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  158.009649][   T10] usb 2-1: USB disconnect, device number 5
[  158.123533][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805d4da800: abort rx timeout. Force session deactivation
[  158.262699][ T6437] team0 (unregistering): Port device team_slave_1 removed
[  158.293633][ T5920] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  158.322143][ T6437] team0 (unregistering): Port device team_slave_0 removed
[  158.460550][ T5920] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  158.474468][ T5920] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.482540][ T5920] usb 6-1: Product: syz
[  158.496857][ T5920] usb 6-1: Manufacturer: syz
[  158.501532][ T5920] usb 6-1: SerialNumber: syz
[  158.528009][ T5920] usb 6-1: config 0 descriptor??
[  158.537053][   T10] TC_ACT_REPEAT abuse ?
[  158.752901][ T5881] dvb_usb_m920x 4-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  158.773695][ T5881] usb 4-1: USB disconnect, device number 5
[  158.777999][ T5920] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  158.873829][ T5138] Bluetooth: hci3: command tx timeout
[  159.463385][ T7109] TC_ACT_REPEAT abuse ?
[  159.468350][    C0] TC_ACT_REPEAT abuse ?
[  159.491167][ T7109] TC_ACT_REPEAT abuse ?
[  159.508552][ T7106] TC_ACT_REPEAT abuse ?
[  159.515088][   T10] TC_ACT_REPEAT abuse ?
[  159.547685][ T7106] TC_ACT_REPEAT abuse ?
[  159.553872][   T10] TC_ACT_REPEAT abuse ?
[  159.559559][   T10] TC_ACT_REPEAT abuse ?
[  159.833321][ T6994] chnl_net:caif_netlink_parms(): no params data found
[  160.387848][ T5920] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  160.407746][ T5920] usb 6-1: USB disconnect, device number 4
[  160.499774][ T6994] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.580333][ T6994] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.610481][ T6994] bridge_slave_0: entered allmulticast mode
[  160.648975][ T6994] bridge_slave_0: entered promiscuous mode
[  160.688116][ T6994] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.712348][ T6994] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.742184][ T6994] bridge_slave_1: entered allmulticast mode
[  160.770647][ T6994] bridge_slave_1: entered promiscuous mode
[  160.936153][ T5138] Bluetooth: hci3: command tx timeout
[  160.947647][ T6994] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  160.983598][ T6994] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  161.168669][ T6994] team0: Port device team_slave_0 added
[  161.193443][ T6994] team0: Port device team_slave_1 added
[  161.299233][ T6994] batman_adv: batadv0: Adding interface: batadv_slave_0
[  161.306988][ T6994] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.335931][ T6994] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  161.349505][ T6994] batman_adv: batadv0: Adding interface: batadv_slave_1
[  161.356620][ T6994] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.387644][ T6994] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  161.612268][ T6994] hsr_slave_0: entered promiscuous mode
[  161.622673][ T6994] hsr_slave_1: entered promiscuous mode
[  161.633163][ T6994] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  161.671150][ T6994] Cannot create hsr debugfs directory
[  161.830060][ T7164] trusted_key: syz.3.302 sent an empty control message without MSG_MORE.
[  162.777372][ T6994] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  162.917700][ T6994] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  162.983631][ T6994] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  163.017509][ T6994] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  163.430884][ T6994] 8021q: adding VLAN 0 to HW filter on device bond0
[  163.536081][ T6994] 8021q: adding VLAN 0 to HW filter on device team0
[  163.576039][ T1319] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.583845][ T1319] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.708460][ T1319] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.715714][ T1319] bridge0: port 2(bridge_slave_1) entered forwarding state
[  165.013193][ T5188] udevd[5188]: worker [5865] terminated by signal 33 (Unknown signal 33)
[  165.073870][ T6994] 8021q: adding VLAN 0 to HW filter on device batadv0
[  165.758671][ T7244] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  165.804722][ T7244] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  166.053583][ T7244] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  166.193310][ T7244] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  166.208292][ T7244] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  166.279691][ T7244] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  166.352113][ T7244] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  166.358989][ T7244] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  166.443353][ T7244] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  166.511327][ T7244] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  166.521880][ T6994] veth0_vlan: entered promiscuous mode
[  166.530816][ T7244] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  166.566130][ T6994] veth1_vlan: entered promiscuous mode
[  166.601249][ T7244] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  166.652597][ T7244] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  166.682656][ T7244] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  166.731054][ T6994] veth0_macvtap: entered promiscuous mode
[  166.769137][ T6994] veth1_macvtap: entered promiscuous mode
[  166.775199][ T7244] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  166.849845][ T6994] batman_adv: batadv0: Interface activated: batadv_slave_0
[  166.958303][ T6994] batman_adv: batadv0: Interface activated: batadv_slave_1
[  167.010669][ T6994] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  167.046466][ T6994] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  167.070175][ T6994] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  167.093521][ T6994] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  167.563319][ T6417] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  167.601525][ T6417] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  167.721152][ T6411] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  167.734735][ T5138] Bluetooth: hci1: command 0x0c1a tx timeout
[  167.741494][ T6411] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  168.124705][ T5881] usb 4-1: new low-speed USB device number 6 using dummy_hcd
[  168.219490][ T5138] Bluetooth: hci2: command 0x0c1a tx timeout
[  168.324949][ T5881] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  168.354866][ T5881] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.374928][ T5138] Bluetooth: hci4: command 0x0c1a tx timeout
[  168.391815][ T5881] usb 4-1: config 0 descriptor??
[  168.535181][ T5138] Bluetooth: hci0: command 0x0405 tx timeout
[  168.717164][ T5138] Bluetooth: hci3: command 0x0c1a tx timeout
[  168.800941][ T7295] netlink: 20 bytes leftover after parsing attributes in process `syz.5.336'.
[  168.867679][ T7295] syz_tun: entered promiscuous mode
[  168.896947][ T7295] syz_tun: left promiscuous mode
[  169.814588][ T5138] Bluetooth: hci1: command 0x0c1a tx timeout
[  170.227937][ T5881] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  170.260254][ T5881] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[  170.274807][ T5881] asix 4-1:0.0: probe with driver asix failed with error -71
[  170.294542][ T5138] Bluetooth: hci2: command 0x0c1a tx timeout
[  170.304247][ T5881] usb 4-1: USB disconnect, device number 6
[  170.343652][ T7322] bond1: entered promiscuous mode
[  170.348913][ T7322] bond1: entered allmulticast mode
[  170.355775][ T7322] 8021q: adding VLAN 0 to HW filter on device bond1
[  170.454660][ T5138] Bluetooth: hci4: command 0x0c1a tx timeout
[  170.612924][ T7322] bond1 (unregistering): Released all slaves
[  170.622748][ T5138] Bluetooth: hci0: command 0x0405 tx timeout
[  170.774528][ T5138] Bluetooth: hci3: command 0x0c1a tx timeout
[  171.894743][ T5138] Bluetooth: hci1: command 0x0c1a tx timeout
[  172.378316][ T5138] Bluetooth: hci2: command 0x0c1a tx timeout
[  172.535815][ T5138] Bluetooth: hci4: command 0x0c1a tx timeout
[  172.694658][ T5138] Bluetooth: hci0: command 0x0405 tx timeout
[  172.857833][ T5138] Bluetooth: hci3: command 0x0c1a tx timeout
[  173.344647][   T10] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  173.506667][   T10] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  173.521750][   T10] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  173.544941][   T10] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  173.554856][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.570104][ T7377] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  173.582594][   T10] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  174.046011][ T5920] usb 2-1: USB disconnect, device number 6
[  176.584468][ T5920] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  176.724546][   T10] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  176.734516][ T5920] usb 3-1: Using ep0 maxpacket: 8
[  176.746174][ T5920] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  176.754732][ T5920] usb 3-1: config 179 has no interface number 0
[  176.761068][ T5920] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  176.772276][ T5920] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  176.785254][ T5920] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  176.796497][ T5920] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  176.825372][ T5920] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  176.838196][ T5920] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.854222][ T7441] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  176.912458][   T10] usb 6-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  176.922037][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.933151][   T10] usb 6-1: Product: syz
[  176.942044][   T10] usb 6-1: Manufacturer: syz
[  176.947043][   T10] usb 6-1: SerialNumber: syz
[  176.954849][   T10] usb 6-1: config 0 descriptor??
[  176.964677][   T10] gspca_main: sunplus-2.14.0 probing 055f:c230
[  177.137926][ T5920] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input9
[  177.347065][ T5920] usb 3-1: USB disconnect, device number 8
[  177.347132][    C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  177.361351][    C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  177.390796][ T5920] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  179.186010][   T10] gspca_sunplus: reg_r err -71
[  179.227311][   T10] sunplus 6-1:0.0: probe with driver sunplus failed with error -71
[  179.272364][   T10] usb 6-1: USB disconnect, device number 5
[  179.329695][ T7474] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  179.672400][ T6434] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.742509][ T7476] tipc: Started in network mode
[  179.748198][ T7476] tipc: Node identity a654a11c1c13, cluster identity 4711
[  179.780310][ T7476] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  179.891937][ T7477] syzkaller0: entered promiscuous mode
[  179.897762][ T7477] syzkaller0: entered allmulticast mode
[  179.908256][ T7477] tipc: Resetting bearer <eth:syzkaller0>
[  180.031761][ T6434] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.119115][ T7475] tipc: Resetting bearer <eth:syzkaller0>
[  180.835837][ T5826] tipc: Node number set to 3125256476
[  180.948451][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  180.971596][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  180.993901][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  181.039282][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  181.047494][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  182.351190][ T7475] tipc: Disabling bearer <eth:syzkaller0>
[  182.376405][ T6434] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.395607][ T7503] syz_tun: entered allmulticast mode
[  182.405402][ T7507] syz_tun: left allmulticast mode
[  182.579544][ T6434] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.149928][ T6434] bridge_slave_1: left allmulticast mode
[  183.157827][ T6434] bridge_slave_1: left promiscuous mode
[  183.163809][ T6434] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.175063][   T51] Bluetooth: hci3: command tx timeout
[  183.190903][ T6434] bridge_slave_0: left allmulticast mode
[  183.199009][ T6434] bridge_slave_0: left promiscuous mode
[  183.209613][ T6434] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.626403][ T6434] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  184.656697][ T6434] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  184.709323][ T6434] bond0 (unregistering): Released all slaves
[  184.814659][ T7551] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.846127][ T7551] net_ratelimit: 2 callbacks suppressed
[  184.846142][ T7551] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  184.894937][ T7499] chnl_net:caif_netlink_parms(): no params data found
[  185.258846][ T5138] Bluetooth: hci3: command tx timeout
[  185.873825][ T7561] netlink: 64 bytes leftover after parsing attributes in process `syz.1.433'.
