last executing test programs:

15m10.046445989s ago: executing program 32 (id=20):
r0 = syz_io_uring_setup(0x27b, &(0x7f0000000540)={0x0, 0x3bce, 0x10100, 0x3, 0x313}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x0, 0x40000103})
io_uring_enter(r0, 0x46f3, 0x0, 0xc1, 0x0, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x78, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000040), &(0x7f0000000080)={'enc=', 'oaep', ' hash=', {'sha384-ssse3\x00'}}, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0)
ioctl$TIOCSERGETLSR(r4, 0x5459, 0x0)
syz_emit_ethernet(0xfdef, 0x0, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
set_mempolicy(0x3, &(0x7f0000000100)=0x3, 0x9)
setsockopt$packet_tx_ring(r5, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc, 0x2000000}, 0x1c)

14m42.265668657s ago: executing program 33 (id=50):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, 0x0)
socket$netlink(0x10, 0x3, 0x10)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$SNDCTL_DSP_RESET(r5, 0x5000, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40881, 0x3)
syz_io_uring_setup(0x3096, &(0x7f00000003c0)={0x0, 0x3a7d, 0x4000, 0x3ffe, 0x80000, 0x0, r6}, 0x0, 0x0)

13m37.845190084s ago: executing program 34 (id=154):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(0xffffffffffffffff, 0xc0e05403, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa2bb1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x5, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r4=>0x0]}, &(0x7f0000000240)=0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000100)={r4, 0x3}, 0x8)

13m15.544710176s ago: executing program 35 (id=177):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000080)={0x33}, 0x8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

10m27.635141438s ago: executing program 36 (id=385):
r0 = socket(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000040)=0x5002, 0x4)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000d00)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioperm(0x284, 0x7f, 0xe3)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000003c0)='ext4_ext_rm_idx\x00'}, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x400000000000000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000000010000081100000900000001000000", @ANYRES32, @ANYBLOB="000000080000008000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x3, r5}, 0x38)

6m59.48872544s ago: executing program 4 (id=908):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r0, 0x0, 0x3}, 0x18)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r1)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r1)
sendmsg$NL802154_CMD_NEW_INTERFACE(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000580)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000eeff110000000a0004007778616e3300000008001500", @ANYRES32, @ANYBLOB="080001"], 0x30}}, 0x0)

6m57.99932602s ago: executing program 4 (id=911):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f000009e680)=ANY=[@ANYBLOB="84000000", @ANYRES16=r3, @ANYBLOB="010000000000000000008100000008000300", @ANYRES32=r4, @ANYBLOB="0a0006000802110000010000060066008e880000520033"], 0x84}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

6m57.459423645s ago: executing program 4 (id=914):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r4, 0x0, 0x0, 0x2000000022, 0x0)
setsockopt$sock_int(r4, 0x1, 0x4b, &(0x7f0000000040)=0xfd87, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x50)
r5 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x1, 0x2)
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f00000005c0)=@userptr={0x1, 0x1, 0x4, 0x0, 0x3ff, {0x0, 0x2710}, {0x2, 0x2, 0x8, 0x6, 0x7, 0x0, "c3d4c279"}, 0x778, 0x2, {0x0}, 0xffffffff})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x400, 0x8)
recvmsg$kcm(r6, &(0x7f00000004c0)={&(0x7f0000000240), 0x80, &(0x7f0000000440)}, 0x40000027)
keyctl$read(0x1f, 0x0, 0x0, 0x0)

6m56.233210397s ago: executing program 37 (id=881):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
syz_open_dev$vim2m(0x0, 0xff, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x7bff, &(0x7f0000000180)={&(0x7f0000000140)=@delqdisc={0xfffffffffffffc9b}, 0x49d32d254ae22f79}}, 0x0)

6m51.241668138s ago: executing program 4 (id=924):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x1, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x7, 0x6, 0x81, '\x00', 0x3c})

6m47.407972917s ago: executing program 4 (id=931):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3002, 0x6, &(0x7f0000000000)=0xa636, 0x9, 0x0)
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
gettid()
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x9, 0x10, 0xffffffffffffffff, 0x31aad000)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f00000000c0)='./file0\x00', 0x20000002)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)

6m43.070692804s ago: executing program 4 (id=933):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r0=>0x0, 0x0})
close(r0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, 0x0, &(0x7f0000000240))
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)

6m26.901360384s ago: executing program 38 (id=933):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r0=>0x0, 0x0})
close(r0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, 0x0, &(0x7f0000000240))
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)

5m42.480937289s ago: executing program 6 (id=1037):
openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x20401)
select(0x40, &(0x7f0000000400)={0x9, 0x3, 0x80000000, 0x0, 0x7, 0x201}, 0x0, 0x0, 0x0)

5m41.085989516s ago: executing program 6 (id=1045):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1890ca4758823d0c1ae56bd1bb0000eeffffff000000000000001ea2fd5c180100002020702500000000002020207b0af8ff00000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x4, 0x6, &(0x7f0000000340)=ANY=[@ANYBLOB="b40800000000000073113200000000008510008002000000b7000000000000009500c20000e97dc4d100001200000000e28540826aacedf0136bfc8e12c454801382d5dce5acedf11f4154d8e2254f3cdd946c300538967ce42ec6935a5abb162e9ea0c5c0481f5613834f00b96298e2529f8241fdec764867bf6a7b670bbea2fdddd353765dbf70d9344ac80ca300dca4ad53a10e170e8f85ff69a8b41701513ac110951b49cbc91ed5458348dc45"], &(0x7f0000000080)='GPL\x00', 0x4}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000171, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
symlink(0x0, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x6, 0x9, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04132e01c8000d"], 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000280)="0bcd527675d7c78e4b19e0d848e024c94a", 0x11, 0x7ffffffe)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r4, &(0x7f0000000000), 0xd)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)

5m37.710921959s ago: executing program 6 (id=1047):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000041c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)
io_setup(0x84, 0x0)
ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000000380)={0x50, 0x0, r1, {0x7, 0x27, 0x0, 0x801001a, 0x66d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}, 0x50)
r5 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x3f4d}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0xc, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x842a}})
io_uring_enter(r5, 0xdb4, 0x0, 0x0, 0x0, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000240)=@filename='./file0/../file0/file0\x00', r2, 0x0)

5m36.482939311s ago: executing program 6 (id=1054):
openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x20401)
select(0x40, &(0x7f0000000400)={0x9, 0x3, 0x80000000, 0x0, 0x7, 0x201}, 0x0, 0x0, 0x0)

5m32.615728075s ago: executing program 6 (id=1059):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0xffffffffffffffff, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x80000004000000, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x4}, {0x0, [0x0, 0x61]}}, 0x0, 0x1c}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0xb, r3, 0x8, 0x0, 0x0, 0x14}, 0x94)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5m27.087085241s ago: executing program 8 (id=1065):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x20100, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000140))
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000080)={[{0x9, 0x7, 0xfd, 0x1c, 0x5, 0x2, 0x4d, 0x2, 0xf9, 0x1, 0x80, 0xc, 0x8000000000000000}, {0x6, 0x80, 0x8, 0xc4, 0x4, 0x7, 0x6, 0x3, 0x7, 0xff, 0x0, 0x7d}, {0xe2a5, 0x401, 0x1, 0x9, 0x2, 0x6, 0x8, 0xb, 0xff, 0x6, 0x56, 0x3, 0x100}]})

5m26.78833592s ago: executing program 6 (id=1066):
keyctl$set_timeout(0xf, 0x0, 0x101000)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x130}, 0x1, 0x0, 0x0, 0x8000}, 0x8880)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2c, 0x2, {0x0, 0x0, 0x0, 0x0, {0xc, 0x1}, {}, {0x8}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_IPV4_DST={0x8, 0x1d, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_FLOWER_KEY_ENC_IPV4_DST_MASK={0x8}]}}]}, 0x44}}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc01100, 0x0, 0x0, 0x0, 0x2)
socket$inet_smc(0x2b, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x30, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}], {0x14, 0x10}}, 0x78}}, 0x0)
mremap(&(0x7f0000724000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000290000/0x4000)=nil)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

5m25.355036501s ago: executing program 8 (id=1068):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
read$FUSE(r3, &(0x7f00000063c0)={0x2020}, 0x2020)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000009600004000"])

5m21.083358134s ago: executing program 8 (id=1072):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000600)={0x17})

5m16.965072366s ago: executing program 8 (id=1074):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x1104, 0x0, &(0x7f00000001c0), 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x1ff, 0x1, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
mkdir(0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f0000000040)=0x4)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000001000)={"db4c1421593cb4d3f8fe6094dc821bbbe06520701fc6de7b0349f34b0f8c556a9e9aff1355aab8d6da26d74608530f150f127f9e3f0a2f1fff0be9774c95d6c007c91903f78616596487bf50017c56b15385ab264cba5b168c62d971e67e6f3e73d60b5a8adbaaf2af8610c6a91c0a116f619adce4aa91d5a68faf8ee98693d32d8d8244381b5720ef596600e39491d216c22d0725904bab7d90fa8afb8fa04b707410aa300ef098609b4fa6dd77b1b7c321b1fc6356564ce3f90826be3a9a5be186ffc48eb13824e9dae77ed212a0f802074ff4f1725c4ad88cf5bbd36e3406bc59d96e82047631d8be9462ee7e54e5b2897c3fff38eabf67e1e160c2b5e18be06457844d89c9a606b7d25fbde713f4759da0bee1fabe3f71dcca63540f113a2b5edc4b327d1f9610377b97265d4aa875b4bc3c44bf8110d5df1beb1fe54794a0aa52dfc80df1caf7d812b4f1cdba1a6836b45ea2180d08439d411ce8e0755868cc839eaeac73e5d28f9f1990584038cf5fa6bee0c4095a27cc8c7b59519bf2a9bf1fedf54cc2dc6aea6c42c32de40c291e5f422f5c7792a08926af160fb379576dd81bac746232fb246817fc3248097914b75e83cc5eb518ce8fb643b34ca69c3b61f0d94e7db62dd480198d41e0862f1ec4429ab637569884a5ba446a0b09edfd986a2b3e15ee35bbd18610dad6271681ed240b0ffab9199b541013c0aadc36484da57511896c14776a41602aa1426edfbb828897d9c218b7936a0572840ebbc796e888a439b24e640324b511deb6ed0b2ce2f7567447826944b4f34101e492e8d20a2deda950e96e78f86d6d4c976f0c99041c94944309e6ce08d84a7c96677d570d9a57ec0506a4321d9e049b55be883ca3648c27772fc5dbaea5e6c2ded2ce72fb68989ae381fe1394cf6966ab04285d5ff8256bc2e85462b8d89aeeebd5432157c945b5dc1960d9282c6cc007fe029325d6078aef94d4954f956c71bcdf846f41392ebe0d3b289438d24ec4bc073617459a6b232445dd636a9f21140e14b162fd5ef1d626b0ff84884fd63d22cc1b05befb77ea937f3045cc15b125479b262c1e32fca75a5468423288c5776efee744b1fccb5e6d661d9d287cfa8582c96ea34a33c1bbc29c0035657da66a87150bbb885be5ee123e431fd793ea179a0fc77aaee66d874c0616cb32324826b36d0e27d14217ad1131cace3bae4ef82dfbc790e78de53a9bfbdb468bf0eb3ff134073b380858965de2d108862daf3fc6b49ad46f20832238aeaa5d010cf08e37938f0bb7bbeaa970c39ce9327a16fe07565708266ce9ef639bfa08538693b456228aa1c370d64ef9795b7cc208a2c528d381a042d149ed5c7f34ed26a7d5a4401b86434f054389e5dac7a4ee896e406d7b27240d925d478e0eb2202797832d3e2c74f4925ad58377b0d6ae9b97034f94"})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x9, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)

5m16.175000643s ago: executing program 8 (id=1077):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
fcntl$dupfd(r0, 0x406, r0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000182000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x43, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r1, 0x0)
openat$sysfs(0xffffff9c, &(0x7f0000000200)='/sys/kernel/notes', 0x0, 0x90)

5m12.738066313s ago: executing program 8 (id=1080):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0)
ioctl$RTC_ALM_SET(r3, 0x40247007, &(0x7f00000002c0)={0x14, 0x10, 0x3, 0xb, 0x4, 0x2, 0x3, 0x84, 0x1})
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, 0x0, 0x0)
socket(0x1e, 0x5, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000140)={0x7, 0x1, 0x2})
ioctl$vim2m_VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000002dc0)=@multiplanar_userptr={0x0, 0x1, 0x4, 0x0, 0x7, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, "488dc807"}, 0x1004, 0x2, {0x0}, 0x10000003})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xfffffffffffffe15)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=@newsa={0x10c, 0x1a, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2}, {0x0, 0x200000, 0x7}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}, @etimer_thresh={0x8, 0xc, 0x3}]}, 0x10c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)

5m9.641719605s ago: executing program 39 (id=1066):
keyctl$set_timeout(0xf, 0x0, 0x101000)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x130}, 0x1, 0x0, 0x0, 0x8000}, 0x8880)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2c, 0x2, {0x0, 0x0, 0x0, 0x0, {0xc, 0x1}, {}, {0x8}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_IPV4_DST={0x8, 0x1d, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_FLOWER_KEY_ENC_IPV4_DST_MASK={0x8}]}}]}, 0x44}}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc01100, 0x0, 0x0, 0x0, 0x2)
socket$inet_smc(0x2b, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x30, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}], {0x14, 0x10}}, 0x78}}, 0x0)
mremap(&(0x7f0000724000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000290000/0x4000)=nil)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

4m57.447435524s ago: executing program 40 (id=1080):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0)
ioctl$RTC_ALM_SET(r3, 0x40247007, &(0x7f00000002c0)={0x14, 0x10, 0x3, 0xb, 0x4, 0x2, 0x3, 0x84, 0x1})
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, 0x0, 0x0)
socket(0x1e, 0x5, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000140)={0x7, 0x1, 0x2})
ioctl$vim2m_VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000002dc0)=@multiplanar_userptr={0x0, 0x1, 0x4, 0x0, 0x7, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, "488dc807"}, 0x1004, 0x2, {0x0}, 0x10000003})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xfffffffffffffe15)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=@newsa={0x10c, 0x1a, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2}, {0x0, 0x200000, 0x7}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}, @etimer_thresh={0x8, 0xc, 0x3}]}, 0x10c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)

4m6.829379013s ago: executing program 9 (id=1182):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000007000000e27f"], 0x50)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='virtio_transport_alloc_pkt\x00', r0}, 0x18)
socket$kcm(0xa, 0x1, 0x106)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)

4m6.220362053s ago: executing program 9 (id=1185):
r0 = socket$netlink(0x10, 0x3, 0x15)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000", 0x36}], 0x1)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r0)

4m0.329245139s ago: executing program 9 (id=1188):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1890ca4758823d0c1ae56bd1bb0000eeffffff000000000000001ea2fd5c180100002020702500000000002020207b0af8ff00000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x4, 0x6, &(0x7f0000000340)=ANY=[@ANYBLOB="b40800000000000073113200000000008510008002000000b7000000000000009500c20000e97dc4d100001200000000e28540826aacedf0136bfc8e12c454801382d5dce5acedf11f4154d8e2254f3cdd946c300538967ce42ec6935a5abb162e9ea0c5c0481f5613834f00b96298e2529f8241fdec764867bf6a7b670bbea2fdddd353765dbf70d9344ac80ca300dca4ad53a10e170e8f85ff69a8b41701513ac110951b49cbc91ed5458348dc45"], &(0x7f0000000080)='GPL\x00', 0x4}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000171, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x6, 0x9, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04132e01c8000d"], 0x8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000800)={{0x1, 0x1, 0x18, r4, {0x3ff}}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'})
pwrite64(0xffffffffffffffff, &(0x7f0000000280)="0bcd527675d7c78e4b19e0d848e024c94a", 0x11, 0x7ffffffe)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r5, &(0x7f0000000000), 0xd)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)

3m57.149085828s ago: executing program 9 (id=1193):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000007000000e27f"], 0x50)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='virtio_transport_alloc_pkt\x00', r0}, 0x18)
socket$kcm(0xa, 0x1, 0x106)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)

3m56.637840655s ago: executing program 9 (id=1196):
r0 = socket$netlink(0x10, 0x3, 0x15)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000", 0x36}], 0x1)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), r0)

3m56.058732718s ago: executing program 9 (id=1197):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=0x1, @ANYBLOB="00000000000000000000000000000000000000009b59d139f2c6b63ac7ca005f4ef945ede190237c04", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0x3ff, r1}, 0x38)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x0, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x551f}, 0x94)
syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x8, 0x0, 0x21e}, 0x0, 0x0)
syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001200)=[0x0], 0x1}, 0x58)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r4, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r6, {r2}}, './file0\x00'})
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r9, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r10=>0x0}, &(0x7f00000010c0)=0x8)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r8, 0x84, 0x1a, &(0x7f0000000480)={r10}, &(0x7f0000000040)=0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xc, 0x1c, &(0x7f0000000380)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1b}}, {}, [@snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x5}, {0x3, 0x3, 0x6, 0xa, 0xa}, {0x5, 0x1, 0xb, 0x8, 0xa, 0x4}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x0}, {}, {0x18, 0x2, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x2}, {0x46, 0x0, 0x0, 0x76}}], {{}, {0x6, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c0}, 0x94)

3m40.518599499s ago: executing program 41 (id=1197):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=0x1, @ANYBLOB="00000000000000000000000000000000000000009b59d139f2c6b63ac7ca005f4ef945ede190237c04", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0x3ff, r1}, 0x38)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x0, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x551f}, 0x94)
syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x8, 0x0, 0x21e}, 0x0, 0x0)
syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001200)=[0x0], 0x1}, 0x58)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r4, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r6, {r2}}, './file0\x00'})
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r9, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r10=>0x0}, &(0x7f00000010c0)=0x8)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r8, 0x84, 0x1a, &(0x7f0000000480)={r10}, &(0x7f0000000040)=0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xc, 0x1c, &(0x7f0000000380)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1b}}, {}, [@snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x5}, {0x3, 0x3, 0x6, 0xa, 0xa}, {0x5, 0x1, 0xb, 0x8, 0xa, 0x4}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x0}, {}, {0x18, 0x2, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x2}, {0x46, 0x0, 0x0, 0x76}}], {{}, {0x6, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c0}, 0x94)

3m21.546319031s ago: executing program 1 (id=1243):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$vbi(0x0, 0x2, 0x2)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x81, r2}, 0x38)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0xfffffffffffffffc, 0x0, 0x111, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r3, &(0x7f00000000c0)={0x12, 0x10, 0xfa00, {&(0x7f0000000040), 0xffffffffffffffff, r3}}, 0x18)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'geneve1\x00', 0x2000})
ioctl$PPPIOCSMRU1(0xffffffffffffffff, 0x40047452, &(0x7f0000000240))
r4 = fsopen(0x0, 0x0)
bpf$MAP_DELETE_BATCH(0x1b, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000180)={[{@userxattr}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x40000, 0x0)

3m16.841420049s ago: executing program 1 (id=1245):
r0 = eventfd(0x2)
write$eventfd(r0, &(0x7f00000000c0)=0xfffffffffffffffe, 0x8)
ppoll(&(0x7f0000000000)=[{r0, 0x1040}], 0x1, 0x0, 0x0, 0x0)

3m15.671661373s ago: executing program 1 (id=1249):
mprotect(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x1)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

3m15.157792483s ago: executing program 1 (id=1251):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={'syzkaller1\x00', {0x2, 0x4e22, @broadcast}})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20000040)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2/binder1\x00', 0x800, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001740)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x4008004)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000180)=[{}, {}], 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
getresuid(&(0x7f0000000380), 0x0, &(0x7f0000000400)=<r3=>0x0)
fchown(r2, r3, 0x0)

3m10.410631365s ago: executing program 1 (id=1257):
r0 = eventfd(0x2)
write$eventfd(r0, &(0x7f00000000c0)=0xfffffffffffffffe, 0x8)
ppoll(&(0x7f0000000000)=[{r0, 0x1040}], 0x1, 0x0, 0x0, 0x0)

3m7.522809506s ago: executing program 1 (id=1264):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
unshare(0x26020480)
socket(0x10, 0x80002, 0x2)
r4 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io$printer(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TCSETSW2(r3, 0x80047456, &(0x7f0000000040)={0x3, 0xb, 0xfffffffe, 0x7fffffff, 0x0, "23f555d9adb42d4408020e90d1beaa82dc1ecf", 0xffffffff})

2m52.172393273s ago: executing program 42 (id=1264):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
unshare(0x26020480)
socket(0x10, 0x80002, 0x2)
r4 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io$printer(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TCSETSW2(r3, 0x80047456, &(0x7f0000000040)={0x3, 0xb, 0xfffffffe, 0x7fffffff, 0x0, "23f555d9adb42d4408020e90d1beaa82dc1ecf", 0xffffffff})

9.524436139s ago: executing program 0 (id=1731):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f000009e680)=ANY=[@ANYRES16=r3, @ANYBLOB="010000000000000000008100000008000300", @ANYRES32=r4, @ANYBLOB="0a0006000802110000010000060066008e880000520033"], 0x84}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

9.239706373s ago: executing program 2 (id=1733):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x309})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f000057c000/0x2000)=nil, 0x2000}, 0x1})
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
readv(r0, &(0x7f0000000200), 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

9.056037489s ago: executing program 7 (id=1735):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x80000000, 0x20000006, 0x4d, 0x6, 0x5d, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x7, 0x0, 0xffffffff, 0xe661, 0x629, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8c, 0x6, 0x10002, 0x0, 0x5, 0x4, 0x8008, 0x400, 0x2, 0x0, 0x5, 0x6, 0x8, 0x7, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x2008004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2c0, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f2e, 0xd, 0x4e2, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x7c9d, 0x9, 0x8, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x7, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xca, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x93a, 0x5, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x2000004, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0xfffffff9, 0xfffff000, 0x10000, 0x0, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x5, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0x1000]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

8.8048932s ago: executing program 0 (id=1736):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040880}, 0x20040000)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x3, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x8e}, @jmp={0x5, 0x0, 0x9}], 0x0}, 0x94)
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x88983, 0x0)
ioctl$TCXONC(r5, 0x540a, 0x2)
ioctl$TIOCSPTLCK(r5, 0x40045431, &(0x7f0000000000))
ioctl$TIOCPKT(r5, 0x5420, &(0x7f0000000200)=0x1b)
r6 = ioctl$TIOCGPTPEER(r5, 0x5441, 0x3)
ppoll(&(0x7f0000000100)=[{r5, 0x2000}], 0x1, 0x0, 0x0, 0x0)
ioctl$TCXONC(r6, 0x540a, 0x2)
r7 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r7, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)

8.657271979s ago: executing program 3 (id=1737):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000280)="32780f64398323756224d03ac5cb3838e854cf6fe7e38c09daa0e768", 0x1c, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr\x00', 0x4)
r1 = gettid()
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
shutdown(r0, 0x1)

8.517017668s ago: executing program 7 (id=1738):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c310001001000000950074000000000031fb0d3a42319fa204399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b60ac5ea9fca11027d19e93adb603deb92de3141e8fd7ac5b87a2070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba5fc4a5a17d103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x0, 0x42, &(0x7f0000002340)={'HL\x00'}, &(0x7f0000002380)=0x1e)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0), 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000240)={0x0})
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x800, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_int(r2, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e24, 0x3, @ipv4={'\x00', '\xff\xff', @local}, 0x40004}, 0x1c)
connect$inet6(r2, &(0x7f0000000440)={0xa, 0xfffe, 0x380000, @empty, 0x401}, 0x1c)
syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000016001000071b48013d030100000000000f02000000000000bc26100000000000bf67200000000000160200000fff07006702000007000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00'}, 0x48)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)

8.093486342s ago: executing program 2 (id=1740):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
prctl$PR_SET_TIMERSLACK(0x1d, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, &(0x7f0000000000), 0x0}, 0x20)
pipe2$9p(0x0, 0x80000)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4)
ioctl$SIOCAX25ADDUID(r3, 0x89e1, &(0x7f0000000080)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xee01})

5.506961514s ago: executing program 0 (id=1741):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYBLOB="1011935784800000140003006e657464657673696d300000000000001400142a4a6de5677265746170300000000000001800168014000180100002"], 0x60}, 0x1, 0x0, 0x0, 0x20000084}, 0x4800)

5.124224625s ago: executing program 5 (id=1742):
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet(0xa, 0x801, 0x84)
listen(r1, 0x8)
socket$inet(0xa, 0x801, 0x84)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

4.612620129s ago: executing program 0 (id=1743):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}], 0x1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a42, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r8 = dup(r7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r8, 0x2000)
ioctl$KVM_PRE_FAULT_MEMORY(r6, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x31c000})
listen(r3, 0x0)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000300)=@in6={0xa, 0x4e21, 0x401, @loopback, 0x4}, 0x80, 0x0}, 0x20000090)
writev(r2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e0502460c"], 0x8)

4.535035031s ago: executing program 3 (id=1744):
mount(&(0x7f0000000000)=@sg0, &(0x7f00000000c0)='.\x00', 0x0, 0x21800a, 0x0)
unshare(0x28000600)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x3000003, 0x204031, 0xffffffffffffffff, 0xffffd000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_io_uring_setup(0x151, &(0x7f0000000140)={0x0, 0xa206, 0x400, 0x43, 0x26}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000ffd000/0x3000)=nil)
munlockall()

4.242408996s ago: executing program 5 (id=1745):
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bf"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x18)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r2 = syz_open_dev$swradio(&(0x7f00000000c0), 0x0, 0x2)
pread64(r2, &(0x7f0000000400)=""/42, 0x2a, 0x0)

3.61228253s ago: executing program 2 (id=1746):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f000009e680)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="010000000000000000008100000008000300", @ANYRES32=r4, @ANYBLOB="0a0006000802110000010000060066008e880000520033"], 0x84}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

3.610510476s ago: executing program 7 (id=1747):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket(0x15, 0x5, 0x0)
connect$netrom(r1, &(0x7f00000000c0)={{0xa, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x2}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={0x0, @initdev, @remote}, &(0x7f0000000100)=0xc)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0)
bind$xdp(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000480)={r0, 0x0, 0x8, 0x0, &(0x7f00000003c0)="b44d45493980760f", 0x0, 0x8, 0x0, 0x78, 0x0, &(0x7f0000000400)="e35f219963e81733a6bdf1b5fe66343bb35e525675428f2c93023d84fdf894322717e0ec3de68118340e20d52f2dc376c120c488e2736f4b889669315f1d03f89fb71b24ef01e5d8a2a25ae0ff46a1b035f3d912453d5fab5a9b0c222d819353a530f6a06e26a2dfc87a4a95481a3aec7ec32c61c3d82a45", 0x0, 0x2, 0x0, 0x2}, 0x50)

2.990850104s ago: executing program 3 (id=1748):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x80000000, 0x20000006, 0x4d, 0x6, 0x5d, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x7, 0x0, 0xffffffff, 0xe661, 0x629, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8c, 0x6, 0x10002, 0x0, 0x5, 0x4, 0x8008, 0x400, 0x2, 0x0, 0x5, 0x6, 0x8, 0x7, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x2008004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2c0, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f2e, 0xd, 0x4e2, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x7c9d, 0x9, 0x8, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x7, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xca, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x93a, 0x5, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x2000004, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0xfffffff9, 0xfffff000, 0x10000, 0x0, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x5, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0x1000]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

2.954301385s ago: executing program 5 (id=1749):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x89f1, &(0x7f0000000340)={'ip6tnl0\x00', &(0x7f00000001c0)=@ethtool_cmd={0x2e, 0x100008, 0x0, 0x8, 0xf, 0x3, 0x3, 0xfc, 0x0, 0x1, 0x0, 0x4000000, 0x0, 0xff, 0x0, 0xfffffeff}})
mmap$xdp(&(0x7f0000016000/0x4000)=nil, 0x4000, 0x700000d, 0x811, r1, 0x180000000)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r5, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r6 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x2, 0x6, 0x2, 0x0, 0x2, 0x0, 0x2}, 0x10}}, 0x0)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffff, @empty, 0x5}, 0x1c)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x24, 0x29, 0xa19702d202eff97b, 0x4001, 0xfff7fdfc, {0x0, 0x0, 0x0, r8, {0xb}, {0xffff}, {0x4, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000dfffffff02000000185100007912a5f1180ab72f4dfd5041cf1ac515f508358c7b78c7ef", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf090000"], &(0x7f0000000000)='GPL\x00', 0xf, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r9 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$TIPC_GROUP_JOIN(r9, 0x10f, 0x87, &(0x7f0000000080), &(0x7f00000000c0)=0x4)

2.792162663s ago: executing program 0 (id=1750):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x309})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f000057c000/0x2000)=nil, 0x2000}, 0x1})
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
readv(r0, &(0x7f0000000200), 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

2.740880407s ago: executing program 2 (id=1751):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket(0x10, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000180)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r1, @empty, @multicast1}}}], 0x20}}], 0x1, 0x4880)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd4242"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2.546884475s ago: executing program 7 (id=1752):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
open(&(0x7f0000000080)='./bus\x00', 0x800, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)=r5}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x56, &(0x7f0000000300)={@broadcast, @remote, @void, {@canfd={0xd, {{0x3}, 0x1a, 0x1, 0x0, 0x0, "a9d42be8a1d323f3736f0940283545370b12dac31e1cd94a75028bf2bb6582669ffdfddfcb0caa87e4e654c9489a1e138eb3bb143fd1ebb11c9340032821b6e7"}}}}, 0x0)

2.546518577s ago: executing program 3 (id=1753):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYBLOB="1011935784800000140003006e657464657673696d300000000000001400142a4a6de5677265746170300000000000001800168014000180100002"], 0x60}, 0x1, 0x0, 0x0, 0x20000084}, 0x4800)

2.117970944s ago: executing program 3 (id=1754):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000280)="32780f64398323756224d03ac5cb3838e854cf6fe7e38c09daa0e768", 0x1c, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr\x00', 0x4)
r1 = gettid()
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
shutdown(r0, 0x1)

2.011074005s ago: executing program 5 (id=1755):
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet(0xa, 0x801, 0x84)
listen(r1, 0x8)
socket$inet(0xa, 0x801, 0x84)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