[  186.442314][ T6434] hsr_slave_0: left promiscuous mode
[  186.457016][   T51] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  186.494556][ T6434] hsr_slave_1: left promiscuous mode
[  186.546673][ T6434] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  186.554232][ T6434] batman_adv: batadv0: Removing interface: batadv_slave_0
[  186.606870][ T6434] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  186.644517][ T6434] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.746503][ T6434] veth1_macvtap: left promiscuous mode
[  186.754282][ T7569] netlink: 8 bytes leftover after parsing attributes in process `syz.3.426'.
[  186.756420][ T6434] veth0_macvtap: left promiscuous mode
[  186.799418][ T7569] netlink: 8 bytes leftover after parsing attributes in process `syz.3.426'.
[  186.804846][ T6434] veth1_vlan: left promiscuous mode
[  186.823783][ T6434] veth0_vlan: left promiscuous mode
[  187.344296][ T5138] Bluetooth: hci3: command tx timeout
[  188.416331][ T5920] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  188.469984][ T6434] team0 (unregistering): Port device team_slave_1 removed
[  188.535032][ T6434] team0 (unregistering): Port device team_slave_0 removed
[  188.601563][ T5920] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  188.619452][ T5920] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.638553][ T5920] usb 6-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  188.647870][ T5920] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.674646][ T5920] usb 6-1: config 0 descriptor??
[  188.848377][ T7617] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  188.848377][ T7617]    program syz.3.444 not setting count and/or reply_len properly
[  189.414956][   T51] Bluetooth: hci3: command tx timeout
[  189.842353][ T7620] netlink: 8 bytes leftover after parsing attributes in process `syz.3.446'.
[  189.968180][ T5920] usbhid 6-1:0.0: can't add hid device: -71
[  189.981069][ T5920] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  190.008241][ T5920] usb 6-1: USB disconnect, device number 6
[  190.098622][ T7499] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.107510][ T7499] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.121927][ T7499] bridge_slave_0: entered allmulticast mode
[  190.137475][ T7499] bridge_slave_0: entered promiscuous mode
[  190.196123][ T7499] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.222918][ T7499] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.252087][ T7499] bridge_slave_1: entered allmulticast mode
[  190.391839][ T7499] bridge_slave_1: entered promiscuous mode
[  190.745516][ T6410] Bluetooth: hci5: Frame reassembly failed (-90)
[  190.769355][ T7632] Bluetooth: hci5: Frame reassembly failed (-84)
[  190.830661][ T7499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  190.876669][ T7499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  191.121806][ T7499] team0: Port device team_slave_0 added
[  191.162963][ T7499] team0: Port device team_slave_1 added
[  191.343708][ T7499] batman_adv: batadv0: Adding interface: batadv_slave_0
[  191.360981][ T7499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.432988][ T7499] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  191.448515][ T7499] batman_adv: batadv0: Adding interface: batadv_slave_1
[  191.455855][ T7499] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.497605][ T7499] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  191.502420][ T5823] Bluetooth: hci3: command 0x0405 tx timeout
[  191.849395][ T7499] hsr_slave_0: entered promiscuous mode
[  191.856720][ T7499] hsr_slave_1: entered promiscuous mode
[  191.863209][ T7499] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  191.871174][ T7499] Cannot create hsr debugfs directory
[  192.064486][   T10] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  192.255165][   T10] usb 3-1: Using ep0 maxpacket: 16
[  192.280883][   T10] usb 3-1: config 0 has no interfaces?
[  192.307860][   T10] usb 3-1: New USB device found, idVendor=5b8d, idProduct=3fea, bcdDevice=15.fe
[  192.321308][   T10] usb 3-1: New USB device strings: Mfr=188, Product=138, SerialNumber=0
[  192.335472][   T10] usb 3-1: Product: syz
[  192.339691][   T10] usb 3-1: Manufacturer: syz
[  192.377817][   T10] usb 3-1: config 0 descriptor??
[  192.664244][ T7499] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  192.703035][ T7499] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  192.730301][ T6000] usb 3-1: USB disconnect, device number 9
[  192.748281][ T7499] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  192.765854][ T7499] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  192.774704][ T5823] Bluetooth: hci5: command 0x1003 tx timeout
[  192.775880][   T51] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  193.050010][ T7499] 8021q: adding VLAN 0 to HW filter on device bond0
[  193.126962][ T7499] 8021q: adding VLAN 0 to HW filter on device team0
[  193.161376][ T6434] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.168629][ T6434] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.214987][ T6410] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.222234][ T6410] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.505347][ T7707] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  193.577293][   T51] Bluetooth: hci3: command 0x0405 tx timeout
[  193.850574][ T7719] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  193.942391][ T7499] 8021q: adding VLAN 0 to HW filter on device batadv0
[  193.951499][ T7726] binder: BINDER_SET_CONTEXT_MGR already set
[  193.962235][ T7726] binder: 7725:7726 ioctl 4018620d 200000000040 returned -16
[  194.242727][ T7736] binder: 7735:7736 ioctl c0306201 200000000040 returned -14
[  194.389059][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  194.396390][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  194.680059][ T7748] bridge0: port 3(vlan2) entered blocking state
[  194.704771][ T7748] bridge0: port 3(vlan2) entered disabled state
[  194.736969][ T7748] vlan2: entered allmulticast mode
[  194.752574][ T7748] bond0: entered allmulticast mode
[  194.772870][ T7748] bond_slave_0: entered allmulticast mode
[  194.799362][ T7748] bond_slave_1: entered allmulticast mode
[  194.826566][ T7748] vlan2: entered promiscuous mode
[  194.839313][ T7748] bond0: entered promiscuous mode
[  194.869335][ T7748] bond_slave_0: entered promiscuous mode
[  194.881278][ T7748] bond_slave_1: entered promiscuous mode
[  195.152435][ T7499] veth0_vlan: entered promiscuous mode
[  195.192509][ T7499] veth1_vlan: entered promiscuous mode
[  195.201675][ T7762] Bluetooth: MGMT ver 1.23
[  195.433171][ T7499] veth0_macvtap: entered promiscuous mode
[  195.468411][ T7499] veth1_macvtap: entered promiscuous mode
[  195.487845][ T7771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.483'.
[  195.534067][ T7499] batman_adv: batadv0: Interface activated: batadv_slave_0
[  195.601854][ T7499] batman_adv: batadv0: Interface activated: batadv_slave_1
[  195.646438][ T7499] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  195.661074][ T7499] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  195.673201][ T7499] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  195.692724][ T7499] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.027728][ T6434] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.065598][ T6434] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.110107][ T6437] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  196.124740][ T6437] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  197.323246][ T7807] netlink: 4 bytes leftover after parsing attributes in process `syz.3.499'.
[  197.364503][ T7807] netlink: 24 bytes leftover after parsing attributes in process `syz.3.499'.
[  197.577583][ T7817] /dev/nullb0: Can't open blockdev
[  199.767762][ T7867] netlink: 4 bytes leftover after parsing attributes in process `syz.1.510'.
[  200.013401][    C1] vxcan1: j1939_tp_rxtimer: 0xffff88805b1d0c00: rx timeout, send abort
[  200.401144][ T7876] netlink: 2028 bytes leftover after parsing attributes in process `syz.2.512'.
[  200.441334][ T7876] netlink: 12 bytes leftover after parsing attributes in process `syz.2.512'.
[  200.473252][ T7879] warning: `syz.8.514' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  200.700305][ T7885] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.776070][ T7885] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.865069][ T7885] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.876664][   T30] audit: type=1804 audit(1750939977.905:4): pid=7892 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.8.518" name="/newroot/10/file0" dev="tmpfs" ino=88 res=1 errno=0
[  200.878071][ T7892] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  200.909334][ T7892] ref_ctr increment failed for inode: 0x58 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff8880747c7380
[  200.976251][ T7885] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.036275][ T7895] cgroup: fork rejected by pids controller in /syz8
[  201.142070][ T7885] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.180807][ T7885] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.242646][ T7885] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.378621][ T7885] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.635049][  T976] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  201.659583][ T7841] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.795395][ T7841] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.841409][  T976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  201.863035][  T976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.899279][  T976] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  201.908696][  T976] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.927918][  T976] usb 2-1: config 0 descriptor??
[  201.977447][ T7841] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.155028][ T7909] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  202.177550][ T7841] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.354821][  T976] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0
[  202.388337][  T976] cp2112 0003:10C4:EA90.0003: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0
[  202.439839][ T7841] bridge_slave_1: left allmulticast mode
[  202.464448][ T7841] bridge_slave_1: left promiscuous mode
[  202.470314][ T7841] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.499178][ T7841] bridge_slave_0: left allmulticast mode
[  202.507954][ T7841] bridge_slave_0: left promiscuous mode
[  202.513906][ T7841] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.550136][  T976] cp2112 0003:10C4:EA90.0003: Part Number: 0x82 Device Version: 0xFE
[  202.743474][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  202.756142][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  202.773643][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  202.782248][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  202.792805][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  203.154759][  T976] cp2112 0003:10C4:EA90.0003: error reading lock byte: -32
[  203.169744][  T976] usb 2-1: USB disconnect, device number 7
[  203.527937][ T7841] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  203.542265][ T7841] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  203.568297][ T7841] bond0 (unregistering): Released all slaves
[  203.811887][ T7929] netlink: 40 bytes leftover after parsing attributes in process `syz.1.533'.
[  203.824574][  T976] usb 6-1: new low-speed USB device number 7 using dummy_hcd
[  204.005807][  T976] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  204.024459][  T976] usb 6-1: config 0 has no interface number 0
[  204.032009][  T976] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  204.057289][  T976] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  204.069950][  T976] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  204.091810][  T976] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.100063][ T7841] hsr_slave_0: left promiscuous mode
[  204.104858][  T976] usb 6-1: config 0 descriptor??
[  204.110452][ T7841] hsr_slave_1: left promiscuous mode
[  204.116755][ T7841] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  204.130933][ T7841] batman_adv: batadv0: Removing interface: batadv_slave_0
[  204.135201][ T7926] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  204.152011][ T7841] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  204.156454][  T976] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  204.160285][ T7841] batman_adv: batadv0: Removing interface: batadv_slave_1
[  204.204662][ T7841] veth1_macvtap: left promiscuous mode
[  204.210319][ T7841] veth0_macvtap: left promiscuous mode
[  204.217103][ T7841] veth1_vlan: left promiscuous mode
[  204.222595][ T7841] veth0_vlan: left promiscuous mode
[  204.248014][   T30] audit: type=1804 audit(1750939981.275:5): pid=7939 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.536" name="/newroot/133/bus/file1" dev="overlay" ino=822 res=1 errno=0
[  204.409002][   T10] usb 6-1: USB disconnect, device number 7
[  204.782063][ T7841] team0 (unregistering): Port device team_slave_1 removed
[  204.831110][ T7841] team0 (unregistering): Port device team_slave_0 removed
[  204.854581][ T5138] Bluetooth: hci3: command tx timeout
[  205.003312][ T7944] ALSA: seq fatal error: cannot create timer (-16)
[  205.084076][ T5138] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  205.444763][ T7917] chnl_net:caif_netlink_parms(): no params data found
[  205.566478][ T7953] netlink: 12 bytes leftover after parsing attributes in process `syz.1.541'.