1.813346205s ago: executing program 7 (id=1756):
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000080)={0x0, 0x1, 0x0, &(0x7f00000009c0)=""/251, 0x0, 0x4000})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(0xffffffffffffffff, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x70, 0x0, 0xf2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f1, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6d1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe02e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xcf, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x4, 0x7, 0x800, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4000000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0xd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x789], 0x1, 0x400})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x23}, 0x800, 0x0, 0x2, 0x1, 0x80, 0x7}, 0x20)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
socket(0x2b, 0x1, 0x1)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)={0x114, 0x14, 0x601, 0x3, 0x0, {0x2b, 0x4}, [@INET_DIAG_REQ_BYTECODE={0x100, 0x1, "c1270e817820b7b2e98e8a83752befb6f4e2f12c162bb45a5a525a7b436980a77c62bee721e86351aff27a316e2bc0dc6e1192a2a224a278f974cb1b59602a3d50faaca32fa8738c9c6cd493657dd5c54fadb9b6f0e2212f8ad9676924f9cbdeac7e4ac2051afac2fad8255b15176b98ba2a2350b13c81911f4f2fd7bc58092c2eff935ff1f577295620373dd8cafce31ce8b516709056793b0c8c78a47ed4d615c009aaf5b1bfd85418a601bc73bb3c62fd416e6b9d2f29160f82687b78ec57e3f3a9a6d5478e1a940822867935ad931a4bf4aa201245a800fd740c34dcf1cb71e38e1961c3e708d68a8212fcedfb15046fca3b08614943819dfb4f"}]}, 0x114}, 0x1, 0x0, 0x0, 0x4050}, 0x4000)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000007000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = fanotify_init(0x4000, 0x0)
fanotify_mark(r5, 0x22, 0x28, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x5, 0x7, 0xe51, 0x1, 0x5479, 0x103d, 0x6, 0x0, 0x32a, 0xfffffffffffffffe, 0xffffffff, 0x1, 0x40000000009, 0x5, 0x6a], 0x2000, 0x808d6})
write$rfkill(0xffffffffffffffff, &(0x7f0000000000)={0x3, 0x2, 0x0, 0x0, 0x1}, 0x8)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000013c0)={0xffffffffffffffff, 0xa, {0x0, 0x0, 0x0, 0x5, 0x8000, 0x0, 0x4, 0x1f, 0x10, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "143939c787a16c1ca43f80026d1a8554fe581b59dee430e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d200", "24431a1e77a68e17000000040008000000000000000000e5e900", [0x83]}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.729075443s ago: executing program 0 (id=1757):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000b00007910000000000000c310001001000000950074000000000031fb0d3a42319fa204399d17d34e075fdcda533ab1aa71ab1d764152e6cb25dadc7ded5dbe11b60ac5ea9fca11027d19e93adb603deb92de3141e8fd7ac5b87a2070213cdfdc5d6c4890cdeb50347c32060581172b94c6ba22a2b58eb6cbad46ed6e7965a2ba5fc4a5a17d103b0b36f790bb41931f9a3d4dd127c1b4e49f7468f5e603950c"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x0, 0x42, &(0x7f0000002340)={'HL\x00'}, &(0x7f0000002380)=0x1e)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0), 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000240)={0x0})
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000200)={@private0, 0x800, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_int(r2, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e24, 0x3, @ipv4={'\x00', '\xff\xff', @local}, 0x40004}, 0x1c)
connect$inet6(r2, &(0x7f0000000440)={0xa, 0xfffe, 0x380000, @empty, 0x401}, 0x1c)
syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000016001000071b48013d030100000000000f02000000000000bc26100000000000bf67200000000000160200000fff07006702000007000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00'}, 0x48)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)

1.311051487s ago: executing program 5 (id=1758):
mount(&(0x7f0000000000)=@sg0, &(0x7f00000000c0)='.\x00', 0x0, 0x21800a, 0x0)
unshare(0x28000600)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x3000003, 0x204031, 0xffffffffffffffff, 0xffffd000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_io_uring_setup(0x151, &(0x7f0000000140)={0x0, 0xa206, 0x400, 0x43, 0x26}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000ffd000/0x3000)=nil)
munlockall()

1.148598624s ago: executing program 2 (id=1759):
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bf"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x18)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r2 = syz_open_dev$swradio(&(0x7f00000000c0), 0x0, 0x2)
pread64(r2, &(0x7f0000000400)=""/42, 0x2a, 0x0)

619.746635ms ago: executing program 3 (id=1760):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}], 0x1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a42, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r8 = dup(r7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r8, 0x2000)
ioctl$KVM_PRE_FAULT_MEMORY(r6, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x31c000})
listen(r3, 0x0)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000300)=@in6={0xa, 0x4e21, 0x401, @loopback, 0x4}, 0x80, 0x0}, 0x20000090)
writev(r2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e0502460c"], 0x8)

127.475394ms ago: executing program 7 (id=1761):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000093c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2026012, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x50)
syz_fuse_handle_req(r0, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r2, 0x0, 0x0)
openat(r2, &(0x7f0000000000)='./file0\x00', 0x4600, 0x1)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0})

249.95µs ago: executing program 2 (id=1762):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket(0x15, 0x5, 0x0)
connect$netrom(r1, &(0x7f00000000c0)={{0xa, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x2}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={0x0, @initdev, @remote}, &(0x7f0000000100)=0xc)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0)
bind$xdp(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000480)={r0, 0x0, 0x8, 0x0, &(0x7f00000003c0)="b44d45493980760f", 0x0, 0x8, 0x0, 0x78, 0x0, &(0x7f0000000400)="e35f219963e81733a6bdf1b5fe66343bb35e525675428f2c93023d84fdf894322717e0ec3de68118340e20d52f2dc376c120c488e2736f4b889669315f1d03f89fb71b24ef01e5d8a2a25ae0ff46a1b035f3d912453d5fab5a9b0c222d819353a530f6a06e26a2dfc87a4a95481a3aec7ec32c61c3d82a45", 0x0, 0x2, 0x0, 0x2}, 0x50)

0s ago: executing program 5 (id=1763):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x0, 0xfff3}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
readv(r1, &(0x7f0000000600)=[{&(0x7f0000000200)=""/131, 0x83}], 0x1)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@delchain={0x2c, 0x66, 0x221, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff3}, {}, {0xb, 0xfff3}}, [@TCA_CHAIN={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

kernel console output (not intermixed with test programs):

T8748]  ? security_bpf+0x88/0x620
[  626.144110][ T8748]  ? _copy_from_user+0xcb/0x100
[  626.149437][ T8748]  __sys_bpf+0x7f4/0xed0
[  626.153982][ T8748]  __x64_sys_bpf+0xa4/0xf0
[  626.158945][ T8748]  x64_sys_call+0x3550/0x3e20
[  626.163949][ T8748]  do_syscall_64+0xd9/0x210
[  626.168871][ T8748]  ? irqentry_exit+0x16/0x60
[  626.173731][ T8748]  ? clear_bhb_loop+0x40/0x90
[  626.178890][ T8748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  626.185047][ T8748] RIP: 0033:0x7f41ff58ebe9
[  626.189836][ T8748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  626.214229][ T8748] RSP: 002b:00007f4200351038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  626.224373][ T8748] RAX: ffffffffffffffda RBX: 00007f41ff7b6180 RCX: 00007f41ff58ebe9
[  626.232704][ T8748] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  626.241052][ T8748] RBP: 00007f41ff611e19 R08: 0000000000000000 R09: 0000000000000000
[  626.249375][ T8748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  626.257619][ T8748] R13: 00007f41ff7b6218 R14: 00007f41ff7b6180 R15: 00007ffeaaa46998
[  626.265833][ T8748]  </TASK>
[  626.269087][ T8748] ---[ end trace 0000000000000000 ]---
[  630.600686][ T5823] Bluetooth: hci4: unexpected event for opcode 0x0c46
[  632.722872][   T24] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  633.199293][ T8809] bridge1: entered promiscuous mode
[  633.204849][ T8809] bridge1: entered allmulticast mode
[  633.230250][ T8809] team0: Port device bridge1 added
[  633.920750][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  633.933294][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  633.943577][   T24] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  633.953062][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  634.211195][ T8799] sit0: left promiscuous mode
[  634.216089][ T8799] sit0: left allmulticast mode
[  634.394074][   T24] usb 5-1: config 0 descriptor??
[  635.163254][   T24] usbhid 5-1:0.0: can't add hid device: -32
[  635.170509][   T24] usbhid 5-1:0.0: probe with driver usbhid failed with error -32
[  635.323079][ T8799] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  636.554905][ T1914] usb 5-1: USB disconnect, device number 9
[  642.188350][ T2003] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  643.865541][ T2003] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  643.877675][ T2003] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  643.889305][ T2003] usb 10-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  643.899123][ T2003] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  645.104969][ T2003] usb 10-1: config 0 descriptor??
[  645.399292][ T2003] usb 10-1: can't set config #0, error -71
[  645.415636][ T2003] usb 10-1: USB disconnect, device number 3
[  651.640241][ T5823] Bluetooth: hci5: command 0x0406 tx timeout
[  654.337975][ T2003] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  654.620339][ T2003] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  654.631925][ T2003] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  654.642532][ T2003] usb 9-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  654.652010][ T2003] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  655.587011][ T2003] usb 9-1: config 0 descriptor??
[  658.001527][ T2003] usb 9-1: can't set config #0, error -71
[  658.022608][ T2003] usb 9-1: USB disconnect, device number 8
[  658.442774][ T8953] netlink: 8 bytes leftover after parsing attributes in process `syz.8.727'.
[  660.332871][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  660.340398][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  665.287761][ T8999] capability: warning: `syz.8.742' uses 32-bit capabilities (legacy support in use)
[  674.063129][ T9075] IPVS: set_ctl: invalid protocol: 2 10.1.1.2:0
[  678.150189][ T9105] IPVS: set_ctl: invalid protocol: 2 10.1.1.2:0
[  691.891165][ T9185] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  691.900714][ T9185] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  698.670228][ T9211] IPVS: set_ctl: invalid protocol: 2 10.1.1.2:0
[  700.143438][ T9214] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[  700.775948][ T9223] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  700.785467][ T9223] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  703.591433][ T9242] netdevsim netdevsim8: Direct firmware load for � failed with error -2
[  703.600552][ T9242] netdevsim netdevsim8: Falling back to sysfs fallback for: �
[  703.650065][ T9241] IPVS: set_ctl: invalid protocol: 2 10.1.1.2:0
[  704.483068][ T5817] Bluetooth: hci1: unexpected event for opcode 0x0c46
[  705.430751][ T9260] overlayfs: missing 'lowerdir'
[  706.537303][ T9278] IPVS: set_ctl: invalid protocol: 2 10.1.1.2:0
[  707.588315][ T5817] Bluetooth: hci2: unexpected event for opcode 0x0c46
[  707.857111][ T9291] netdevsim netdevsim6: Direct firmware load for � failed with error -2
[  707.866136][ T9291] netdevsim netdevsim6: Falling back to sysfs fallback for: �
[  710.661671][ T9304] overlayfs: missing 'lowerdir'
[  710.737378][ T9307] loop6: detected capacity change from 0 to 7
[  710.772996][ T9307] Dev loop6: unable to read RDB block 7
[  710.779314][ T9307]  loop6: unable to read partition table
[  710.828913][ T9307] loop6: partition table beyond EOD, truncated
[  710.835557][ T9307] loop_reread_partitions: partition scan of loop6 (�被x������ ) failed (rc=-5)
[  711.048739][ T9309] IPVS: stopping backup sync thread 9310 ...
[  711.687184][ T9316] IPVS: set_ctl: invalid protocol: 2 10.1.1.2:0
[  715.692605][ T5817] Bluetooth: hci1: unexpected event for opcode 0x0c46
[  715.871934][ T9337] netdevsim netdevsim8: Direct firmware load for � failed with error -2
[  715.881783][ T9337] netdevsim netdevsim8: Falling back to sysfs fallback for: �
[  717.245515][ T9349] loop6: detected capacity change from 0 to 7
[  717.284485][ T9349] Dev loop6: unable to read RDB block 7
[  717.290878][ T9349]  loop6: unable to read partition table
[  717.312216][ T9349] loop6: partition table beyond EOD, truncated
[  717.319120][ T9349] loop_reread_partitions: partition scan of loop6 (�被x������ ) failed (rc=-5)
[  721.419039][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  721.425917][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  722.166107][ T9381] netdevsim netdevsim6: Direct firmware load for � failed with error -2
[  722.175236][ T9381] netdevsim netdevsim6: Falling back to sysfs fallback for: �
[  722.760358][ T5817] Bluetooth: hci0: unexpected event for opcode 0x0c46
[  723.675397][ T9394] F2FS-fs (loop17): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  723.684051][ T9394] F2FS-fs (loop17): Can't find valid F2FS filesystem in 1th superblock
[  723.710496][ T9394] F2FS-fs (loop17): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  723.719175][ T9394] F2FS-fs (loop17): Can't find valid F2FS filesystem in 2th superblock
[  728.794301][ T9417] netdevsim netdevsim8: Direct firmware load for � failed with error -2
[  728.803146][ T9417] netdevsim netdevsim8: Falling back to sysfs fallback for: �
[  728.819926][ T9416] netlink: 1688 bytes leftover after parsing attributes in process `syz.4.897'.
[  730.119863][ T5817] Bluetooth: hci1: unexpected event for opcode 0x0c46
[  733.269165][ T9448] netlink: 'syz.4.908': attribute type 4 has an invalid length.
[  733.821385][ T9453] netlink: 1688 bytes leftover after parsing attributes in process `syz.8.910'.
[  737.944903][ T5817] Bluetooth: hci2: unexpected event for opcode 0x0c46
[  738.348036][ T5823] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  738.364418][ T5823] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  738.378663][ T5823] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  738.411731][ T5823] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  738.431006][ T5823] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  739.174511][ T5823] Bluetooth: hci5: unexpected cc 0x0809 length: 68 > 4
[  739.181718][ T5823] Bluetooth: hci5: unexpected event for opcode 0x0809
[  740.410107][ T9493] netlink: 1688 bytes leftover after parsing attributes in process `syz.8.923'.
[  740.598776][ T5823] Bluetooth: hci3: command tx timeout
[  743.587627][ T5823] Bluetooth: hci3: command tx timeout
[  744.002478][ T9482] chnl_net:caif_netlink_parms(): no params data found
[  745.669240][ T5823] Bluetooth: hci3: command tx timeout
[  747.717791][ T5823] Bluetooth: hci3: command tx timeout
[  748.605459][ T5823] Bluetooth: hci5: unexpected event for opcode 0x0c46
[  749.489408][ T9540] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  749.938032][ T9482] bridge0: port 1(bridge_slave_0) entered blocking state
[  749.945622][ T9482] bridge0: port 1(bridge_slave_0) entered disabled state
[  749.954500][ T9482] bridge_slave_0: entered allmulticast mode
[  749.963292][ T9482] bridge_slave_0: entered promiscuous mode
[  750.022978][ T9482] bridge0: port 2(bridge_slave_1) entered blocking state
[  750.031160][ T9482] bridge0: port 2(bridge_slave_1) entered disabled state
[  750.039281][ T9482] bridge_slave_1: entered allmulticast mode
[  750.048162][ T9482] bridge_slave_1: entered promiscuous mode
[  750.426596][ T9482] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  750.499352][ T9482] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  750.738020][ T9482] team0: Port device team_slave_0 added
[  750.821291][ T9482] team0: Port device team_slave_1 added
[  753.595015][ T9482] batman_adv: batadv0: Adding interface: batadv_slave_0
[  753.602302][ T9482] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  753.629552][ T9482] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  753.787215][ T9482] batman_adv: batadv0: Adding interface: batadv_slave_1
[  753.802468][ T9482] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  753.830121][ T9482] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  754.092064][ T9482] hsr_slave_0: entered promiscuous mode
[  754.107702][ T9482] hsr_slave_1: entered promiscuous mode
[  754.115441][ T9482] debugfs: 'hsr0' already exists in 'hsr'
[  754.121429][ T9482] Cannot create hsr debugfs directory
[  755.418776][ T9568] IPVS: set_ctl: invalid protocol: 2 10.1.1.2:0
[  756.200174][ T5823] Bluetooth: hci1: unexpected event for opcode 0x0c46
[  760.327639][ T9482] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  760.356871][ T9482] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  760.400919][ T9482] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  760.519659][ T9482] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  760.674796][ T9598] netlink: 8 bytes leftover after parsing attributes in process `syz.8.952'.
[  760.684011][ T9598] netlink: 8 bytes leftover after parsing attributes in process `syz.8.952'.
[  763.312605][ T9607] IPVS: set_ctl: invalid protocol: 2 10.1.1.2:0
[  764.513436][ T9482] 8021q: adding VLAN 0 to HW filter on device bond0
[  764.609839][ T9482] 8021q: adding VLAN 0 to HW filter on device team0
[  764.660440][ T2984] bridge0: port 1(bridge_slave_0) entered blocking state
[  764.668187][ T2984] bridge0: port 1(bridge_slave_0) entered forwarding state
[  764.777499][ T2984] bridge0: port 2(bridge_slave_1) entered blocking state
[  764.785059][ T2984] bridge0: port 2(bridge_slave_1) entered forwarding state
[  765.730723][ T5823] Bluetooth: hci1: unexpected event for opcode 0x0c46
[  766.352843][ T5817] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  766.363085][ T5817] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  766.374059][ T5817] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  766.394660][ T5817] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  766.411735][ T5817] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  767.715376][ T9627] chnl_net:caif_netlink_parms(): no params data found
[  767.798977][ T2003] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  768.086790][ T2003] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  768.098504][ T2003] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  768.108873][ T2003] usb 10-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  768.118333][ T2003] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  768.608714][ T5817] Bluetooth: hci4: command tx timeout
[  768.777558][ T2003] usb 10-1: config 0 descriptor??
[  769.608075][ T9482] 8021q: adding VLAN 0 to HW filter on device batadv0
[  770.685094][ T5817] Bluetooth: hci4: command tx timeout
[  771.318987][ T2003] usbhid 10-1:0.0: can't add hid device: -71
[  771.325782][ T2003] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  771.344777][ T9482] veth0_vlan: entered promiscuous mode
[  771.369367][ T9652] program syz.6.966 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  771.520505][ T9482] veth1_vlan: entered promiscuous mode
[  771.869087][ T2003] usb 10-1: USB disconnect, device number 4
[  772.673191][ T9482] veth0_macvtap: entered promiscuous mode
[  772.705178][ T9482] veth1_macvtap: entered promiscuous mode
[  772.758245][ T5817] Bluetooth: hci4: command tx timeout
[  772.819083][ T9482] batman_adv: batadv0: Interface activated: batadv_slave_0
[  772.867851][ T9482] batman_adv: batadv0: Interface activated: batadv_slave_1
[  772.996178][ T4061] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  773.099413][ T4061] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  773.138099][ T4061] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  773.200121][ T4061] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  773.849355][ T5817] Bluetooth: hci5: unexpected event for opcode 0x0c46
[  774.568905][ T9627] bridge0: port 1(bridge_slave_0) entered blocking state
[  774.576295][ T9627] bridge0: port 1(bridge_slave_0) entered disabled state
[  774.586829][ T9627] bridge_slave_0: entered allmulticast mode
[  774.595440][ T9627] bridge_slave_0: entered promiscuous mode
[  774.620654][ T9627] bridge0: port 2(bridge_slave_1) entered blocking state
[  774.628312][ T9627] bridge0: port 2(bridge_slave_1) entered disabled state
[  774.636088][ T9627] bridge_slave_1: entered allmulticast mode
[  774.645986][ T9627] bridge_slave_1: entered promiscuous mode
[  774.843703][ T5817] Bluetooth: hci4: command tx timeout
[  775.312843][ T9627] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  775.395813][ T9627] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  775.577247][ T3635] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  776.122235][ T3635] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  776.142459][ T2003] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  776.270808][ T9627] team0: Port device team_slave_0 added
[  776.333487][ T2003] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  776.345212][ T2003] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  776.355689][ T2003] usb 10-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  776.365402][ T2003] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  776.430797][ T9627] team0: Port device team_slave_1 added
[  776.617296][ T2003] usb 10-1: config 0 descriptor??
[  776.753689][ T3635] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.255803][ T3635] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  778.119033][ T2003] uclogic 0003:256C:006D.0006: failed retrieving Huion firmware version: -71
[  778.128594][ T2003] uclogic 0003:256C:006D.0006: failed probing parameters: -71
[  778.136730][ T2003] uclogic 0003:256C:006D.0006: probe with driver uclogic failed with error -71
[  778.304857][ T2003] usb 10-1: USB disconnect, device number 5
[  778.392198][ T9627] batman_adv: batadv0: Adding interface: batadv_slave_0
[  778.401025][ T9627] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  778.429206][ T9627] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  778.527941][ T9627] batman_adv: batadv0: Adding interface: batadv_slave_1
[  778.535098][ T9627] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  778.562245][ T9627] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  780.151628][ T3635] bridge_slave_1: left allmulticast mode
[  780.158672][ T3635] bridge_slave_1: left promiscuous mode
[  780.165265][ T3635] bridge0: port 2(bridge_slave_1) entered disabled state
[  780.298536][ T3635] bridge_slave_0: left allmulticast mode
[  780.304519][ T3635] bridge_slave_0: left promiscuous mode
[  780.312021][ T3635] bridge0: port 1(bridge_slave_0) entered disabled state
[  780.924664][ T3635] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  780.970826][ T3635] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  780.986719][ T3635] bond0 (unregistering): Released all slaves
[  781.004419][ T3635] bond1 (unregistering): Released all slaves
[  781.421288][ T9627] hsr_slave_0: entered promiscuous mode
[  781.431854][ T9627] hsr_slave_1: entered promiscuous mode
[  781.446847][ T9627] debugfs: 'hsr0' already exists in 'hsr'
[  781.454404][ T9627] Cannot create hsr debugfs directory
[  781.501890][ T5817] Bluetooth: hci2: unexpected event for opcode 0x0c46
[  782.124247][ T9728] loop9: detected capacity change from 0 to 128
[  782.201546][ T9728] ext4: Bad value for 'resgid'
[  782.206618][ T9728] ext4: Bad value for 'resgid'
[  782.679413][ T2003] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  782.768288][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  782.776555][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  782.909700][ T2003] usb 10-1: Using ep0 maxpacket: 16
[  782.925010][ T3635] hsr_slave_0: left promiscuous mode
[  782.944930][ T3635] hsr_slave_1: left promiscuous mode
[  782.950694][ T2003] usb 10-1: config index 0 descriptor too short (expected 16456, got 72)
[  782.950839][ T2003] usb 10-1: config 0 has an invalid interface number: 125 but max is 1
[  782.950963][ T2003] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  782.951080][ T2003] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 2
[  782.951212][ T2003] usb 10-1: config 0 has no interface number 0
[  782.951340][ T2003] usb 10-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  782.951500][ T2003] usb 10-1: config 0 interface 125 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  782.951668][ T2003] usb 10-1: config 0 interface 125 has no altsetting 0
[  783.036268][ T3635] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  783.044218][ T3635] batman_adv: batadv0: Removing interface: batadv_slave_0
[  783.110813][ T3635] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  783.118591][ T3635] batman_adv: batadv0: Removing interface: batadv_slave_1
[  783.127922][ T2003] usb 10-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  783.138216][ T2003] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  783.146528][ T2003] usb 10-1: Product: syz
[  783.151912][ T2003] usb 10-1: Manufacturer: syz
[  783.156809][ T2003] usb 10-1: SerialNumber: syz
[  783.200472][ T3635] veth1_macvtap: left promiscuous mode
[  783.206221][ T3635] veth0_macvtap: left promiscuous mode
[  783.212360][ T3635] veth1_vlan: left promiscuous mode
[  783.218046][ T3635] veth0_vlan: left promiscuous mode
[  783.239946][ T2003] usb 10-1: config 0 descriptor??
[  783.513101][ T2003] usb 10-1: USB disconnect, device number 6
[  784.068600][ T3635] team0 (unregistering): Port device team_slave_1 removed
[  784.139713][ T3635] team0 (unregistering): Port device team_slave_0 removed
[  784.329167][ T3635] team0 (unregistering): Port device dummy0 removed
[  788.573932][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  788.582494][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  788.705335][ T9627] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  788.804766][ T4061] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  788.813070][ T4061] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  788.885512][ T9627] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  788.989719][ T9627] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  789.103786][ T9627] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  789.873897][ T9774] loop8: detected capacity change from 0 to 128
[  789.980640][ T9774] ext4: Bad value for 'resgid'
[  789.985820][ T9774] ext4: Bad value for 'resgid'
[  790.509218][   T24] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  790.580939][ T9627] 8021q: adding VLAN 0 to HW filter on device bond0
[  790.688663][ T9627] 8021q: adding VLAN 0 to HW filter on device team0
[  790.903078][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  790.910966][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  791.021986][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  791.030061][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  792.609968][   T24] usb 9-1: Using ep0 maxpacket: 16
[  792.630389][   T24] usb 9-1: config index 0 descriptor too short (expected 16456, got 72)
[  792.642127][   T24] usb 9-1: config 0 has an invalid interface number: 125 but max is 1
[  792.650846][   T24] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  792.661579][   T24] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 2
[  792.671100][   T24] usb 9-1: config 0 has no interface number 0