[  206.270296][ T7917] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.288472][ T7917] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.304735][ T7917] bridge_slave_0: entered allmulticast mode
[  206.327734][ T7917] bridge_slave_0: entered promiscuous mode
[  206.379935][ T7917] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.414853][ T7917] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.429415][ T7917] bridge_slave_1: entered allmulticast mode
[  206.453576][ T7917] bridge_slave_1: entered promiscuous mode
[  206.498649][ T7963] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  206.629474][ T7964] syzkaller0: entered promiscuous mode
[  206.650199][ T7964] syzkaller0: entered allmulticast mode
[  206.662164][ T7964] tipc: Resetting bearer <eth:syzkaller0>
[  206.690852][ T7969] Invalid ELF header magic: != ELF
[  206.698004][   T30] audit: type=1804 audit(1750939983.715:6): pid=7969 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.545" name="bus" dev="ramfs" ino=20741 res=1 errno=0
[  206.773199][ T6422] tipc: Resetting bearer <eth:syzkaller0>
[  206.813534][ T7962] tipc: Resetting bearer <eth:syzkaller0>
[  206.945399][ T5138] Bluetooth: hci3: command tx timeout
[  207.514517][ T5920] tipc: Node number set to 771766885
[  209.017189][ T5138] Bluetooth: hci3: command tx timeout
[  209.689971][ T7962] tipc: Disabling bearer <eth:syzkaller0>
[  209.722579][ T7917] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  209.780919][ T7917] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.034129][ T7917] team0: Port device team_slave_0 added
[  210.088257][ T7917] team0: Port device team_slave_1 added
[  210.421195][ T7917] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.430990][ T7917] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.593192][ T7917] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.660194][ T7917] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.676645][ T7917] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.980357][ T7917] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.158321][ T5138] Bluetooth: hci3: command tx timeout
[  211.350215][ T7917] hsr_slave_0: entered promiscuous mode
[  211.365932][ T7917] hsr_slave_1: entered promiscuous mode
[  211.372461][ T7917] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  211.380647][ T7917] Cannot create hsr debugfs directory
[  212.244292][ T8021] binder: 8019:8021 ioctl c0306201 200000000500 returned -22
[  214.214918][   T10] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  214.295227][   T30] audit: type=1326 audit(1750939991.315:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8037 comm="syz.2.570" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f84e798e929 code=0x0
[  214.394869][   T10] usb 4-1: Using ep0 maxpacket: 32
[  214.419433][   T10] usb 4-1: config 0 has an invalid interface number: 231 but max is 0
[  214.438181][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  214.470199][   T10] usb 4-1: config 0 has no interface number 0
[  214.481330][   T10] usb 4-1: config 0 interface 231 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  214.501915][   T10] usb 4-1: config 0 interface 231 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  214.523017][ T7917] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  214.532458][   T10] usb 4-1: New USB device found, idVendor=d024, idProduct=5e5a, bcdDevice=16.a9
[  214.540306][ T7917] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  214.544520][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.556744][   T10] usb 4-1: Product: syz
[  214.560999][   T10] usb 4-1: Manufacturer: syz
[  214.565808][   T10] usb 4-1: SerialNumber: syz
[  214.575402][   T10] usb 4-1: config 0 descriptor??
[  214.583083][ T8034] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  214.585303][ T7917] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  214.609523][   T10] usb-storage 4-1:0.231: USB Mass Storage device detected
[  214.622406][ T7917] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  214.816786][ T7917] 8021q: adding VLAN 0 to HW filter on device bond0
[  214.835843][ T5951] usb 4-1: USB disconnect, device number 7
[  214.846552][ T7917] 8021q: adding VLAN 0 to HW filter on device team0
[  214.863322][ T6422] bridge0: port 1(bridge_slave_0) entered blocking state
[  214.870484][ T6422] bridge0: port 1(bridge_slave_0) entered forwarding state
[  214.892307][ T6422] bridge0: port 2(bridge_slave_1) entered blocking state
[  214.899464][ T6422] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.054642][   T10] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  215.214880][   T10] usb 6-1: Using ep0 maxpacket: 8
[  215.497532][   T10] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  215.665072][   T10] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  215.694256][ T7917] 8021q: adding VLAN 0 to HW filter on device batadv0
[  215.701567][   T10] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  215.712665][   T10] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  215.784616][   T10] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  215.804479][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.054487][   T10] usb 6-1: GET_CAPABILITIES returned 0
[  216.070519][   T10] usbtmc 6-1:16.0: can't read capabilities
[  216.262412][   T10] usb 6-1: USB disconnect, device number 8
[  216.465753][ T7917] veth0_vlan: entered promiscuous mode
[  216.511204][ T7917] veth1_vlan: entered promiscuous mode
[  216.572954][ T7917] veth0_macvtap: entered promiscuous mode
[  216.585523][ T7917] veth1_macvtap: entered promiscuous mode
[  216.629500][ T7917] batman_adv: batadv0: Interface activated: batadv_slave_0
[  216.669046][ T7917] batman_adv: batadv0: Interface activated: batadv_slave_1
[  216.682868][ T7917] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.693512][ T7917] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.704184][ T7917] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.713020][ T7917] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.799064][ T7836] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.818942][ T7836] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.879162][ T6422] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.899952][ T6422] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.915346][   T10] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  217.047499][ T8103] netlink: 8 bytes leftover after parsing attributes in process `syz.2.596'.
[  217.094866][   T10] usb 2-1: Using ep0 maxpacket: 32
[  217.106744][   T10] usb 2-1: config 0 interface 0 has no altsetting 0
[  217.118333][   T10] usb 2-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  217.138618][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.162045][   T10] usb 2-1: config 0 descriptor??
[  217.759285][   T10] usbhid 2-1:0.0: can't add hid device: -71
[  217.777127][   T10] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  217.845218][   T10] usb 2-1: USB disconnect, device number 8
[  218.232935][ T8128] loop8: detected capacity change from 0 to 7
[  218.248261][ T8128]  loop8: [POWERTEC] p1 p2 p3 p4
[  218.253467][ T8128] loop8: p1 size 8519680 extends beyond EOD, truncated
[  218.263649][ T8128] loop8: p2 size 3670016 extends beyond EOD, truncated
[  218.285602][ T8128] loop8: p3 start 3932160 is beyond EOD, truncated
[  218.300932][ T8128] loop8: p4 start 524288 is beyond EOD, truncated
[  218.462456][ T8133] netlink: 12 bytes leftover after parsing attributes in process `syz.8.598'.
[  219.572194][ T8161] loop7: detected capacity change from 0 to 16384
[  219.859863][  T976] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  220.049263][  T976] usb 4-1: Using ep0 maxpacket: 8
[  220.193836][  T976] usb 4-1: config 0 has no interfaces?
[  220.425197][  T976] usb 4-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  220.617888][  T976] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.664037][  T976] usb 4-1: Product: syz
[  220.678348][  T976] usb 4-1: Manufacturer: syz
[  220.693427][  T976] usb 4-1: SerialNumber: syz
[  220.705805][  T976] usb 4-1: config 0 descriptor??
[  220.976173][ T8161] I/O error, dev loop7, sector 5120 op 0x0:(READ) flags 0x80700 phys_seg 2 prio class 0
[  220.987861][   T10] usb 4-1: USB disconnect, device number 8
[  221.006041][ T8161] I/O error, dev loop7, sector 5376 op 0x0:(READ) flags 0x80700 phys_seg 2 prio class 0
[  221.027838][ T8161] I/O error, dev loop7, sector 5120 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  221.037640][ T8161] Buffer I/O error on dev loop7, logical block 640, async page read
[  221.046128][ T8161] I/O error, dev loop7, sector 5128 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  221.064443][ T8161] Buffer I/O error on dev loop7, logical block 641, async page read
[  221.084800][ T8161] I/O error, dev loop7, sector 5136 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  221.095676][ T8161] Buffer I/O error on dev loop7, logical block 642, async page read
[  221.114595][ T8161] I/O error, dev loop7, sector 5144 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  221.135811][ T8161] Buffer I/O error on dev loop7, logical block 643, async page read
[  221.150766][ T8161] I/O error, dev loop7, sector 5152 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  221.160352][ T8161] Buffer I/O error on dev loop7, logical block 644, async page read
[  221.168598][ T8161] I/O error, dev loop7, sector 5160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  221.181507][ T8161] Buffer I/O error on dev loop7, logical block 645, async page read
[  221.191841][ T8161] I/O error, dev loop7, sector 5168 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  221.203626][ T8161] Buffer I/O error on dev loop7, logical block 646, async page read
[  221.215879][ T8161] I/O error, dev loop7, sector 5176 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  221.228200][ T8161] Buffer I/O error on dev loop7, logical block 647, async page read
[  221.238114][ T8161] Buffer I/O error on dev loop7, logical block 648, async page read
[  221.249772][ T8161] Buffer I/O error on dev loop7, logical block 649, async page read
[  221.894819][ T6000] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  222.066235][ T6000] usb 6-1: Using ep0 maxpacket: 32
[  222.168587][ T6000] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  222.182103][ T6000] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  222.231763][ T6000] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  222.249058][ T6000] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.261424][ T6000] usb 6-1: config 0 descriptor??
[  222.271529][ T6000] hub 6-1:0.0: USB hub found
[  222.479555][ T6000] hub 6-1:0.0: 1 port detected
[  222.905339][ T8225] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  223.189495][ T5810] hub 6-1:0.0: activate --> -90
[  223.383489][ T8235] A link change request failed with some changes committed already. Interface veth0_macvtap may have been left with an inconsistent configuration, please check.