[  792.677701][   T24] usb 9-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  792.689485][   T24] usb 9-1: config 0 interface 125 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  792.703058][   T24] usb 9-1: config 0 interface 125 has no altsetting 0
[  794.030643][ T9627] 8021q: adding VLAN 0 to HW filter on device batadv0
[  794.079024][   T24] usb 9-1: string descriptor 0 read error: -71
[  794.085845][   T24] usb 9-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  794.096221][   T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  794.153741][   T24] usb 9-1: config 0 descriptor??
[  794.168133][   T24] usb 9-1: can't set config #0, error -71
[  794.208371][   T24] usb 9-1: USB disconnect, device number 9
[  795.240319][ T9627] veth0_vlan: entered promiscuous mode
[  795.400087][ T9627] veth1_vlan: entered promiscuous mode
[  796.751767][ T9627] veth0_macvtap: entered promiscuous mode
[  796.825810][ T9627] veth1_macvtap: entered promiscuous mode
[  797.081455][ T9627] batman_adv: batadv0: Interface activated: batadv_slave_0
[  797.159081][ T9627] batman_adv: batadv0: Interface activated: batadv_slave_1
[  797.239463][ T1100] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  797.289528][ T1100] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  797.338487][ T1100] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  797.376832][ T1100] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  797.618886][ T9817] loop6: detected capacity change from 0 to 128
[  797.710963][ T9817] ext4: Bad value for 'resgid'
[  797.715944][ T9817] ext4: Bad value for 'resgid'
[  806.278992][ T9880] loop0: detected capacity change from 0 to 128
[  806.342282][ T9880] ext4: Bad value for 'resgid'
[  806.347550][ T9880] ext4: Bad value for 'resgid'
[  806.840454][   T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  807.967863][   T24] usb 1-1: Using ep0 maxpacket: 16
[  808.838715][   T24] usb 1-1: config index 0 descriptor too short (expected 16456, got 72)
[  808.847310][   T24] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  808.856016][   T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  808.866467][   T24] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  808.875753][   T24] usb 1-1: config 0 has no interface number 0
[  808.882173][   T24] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  808.896947][   T24] usb 1-1: config 0 interface 125 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  808.911348][   T24] usb 1-1: config 0 interface 125 has no altsetting 0
[  808.956001][   T24] usb 1-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  808.966590][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  808.975078][   T24] usb 1-1: Product: syz
[  808.979528][   T24] usb 1-1: Manufacturer: syz
[  808.984435][   T24] usb 1-1: SerialNumber: syz
[  809.183329][   T24] usb 1-1: config 0 descriptor??
[  809.488480][   T24] usb 1-1: can't set config #0, error -71
[  809.539447][   T24] usb 1-1: USB disconnect, device number 2
[  814.677195][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  814.686009][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  814.821584][ T3758] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  814.834912][ T3758] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  815.313731][ T9944] overlay: ./file0 is not a directory
[  831.059601][ T9991] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  834.978651][   T30] audit: type=1326 audit(1755188450.812:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10008 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c92f8ebe9 code=0x7ffc0000
[  835.004729][   T30] audit: type=1326 audit(1755188450.812:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10008 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c92f8ebe9 code=0x7ffc0000
[  835.028275][   T30] audit: type=1326 audit(1755188450.822:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10008 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8c92f8ebe9 code=0x7ffc0000
[  835.050977][   T30] audit: type=1326 audit(1755188450.822:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10008 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c92f8ebe9 code=0x7ffc0000
[  835.073844][   T30] audit: type=1326 audit(1755188450.822:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10008 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c92f8ebe9 code=0x7ffc0000
[  835.315187][   T30] audit: type=1326 audit(1755188451.012:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10008 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f8c92f8ebe9 code=0x7ffc0000
[  835.338737][   T30] audit: type=1326 audit(1755188451.012:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10008 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c92f8ebe9 code=0x7ffc0000
[  835.361844][   T30] audit: type=1326 audit(1755188451.012:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10008 comm="syz.0.1073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c92f8ebe9 code=0x7ffc0000
[  839.837852][   T24] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  841.783434][   T24] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  841.791833][   T24] usb 1-1: config 0 has no interface number 0
[  841.844058][   T24] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  841.853588][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  841.865019][   T24] usb 1-1: Product: syz
[  841.870310][   T24] usb 1-1: Manufacturer: syz
[  841.875107][   T24] usb 1-1: SerialNumber: syz
[  841.980603][   T24] usb 1-1: config 0 descriptor??
[  842.221704][   T24] usb 1-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  842.259639][   T24] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  842.275452][   T24] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  842.285051][   T24] usb 1-1: media controller created
[  842.412772][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  842.848779][   T24] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[  844.011430][   T24] usb 1-1: USB disconnect, device number 3
[  844.061017][T10058] loop9: detected capacity change from 0 to 7
[  844.073282][T10058] buffer_io_error: 11 callbacks suppressed
[  844.073339][T10058] Buffer I/O error on dev loop9, logical block 0, async page read
[  844.087838][T10058] Buffer I/O error on dev loop9, logical block 0, async page read
[  844.096061][T10058] Buffer I/O error on dev loop9, logical block 0, async page read
[  844.104186][T10058] Buffer I/O error on dev loop9, logical block 0, async page read
[  844.117133][T10058] Buffer I/O error on dev loop9, logical block 0, async page read
[  844.155710][T10058] Buffer I/O error on dev loop9, logical block 0, async page read
[  844.166950][T10058] Buffer I/O error on dev loop9, logical block 0, async page read
[  844.175102][T10058] ldm_validate_partition_table(): Disk read failed.
[  844.179433][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  844.182094][T10058] Buffer I/O error on dev loop9, logical block 0, async page read
[  844.188639][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  844.196355][T10058] Buffer I/O error on dev loop9, logical block 0, async page read
[  844.210935][T10058] Buffer I/O error on dev loop9, logical block 0, async page read
[  844.223161][T10058] Dev loop9: unable to read RDB block 0
[  844.229713][T10058]  loop9: unable to read partition table
[  844.236034][T10058] loop9: partition table beyond EOD, truncated
[  844.242517][T10058] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  844.242517][T10058] 
) failed (rc=-5)
[  844.673255][ T9961] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  844.689755][ T9961] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  844.708772][ T9961] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  844.745759][ T9961] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  844.773543][ T9961] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  846.857920][ T9961] Bluetooth: hci0: command tx timeout
[  849.145184][ T9961] Bluetooth: hci0: command tx timeout
[  849.216182][T10059] chnl_net:caif_netlink_parms(): no params data found
[  849.408016][ T5876] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  849.664032][ T5876] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  849.675698][ T5876] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  849.686783][ T5876] usb 10-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  849.696329][ T5876] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  849.814758][T10088] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  849.879918][ T5876] usb 10-1: config 0 descriptor??
[  850.228047][   T24] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  850.330644][ T3758] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  850.493380][ T3758] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  850.538776][   T24] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  850.547038][   T24] usb 1-1: config 0 has no interface number 0
[  850.646164][   T24] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  850.656924][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  850.669197][   T24] usb 1-1: Product: syz
[  850.673574][   T24] usb 1-1: Manufacturer: syz
[  850.679319][   T24] usb 1-1: SerialNumber: syz
[  850.706205][ T3758] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  850.800190][   T24] usb 1-1: config 0 descriptor??
[  850.880166][ T3758] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  851.068906][   T24] usb 1-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  851.156588][   T24] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  851.168858][   T24] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  851.181654][   T24] usb 1-1: media controller created
[  851.262339][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  851.281732][ T9961] Bluetooth: hci0: command tx timeout
[  851.398848][ T3758] bridge_slave_1: left allmulticast mode
[  851.403504][ T5876] uclogic 0003:256C:006D.0007: failed retrieving Huion firmware version: -71
[  851.404707][ T3758] bridge_slave_1: left promiscuous mode
[  851.405643][ T3758] bridge0: port 2(bridge_slave_1) entered disabled state
[  851.414644][ T5876] uclogic 0003:256C:006D.0007: failed probing parameters: -71
[  851.436218][ T5876] uclogic 0003:256C:006D.0007: probe with driver uclogic failed with error -71
[  851.478221][ T5876] usb 10-1: USB disconnect, device number 7
[  851.510028][ T3758] bridge_slave_0: left allmulticast mode
[  851.515891][ T3758] bridge_slave_0: left promiscuous mode
[  851.522477][ T3758] bridge0: port 1(bridge_slave_0) entered disabled state
[  851.774468][   T24] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[  852.367798][   T24] usb 1-1: USB disconnect, device number 4
[  852.399964][ T3758] team0: Port device bridge1 removed
[  852.460362][ T3758] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  852.484421][ T3758] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  852.502243][ T3758] bond0 (unregistering): Released all slaves
[  852.921687][T10059] bridge0: port 1(bridge_slave_0) entered blocking state
[  852.929499][T10059] bridge0: port 1(bridge_slave_0) entered disabled state
[  852.937325][T10059] bridge_slave_0: entered allmulticast mode
[  852.946265][T10059] bridge_slave_0: entered promiscuous mode
[  853.163424][T10059] bridge0: port 2(bridge_slave_1) entered blocking state
[  853.170938][T10059] bridge0: port 2(bridge_slave_1) entered disabled state
[  853.178653][T10059] bridge_slave_1: entered allmulticast mode
[  853.187118][T10059] bridge_slave_1: entered promiscuous mode
[  853.332817][ T9961] Bluetooth: hci0: command tx timeout
[  853.349192][ T3758] hsr_slave_0: left promiscuous mode
[  853.498740][ T3758] hsr_slave_1: left promiscuous mode
[  853.506788][ T3758] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  853.518747][ T3758] batman_adv: batadv0: Removing interface: batadv_slave_0
[  853.647289][ T3758] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  853.655448][ T3758] batman_adv: batadv0: Removing interface: batadv_slave_1
[  853.792373][ T3758] veth1_macvtap: left promiscuous mode
[  853.798899][ T3758] veth0_macvtap: left promiscuous mode
[  853.804816][ T3758] veth1_vlan: left promiscuous mode
[  853.810670][ T3758] veth0_vlan: left promiscuous mode
[  857.139086][ T5817] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  857.158528][ T5817] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  857.179516][ T5817] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  857.349848][ T5817] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  857.364397][ T5817] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  857.438667][ T2003] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  857.647253][ T3758] team0 (unregistering): Port device team_slave_1 removed
[  857.652264][ T2003] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  857.666143][ T2003] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  857.676447][ T2003] usb 10-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  857.686017][ T2003] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  857.774700][T10122] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  857.803277][ T2003] usb 10-1: config 0 descriptor??
[  857.846297][ T3758] team0 (unregistering): Port device team_slave_0 removed
[  858.534533][T10059] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  858.734415][T10059] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  859.107993][ T3758] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.263875][T10059] team0: Port device team_slave_0 added
[  859.295961][ T2003] uclogic 0003:256C:006D.0008: failed retrieving Huion firmware version: -71
[  859.305359][ T2003] uclogic 0003:256C:006D.0008: failed probing parameters: -71
[  859.313663][ T2003] uclogic 0003:256C:006D.0008: probe with driver uclogic failed with error -71
[  859.348091][ T3758] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.392608][T10059] team0: Port device team_slave_1 added
[  859.451710][ T5817] Bluetooth: hci1: command tx timeout
[  859.586274][ T2003] usb 10-1: USB disconnect, device number 8
[  859.640618][ T3758] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.749253][T10059] batman_adv: batadv0: Adding interface: batadv_slave_0
[  859.756534][T10059] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  859.786986][T10059] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  859.826043][ T3758] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.921255][T10059] batman_adv: batadv0: Adding interface: batadv_slave_1
[  859.928676][T10059] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  859.955339][T10059] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  860.879020][T10059] hsr_slave_0: entered promiscuous mode
[  860.896597][T10059] hsr_slave_1: entered promiscuous mode
[  860.910173][T10059] debugfs: 'hsr0' already exists in 'hsr'
[  860.916106][T10059] Cannot create hsr debugfs directory
[  860.924890][ T3758] bridge_slave_1: left allmulticast mode
[  860.931877][ T3758] bridge_slave_1: left promiscuous mode
[  860.938977][ T3758] bridge0: port 2(bridge_slave_1) entered disabled state
[  861.041170][ T3758] bridge_slave_0: left allmulticast mode
[  861.047225][ T3758] bridge_slave_0: left promiscuous mode
[  861.054371][ T3758] bridge0: port 1(bridge_slave_0) entered disabled state
[  861.483195][ T9961] Bluetooth: hci1: command tx timeout
[  861.558528][ T9961] Bluetooth: hci3: command 0x0406 tx timeout
[  861.652042][ T3758] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  861.734435][ T3758] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  861.770427][ T3758] bond0 (unregistering): Released all slaves
[  861.793526][ T3758] bond1 (unregistering): Released all slaves
[  862.274151][T10120] chnl_net:caif_netlink_parms(): no params data found
[  863.678126][ T5817] Bluetooth: hci1: command tx timeout
[  864.779042][ T3758] hsr_slave_0: left promiscuous mode
[  864.806015][ T3758] hsr_slave_1: left promiscuous mode
[  864.814223][ T3758] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  864.822736][ T3758] batman_adv: batadv0: Removing interface: batadv_slave_0
[  864.890519][ T3758] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  864.904515][ T3758] batman_adv: batadv0: Removing interface: batadv_slave_1
[  864.974776][ T3758] veth1_macvtap: left promiscuous mode
[  864.980975][ T3758] veth0_macvtap: left promiscuous mode
[  864.986867][ T3758] veth1_vlan: left promiscuous mode
[  864.992646][ T3758] veth0_vlan: left promiscuous mode
[  865.827813][ T5817] Bluetooth: hci1: command tx timeout
[  865.877241][ T3758] team0 (unregistering): Port device team_slave_1 removed
[  865.903603][ T3758] team0 (unregistering): Port device team_slave_0 removed
[  866.216114][ T3758] team0 (unregistering): Port device dummy0 removed
[  868.064801][T10191] Bluetooth: MGMT ver 1.23
[  871.063586][ T3758] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  871.575075][ T3758] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  871.990956][ T3758] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  872.063362][T10120] bridge0: port 1(bridge_slave_0) entered blocking state
[  872.074130][T10120] bridge0: port 1(bridge_slave_0) entered disabled state
[  872.082150][T10120] bridge_slave_0: entered allmulticast mode
[  872.094020][T10120] bridge_slave_0: entered promiscuous mode
[  872.213733][ T3758] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  872.248601][T10120] bridge0: port 2(bridge_slave_1) entered blocking state
[  872.256154][T10120] bridge0: port 2(bridge_slave_1) entered disabled state
[  872.268773][T10120] bridge_slave_1: entered allmulticast mode
[  872.280926][T10120] bridge_slave_1: entered promiscuous mode
[  872.780855][T10120] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  873.018636][T10120] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  873.032831][T10059] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  873.108394][ T3758] bridge_slave_1: left allmulticast mode
[  873.114339][ T3758] bridge_slave_1: left promiscuous mode
[  873.121280][ T3758] bridge0: port 2(bridge_slave_1) entered disabled state
[  873.314398][T10212] loop6: detected capacity change from 0 to 63
[  873.343851][T10212] buffer_io_error: 4 callbacks suppressed
[  873.343939][T10212] Buffer I/O error on dev loop6, logical block 0, async page read
[  873.358492][T10212] Buffer I/O error on dev loop6, logical block 0, async page read
[  873.366754][T10212] Buffer I/O error on dev loop6, logical block 0, async page read
[  874.128614][ T3758] bridge_slave_0: left allmulticast mode
[  874.134485][ T3758] bridge_slave_0: left promiscuous mode
[  874.141313][ T3758] bridge0: port 1(bridge_slave_0) entered disabled state
[  876.624227][ T3758] bond1 (unregistering): Released all slaves
[  876.814614][T10059] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  877.050364][T10120] team0: Port device team_slave_0 added
[  877.153066][T10120] team0: Port device team_slave_1 added
[  877.521126][T10120] batman_adv: batadv0: Adding interface: batadv_slave_0
[  877.529587][T10120] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  877.556074][T10120] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  877.657794][T10059] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  877.759534][T10059] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  877.828396][T10120] batman_adv: batadv0: Adding interface: batadv_slave_1
[  877.835598][T10120] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  877.862354][T10120] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  878.718488][T10120] hsr_slave_0: entered promiscuous mode
[  878.731709][T10120] hsr_slave_1: entered promiscuous mode
[  878.740611][T10120] debugfs: 'hsr0' already exists in 'hsr'
[  878.746511][T10120] Cannot create hsr debugfs directory
[  879.685905][ T3758] hsr_slave_0: left promiscuous mode
[  879.716305][ T3758] hsr_slave_1: left promiscuous mode
[  879.724744][ T3758] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  879.732549][ T3758] batman_adv: batadv0: Removing interface: batadv_slave_0
[  879.775975][ T3758] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  879.784670][ T3758] batman_adv: batadv0: Removing interface: batadv_slave_1
[  879.836544][ T3758] veth1_macvtap: left promiscuous mode
[  879.842700][ T3758] veth0_macvtap: left promiscuous mode
[  879.851152][ T3758] veth1_vlan: left promiscuous mode
[  879.856710][ T3758] veth0_vlan: left promiscuous mode
[  880.802140][ T3758] team0 (unregistering): Port device team_slave_1 removed
[  880.847211][ T3758] team0 (unregistering): Port device team_slave_0 removed
[  881.214896][ T3758] team0 (unregistering): Port device dummy0 removed
[  881.861999][T10059] 8021q: adding VLAN 0 to HW filter on device bond0
[  882.068806][T10059] 8021q: adding VLAN 0 to HW filter on device team0
[  882.237302][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  882.245012][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  882.552456][ T3635] bridge0: port 2(bridge_slave_1) entered blocking state
[  882.560292][ T3635] bridge0: port 2(bridge_slave_1) entered forwarding state
[  885.144656][T10120] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  885.393162][T10120] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  885.530215][T10120] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  885.719115][T10120] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  887.140784][T10279] loop1: detected capacity change from 0 to 128
[  887.198442][T10279] ext4: Bad value for 'resgid'
[  887.203593][T10279] ext4: Bad value for 'resgid'
[  887.654474][ T8822] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  887.858313][ T8822] usb 2-1: Using ep0 maxpacket: 16
[  887.910639][ T8822] usb 2-1: config index 0 descriptor too short (expected 16456, got 72)
[  887.919625][ T8822] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  887.928457][ T8822] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  887.939846][ T8822] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  887.949406][ T8822] usb 2-1: config 0 has no interface number 0
[  887.955719][ T8822] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  887.967280][ T8822] usb 2-1: config 0 interface 125 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  887.981453][ T8822] usb 2-1: config 0 interface 125 has no altsetting 0
[  888.171950][ T8822] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  888.181604][ T8822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  888.190115][ T8822] usb 2-1: Product: syz
[  888.194479][ T8822] usb 2-1: Manufacturer: syz
[  888.200161][ T8822] usb 2-1: SerialNumber: syz
[  888.285434][T10120] 8021q: adding VLAN 0 to HW filter on device bond0
[  888.305341][ T8822] usb 2-1: config 0 descriptor??
[  888.409015][T10120] 8021q: adding VLAN 0 to HW filter on device team0
[  888.494824][ T3635] bridge0: port 1(bridge_slave_0) entered blocking state
[  888.502410][ T3635] bridge0: port 1(bridge_slave_0) entered forwarding state
[  888.519038][ T3635] bridge0: port 2(bridge_slave_1) entered blocking state
[  888.526550][ T3635] bridge0: port 2(bridge_slave_1) entered forwarding state
[  888.580071][ T8822] usb 2-1: USB disconnect, device number 2
[  888.999401][T10120] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  889.010552][T10120] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  892.235611][T10059] 8021q: adding VLAN 0 to HW filter on device batadv0
[  892.470091][ T5817] Bluetooth: hci4: command 0x0406 tx timeout
[  895.277502][T10059] veth0_vlan: entered promiscuous mode
[  895.511331][T10059] veth1_vlan: entered promiscuous mode
[  895.849623][T10059] veth0_macvtap: entered promiscuous mode
[  895.919599][T10059] veth1_macvtap: entered promiscuous mode
[  896.011581][T10059] batman_adv: batadv0: Interface activated: batadv_slave_0
[  896.080605][T10059] batman_adv: batadv0: Interface activated: batadv_slave_1
[  896.192750][ T3635] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  896.313502][ T3635] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  896.354969][ T1100] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  896.428514][ T1100] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  897.208363][T10120] 8021q: adding VLAN 0 to HW filter on device batadv0
[  898.351343][T10120] veth0_vlan: entered promiscuous mode
[  898.465345][T10120] veth1_vlan: entered promiscuous mode
[  898.796776][T10120] veth0_macvtap: entered promiscuous mode
[  898.974818][T10120] veth1_macvtap: entered promiscuous mode
[  899.336591][T10120] batman_adv: batadv0: Interface activated: batadv_slave_0
[  899.476223][T10120] batman_adv: batadv0: Interface activated: batadv_slave_1
[  899.613802][   T14] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  899.678267][   T14] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  899.688552][   T14] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  899.785956][   T14] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  900.336505][T10340] loop1: detected capacity change from 0 to 128
[  900.377279][T10340] ext4: Bad value for 'resgid'
[  900.382584][T10340] ext4: Bad value for 'resgid'
[  902.639230][ T8822] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  903.787825][ T8822] usb 2-1: Using ep0 maxpacket: 16
[  903.840718][ T8822] usb 2-1: device descriptor read/all, error -61
[  904.067657][ T8822] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  904.250295][ T8822] usb 2-1: device descriptor read/64, error -71
[  904.390148][ T8822] usb usb2-port1: attempt power cycle
[  904.767924][ T8822] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  905.029897][ T8822] usb 2-1: device descriptor read/8, error -71
[  905.264589][ T5823] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  905.274977][ T5823] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  905.288517][ T5823] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  905.329451][ T5823] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  905.352934][ T5823] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  906.119201][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  906.126131][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  908.411794][ T5823] Bluetooth: hci2: command tx timeout
[  908.419463][ T5823] Bluetooth: hci4: unexpected cc 0x0809 length: 68 > 4
[  908.426621][ T5823] Bluetooth: hci4: unexpected event for opcode 0x0809
[  910.820001][ T9961] Bluetooth: hci2: command tx timeout
[  911.978515][T10367] chnl_net:caif_netlink_parms(): no params data found
[  912.329186][ T5876] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  912.575735][ T5876] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  912.585333][ T5876] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  912.596025][ T5876] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  912.605472][ T5876] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  912.620736][ T5876] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  912.849312][ T5823] Bluetooth: hci2: command tx timeout
[  912.949566][ T5876] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  912.959142][ T5876] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  912.967582][ T5876] usb 2-1: Product: syz
[  912.971916][ T5876] usb 2-1: Manufacturer: syz
[  913.110411][ T5876] cdc_wdm 2-1:1.0: skipping garbage
[  913.115845][ T5876] cdc_wdm 2-1:1.0: skipping garbage
[  913.202467][ T5876] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  913.208869][ T5876] cdc_wdm 2-1:1.0: Unknown control protocol
[  913.342580][T10391] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  913.352121][T10391] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  913.430769][T10399] netlink: 'syz.0.1191': attribute type 10 has an invalid length.
[  913.672368][T10399] team0: Port device dummy0 added
[  913.776209][ T5876] usb 2-1: USB disconnect, device number 7
[  914.647084][   T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  914.920534][ T5823] Bluetooth: hci2: command tx timeout
[  915.133498][   T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  915.220189][T10367] bridge0: port 1(bridge_slave_0) entered blocking state
[  915.228334][T10367] bridge0: port 1(bridge_slave_0) entered disabled state
[  915.236224][T10367] bridge_slave_0: entered allmulticast mode
[  915.245935][T10367] bridge_slave_0: entered promiscuous mode
[  915.378369][T10418] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  915.580124][   T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  915.728100][T10367] bridge0: port 2(bridge_slave_1) entered blocking state
[  915.735764][T10367] bridge0: port 2(bridge_slave_1) entered disabled state
[  915.743766][T10367] bridge_slave_1: entered allmulticast mode
[  915.753441][T10367] bridge_slave_1: entered promiscuous mode
[  916.063479][ T5823] Bluetooth: hci4: unexpected cc 0x0809 length: 68 > 4
[  916.071027][ T5823] Bluetooth: hci4: unexpected event for opcode 0x0809
[  916.289749][   T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  916.368359][T10367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  916.465423][T10367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  917.717968][ T9961] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  917.727879][ T9961] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  917.746968][ T9961] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  917.762310][ T9961] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  917.783339][ T9961] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  917.875751][   T35] bridge_slave_1: left allmulticast mode
[  917.882206][   T35] bridge_slave_1: left promiscuous mode
[  917.888996][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  918.028742][   T35] bridge_slave_0: left allmulticast mode
[  918.035136][   T35] bridge_slave_0: left promiscuous mode
[  918.042100][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  918.539852][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  918.594578][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  918.634417][   T35] bond0 (unregistering): Released all slaves
[  918.723385][T10367] team0: Port device team_slave_0 added
[  918.826201][T10367] team0: Port device team_slave_1 added
[  919.246468][T10367] batman_adv: batadv0: Adding interface: batadv_slave_0
[  919.254472][T10367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  919.297473][T10367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  919.514744][T10437] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1200'.
[  919.654781][   T35] hsr_slave_0: left promiscuous mode
[  919.725780][   T35] hsr_slave_1: left promiscuous mode
[  919.737886][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  919.745735][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  919.878177][ T9961] Bluetooth: hci0: command tx timeout
[  919.894392][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  919.902578][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  919.949182][   T35] veth1_macvtap: left promiscuous mode
[  919.955172][   T35] veth0_macvtap: left promiscuous mode
[  919.963294][   T35] veth1_vlan: left promiscuous mode
[  919.969714][   T35] veth0_vlan: left promiscuous mode
[  921.124375][T10441] Bluetooth: MGMT ver 1.23
[  921.957774][ T9961] Bluetooth: hci0: command 0x041b tx timeout
[  922.025909][   T35] team0 (unregistering): Port device team_slave_1 removed
[  922.165906][   T35] team0 (unregistering): Port device team_slave_0 removed
[  923.559120][T10367] batman_adv: batadv0: Adding interface: batadv_slave_1
[  923.566289][T10367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  923.606838][T10367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  924.037930][ T9961] Bluetooth: hci0: command 0x041b tx timeout
[  924.440444][   T35] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  924.894513][   T35] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  924.960398][T10367] hsr_slave_0: entered promiscuous mode
[  924.973984][T10367] hsr_slave_1: entered promiscuous mode
[  924.981876][T10367] debugfs: 'hsr0' already exists in 'hsr'
[  924.987945][T10367] Cannot create hsr debugfs directory
[  925.740764][   T35] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  926.118402][ T9961] Bluetooth: hci0: command 0x041b tx timeout
[  926.149470][T10446] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  926.316495][T10451] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1204'.
[  926.350327][   T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  926.878118][   T35] bridge_slave_1: left allmulticast mode
[  926.883971][   T35] bridge_slave_1: left promiscuous mode
[  926.891108][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  926.960456][   T35] bridge_slave_0: left allmulticast mode
[  926.966422][   T35] bridge_slave_0: left promiscuous mode
[  926.973303][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  927.473633][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  927.536056][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  927.586868][   T35] bond0 (unregistering): Released all slaves
[  927.826096][T10426] chnl_net:caif_netlink_parms(): no params data found
[  928.231784][ T9961] Bluetooth: hci0: command 0x041b tx timeout
[  928.380428][ T9961] Bluetooth: hci4: unexpected cc 0x0809 length: 68 > 4
[  928.391706][ T9961] Bluetooth: hci4: unexpected event for opcode 0x0809
[  928.601291][   T35] hsr_slave_0: left promiscuous mode
[  928.633571][   T35] hsr_slave_1: left promiscuous mode
[  928.642549][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  928.650525][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  928.658174][ T2003] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  928.750522][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  928.758766][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  928.853166][ T2003] usb 1-1: device descriptor read/64, error -71
[  928.904299][   T35] veth1_macvtap: left promiscuous mode
[  928.910450][   T35] veth0_macvtap: left promiscuous mode
[  928.916440][   T35] veth1_vlan: left promiscuous mode
[  928.922215][   T35] veth0_vlan: left promiscuous mode
[  929.687887][ T2003] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  929.940195][ T2003] usb 1-1: device descriptor read/64, error -71
[  930.051571][ T2003] usb usb1-port1: attempt power cycle
[  930.457642][ T2003] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  930.489924][ T2003] usb 1-1: device descriptor read/8, error -71
[  930.577257][   T35] team0 (unregistering): Port device team_slave_1 removed
[  930.623681][   T35] team0 (unregistering): Port device team_slave_0 removed
[  930.764667][ T2003] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  930.819717][ T2003] usb 1-1: device descriptor read/8, error -71
[  930.934510][ T2003] usb usb1-port1: unable to enumerate USB device
[  931.870449][T10476] loop9: detected capacity change from 0 to 7
[  931.878071][T10476] Buffer I/O error on dev loop9, logical block 0, async page read
[  931.886531][T10476] Buffer I/O error on dev loop9, logical block 0, async page read
[  931.895015][T10476] Buffer I/O error on dev loop9, logical block 0, async page read
[  931.903369][T10476] Buffer I/O error on dev loop9, logical block 0, async page read
[  931.912138][T10476] Buffer I/O error on dev loop9, logical block 0, async page read
[  931.920717][T10476] Buffer I/O error on dev loop9, logical block 0, async page read
[  931.928951][T10476] Buffer I/O error on dev loop9, logical block 0, async page read
[  931.937227][T10476] ldm_validate_partition_table(): Disk read failed.
[  931.944719][T10476] Buffer I/O error on dev loop9, logical block 0, async page read
[  931.953135][T10476] Buffer I/O error on dev loop9, logical block 0, async page read
[  931.962963][T10476] Buffer I/O error on dev loop9, logical block 0, async page read
[  931.973324][T10476] Dev loop9: unable to read RDB block 0
[  931.980031][T10476]  loop9: unable to read partition table
[  932.076502][T10479] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1213'.
[  932.133946][T10476] loop9: partition table beyond EOD, truncated
[  932.140795][T10476] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  932.140795][T10476] 
) failed (rc=-5)
[  932.363391][T10426] bridge0: port 1(bridge_slave_0) entered blocking state
[  932.371506][T10426] bridge0: port 1(bridge_slave_0) entered disabled state
[  932.380707][T10426] bridge_slave_0: entered allmulticast mode
[  932.390624][T10426] bridge_slave_0: entered promiscuous mode
[  932.468818][T10367] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  932.489236][ T5823] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  932.511509][ T5823] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  932.536441][T10426] bridge0: port 2(bridge_slave_1) entered blocking state
[  932.538008][ T5823] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  932.544446][T10426] bridge0: port 2(bridge_slave_1) entered disabled state
[  932.559042][T10426] bridge_slave_1: entered allmulticast mode
[  932.568694][T10426] bridge_slave_1: entered promiscuous mode
[  932.599015][ T5823] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  932.622458][ T5823] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  932.679215][T10367] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  932.709943][T10367] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  932.733590][T10367] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  932.953718][T10426] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  933.114751][T10426] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  933.332118][T10426] team0: Port device team_slave_0 added
[  933.430276][T10426] team0: Port device team_slave_1 added
[  933.713934][T10426] batman_adv: batadv0: Adding interface: batadv_slave_0
[  933.722542][T10426] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  933.749573][T10426] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  933.933613][T10426] batman_adv: batadv0: Adding interface: batadv_slave_1
[  933.941026][T10426] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  933.967680][T10426] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  934.045232][T10480] chnl_net:caif_netlink_parms(): no params data found
[  934.688689][ T5823] Bluetooth: hci1: command tx timeout
[  934.785929][T10426] hsr_slave_0: entered promiscuous mode
[  934.796227][T10426] hsr_slave_1: entered promiscuous mode
[  934.805243][T10426] debugfs: 'hsr0' already exists in 'hsr'
[  934.811694][T10426] Cannot create hsr debugfs directory
[  935.278582][ T5823] Bluetooth: hci4: unexpected cc 0x0809 length: 68 > 4
[  935.285891][ T5823] Bluetooth: hci4: unexpected event for opcode 0x0809
[  935.561503][   T35] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  935.738712][   T35] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  935.934118][   T35] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  936.193948][   T35] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  936.487853][ T2003] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  936.756847][ T2003] usb 1-1: device descriptor read/64, error -71
[  936.805048][T10367] 8021q: adding VLAN 0 to HW filter on device bond0
[  936.818694][ T5823] Bluetooth: hci1: command tx timeout
[  937.012431][T10367] 8021q: adding VLAN 0 to HW filter on device team0
[  937.085902][   T35] bridge_slave_1: left allmulticast mode
[  937.094159][   T35] bridge_slave_1: left promiscuous mode
[  937.102143][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  937.119191][ T2003] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  937.120059][   T35] bridge_slave_0: left allmulticast mode
[  937.133054][   T35] bridge_slave_0: left promiscuous mode
[  937.139777][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  937.363921][ T2003] usb 1-1: device descriptor read/64, error -71
[  937.516674][T10509] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1221'.
[  937.561880][ T2003] usb usb1-port1: attempt power cycle
[  937.620674][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  937.640480][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  937.660170][   T35] bond0 (unregistering): Released all slaves
[  937.916195][ T1100] bridge0: port 1(bridge_slave_0) entered blocking state
[  937.923816][ T1100] bridge0: port 1(bridge_slave_0) entered forwarding state
[  937.942033][ T2003] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  937.973796][ T2003] usb 1-1: device descriptor read/8, error -71
[  938.031011][T10480] bridge0: port 1(bridge_slave_0) entered blocking state
[  938.039762][T10480] bridge0: port 1(bridge_slave_0) entered disabled state
[  938.047782][T10480] bridge_slave_0: entered allmulticast mode
[  938.057188][T10480] bridge_slave_0: entered promiscuous mode
[  938.121305][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state
[  938.129000][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state
[  938.151508][T10480] bridge0: port 2(bridge_slave_1) entered blocking state
[  938.159588][T10480] bridge0: port 2(bridge_slave_1) entered disabled state
[  938.167576][T10480] bridge_slave_1: entered allmulticast mode
[  938.175836][T10480] bridge_slave_1: entered promiscuous mode
[  938.191352][T10512] loop9: detected capacity change from 0 to 7
[  938.200314][T10512] buffer_io_error: 4 callbacks suppressed
[  938.200389][T10512] Buffer I/O error on dev loop9, logical block 0, async page read
[  938.214657][T10512] Buffer I/O error on dev loop9, logical block 0, async page read
[  938.224177][T10512] Buffer I/O error on dev loop9, logical block 0, async page read
[  938.232976][T10512] Buffer I/O error on dev loop9, logical block 0, async page read
[  938.239959][ T2003] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  938.241257][T10512] Buffer I/O error on dev loop9, logical block 0, async page read
[  938.257226][T10512] Buffer I/O error on dev loop9, logical block 0, async page read
[  938.265675][T10512] Buffer I/O error on dev loop9, logical block 0, async page read
[  938.274024][T10512] ldm_validate_partition_table(): Disk read failed.
[  938.281071][T10512] Buffer I/O error on dev loop9, logical block 0, async page read
[  938.289403][T10512] Buffer I/O error on dev loop9, logical block 0, async page read