[  223.422541][ T8238] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  223.447902][   T10] usb 6-1: USB disconnect, device number 9
[  223.454600][ T5810] hub 6-1:0.0: hub_ext_port_status failed (err = -71)
[  223.468315][ T8238] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  226.328425][ T8280] binder: BINDER_SET_CONTEXT_MGR already set
[  226.352429][ T8280] binder: 8278:8280 ioctl 4018620d 2000000001c0 returned -16
[  226.694838][   T51] Bluetooth: hci3: command 0x0405 tx timeout
[  227.301144][ T6422] Bluetooth: (null): Invalid header checksum
[  227.332025][ T6422] Bluetooth: (null): Invalid header checksum
[  227.413126][ T6422] Bluetooth: (null): Invalid header checksum
[  227.520238][ T6422] Bluetooth: (null): Invalid header checksum
[  227.633999][ T6422] Bluetooth: (null): Invalid header checksum
[  227.763982][ T6411] Bluetooth: (null): Invalid header checksum
[  227.858792][ T7841] Bluetooth: (null): Invalid header checksum
[  227.935808][ T5138] Bluetooth: hci3: unexpected event for opcode 0x1003
[  227.985893][ T6411] Bluetooth: (null): Invalid header checksum
[  228.098121][ T7841] Bluetooth: (null): Invalid header checksum
[  228.169851][ T8298] Bluetooth: (null): Too short H5 packet
[  228.696126][ T5810] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  228.869907][ T5810] usb 2-1: Using ep0 maxpacket: 16
[  228.884636][ T5810] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  228.915350][ T5810] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  228.954084][ T5810] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  228.981438][ T5810] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.024022][ T5810] usb 2-1: Product: syz
[  229.042772][ T5810] usb 2-1: Manufacturer: syz
[  229.102561][ T5810] usb 2-1: SerialNumber: syz
[  229.343471][ T5810] usb 2-1: 0:2 : does not exist
[  229.352142][ T5810] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[  229.509067][ T5810] usb 2-1: USB disconnect, device number 9
[  230.355541][ T8342] syz_tun: entered allmulticast mode
[  230.382683][ T8341] syz_tun: left allmulticast mode
[  231.976272][ T5138] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  231.989466][ T5138] Bluetooth: hci3: Injecting HCI hardware error event
[  231.997899][   T51] Bluetooth: hci3: hardware error 0x00
[  232.488806][ T8374] netlink: 'syz.8.679': attribute type 10 has an invalid length.
[  232.528968][ T8374] 8021q: adding VLAN 0 to HW filter on device batadv0
[  232.563764][ T8374] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  232.598207][ T8377] netlink: 'syz.8.679': attribute type 10 has an invalid length.
[  232.613815][ T8377] netlink: 40 bytes leftover after parsing attributes in process `syz.8.679'.
[  232.659820][ T8377] batadv0: entered promiscuous mode
[  232.667870][ T8377] batadv0: entered allmulticast mode
[  232.704807][ T8377] bond0: (slave batadv0): Releasing backup interface
[  232.721509][ T8377] bridge0: port 3(batadv0) entered blocking state
[  232.728518][ T8377] bridge0: port 3(batadv0) entered disabled state
[  232.935119][    T9] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  233.097128][    T9] usb 2-1: Using ep0 maxpacket: 8
[  233.108486][    T9] usb 2-1: too many configurations: 129, using maximum allowed: 8
[  233.146025][    T9] usb 2-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice=d9.40
[  233.170846][    T9] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[  233.188801][    T9] usb 2-1: Product: syz
[  233.197122][ T7836] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  233.199773][    T9] usb 2-1: Manufacturer: syz
[  233.206821][ T7836] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  233.219857][    T9] usb 2-1: SerialNumber: syz
[  233.261120][    T9] usb 2-1: config 0 descriptor??
[  233.769650][    T9] usb 2-1: USB disconnect, device number 10
[  234.374715][   T51] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  234.958463][ T8447] netlink: 168 bytes leftover after parsing attributes in process `syz.3.695'.
[  236.698065][ T8527] netlink: 8 bytes leftover after parsing attributes in process `syz.8.718'.
[  238.628545][ T8543] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  238.657280][ T8538] syzkaller0: MTU too low for tipc bearer
[  238.722556][ T8538] tipc: Disabling bearer <eth:syzkaller0>
[  239.123848][ T8550] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  240.712603][ T8581] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  240.734238][ T8581] overlayfs: failed to set xattr on upper
[  240.747532][ T8581] overlayfs: ...falling back to redirect_dir=nofollow.
[  240.762441][ T8581] overlayfs: ...falling back to index=off.
[  240.766546][ T8584] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  240.769823][ T8581] overlayfs: ...falling back to uuid=null.
[  240.803563][ T8584] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  240.814075][ T8584] overlayfs: failed to set xattr on upper
[  240.822407][ T8584] overlayfs: ...falling back to redirect_dir=nofollow.
[  240.838510][ T8584] overlayfs: ...falling back to uuid=null.
[  241.262203][ T8601] bond1: entered promiscuous mode
[  241.267504][ T8601] bond1: entered allmulticast mode
[  241.273125][ T8601] 8021q: adding VLAN 0 to HW filter on device bond1
[  241.401757][ T8601] bond1 (unregistering): Released all slaves
[  241.444548][   T10] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  241.624419][   T10] usb 6-1: Using ep0 maxpacket: 8
[  241.638285][   T10] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  241.647906][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.658431][   T10] usb 6-1: Product: syz
[  241.662639][   T10] usb 6-1: Manufacturer: syz
[  241.667465][   T10] usb 6-1: SerialNumber: syz
[  241.677273][   T10] usb 6-1: config 0 descriptor??
[  241.810673][ T8614] uprobe: syz.8.747:8614 failed to unregister, leaking uprobe
[  241.824540][ T6000] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  241.887244][   T10] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  241.989824][ T6000] usb 3-1: Using ep0 maxpacket: 8
[  241.999166][ T6000] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  242.009858][ T6000] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.030171][ T6000] usb 3-1: config 0 descriptor??
[  242.710244][   T10] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  242.722482][   T10] usb 6-1: USB disconnect, device number 10
[  243.642158][ T8642] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  243.921220][ T6000] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  243.945679][ T6000] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  243.961605][ T6000] asix 3-1:0.0: probe with driver asix failed with error -71
[  243.980043][ T6000] usb 3-1: USB disconnect, device number 10
[  245.041524][ T6444] wlan1: Trigger new scan to find an IBSS to join
[  245.054509][   T10] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  245.245432][   T10] usb 4-1: Using ep0 maxpacket: 8
[  245.272713][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  245.342342][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  245.391711][   T10] usb 4-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  245.452834][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.516739][   T10] usb 4-1: config 0 descriptor??
[  247.867785][   T10] usbhid 4-1:0.0: can't add hid device: -71
[  247.886023][   T10] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  247.909205][   T10] usb 4-1: USB disconnect, device number 9
[  249.974488][ T6422] wlan1: Trigger new scan to find an IBSS to join
[  250.422811][    T9] IPVS: starting estimator thread 0...
[  250.441662][ T8738] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  250.514552][ T8740] IPVS: using max 22 ests per chain, 52800 per kthread
[  250.889656][ T7846] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00
[  251.464442][   T10] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  251.644916][   T10] usb 3-1: Using ep0 maxpacket: 8
[  251.675392][   T10] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  251.694389][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.722796][   T10] usb 3-1: Product: syz
[  251.732961][   T10] usb 3-1: Manufacturer: syz
[  251.748276][   T10] usb 3-1: SerialNumber: syz
[  251.783377][   T10] usb 3-1: config 0 descriptor??
[  252.012719][   T10] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  252.138390][ T8781] netlink: 12 bytes leftover after parsing attributes in process `syz.8.807'.
[  252.459909][ T5138] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  252.480322][ T5138] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  252.495598][ T5138] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  252.504164][ T5138] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  252.518195][ T5138] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  252.527458][ T7836] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.728394][ T7836] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.742854][   T30] audit: type=1800 audit(1750940029.765:8): pid=8791 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.8.809" name="/" dev="9p" ino=2 res=0 errno=0
[  252.801611][ T8780] cgroup: fork rejected by pids controller in /syz3
[  252.900873][ T7836] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.119748][ T7836] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.255974][ T6000] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  253.416860][ T6000] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  253.434366][ T6000] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.439201][   T10] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  253.464414][ T6000] usb 9-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  253.473669][ T6000] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.478605][   T10] usb 3-1: USB disconnect, device number 11
[  253.490433][ T6000] usb 9-1: config 0 descriptor??
[  254.082231][ T6000] usbhid 9-1:0.0: can't add hid device: -71
[  254.088662][ T6000] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  254.102555][ T6000] usb 9-1: USB disconnect, device number 2
[  254.180978][ T7836] bond0 (unregistering): Released all slaves
[  254.212183][ T8849] bridge0: port 3(vlan2) entered blocking state
[  254.223870][ T8849] bridge0: port 3(vlan2) entered disabled state
[  254.246990][ T8849] vlan2: entered allmulticast mode
[  254.255713][ T8849] bond0: entered allmulticast mode
[  254.261388][ T8849] bond_slave_0: entered allmulticast mode
[  254.268727][ T8849] bond_slave_1: entered allmulticast mode
[  254.278840][ T8849] vlan2: entered promiscuous mode
[  254.283877][ T8849] bond0: entered promiscuous mode
[  254.289589][ T8849] bond_slave_0: entered promiscuous mode
[  254.297796][ T8849] bond_slave_1: entered promiscuous mode
[  254.313245][ T8787] chnl_net:caif_netlink_parms(): no params data found
[  254.334707][ T7836] tipc: Left network mode
[  254.614598][ T5138] Bluetooth: hci1: command tx timeout
[  254.803081][ T8868] netlink: 4 bytes leftover after parsing attributes in process `syz.5.821'.
[  255.252630][ T8787] bridge0: port 1(bridge_slave_0) entered blocking state
[  255.261399][ T8787] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.269247][ T8787] bridge_slave_0: entered allmulticast mode
[  255.426026][ T8787] bridge_slave_0: entered promiscuous mode
[  255.529722][ T8787] bridge0: port 2(bridge_slave_1) entered blocking state
[  255.544600][ T8787] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.562179][ T8787] bridge_slave_1: entered allmulticast mode
[  255.634125][ T8787] bridge_slave_1: entered promiscuous mode
[  255.728866][ T7836] hsr_slave_0: left promiscuous mode
[  255.757841][ T7836] hsr_slave_1: left promiscuous mode
[  255.819221][ T7836] veth1_macvtap: left promiscuous mode
[  255.831174][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  255.844564][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  255.872251][ T7836] veth0_macvtap: left promiscuous mode
[  255.884566][ T7836] veth1_vlan: left promiscuous mode
[  255.885043][ T8877] netlink: 64 bytes leftover after parsing attributes in process `syz.5.825'.
[  255.904508][ T7836] veth0_vlan: left promiscuous mode
[  256.694642][ T5138] Bluetooth: hci1: command tx timeout
[  256.873007][ T8918] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  257.669898][ T8787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  257.700499][ T8787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  257.913277][ T8787] team0: Port device team_slave_0 added
[  257.965350][ T8787] team0: Port device team_slave_1 added
[  258.010476][ T8938] netlink: 8 bytes leftover after parsing attributes in process `syz.2.837'.