[  938.295731][ T2003] usb 1-1: device descriptor read/8, error -71
[  938.297687][T10512] Buffer I/O error on dev loop9, logical block 0, async page read
[  938.297866][T10512] Dev loop9: unable to read RDB block 0
[  938.319271][T10512]  loop9: unable to read partition table
[  938.325835][T10512] loop9: partition table beyond EOD, truncated
[  938.332757][T10512] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  938.332757][T10512] 
) failed (rc=-5)
[  938.410269][ T2003] usb usb1-port1: unable to enumerate USB device
[  938.577148][   T35] hsr_slave_0: left promiscuous mode
[  938.585320][   T35] hsr_slave_1: left promiscuous mode
[  938.596028][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  938.603815][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  938.614370][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  938.622260][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  938.648769][   T35] veth1_macvtap: left promiscuous mode
[  938.654484][   T35] veth0_macvtap: left promiscuous mode
[  938.660879][   T35] veth1_vlan: left promiscuous mode
[  938.666401][   T35] veth0_vlan: left promiscuous mode
[  938.843823][ T5823] Bluetooth: hci1: command tx timeout
[  939.213440][   T35] team0 (unregistering): Port device team_slave_1 removed
[  939.285897][   T35] team0 (unregistering): Port device team_slave_0 removed
[  939.504091][   T35] team0 (unregistering): Port device dummy0 removed
[  939.682342][T10480] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  939.714831][T10480] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  940.084398][T10480] team0: Port device team_slave_0 added
[  940.182623][T10480] team0: Port device team_slave_1 added
[  940.291604][T10426] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  940.337709][T10480] batman_adv: batadv0: Adding interface: batadv_slave_0
[  940.344841][T10480] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  940.374231][T10480] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  940.392767][T10426] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  940.416989][T10426] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  940.446464][T10480] batman_adv: batadv0: Adding interface: batadv_slave_1
[  940.453913][T10480] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  940.483041][T10480] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  940.524132][T10426] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  940.839965][T10480] hsr_slave_0: entered promiscuous mode
[  940.852836][T10480] hsr_slave_1: entered promiscuous mode
[  940.943842][ T5823] Bluetooth: hci1: command tx timeout
[  942.017972][ T5823] Bluetooth: hci3: unexpected cc 0x0809 length: 68 > 4
[  942.025169][ T5823] Bluetooth: hci3: unexpected event for opcode 0x0809
[  942.315161][T10426] 8021q: adding VLAN 0 to HW filter on device bond0
[  942.566528][T10426] 8021q: adding VLAN 0 to HW filter on device team0
[  942.711062][ T3758] bridge0: port 1(bridge_slave_0) entered blocking state
[  942.718796][ T3758] bridge0: port 1(bridge_slave_0) entered forwarding state
[  942.838012][T10534] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1229'.
[  942.888695][ T3758] bridge0: port 2(bridge_slave_1) entered blocking state
[  942.896391][ T3758] bridge0: port 2(bridge_slave_1) entered forwarding state
[  942.943432][T10367] 8021q: adding VLAN 0 to HW filter on device batadv0
[  943.646690][T10367] veth0_vlan: entered promiscuous mode
[  943.740289][T10367] veth1_vlan: entered promiscuous mode
[  943.999191][ T8822] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  944.175017][T10367] veth0_macvtap: entered promiscuous mode
[  944.191643][T10480] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  944.253408][T10367] veth1_macvtap: entered promiscuous mode
[  944.282609][T10480] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  944.294022][ T8822] usb 2-1: no configurations
[  944.299511][ T8822] usb 2-1: can't read configurations, error -22
[  944.345257][T10480] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  944.402596][T10480] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  944.451703][T10367] batman_adv: batadv0: Interface activated: batadv_slave_0
[  944.468481][ T8822] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  944.555928][T10367] batman_adv: batadv0: Interface activated: batadv_slave_1
[  944.643203][ T1094] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  944.671164][ T8822] usb 2-1: no configurations
[  944.676006][ T8822] usb 2-1: can't read configurations, error -22
[  944.689094][ T2984] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  944.728583][ T2984] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  944.746485][ T8822] usb usb2-port1: attempt power cycle
[  944.783370][ T2984] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  944.925744][T10547] loop9: detected capacity change from 0 to 7
[  944.933184][T10547] buffer_io_error: 4 callbacks suppressed
[  944.933256][T10547] Buffer I/O error on dev loop9, logical block 0, async page read
[  944.952350][T10547] Buffer I/O error on dev loop9, logical block 0, async page read
[  944.960690][T10547] Buffer I/O error on dev loop9, logical block 0, async page read
[  944.969047][T10547] Buffer I/O error on dev loop9, logical block 0, async page read
[  944.980520][T10547] Buffer I/O error on dev loop9, logical block 0, async page read
[  944.989833][T10547] Buffer I/O error on dev loop9, logical block 0, async page read
[  945.002597][T10547] Buffer I/O error on dev loop9, logical block 0, async page read
[  945.010857][T10547] ldm_validate_partition_table(): Disk read failed.
[  945.017843][T10547] Buffer I/O error on dev loop9, logical block 0, async page read
[  945.026132][T10547] Buffer I/O error on dev loop9, logical block 0, async page read
[  945.034560][T10547] Buffer I/O error on dev loop9, logical block 0, async page read
[  945.042785][T10547] Dev loop9: unable to read RDB block 0
[  945.049046][T10547]  loop9: unable to read partition table
[  945.055531][T10547] loop9: partition table beyond EOD, truncated
[  945.062024][T10547] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  945.062024][T10547] 
) failed (rc=-5)
[  945.110005][ T8822] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  945.196921][ T8822] usb 2-1: no configurations
[  945.202131][ T8822] usb 2-1: can't read configurations, error -22
[  945.370218][ T8822] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  945.420584][ T8822] usb 2-1: no configurations
[  945.425653][ T8822] usb 2-1: can't read configurations, error -22
[  945.451417][ T8822] usb usb2-port1: unable to enumerate USB device
[  945.566486][T10426] 8021q: adding VLAN 0 to HW filter on device batadv0
[  945.603871][T10480] 8021q: adding VLAN 0 to HW filter on device bond0
[  945.739049][T10480] 8021q: adding VLAN 0 to HW filter on device team0
[  945.789420][ T3758] bridge0: port 1(bridge_slave_0) entered blocking state
[  945.796971][ T3758] bridge0: port 1(bridge_slave_0) entered forwarding state
[  945.909669][ T3758] bridge0: port 2(bridge_slave_1) entered blocking state
[  945.917490][ T3758] bridge0: port 2(bridge_slave_1) entered forwarding state
[  946.246157][T10426] veth0_vlan: entered promiscuous mode
[  946.335237][T10426] veth1_vlan: entered promiscuous mode
[  946.756381][T10426] veth0_macvtap: entered promiscuous mode
[  946.871871][T10426] veth1_macvtap: entered promiscuous mode
[  947.047673][T10426] batman_adv: batadv0: Interface activated: batadv_slave_0
[  947.140980][T10426] batman_adv: batadv0: Interface activated: batadv_slave_1
[  947.221729][ T2984] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  947.265497][ T2984] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  947.293630][ T2984] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  947.320814][   T65] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  948.077813][T10480] 8021q: adding VLAN 0 to HW filter on device batadv0
[  949.278282][T10597] loop9: detected capacity change from 0 to 7
[  949.286188][T10597] ldm_validate_partition_table(): Disk read failed.
[  949.293601][T10597] Dev loop9: unable to read RDB block 0
[  949.299928][T10597]  loop9: unable to read partition table
[  949.306529][T10597] loop9: partition table beyond EOD, truncated
[  949.313058][T10597] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  949.313058][T10597] 
) failed (rc=-5)
[  949.828628][ T2003] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  950.034879][ T2003] usb 1-1: no configurations
[  950.039965][ T2003] usb 1-1: can't read configurations, error -22
[  950.178366][T10480] veth0_vlan: entered promiscuous mode
[  950.238868][ T2003] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  950.269968][T10480] veth1_vlan: entered promiscuous mode
[  950.437809][ T2003] usb 1-1: no configurations
[  950.442934][ T2003] usb 1-1: can't read configurations, error -22
[  950.512083][ T2003] usb usb1-port1: attempt power cycle
[  950.626651][T10480] veth0_macvtap: entered promiscuous mode
[  950.763245][T10480] veth1_macvtap: entered promiscuous mode
[  950.921113][ T2003] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  951.047890][ T2003] usb 1-1: no configurations
[  951.052890][ T2003] usb 1-1: can't read configurations, error -22
[  951.065133][T10480] batman_adv: batadv0: Interface activated: batadv_slave_0
[  951.149235][T10480] batman_adv: batadv0: Interface activated: batadv_slave_1
[  951.236943][ T1100] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  951.269919][ T2003] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  951.368509][ T2003] usb 1-1: no configurations
[  951.373484][ T2003] usb 1-1: can't read configurations, error -22
[  951.386832][   T48] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  951.417799][ T2003] usb usb1-port1: unable to enumerate USB device
[  951.442536][   T48] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  951.490952][ T1100] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  951.652682][ T2984] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  951.660855][ T2984] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  951.841149][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  951.849676][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  956.285644][   T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  956.294399][   T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  956.403519][   T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  956.412201][   T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  956.490716][T10648] loop9: detected capacity change from 0 to 7
[  956.501035][T10648] buffer_io_error: 18 callbacks suppressed
[  956.501113][T10648] Buffer I/O error on dev loop9, logical block 0, async page read
[  956.515395][T10648] Buffer I/O error on dev loop9, logical block 0, async page read
[  956.523839][T10648] Buffer I/O error on dev loop9, logical block 0, async page read
[  956.532084][T10648] Buffer I/O error on dev loop9, logical block 0, async page read
[  956.540467][T10648] Buffer I/O error on dev loop9, logical block 0, async page read
[  956.555438][T10648] Buffer I/O error on dev loop9, logical block 0, async page read
[  956.565679][T10648] Buffer I/O error on dev loop9, logical block 0, async page read
[  956.573836][T10648] ldm_validate_partition_table(): Disk read failed.
[  956.580863][T10648] Buffer I/O error on dev loop9, logical block 0, async page read
[  956.589081][T10648] Buffer I/O error on dev loop9, logical block 0, async page read
[  956.597246][T10648] Buffer I/O error on dev loop9, logical block 0, async page read
[  956.605699][T10648] Dev loop9: unable to read RDB block 0
[  956.612229][T10648]  loop9: unable to read partition table
[  956.675283][T10648] loop9: partition table beyond EOD, truncated
[  956.682589][T10648] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  956.682589][T10648] 
) failed (rc=-5)
[  957.739356][ T8822] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  957.954454][ T8822] usb 3-1: no configurations
[  957.959758][ T8822] usb 3-1: can't read configurations, error -22
[  958.151534][ T8822] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  958.381146][ T8822] usb 3-1: no configurations
[  958.386284][ T8822] usb 3-1: can't read configurations, error -22
[  958.574660][ T8822] usb usb3-port1: attempt power cycle
[  959.068656][ T8822] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  959.371155][ T8822] usb 3-1: no configurations
[  959.376141][ T8822] usb 3-1: can't read configurations, error -22
[  959.615444][ T8822] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  960.080796][ T8822] usb 3-1: no configurations
[  960.085705][ T8822] usb 3-1: can't read configurations, error -22
[  960.118184][ T8822] usb usb3-port1: unable to enumerate USB device
[  960.561305][ T1094] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  960.569744][ T1094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  961.024402][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  961.033200][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  964.507626][ T8822] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  965.969730][ T8822] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  965.980502][ T8822] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  966.609649][ T8822] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  966.619117][ T8822] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  966.628102][ T8822] usb 1-1: Product: syz
[  966.632482][ T8822] usb 1-1: Manufacturer: syz
[  966.637545][ T8822] usb 1-1: SerialNumber: syz
[  966.652871][ T8822] usb 1-1: config 0 descriptor??
[  967.021773][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  967.029639][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  970.160695][ T8822] usb 1-1: USB disconnect, device number 17
[  973.346195][T10738] QAT: failed to copy from user.
[  974.645026][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  974.718434][    T9] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  975.577766][ T8822] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  975.828366][ T8822] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  975.838913][ T8822] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  975.996528][ T8822] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  976.008665][ T8822] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  976.016973][ T8822] usb 1-1: Product: syz
[  976.022645][ T8822] usb 1-1: Manufacturer: syz
[  976.027874][ T8822] usb 1-1: SerialNumber: syz
[  976.163713][ T8822] usb 1-1: config 0 descriptor??
[  979.161935][ T8822] usb 1-1: USB disconnect, device number 18
[  979.979457][T10782] netlink: 'syz.3.1291': attribute type 2 has an invalid length.
[  979.987620][T10782] netlink: 'syz.3.1291': attribute type 1 has an invalid length.
[  980.001193][T10782] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1291'.
[  983.913389][ T9961] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  983.941410][ T9961] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  983.982615][ T9961] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  984.420763][ T9961] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  984.435695][T10802] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  986.599248][    T9] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  986.612540][ T5823] Bluetooth: hci5: command tx timeout
[  986.613017][T10802] Bluetooth: hci1: unexpected cc 0x0809 length: 68 > 4
[  986.805874][T10796] chnl_net:caif_netlink_parms(): no params data found
[  986.830936][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  986.841657][    T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  987.311089][    T9] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  987.321162][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  987.329600][    T9] usb 1-1: Product: syz
[  987.334067][    T9] usb 1-1: Manufacturer: syz
[  987.339107][    T9] usb 1-1: SerialNumber: syz
[  987.419876][    T9] usb 1-1: config 0 descriptor??
[  988.677651][T10802] Bluetooth: hci5: command tx timeout
[  989.295527][T10796] bridge0: port 1(bridge_slave_0) entered blocking state
[  989.303506][T10796] bridge0: port 1(bridge_slave_0) entered disabled state
[  989.311407][T10796] bridge_slave_0: entered allmulticast mode
[  989.325426][T10796] bridge_slave_0: entered promiscuous mode
[  989.343377][T10796] bridge0: port 2(bridge_slave_1) entered blocking state
[  989.351022][T10796] bridge0: port 2(bridge_slave_1) entered disabled state
[  989.358952][T10796] bridge_slave_1: entered allmulticast mode
[  989.368600][T10796] bridge_slave_1: entered promiscuous mode
[  989.912577][ T8821] usb 1-1: USB disconnect, device number 19
[  990.022128][T10796] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  990.079171][T10796] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  990.533807][   T48] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  990.758216][T10802] Bluetooth: hci5: command tx timeout
[  991.169116][   T48] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  991.250261][T10796] team0: Port device team_slave_0 added
[  991.406785][   T48] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  991.461952][T10796] team0: Port device team_slave_1 added
[  991.552500][   T48] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  991.731933][T10796] batman_adv: batadv0: Adding interface: batadv_slave_0
[  991.739407][T10796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  991.765815][T10796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  991.909187][T10796] batman_adv: batadv0: Adding interface: batadv_slave_1
[  991.916520][T10796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  991.943489][T10796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  992.272789][   T48] bridge_slave_1: left allmulticast mode
[  992.279062][   T48] bridge_slave_1: left promiscuous mode
[  992.289902][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[  992.333653][   T48] bridge_slave_0: left allmulticast mode
[  992.340477][   T48] bridge_slave_0: left promiscuous mode
[  992.347162][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[  992.841233][T10802] Bluetooth: hci5: command tx timeout
[  992.910358][   T48] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  992.946373][   T48] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  992.963045][   T48] bond0 (unregistering): Released all slaves
[  993.595273][T10796] hsr_slave_0: entered promiscuous mode
[  993.605677][T10796] hsr_slave_1: entered promiscuous mode
[  993.621896][T10796] debugfs: 'hsr0' already exists in 'hsr'
[  993.627989][T10796] Cannot create hsr debugfs directory
[  993.751474][    T9] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  994.178995][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  994.189675][    T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  994.334430][T10883] syz.3.1322 (10883): drop_caches: 4
[  994.436971][    T9] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  994.447215][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  994.455679][    T9] usb 1-1: Product: syz
[  994.461261][    T9] usb 1-1: Manufacturer: syz
[  994.466063][    T9] usb 1-1: SerialNumber: syz
[  994.476383][    T9] usb 1-1: config 0 descriptor??
[  994.516283][   T48] hsr_slave_0: left promiscuous mode
[  994.550399][   T48] hsr_slave_1: left promiscuous mode
[  994.559327][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  994.567092][   T48] batman_adv: batadv0: Removing interface: batadv_slave_0
[  994.655758][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  994.667592][   T48] batman_adv: batadv0: Removing interface: batadv_slave_1
[  994.729009][   T48] veth1_macvtap: left promiscuous mode
[  994.734952][   T48] veth0_macvtap: left promiscuous mode
[  994.747698][   T48] veth1_vlan: left promiscuous mode
[  994.753266][   T48] veth0_vlan: left promiscuous mode
[  995.614337][   T48] team0 (unregistering): Port device team_slave_1 removed
[  995.636923][   T48] team0 (unregistering): Port device team_slave_0 removed
[  996.576076][    T9] usb 1-1: USB disconnect, device number 20
[  996.887130][T10904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1330'.
[  997.042268][T10911] loop9: detected capacity change from 0 to 7
[  997.050070][T10911] buffer_io_error: 4 callbacks suppressed
[  997.050142][T10911] Buffer I/O error on dev loop9, logical block 0, async page read
[  997.064404][T10911] Buffer I/O error on dev loop9, logical block 0, async page read
[  997.072664][T10911] Buffer I/O error on dev loop9, logical block 0, async page read
[  997.080892][T10911] Buffer I/O error on dev loop9, logical block 0, async page read
[  997.089294][T10911] Buffer I/O error on dev loop9, logical block 0, async page read
[  997.101728][T10911] Buffer I/O error on dev loop9, logical block 0, async page read
[  997.109956][T10911] Buffer I/O error on dev loop9, logical block 0, async page read
[  997.118088][T10911] ldm_validate_partition_table(): Disk read failed.