[  258.271771][ T8787] batman_adv: batadv0: Adding interface: batadv_slave_0
[  258.304043][ T8787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.351253][ T8787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  258.364782][ T8787] batman_adv: batadv0: Adding interface: batadv_slave_1
[  258.371831][ T8787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.404803][ T8787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  258.614745][ T8787] hsr_slave_0: entered promiscuous mode
[  258.631856][ T8787] hsr_slave_1: entered promiscuous mode
[  258.639353][ T8953] binder: 8952:8953 ioctl c0306201 200000000500 returned -22
[  258.734276][ T8949] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.774847][ T5138] Bluetooth: hci1: command tx timeout
[  258.889712][ T8949] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.027255][ T8949] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.209661][ T8949] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.994238][ T8949] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  260.060239][ T8949] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  260.193957][ T8949] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  260.765770][ T8949] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  260.861627][ T5138] Bluetooth: hci1: command tx timeout
[  260.914968][ T8787] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  260.954042][ T8787] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  260.987352][ T8787] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  261.019419][ T8787] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  261.422213][ T8787] 8021q: adding VLAN 0 to HW filter on device bond0
[  261.665698][ T8787] 8021q: adding VLAN 0 to HW filter on device team0
[  261.747837][ T7836] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.755080][ T7836] bridge0: port 1(bridge_slave_0) entered forwarding state
[  261.822887][ T7836] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.830044][ T7836] bridge0: port 2(bridge_slave_1) entered forwarding state
[  262.377675][ T9025] netlink: 8 bytes leftover after parsing attributes in process `syz.8.868'.
[  262.745120][ T8787] 8021q: adding VLAN 0 to HW filter on device batadv0
[  263.440985][ T9043] kvm: vcpu 0: requested 3584 ns lapic timer period limited to 200000 ns
[  263.639918][   T30] audit: type=1326 audit(1750940040.665:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9048 comm="syz.5.875" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff30978e929 code=0x0
[  263.740019][ T8787] veth0_vlan: entered promiscuous mode
[  263.756556][ T8787] veth1_vlan: entered promiscuous mode
[  263.827469][ T8787] veth0_macvtap: entered promiscuous mode
[  263.842673][ T8787] veth1_macvtap: entered promiscuous mode
[  263.895411][ T8787] batman_adv: batadv0: Interface activated: batadv_slave_0
[  263.932807][ T8787] batman_adv: batadv0: Interface activated: batadv_slave_1
[  263.973249][ T8787] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  264.015106][ T8787] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  264.035499][ T8787] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  264.058719][ T8787] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  264.125241][ T9057] netlink: 8 bytes leftover after parsing attributes in process `syz.3.877'.
[  264.428274][ T6444] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  264.473219][ T6444] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  264.575602][ T9073] netlink: 'syz.5.882': attribute type 1 has an invalid length.
[  264.741538][ T9073] 8021q: adding VLAN 0 to HW filter on device bond1
[  264.824125][ T9076] erspan0: entered allmulticast mode
[  264.840937][ T9076] bond1: (slave erspan0): making interface the new active one
[  264.859911][ T9076] bond1: (slave erspan0): Enslaving as an active interface with an up link
[  265.039107][ T6422] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  265.079629][ T6422] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  265.515314][ T9085] kvm: kvm [9083]: vcpu2, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x60000000800
[  265.559479][ T9085] kvm: kvm [9083]: vcpu2, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x60000002201
[  266.113932][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  266.126660][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  266.137271][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  266.146449][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  266.155272][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  266.329564][ T9103] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  266.770275][ T9100] chnl_net:caif_netlink_parms(): no params data found
[  267.159921][ T9100] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.190581][ T9100] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.204596][ T9100] bridge_slave_0: entered allmulticast mode
[  267.212834][ T9100] bridge_slave_0: entered promiscuous mode
[  267.275534][ T9100] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.291967][ T9100] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.309514][ T9100] bridge_slave_1: entered allmulticast mode
[  267.354137][ T9100] bridge_slave_1: entered promiscuous mode
[  267.568425][ T9100] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  267.626955][ T9100] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  267.853856][ T9100] team0: Port device team_slave_0 added
[  267.895100][ T9100] team0: Port device team_slave_1 added
[  268.004232][ T9100] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.020212][ T9100] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.075252][ T9100] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  268.126826][ T9100] batman_adv: batadv0: Adding interface: batadv_slave_1
[  268.133836][ T9100] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.214601][ T5138] Bluetooth: hci3: command tx timeout
[  268.304207][ T9100] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  268.566566][ T9100] hsr_slave_0: entered promiscuous mode
[  268.591339][ T9100] hsr_slave_1: entered promiscuous mode
[  268.613565][ T9100] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  268.649539][ T9100] Cannot create hsr debugfs directory
[  270.294452][ T5138] Bluetooth: hci3: command tx timeout
[  272.025746][ T9188] netlink: 176 bytes leftover after parsing attributes in process `syz.3.920'.
[  272.329302][ T9189] netlink: 'syz.5.921': attribute type 1 has an invalid length.
[  272.383580][ T5138] Bluetooth: hci3: command tx timeout
[  272.919855][ T9199] loop7: detected capacity change from 0 to 16384
[  273.194742][    T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  273.525341][    T9] usb 3-1: Using ep0 maxpacket: 8
[  273.773060][    T9] usb 3-1: config 0 has no interfaces?
[  273.819976][    T9] usb 3-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  273.839843][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.858707][    T9] usb 3-1: Product: syz
[  273.870304][    T9] usb 3-1: Manufacturer: syz
[  273.878234][    T9] usb 3-1: SerialNumber: syz
[  273.896828][    T9] usb 3-1: config 0 descriptor??
[  273.962478][ T9100] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  273.977497][ T9100] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  273.992651][ T9100] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  274.326385][ T9199] blk_print_req_error: 29 callbacks suppressed
[  274.326406][ T9199] I/O error, dev loop7, sector 2304 op 0x0:(READ) flags 0x80700 phys_seg 2 prio class 0
[  274.407494][ T9100] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  274.423528][ T6000] usb 3-1: USB disconnect, device number 12
[  274.455900][ T5138] Bluetooth: hci3: command tx timeout
[  274.529177][ T9199] I/O error, dev loop7, sector 2560 op 0x0:(READ) flags 0x80700 phys_seg 2 prio class 0
[  274.605237][ T9199] I/O error, dev loop7, sector 2304 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  274.624407][ T9199] buffer_io_error: 662 callbacks suppressed
[  274.624428][ T9199] Buffer I/O error on dev loop7, logical block 288, async page read
[  274.664002][ T9199] I/O error, dev loop7, sector 2312 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  274.673750][ T9199] Buffer I/O error on dev loop7, logical block 289, async page read
[  274.682083][ T9199] I/O error, dev loop7, sector 2320 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  274.709009][ T9199] Buffer I/O error on dev loop7, logical block 290, async page read
[  274.743310][ T9199] I/O error, dev loop7, sector 2328 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  274.819689][ T9199] Buffer I/O error on dev loop7, logical block 291, async page read
[  274.834566][ T9199] I/O error, dev loop7, sector 2336 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  274.851300][ T9199] Buffer I/O error on dev loop7, logical block 292, async page read
[  274.863935][ T9199] I/O error, dev loop7, sector 2344 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  274.892023][ T9199] Buffer I/O error on dev loop7, logical block 293, async page read
[  274.906022][ T9199] I/O error, dev loop7, sector 2352 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  274.935130][ T9199] Buffer I/O error on dev loop7, logical block 294, async page read
[  274.963026][ T9199] I/O error, dev loop7, sector 2360 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  274.994421][ T9199] Buffer I/O error on dev loop7, logical block 295, async page read
[  275.021104][ T9199] Buffer I/O error on dev loop7, logical block 296, async page read
[  275.046363][ T9199] Buffer I/O error on dev loop7, logical block 297, async page read
[  275.219797][ T9100] 8021q: adding VLAN 0 to HW filter on device bond0
[  275.267109][ T9100] 8021q: adding VLAN 0 to HW filter on device team0
[  275.360512][ T7842] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.367760][ T7842] bridge0: port 1(bridge_slave_0) entered forwarding state
[  275.452162][ T7836] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.459434][ T7836] bridge0: port 2(bridge_slave_1) entered forwarding state
[  275.583947][ T9235] netlink: 8 bytes leftover after parsing attributes in process `syz.5.933'.
[  276.247737][   T10] libceph: connect (1)[c::]:6789 error -101
[  276.267709][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  276.303109][ T9246] ceph: No mds server is up or the cluster is laggy
[  276.407132][ T9100] 8021q: adding VLAN 0 to HW filter on device batadv0
[  277.488723][ T9100] veth0_vlan: entered promiscuous mode
[  277.599441][ T9100] veth1_vlan: entered promiscuous mode
[  277.710016][ T9100] veth0_macvtap: entered promiscuous mode
[  277.752794][ T9100] veth1_macvtap: entered promiscuous mode
[  277.931129][ T9100] batman_adv: batadv0: Interface activated: batadv_slave_0
[  277.976021][ T9100] batman_adv: batadv0: Interface activated: batadv_slave_1
[  278.020629][ T9100] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  278.050263][ T9100] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  278.084745][ T9100] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  278.102259][ T9100] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  278.404639][ T7845] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  278.412561][ T7845] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  278.527363][ T5138] Bluetooth: hci4: unexpected event for opcode 0x1003
[  278.595124][ T7845] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  278.621907][ T7845] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  280.105183][ T9324] syz_tun: entered allmulticast mode
[  280.133470][ T9322] syz_tun: left allmulticast mode
[  280.352844][ T7842] Bluetooth: hci5: Frame reassembly failed (-84)
[  280.367901][ T7842] Bluetooth: hci5: Frame reassembly failed (-84)
[  280.990651][ T6444] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  281.361016][ T9354] input: syz0 as /devices/virtual/input/input10
[  282.014596][ T6001] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  282.164606][ T6001] usb 4-1: Using ep0 maxpacket: 16
[  282.183499][ T6001] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 192, changing to 11
[  282.195245][ T6001] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  282.207980][ T6001] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  282.223751][ T6001] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  282.235748][ T6001] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  282.244140][ T6001] usb 4-1: SerialNumber: syz
[  282.258871][ T9359] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  282.376810][   T51] Bluetooth: hci5: command 0x1003 tx timeout
[  282.383385][ T5138] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  282.489013][ T6001] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[  282.513606][ T6001] usb 4-1: USB disconnect, device number 10
[  282.535011][ T5138] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  282.543976][ T5138] Bluetooth: hci4: Injecting HCI hardware error event
[  282.552150][ T5138] Bluetooth: hci4: hardware error 0x00
[  284.675630][ T5138] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  285.533156][ T9422] netlink: 2028 bytes leftover after parsing attributes in process `syz.4.996'.
[  285.565300][ T9422] netlink: 12 bytes leftover after parsing attributes in process `syz.4.996'.
[  285.839703][ T9434] binder: 9432:9434 ioctl c0306201 2000000001c0 returned -22
[  285.944049][ T9435] kvm: pic: non byte write
[  285.967163][ T5138] Bluetooth: hci1: unexpected subevent 0x0a length: 91 > 30
[  286.190521][ T9448] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1009'.
[  286.801427][ T9464] capability: warning: `syz.5.1015' uses 32-bit capabilities (legacy support in use)
[  286.937579][ T9465] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  287.654564][ T5951] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  288.064487][   T51] Bluetooth: hci1: command tx timeout
[  288.256472][ T5951] usb 4-1: config 1 interface 0 has no altsetting 0
[  288.268858][ T5951] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  288.278159][ T5951] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.286274][ T5951] usb 4-1: Product: syz
[  288.291539][ T5951] usb 4-1: Manufacturer: syz
[  288.296291][ T5951] usb 4-1: SerialNumber: syz
[  288.916727][ T5951] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 11 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  289.026976][ T9489] 9pnet: p9_errstr2errno: server reported unknown error 184467440
[  407.504239][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  407.511317][    C0] rcu: 	1-...!: (1 GPs behind) idle=edc4/1/0x4000000000000000 softirq=56284/56288 fqs=0
[  407.522041][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P9508
[  407.529373][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=41817, q=347 ncpus=2)
[  407.537109][    C0] Sending NMI from CPU 0 to CPUs 1:
[  407.537139][    C1] NMI backtrace for cpu 1
[  407.537154][    C1] CPU: 1 UID: 0 PID: 9510 Comm: syz.4.1031 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[  407.537172][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  407.537182][    C1] RIP: 0010:__netif_schedule+0x269/0x2c0
[  407.537208][    C1] Code: 2d 19 02 4d 85 f6 74 ea e8 94 e2 79 f8 fb 48 c7 44 24 20 0e 36 e0 45 48 b8 00 00 00 00 00 fc ff df 49 c7 44 05 00 00 00 00 00 <66> 41 c7 44 05 09 00 00 41 c6 44 05 0b 00 65 48 8b 05 11 45 53 09
[  407.537222][    C1] RSP: 0018:ffffc90000a08b80 EFLAGS: 00000006
[  407.537236][    C1] RAX: dffffc0000000000 RBX: ffff88807b151000 RCX: ffff888026db3c00
[  407.537248][    C1] RDX: 0000000000010000 RSI: 0000000000000001 RDI: 0000000000000002
[  407.537259][    C1] RBP: ffffc90000a08c60 R08: ffff88807b15115f R09: 1ffff1100f62a22b
[  407.537270][    C1] R10: dffffc0000000000 R11: ffffed100f62a22c R12: ffff88807b151360
[  407.537282][    C1] R13: 1ffff92000141174 R14: 1856f2ad78000000 R15: ffff88805b0a1400
[  407.537293][    C1] FS:  00007f001a3c16c0(0000) GS:ffff888125d85000(0000) knlGS:0000000000000000
[  407.537307][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  407.537318][    C1] CR2: 0000001700000000 CR3: 000000004eb10000 CR4: 00000000003526f0
[  407.537334][    C1] DR0: 0000000000000000 DR1: 0000000000000008 DR2: 0000000000000000
[  407.537344][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  407.537354][    C1] Call Trace:
[  407.537361][    C1]  <IRQ>
[  407.537369][    C1]  ? advance_sched+0x9f8/0xc90
[  407.537388][    C1]  ? __pfx___netif_schedule+0x10/0x10
[  407.537404][    C1]  ? advance_sched+0x9f8/0xc90
[  407.537425][    C1]  ? advance_sched+0x9f8/0xc90
[  407.537440][    C1]  ? advance_sched+0x9f8/0xc90
[  407.537458][    C1]  advance_sched+0xa9a/0xc90
[  407.537483][    C1]  ? __pfx_advance_sched+0x10/0x10
[  407.537499][    C1]  __hrtimer_run_queues+0x529/0xc60
[  407.537529][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  407.537548][    C1]  ? read_tsc+0x9/0x20
[  407.537570][    C1]  hrtimer_interrupt+0x45b/0xaa0
[  407.537610][    C1]  __sysvec_apic_timer_interrupt+0x10b/0x410
[  407.537633][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  407.537654][    C1]  </IRQ>
[  407.537659][    C1]  <TASK>
[  407.537665][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  407.537682][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xa8/0x110
[  407.537702][    C1] Code: 74 05 e8 7b b4 65 f6 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4f f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> f3 9d 2e f6 65 8b 05 ec 8a 37 07 85 c0 74 40 48 c7 04 24 0e 36
[  407.537715][    C1] RSP: 0018:ffffc9000bbe7b60 EFLAGS: 00000206
[  407.537727][    C1] RAX: 9ae148801738a600 RBX: 0000000000000a06 RCX: 9ae148801738a600
[  407.537738][    C1] RDX: 0000000000000007 RSI: ffffffff8d96ea1c RDI: 0000000000000001
[  407.537747][    C1] RBP: ffffc9000bbe7bf0 R08: ffffffff8f9fe1f7 R09: 1ffffffff1f3fc3e
[  407.537758][    C1] R10: dffffc0000000000 R11: fffffbfff1f3fc3f R12: dffffc0000000000
[  407.537769][    C1] R13: ffff8880b8627ac0 R14: ffff8880b8627ac0 R15: 1ffff9200177cf6c
[  407.537790][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  407.537808][    C1]  ? read_tsc+0x9/0x20
[  407.537829][    C1]  clock_was_set+0x63b/0x7c0
[  407.537851][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  407.537871][    C1]  ? __pfx_clock_was_set+0x10/0x10
[  407.537889][    C1]  ? do_settimeofday64+0x2d1/0x5e0
[  407.537907][    C1]  ? timekeeping_update_from_shadow+0x2b1/0x350
[  407.537925][    C1]  do_settimeofday64+0x2ec/0x5e0
[  407.537940][    C1]  ? safesetid_security_capable+0xa9/0x1a0
[  407.537963][    C1]  ? __pfx_do_settimeofday64+0x10/0x10
[  407.537978][    C1]  ? amd_mp2_get_sensor_num+0x251/0x340
[  407.537997][    C1]  ? bpf_lsm_settime+0x9/0x20
[  407.538010][    C1]  ? security_settime64+0x76/0x290
[  407.538032][    C1]  ? do_sys_settimeofday64+0x163/0x260
[  407.538051][    C1]  __x64_sys_clock_settime+0x229/0x280
[  407.538071][    C1]  ? __pfx___x64_sys_clock_settime+0x10/0x10
[  407.538087][    C1]  ? rcu_is_watching+0x15/0xb0
[  407.538110][    C1]  ? do_syscall_64+0xbe/0x3b0
[  407.538133][    C1]  do_syscall_64+0xfa/0x3b0
[  407.538153][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  407.538171][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.538186][    C1]  ? clear_bhb_loop+0x60/0xb0
[  407.538203][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.538218][    C1] RIP: 0033:0x7f001958e929
[  407.538231][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.538244][    C1] RSP: 002b:00007f001a3c1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e3
[  407.538259][    C1] RAX: ffffffffffffffda RBX: 00007f00197b5fa0 RCX: 00007f001958e929
[  407.538270][    C1] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000000
[  407.538279][    C1] RBP: 00007f0019610b39 R08: 0000000000000000 R09: 0000000000000000
[  407.538289][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  407.538299][    C1] R13: 0000000000000000 R14: 00007f00197b5fa0 R15: 00007fff48c0d138
[  407.538317][    C1]  </TASK>
[  407.539133][    C0] task:syz.2.1032      state:R  running task     stack:24960 pid:9508  tgid:9507  ppid:5831   task_flags:0x400040 flags:0x0000400a
[  408.047184][    C0] Call Trace:
[  408.050491][    C0]  <IRQ>
[  408.053363][    C0]  sched_show_task+0x49d/0x630
[  408.058176][    C0]  ? __pfx_sched_show_task+0x10/0x10
[  408.063492][    C0]  ? rcu_dump_cpu_stacks+0x79/0x4e0
[  408.068723][    C0]  ? wq_watchdog_touch+0xef/0x180
[  408.073778][    C0]  print_other_cpu_stall+0xfa6/0x1370
[  408.079191][    C0]  ? __pfx_print_other_cpu_stall+0x10/0x10
[  408.085051][    C0]  rcu_sched_clock_irq+0x9d1/0x1090
[  408.090293][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  408.095966][    C0]  update_process_times+0x23c/0x2f0
[  408.101195][    C0]  tick_nohz_handler+0x39a/0x520
[  408.106166][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[  408.111650][    C0]  __hrtimer_run_queues+0x4dd/0xc60
[  408.116908][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  408.122656][    C0]  ? read_tsc+0x9/0x20
[  408.126765][    C0]  hrtimer_interrupt+0x45b/0xaa0
[  408.131766][    C0]  __sysvec_apic_timer_interrupt+0x10b/0x410
[  408.137783][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  408.143449][    C0]  </IRQ>
[  408.146402][    C0]  <TASK>
[  408.149358][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  408.155367][    C0] RIP: 0010:smp_call_function_single+0x3a9/0x590
[  408.161733][    C0] Code: 33 44 89 f6 83 e6 01 31 ff e8 23 95 0b 00 41 83 e6 01 75 11 e8 d8 90 0b 00 4d 89 fe eb 3f e8 ce 90 0b 00 eb 3c 4d 89 fe f3 90 <43> 0f b6 04 2c 84 c0 75 0f f7 03 01 00 00 00 74 1d e8 b1 90 0b 00
[  408.181367][    C0] RSP: 0018:ffffc9000b97e3c0 EFLAGS: 00000246
[  408.187461][    C0] RAX: ffffffff81b4bcbf RBX: ffffc9000b97e408 RCX: 0000000000080000
[  408.195460][    C0] RDX: ffffc9000c7fa000 RSI: 000000000007ffff RDI: 0000000000080000
[  408.203452][    C0] RBP: ffffc9000b97e4b0 R08: ffffffff8f9fe1f7 R09: 1ffffffff1f3fc3e
[  408.211446][    C0] R10: dffffc0000000000 R11: ffffffff81702110 R12: 1ffff9200172fc81
[  408.219440][    C0] R13: dffffc0000000000 R14: 1ffff9200172fc7c R15: 1ffff9200172fc7c
[  408.227441][    C0]  ? __pfx_native_send_call_func_single_ipi+0x10/0x10
[  408.234235][    C0]  ? smp_call_function_single+0x3bf/0x590
[  408.239993][    C0]  ? __pfx___loaded_vmcs_clear+0x10/0x10
[  408.245655][    C0]  ? __pfx_smp_call_function_single+0x10/0x10
[  408.251766][    C0]  ? vmx_vcpu_pi_put+0x188/0x820
[  408.256727][    C0]  ? __pfx___loaded_vmcs_clear+0x10/0x10
[  408.262394][    C0]  ? __pfx_vmx_vcpu_pi_put+0x10/0x10
[  408.267716][    C0]  vmx_vcpu_load_vmcs+0x129/0x6b0
[  408.272788][    C0]  ? xfd_validate_state+0x6d/0x150
[  408.277930][    C0]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  408.283526][    C0]  ? rcu_is_watching+0x15/0xb0
[  408.288325][    C0]  vmx_vcpu_load+0x93/0x260
[  408.292868][    C0]  ? kvm_arch_vcpu_load+0x210/0xa70
[  408.298103][    C0]  kvm_arch_vcpu_load+0x285/0xa70
[  408.303161][    C0]  ? __pfx_kvm_arch_vcpu_load+0x10/0x10
[  408.308749][    C0]  kvm_sched_in+0x7c/0xe0
[  408.313111][    C0]  finish_task_switch+0x85d/0x950
[  408.318172][    C0]  __schedule+0x16aa/0x4cb0
[  408.322723][    C0]  ? psi_task_switch+0x250/0x6d0
[  408.327693][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  408.333016][    C0]  ? __pfx___schedule+0x10/0x10
[  408.337931][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  408.343274][    C0]  preempt_schedule_irq+0xb5/0x150
[  408.348435][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  408.354197][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  408.360036][    C0]  irqentry_exit+0x6f/0x90
[  408.364483][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  408.370487][    C0] RIP: 0010:lock_acquire+0x175/0x360
[  408.375802][    C0] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 2b 8e fb 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[  408.395432][    C0] RSP: 0018:ffffc9000b97eb38 EFLAGS: 00000206
[  408.401523][    C0] RAX: 703f9409e0705500 RBX: 0000000000000000 RCX: 703f9409e0705500
[  408.409518][    C0] RDX: 0000000000000000 RSI: ffffffff8db5a736 RDI: ffffffff8be1b9c0
[  408.417513][    C0] RBP: ffffffff81728af5 R08: 0000000000000000 R09: ffffffff81728af5
[  408.425503][    C0] R10: ffffc9000b97ecf8 R11: ffffffff81ace5b0 R12: 0000000000000002
[  408.433586][    C0] R13: ffffffff8e13ee60 R14: 0000000000000000 R15: 0000000000000246
[  408.441582][    C0]  ? unwind_next_frame+0xa5/0x2390
[  408.446730][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  408.452908][    C0]  ? unwind_next_frame+0xa5/0x2390
[  408.458070][    C0]  ? unwind_next_frame+0xa5/0x2390
[  408.463213][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.469300][    C0]  ? unwind_next_frame+0xa5/0x2390
[  408.474445][    C0]  unwind_next_frame+0xc2/0x2390
[  408.479408][    C0]  ? unwind_next_frame+0xa5/0x2390
[  408.484561][    C0]  ? unwind_next_frame+0xa5/0x2390
[  408.489703][    C0]  ? do_syscall_64+0xfa/0x3b0
[  408.494430][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  408.500621][    C0]  arch_stack_walk+0x11c/0x150
[  408.505440][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.511709][    C0]  stack_trace_save+0x9c/0xe0
[  408.516425][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  408.521839][    C0]  save_stack+0xf7/0x1f0
[  408.526127][    C0]  ? __pfx_save_stack+0x10/0x10
[  408.531003][    C0]  ? post_alloc_hook+0x240/0x2a0
[  408.535965][    C0]  ? get_page_from_freelist+0x21d5/0x22b0
[  408.541715][    C0]  ? __alloc_frozen_pages_noprof+0x181/0x370
[  408.547725][    C0]  ? alloc_pages_mpol+0x232/0x4a0
[  408.552776][    C0]  ? alloc_pages_noprof+0xa9/0x190
[  408.557920][    C0]  ? get_free_pages_noprof+0xf/0x80
[  408.563149][    C0]  ? __kvm_mmu_topup_memory_cache+0x24f/0x610
[  408.569245][    C0]  ? mmu_topup_memory_caches+0xd6/0x170
[  408.574815][    C0]  ? kvm_mmu_load+0x9d/0x21f0
[  408.579517][    C0]  ? vcpu_run+0x4833/0x6f70
[  408.584042][    C0]  ? kvm_arch_vcpu_ioctl_run+0xfc9/0x1940
[  408.589781][    C0]  ? kvm_vcpu_ioctl+0x95c/0xe90
[  408.594655][    C0]  ? __se_sys_ioctl+0xf9/0x170
[  408.599440][    C0]  ? do_syscall_64+0xfa/0x3b0
[  408.604163][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.610298][    C0]  ? seqcount_lockdep_reader_access+0x102/0x180
[  408.616614][    C0]  __set_page_owner+0x8d/0x4a0
[  408.621420][    C0]  ? __pfx___set_page_owner+0x10/0x10
[  408.626845][    C0]  post_alloc_hook+0x240/0x2a0
[  408.631667][    C0]  get_page_from_freelist+0x21d5/0x22b0
[  408.637296][    C0]  ? __pfx_get_page_from_freelist+0x10/0x10
[  408.643226][    C0]  ? prepare_alloc_pages+0x213/0x610
[  408.648550][    C0]  __alloc_frozen_pages_noprof+0x181/0x370
[  408.654406][    C0]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  408.660778][    C0]  ? policy_nodemask+0x27c/0x720
[  408.665749][    C0]  alloc_pages_mpol+0x232/0x4a0
[  408.670665][    C0]  alloc_pages_noprof+0xa9/0x190
[  408.675646][    C0]  get_free_pages_noprof+0xf/0x80
[  408.680714][    C0]  __kvm_mmu_topup_memory_cache+0x24f/0x610
[  408.686682][    C0]  mmu_topup_memory_caches+0xd6/0x170
[  408.692104][    C0]  kvm_mmu_load+0x9d/0x21f0
[  408.696661][    C0]  ? kvm_apic_has_interrupt+0x744/0x770
[  408.702252][    C0]  vcpu_run+0x4833/0x6f70
[  408.706688][    C0]  ? __pfx_vcpu_run+0x10/0x10
[  408.711399][    C0]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[  408.717152][    C0]  ? rcu_is_watching+0x15/0xb0
[  408.721948][    C0]  kvm_arch_vcpu_ioctl_run+0xfc9/0x1940
[  408.727527][    C0]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[  408.733267][    C0]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  408.739274][    C0]  ? rcu_is_watching+0x15/0xb0
[  408.744071][    C0]  ? trace_contention_end+0x39/0x120
[  408.749378][    C0]  ? __mutex_lock+0x330/0xe80
[  408.754088][    C0]  ? kasan_quarantine_put+0xdd/0x220
[  408.759402][    C0]  ? kvm_vcpu_ioctl+0x22e/0xe90
[  408.764275][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  408.769334][    C0]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  408.774994][    C0]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  408.780656][    C0]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  408.786761][    C0]  kvm_vcpu_ioctl+0x95c/0xe90
[  408.791471][    C0]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  408.796706][    C0]  ? __lock_acquire+0xab9/0xd20
[  408.801593][    C0]  ? __asan_memset+0x22/0x50
[  408.806204][    C0]  ? smack_file_ioctl+0x302/0x340
[  408.811255][    C0]  ? __pfx_smack_file_ioctl+0x10/0x10
[  408.816666][    C0]  ? __fget_files+0x2a/0x420
[  408.821282][    C0]  ? __fget_files+0x3a0/0x420
[  408.825985][    C0]  ? __fget_files+0x2a/0x420
[  408.830605][    C0]  ? bpf_lsm_file_ioctl+0x9/0x20
[  408.835572][    C0]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  408.840810][    C0]  __se_sys_ioctl+0xf9/0x170
[  408.845437][    C0]  do_syscall_64+0xfa/0x3b0
[  408.849974][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  408.855203][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.861314][    C0]  ? clear_bhb_loop+0x60/0xb0
[  408.866033][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.871956][    C0] RIP: 0033:0x7f84e798e929
[  408.876406][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  408.896051][    C0] RSP: 002b:00007f84e88b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  408.904499][    C0] RAX: ffffffffffffffda RBX: 00007f84e7bb5fa0 RCX: 00007f84e798e929
[  408.912499][    C0] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  408.920495][    C0] RBP: 00007f84e7a10b39 R08: 0000000000000000 R09: 0000000000000000
[  408.928491][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  408.936482][    C0] R13: 0000000000000000 R14: 00007f84e7bb5fa0 R15: 00007ffdcd9cf088
[  408.944509][    C0]  </TASK>
[  408.947552][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g41817 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  408.958769][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  408.968759][    C0] rcu: RCU grace-period kthread stack dump:
[  408.974664][    C0] task:rcu_preempt     state:R  running task     stack:27128 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  408.988190][    C0] Call Trace:
[  408.991490][    C0]  <TASK>
[  408.994448][    C0]  __schedule+0x16a2/0x4cb0
[  408.999008][    C0]  ? schedule+0x165/0x360
[  409.003369][    C0]  ? __pfx___schedule+0x10/0x10
[  409.008278][    C0]  ? schedule+0x91/0x360
[  409.012549][    C0]  schedule+0x165/0x360
[  409.016734][    C0]  schedule_timeout+0x12b/0x270
[  409.021625][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  409.027022][    C0]  ? __pfx_process_timeout+0x10/0x10
[  409.032354][    C0]  ? prepare_to_swait_event+0x341/0x380
[  409.037933][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[  409.042822][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[  409.047791][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  409.053019][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  409.058334][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  409.063563][    C0]  ? finish_swait+0xcd/0x1f0
[  409.068183][    C0]  rcu_gp_kthread+0x99/0x390
[  409.072802][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  409.078031][    C0]  ? __kthread_parkme+0x7b/0x200
[  409.083000][    C0]  ? __kthread_parkme+0x1a1/0x200
[  409.088062][    C0]  kthread+0x70e/0x8a0
[  409.092164][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  409.097391][    C0]  ? __pfx_kthread+0x10/0x10
[  409.102007][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  409.107235][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  409.112465][    C0]  ? __pfx_kthread+0x10/0x10
[  409.117171][    C0]  ret_from_fork+0x3fc/0x770
[  409.121815][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  409.126983][    C0]  ? __switch_to_asm+0x39/0x70
[  409.131777][    C0]  ? __switch_to_asm+0x33/0x70
[  409.136604][    C0]  ? __pfx_kthread+0x10/0x10
[  409.141240][    C0]  ret_from_fork_asm+0x1a/0x30
[  409.146052][    C0]  </TASK>
[  409.149095][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  409.155443][    C0] CPU: 0 UID: 0 PID: 9508 Comm: syz.2.1032 Not tainted 6.16.0-rc3-syzkaller-00072-gee88bddf7f2f #0 PREEMPT(full) 
[  409.167447][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  409.177524][    C0] RIP: 0010:smp_call_function_single+0x3a9/0x590
[  409.183885][    C0] Code: 33 44 89 f6 83 e6 01 31 ff e8 23 95 0b 00 41 83 e6 01 75 11 e8 d8 90 0b 00 4d 89 fe eb 3f e8 ce 90 0b 00 eb 3c 4d 89 fe f3 90 <43> 0f b6 04 2c 84 c0 75 0f f7 03 01 00 00 00 74 1d e8 b1 90 0b 00
[  409.203533][    C0] RSP: 0018:ffffc9000b97e3c0 EFLAGS: 00000246
[  409.209644][    C0] RAX: ffffffff81b4bcbf RBX: ffffc9000b97e408 RCX: 0000000000080000
[  409.217675][    C0] RDX: ffffc9000c7fa000 RSI: 000000000007ffff RDI: 0000000000080000
[  409.225675][    C0] RBP: ffffc9000b97e4b0 R08: ffffffff8f9fe1f7 R09: 1ffffffff1f3fc3e
[  409.233672][    C0] R10: dffffc0000000000 R11: ffffffff81702110 R12: 1ffff9200172fc81
[  409.241754][    C0] R13: dffffc0000000000 R14: 1ffff9200172fc7c R15: 1ffff9200172fc7c
[  409.249749][    C0] FS:  00007f84e88b66c0(0000) GS:ffff888125c85000(0000) knlGS:0000000000000000
[  409.258703][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  409.265305][    C0] CR2: 000020000000b000 CR3: 000000006c77e000 CR4: 00000000003526f0
[  409.273302][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  409.281301][    C0] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  409.289292][    C0] Call Trace:
[  409.292594][    C0]  <TASK>
[  409.295550][    C0]  ? __pfx___loaded_vmcs_clear+0x10/0x10
[  409.301222][    C0]  ? __pfx_smp_call_function_single+0x10/0x10
[  409.307316][    C0]  ? vmx_vcpu_pi_put+0x188/0x820
[  409.312278][    C0]  ? __pfx___loaded_vmcs_clear+0x10/0x10
[  409.317947][    C0]  ? __pfx_vmx_vcpu_pi_put+0x10/0x10
[  409.323269][    C0]  vmx_vcpu_load_vmcs+0x129/0x6b0
[  409.328333][    C0]  ? xfd_validate_state+0x6d/0x150
[  409.333471][    C0]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  409.339056][    C0]  ? rcu_is_watching+0x15/0xb0
[  409.343864][    C0]  vmx_vcpu_load+0x93/0x260
[  409.348402][    C0]  ? kvm_arch_vcpu_load+0x210/0xa70
[  409.353716][    C0]  kvm_arch_vcpu_load+0x285/0xa70
[  409.358770][    C0]  ? __pfx_kvm_arch_vcpu_load+0x10/0x10
[  409.364357][    C0]  kvm_sched_in+0x7c/0xe0
[  409.368712][    C0]  finish_task_switch+0x85d/0x950
[  409.373776][    C0]  __schedule+0x16aa/0x4cb0
[  409.378321][    C0]  ? psi_task_switch+0x250/0x6d0
[  409.383294][    C0]  ? preempt_schedule_irq+0xb5/0x150
[  409.388613][    C0]  ? __pfx___schedule+0x10/0x10
[  409.393511][    C0]  ? preempt_schedule_irq+0xaa/0x150
[  409.398830][    C0]  preempt_schedule_irq+0xb5/0x150
[  409.403976][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  409.409734][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  409.415568][    C0]  irqentry_exit+0x6f/0x90
[  409.420009][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  409.426010][    C0] RIP: 0010:lock_acquire+0x175/0x360
[  409.431339][    C0] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 2b 8e fb 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[  409.450969][    C0] RSP: 0018:ffffc9000b97eb38 EFLAGS: 00000206
[  409.457062][    C0] RAX: 703f9409e0705500 RBX: 0000000000000000 RCX: 703f9409e0705500
[  409.465062][    C0] RDX: 0000000000000000 RSI: ffffffff8db5a736 RDI: ffffffff8be1b9c0
[  409.473056][    C0] RBP: ffffffff81728af5 R08: 0000000000000000 R09: ffffffff81728af5
[  409.481049][    C0] R10: ffffc9000b97ecf8 R11: ffffffff81ace5b0 R12: 0000000000000002
[  409.489044][    C0] R13: ffffffff8e13ee60 R14: 0000000000000000 R15: 0000000000000246
[  409.497041][    C0]  ? unwind_next_frame+0xa5/0x2390
[  409.502181][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  409.508358][    C0]  ? unwind_next_frame+0xa5/0x2390
[  409.513521][    C0]  ? unwind_next_frame+0xa5/0x2390
[  409.518661][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.524758][    C0]  ? unwind_next_frame+0xa5/0x2390
[  409.529895][    C0]  unwind_next_frame+0xc2/0x2390
[  409.534867][    C0]  ? unwind_next_frame+0xa5/0x2390
[  409.540011][    C0]  ? unwind_next_frame+0xa5/0x2390
[  409.545151][    C0]  ? do_syscall_64+0xfa/0x3b0
[  409.549871][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  409.556048][    C0]  arch_stack_walk+0x11c/0x150
[  409.560860][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.566958][    C0]  stack_trace_save+0x9c/0xe0
[  409.571662][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  409.577071][    C0]  save_stack+0xf7/0x1f0
[  409.581347][    C0]  ? __pfx_save_stack+0x10/0x10
[  409.586219][    C0]  ? post_alloc_hook+0x240/0x2a0
[  409.591182][    C0]  ? get_page_from_freelist+0x21d5/0x22b0
[  409.596927][    C0]  ? __alloc_frozen_pages_noprof+0x181/0x370
[  409.602933][    C0]  ? alloc_pages_mpol+0x232/0x4a0
[  409.607982][    C0]  ? alloc_pages_noprof+0xa9/0x190
[  409.613117][    C0]  ? get_free_pages_noprof+0xf/0x80
[  409.618374][    C0]  ? __kvm_mmu_topup_memory_cache+0x24f/0x610
[  409.624493][    C0]  ? mmu_topup_memory_caches+0xd6/0x170
[  409.630165][    C0]  ? kvm_mmu_load+0x9d/0x21f0
[  409.634879][    C0]  ? vcpu_run+0x4833/0x6f70
[  409.639409][    C0]  ? kvm_arch_vcpu_ioctl_run+0xfc9/0x1940
[  409.645336][    C0]  ? kvm_vcpu_ioctl+0x95c/0xe90
[  409.650210][    C0]  ? __se_sys_ioctl+0xf9/0x170
[  409.654993][    C0]  ? do_syscall_64+0xfa/0x3b0
[  409.659697][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.665804][    C0]  ? seqcount_lockdep_reader_access+0x102/0x180
[  409.672095][    C0]  __set_page_owner+0x8d/0x4a0
[  409.676892][    C0]  ? __pfx___set_page_owner+0x10/0x10
[  409.682302][    C0]  post_alloc_hook+0x240/0x2a0
[  409.687102][    C0]  get_page_from_freelist+0x21d5/0x22b0
[  409.692747][    C0]  ? __pfx_get_page_from_freelist+0x10/0x10
[  409.698694][    C0]  ? prepare_alloc_pages+0x213/0x610
[  409.704031][    C0]  __alloc_frozen_pages_noprof+0x181/0x370
[  409.709885][    C0]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  409.716273][    C0]  ? policy_nodemask+0x27c/0x720
[  409.721254][    C0]  alloc_pages_mpol+0x232/0x4a0
[  409.726148][    C0]  alloc_pages_noprof+0xa9/0x190
[  409.731139][    C0]  get_free_pages_noprof+0xf/0x80
[  409.736223][    C0]  __kvm_mmu_topup_memory_cache+0x24f/0x610
[  409.742174][    C0]  mmu_topup_memory_caches+0xd6/0x170
[  409.747592][    C0]  kvm_mmu_load+0x9d/0x21f0
[  409.752143][    C0]  ? kvm_apic_has_interrupt+0x744/0x770
[  409.757728][    C0]  vcpu_run+0x4833/0x6f70
[  409.762160][    C0]  ? __pfx_vcpu_run+0x10/0x10
[  409.766867][    C0]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[  409.772622][    C0]  ? rcu_is_watching+0x15/0xb0
[  409.777426][    C0]  kvm_arch_vcpu_ioctl_run+0xfc9/0x1940
[  409.783006][    C0]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[  409.788754][    C0]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  409.794766][    C0]  ? rcu_is_watching+0x15/0xb0
[  409.799766][    C0]  ? trace_contention_end+0x39/0x120
[  409.805107][    C0]  ? __mutex_lock+0x330/0xe80
[  409.809839][    C0]  ? kasan_quarantine_put+0xdd/0x220
[  409.815156][    C0]  ? kvm_vcpu_ioctl+0x22e/0xe90
[  409.820036][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  409.825205][    C0]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  409.830894][    C0]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  409.836580][    C0]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  409.842607][    C0]  kvm_vcpu_ioctl+0x95c/0xe90
[  409.847325][    C0]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  409.852561][    C0]  ? __lock_acquire+0xab9/0xd20
[  409.857497][    C0]  ? __asan_memset+0x22/0x50
[  409.862106][    C0]  ? smack_file_ioctl+0x302/0x340
[  409.867163][    C0]  ? __pfx_smack_file_ioctl+0x10/0x10
[  409.872583][    C0]  ? __fget_files+0x2a/0x420
[  409.877205][    C0]  ? __fget_files+0x3a0/0x420
[  409.882038][    C0]  ? __fget_files+0x2a/0x420
[  409.886698][    C0]  ? bpf_lsm_file_ioctl+0x9/0x20
[  409.891680][    C0]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  409.896918][    C0]  __se_sys_ioctl+0xf9/0x170
[  409.901546][    C0]  do_syscall_64+0xfa/0x3b0
[  409.906091][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  409.911328][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.917416][    C0]  ? clear_bhb_loop+0x60/0xb0
[  409.922125][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.928036][    C0] RIP: 0033:0x7f84e798e929
[  409.932480][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  409.952115][    C0] RSP: 002b:00007f84e88b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  409.960566][    C0] RAX: ffffffffffffffda RBX: 00007f84e7bb5fa0 RCX: 00007f84e798e929
[  409.968645][    C0] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  409.976641][    C0] RBP: 00007f84e7a10b39 R08: 0000000000000000 R09: 0000000000000000
[  409.984664][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  409.992701][    C0] R13: 0000000000000000 R14: 00007f84e7bb5fa0 R15: 00007ffdcd9cf088
[  410.000730][    C0]  </TASK>