[  997.125004][T10911] Buffer I/O error on dev loop9, logical block 0, async page read
[  997.133397][T10911] Buffer I/O error on dev loop9, logical block 0, async page read
[  997.142065][T10911] Buffer I/O error on dev loop9, logical block 0, async page read
[  997.150573][T10911] Dev loop9: unable to read RDB block 0
[  997.156652][T10911]  loop9: unable to read partition table
[  997.163279][T10911] loop9: partition table beyond EOD, truncated
[  997.169898][T10911] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  997.169898][T10911] 
) failed (rc=-5)
[  997.239082][T10796] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  997.278725][T10796] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  997.332796][T10796] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  997.359287][T10796] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  998.239142][T10796] 8021q: adding VLAN 0 to HW filter on device bond0
[  998.444165][T10796] 8021q: adding VLAN 0 to HW filter on device team0
[  998.582901][ T1100] bridge0: port 1(bridge_slave_0) entered blocking state
[  998.590544][ T1100] bridge0: port 1(bridge_slave_0) entered forwarding state
[  998.730597][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state
[  998.738550][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state
[  999.777671][    T9] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  999.991134][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1000.002057][    T9] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1000.084508][    T9] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1000.094246][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1000.102676][    T9] usb 3-1: Product: syz
[ 1000.107046][    T9] usb 3-1: Manufacturer: syz
[ 1000.111995][    T9] usb 3-1: SerialNumber: syz
[ 1000.131492][T10945] loop9: detected capacity change from 0 to 7
[ 1000.139567][T10945] ldm_validate_partition_table(): Disk read failed.
[ 1000.146773][T10945] Dev loop9: unable to read RDB block 0
[ 1000.153647][T10945]  loop9: unable to read partition table
[ 1000.160293][T10945] loop9: partition table beyond EOD, truncated
[ 1000.166783][T10945] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1000.166783][T10945] 
) failed (rc=-5)
[ 1000.193211][    T9] usb 3-1: config 0 descriptor??
[ 1000.462603][T10796] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1002.016051][T10796] veth0_vlan: entered promiscuous mode
[ 1002.094478][T10796] veth1_vlan: entered promiscuous mode
[ 1002.344484][T10796] veth0_macvtap: entered promiscuous mode
[ 1002.409630][T10796] veth1_macvtap: entered promiscuous mode
[ 1002.764676][ T2003] usb 3-1: USB disconnect, device number 7
[ 1002.950728][T10796] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1003.143601][T10796] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1003.201112][ T3635] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1003.250515][ T3635] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1003.498939][ T3635] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1003.529283][ T3635] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1004.420962][T10993] loop9: detected capacity change from 0 to 7
[ 1004.429102][T10993] buffer_io_error: 18 callbacks suppressed
[ 1004.429177][T10993] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1004.447773][T10993] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1004.456021][T10993] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1004.464557][T10993] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1004.477139][T10993] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1004.485435][T10993] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1004.494017][T10993] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1004.502395][T10993] ldm_validate_partition_table(): Disk read failed.
[ 1004.509366][T10993] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1004.517645][T10993] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1004.525749][T10993] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1004.533938][T10993] Dev loop9: unable to read RDB block 0
[ 1004.540055][T10993]  loop9: unable to read partition table
[ 1004.546553][T10993] loop9: partition table beyond EOD, truncated
[ 1004.553120][T10993] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1004.553120][T10993] 
) failed (rc=-5)
[ 1005.849520][ T8821] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[ 1006.073124][ T8821] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1006.084644][ T8821] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1006.142179][ T8821] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1006.151681][ T8821] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1006.160294][ T8821] usb 1-1: Product: syz
[ 1006.164640][ T8821] usb 1-1: Manufacturer: syz
[ 1006.169680][ T8821] usb 1-1: SerialNumber: syz
[ 1006.309612][ T8821] usb 1-1: config 0 descriptor??
[ 1008.837934][ T8821] usb 1-1: USB disconnect, device number 21
[ 1008.892570][T11041] loop9: detected capacity change from 0 to 7
[ 1008.902030][T11041] ldm_validate_partition_table(): Disk read failed.
[ 1008.909490][T11041] Dev loop9: unable to read RDB block 0
[ 1008.915534][T11041]  loop9: unable to read partition table
[ 1008.922249][T11041] loop9: partition table beyond EOD, truncated
[ 1008.928851][T11041] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1008.928851][T11041] 
) failed (rc=-5)
[ 1010.300622][ T3635] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1010.311869][ T3635] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1010.590488][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1010.599571][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1011.445571][T11080] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1382'.
[ 1011.468308][ T2003] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 1013.979458][ T2003] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1013.989100][ T2003] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1014.006844][ T2003] usb 3-1: Product: syz
[ 1014.015818][ T2003] usb 3-1: Manufacturer: syz
[ 1014.021030][ T2003] usb 3-1: SerialNumber: syz
[ 1014.730532][ T2003] usb 3-1: config 0 descriptor??
[ 1015.052903][ T2003] usb 3-1: can't set config #0, error -71
[ 1015.065765][ T2003] usb 3-1: USB disconnect, device number 8
[ 1015.126573][T11092] loop9: detected capacity change from 0 to 7
[ 1015.138542][T11092] buffer_io_error: 18 callbacks suppressed
[ 1015.138619][T11092] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1015.164231][T11092] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1015.172603][T11092] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1015.180983][T11092] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1015.189341][T11092] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1015.197837][T11092] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1015.206015][T11092] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1015.214223][T11092] ldm_validate_partition_table(): Disk read failed.
[ 1015.225749][T11092] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1015.234196][T11092] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1015.242683][T11092] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1015.251025][T11092] Dev loop9: unable to read RDB block 0
[ 1015.257179][T11092]  loop9: unable to read partition table
[ 1015.263915][T11092] loop9: partition table beyond EOD, truncated
[ 1015.270580][T11092] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1015.270580][T11092] 
) failed (rc=-5)
[ 1016.738937][T11115] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1395'.
[ 1017.045287][T11119] tmpfs: Bad value for 'mpol'
[ 1019.550744][T11135] loop9: detected capacity change from 0 to 7
[ 1019.559536][T11135] ldm_validate_partition_table(): Disk read failed.
[ 1019.566646][T11135] Dev loop9: unable to read RDB block 0
[ 1019.572831][T11135]  loop9: unable to read partition table
[ 1019.579505][T11135] loop9: partition table beyond EOD, truncated
[ 1019.585880][T11135] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1019.585880][T11135] 
) failed (rc=-5)
[ 1020.733542][T11154] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1409'.
[ 1022.079257][T11164] tmpfs: Bad value for 'mpol'
[ 1024.323159][T11179] loop9: detected capacity change from 0 to 7
[ 1024.331928][T11179] buffer_io_error: 18 callbacks suppressed
[ 1024.332003][T11179] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1024.355013][T11179] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1024.363237][T11179] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1024.371530][T11179] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1024.379867][T11179] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1024.388187][T11179] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1024.396722][T11179] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1024.405021][T11179] ldm_validate_partition_table(): Disk read failed.
[ 1024.412413][T11179] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1024.420874][T11179] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1024.429075][T11179] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1024.443864][T11179] Dev loop9: unable to read RDB block 0
[ 1024.451828][T11179]  loop9: unable to read partition table
[ 1024.458566][T11179] loop9: partition table beyond EOD, truncated
[ 1024.464944][T11179] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1024.464944][T11179] 
) failed (rc=-5)
[ 1024.613100][ T2003] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1024.828353][ T2003] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1024.838016][ T2003] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1024.851299][ T2003] usb 6-1: Product: syz
[ 1024.855766][ T2003] usb 6-1: Manufacturer: syz
[ 1024.862384][ T2003] usb 6-1: SerialNumber: syz
[ 1024.920126][ T2003] usb 6-1: config 0 descriptor??
[ 1025.205877][T11189] netlink: 112 bytes leftover after parsing attributes in process `syz.3.1422'.
[ 1026.606505][T11211] tmpfs: Bad value for 'mpol'
[ 1028.459010][ T2003] usb 6-1: USB disconnect, device number 7
[ 1028.470070][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[ 1028.476676][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[ 1029.043206][T11218] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1432'.
[ 1029.267914][T11225] loop9: detected capacity change from 0 to 7
[ 1029.275959][T11225] ldm_validate_partition_table(): Disk read failed.
[ 1029.283400][T11225] Dev loop9: unable to read RDB block 0
[ 1029.289649][T11225]  loop9: unable to read partition table
[ 1029.296230][T11225] loop9: partition table beyond EOD, truncated
[ 1029.302717][T11225] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1029.302717][T11225] 
) failed (rc=-5)
[ 1029.716641][T11230] netlink: 112 bytes leftover after parsing attributes in process `syz.0.1436'.
[ 1030.520403][ T5823] Bluetooth: hci2: command 0x0406 tx timeout
[ 1033.464473][T11250] tmpfs: Bad value for 'mpol'
[ 1036.127592][ T2003] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1036.200651][T11258] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1446'.
[ 1036.394467][ T2003] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1036.403056][ T2003] usb 6-1: config 0 has no interface number 0
[ 1036.489221][ T2003] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1036.498903][ T2003] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1036.507200][ T2003] usb 6-1: Product: syz
[ 1036.511729][ T2003] usb 6-1: Manufacturer: syz
[ 1036.516498][ T2003] usb 6-1: SerialNumber: syz
[ 1036.846862][ T2003] usb 6-1: config 0 descriptor??
[ 1036.876202][T11266] netlink: 112 bytes leftover after parsing attributes in process `syz.0.1449'.
[ 1037.203202][ T2003] dvb_usb_ec168 6-1:0.1: probe with driver dvb_usb_ec168 failed with error -32
[ 1038.852598][T11280] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1455'.
[ 1038.907873][ T2003] usb 6-1: USB disconnect, device number 8
[ 1040.898236][ T5823] Bluetooth: hci0: command 0x041b tx timeout
[ 1041.439530][T11287] tmpfs: Bad value for 'mpol'
[ 1043.550308][T11294] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1460'.
[ 1044.459266][T11303] netlink: 112 bytes leftover after parsing attributes in process `syz.5.1462'.
[ 1046.387609][ T8821] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[ 1046.602865][ T8821] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1046.611505][ T8821] usb 6-1: config 0 has no interface number 0
[ 1046.695378][ T8821] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1046.705363][ T8821] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1046.717525][ T8821] usb 6-1: Product: syz
[ 1046.722392][ T8821] usb 6-1: Manufacturer: syz
[ 1046.727177][ T8821] usb 6-1: SerialNumber: syz
[ 1046.755440][ T8821] usb 6-1: config 0 descriptor??
[ 1048.192259][T11333] tmpfs: Bad value for 'mpol'
[ 1049.152804][T11339] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1474'.
[ 1049.723529][ T8821] dvb_usb_ec168 6-1:0.1: probe with driver dvb_usb_ec168 failed with error -71
[ 1049.743521][ T8821] usb 6-1: USB disconnect, device number 9
[ 1051.028882][T11348] netlink: 112 bytes leftover after parsing attributes in process `syz.7.1477'.
[ 1054.888655][T11382] tmpfs: Bad value for 'mpol'
[ 1055.718750][T11384] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1489'.
[ 1056.121595][ T5823] Bluetooth: hci1: command 0x0406 tx timeout
[ 1057.239069][T11394] netlink: 112 bytes leftover after parsing attributes in process `syz.5.1491'.
[ 1060.676431][T11426] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1503'.
[ 1061.467097][T11433] tmpfs: Bad value for 'mpol'
[ 1064.229575][T10802] Bluetooth: hci2: unexpected cc 0x0809 length: 68 > 4
[ 1064.236705][T10802] Bluetooth: hci2: unexpected event for opcode 0x0809
[ 1067.534356][T11477] tmpfs: Bad value for 'mpol'
[ 1072.888406][T10802] Bluetooth: hci0: unexpected cc 0x0809 length: 68 > 4
[ 1072.895719][T10802] Bluetooth: hci0: unexpected event for opcode 0x0809
[ 1075.391337][T11521] tmpfs: Bad value for 'mpol'
[ 1078.806465][T11554] loop9: detected capacity change from 0 to 7
[ 1078.819087][T11554] buffer_io_error: 18 callbacks suppressed
[ 1078.819159][T11554] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1078.835321][T11554] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1078.843740][T11554] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1078.852246][T11554] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1078.860617][T11554] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1078.868943][T11554] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1078.877062][T11554] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1078.885298][T11554] ldm_validate_partition_table(): Disk read failed.
[ 1078.892396][T11554] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1078.900741][T11554] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1078.909425][T11554] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1078.924642][T11554] Dev loop9: unable to read RDB block 0
[ 1078.932537][T11554]  loop9: unable to read partition table
[ 1078.973441][T11554] loop9: partition table beyond EOD, truncated
[ 1078.980282][T11554] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1078.980282][T11554] 
) failed (rc=-5)
[ 1079.874648][T11567] tmpfs: Bad value for 'mpol'
[ 1082.247701][T10802] Bluetooth: hci1: unexpected event for opcode 0x0c46
[ 1087.800739][T11624] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1090.082973][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[ 1090.089800][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[ 1090.725236][T10802] Bluetooth: hci1: unexpected event for opcode 0x0c46
[ 1091.545198][T11634] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[ 1091.800328][T11643] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1570'.
[ 1095.325294][T11684] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[ 1095.558004][T11688] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1585'.
[ 1095.614579][T11690] fuse: Bad value for 'fd'
[ 1098.503307][T10802] Bluetooth: hci2: unexpected event for opcode 0x0c46
[ 1098.655827][T11727] fuse: Bad value for 'fd'
[ 1099.245781][T11734] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1600'.
[ 1101.725187][T11770] fuse: Bad value for 'fd'
[ 1101.793930][T11768] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[ 1102.122103][T11777] netlink: 96 bytes leftover after parsing attributes in process `syz.7.1614'.
[ 1103.051465][T11787] netdevsim netdevsim2: Direct firmware load for � failed with error -2
[ 1103.060514][T11787] netdevsim netdevsim2: Falling back to sysfs fallback for: �
[ 1104.563324][T11812] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1626'.
[ 1104.984262][T11816] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[ 1105.089619][T11821] loop9: detected capacity change from 0 to 7
[ 1105.096972][T11821] buffer_io_error: 4 callbacks suppressed
[ 1105.097045][T11821] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1105.111544][T11821] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1105.119696][T11821] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1105.133069][T11821] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1105.142637][T11821] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1105.150993][T11821] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1105.159430][T11821] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1105.167746][T11821] ldm_validate_partition_table(): Disk read failed.
[ 1105.174646][T11821] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1105.183032][T11821] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1105.191173][T11821] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1105.199282][T11821] Dev loop9: unable to read RDB block 0
[ 1105.205114][T11821]  loop9: unable to read partition table
[ 1105.256418][T11821] loop9: partition table beyond EOD, truncated
[ 1105.263564][T11821] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1105.263564][T11821] 
) failed (rc=-5)
[ 1105.427695][ T5823] Bluetooth: hci3: unexpected event for opcode 0x0c46
[ 1106.746677][T11838] netdevsim netdevsim5: Direct firmware load for � failed with error -2
[ 1106.755446][T11838] netdevsim netdevsim5: Falling back to sysfs fallback for: �
[ 1106.776138][T11839] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present
[ 1107.319134][ T5823] Bluetooth: hci5: command 0x0406 tx timeout
[ 1107.479496][T11850] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1638'.
[ 1109.350082][T11869] loop9: detected capacity change from 0 to 7
[ 1109.363690][T11869] ldm_validate_partition_table(): Disk read failed.
[ 1109.370926][T11869] Dev loop9: unable to read RDB block 0
[ 1109.376961][T11869]  loop9: unable to read partition table
[ 1109.383797][T11869] loop9: partition table beyond EOD, truncated
[ 1109.390573][T11869] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1109.390573][T11869] 
) failed (rc=-5)
[ 1109.459840][T11867] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[ 1109.909203][ T5823] Bluetooth: hci5: unexpected event for opcode 0x0c46
[ 1110.822054][T11882] netdevsim netdevsim2: Direct firmware load for � failed with error -2
[ 1110.830745][T11882] netdevsim netdevsim2: Falling back to sysfs fallback for: �
[ 1111.441049][T11891] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1651'.
[ 1112.365194][T11907] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present
[ 1112.922509][T11910] loop9: detected capacity change from 0 to 7
[ 1112.930090][T11910] buffer_io_error: 18 callbacks suppressed
[ 1112.930173][T11910] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1112.944791][T11910] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1112.953073][T11910] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1112.961282][T11910] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1112.969528][T11910] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1112.977855][T11910] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1112.985937][T11910] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1112.994140][T11910] ldm_validate_partition_table(): Disk read failed.
[ 1113.001871][T11910] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1113.010160][T11910] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1113.026762][T11910] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1113.035176][T11910] Dev loop9: unable to read RDB block 0
[ 1113.041353][T11910]  loop9: unable to read partition table
[ 1113.047953][T11910] loop9: partition table beyond EOD, truncated
[ 1113.054345][T11910] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1113.054345][T11910] 
) failed (rc=-5)
[ 1113.377162][T11916] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[ 1115.989089][ T5823] Bluetooth: hci2: unexpected event for opcode 0x0c46
[ 1116.078250][T11929] netdevsim netdevsim5: Direct firmware load for � failed with error -2
[ 1116.090418][T11929] netdevsim netdevsim5: Falling back to sysfs fallback for: �
[ 1117.902775][T11948] loop9: detected capacity change from 0 to 7
[ 1117.910974][T11948] ldm_validate_partition_table(): Disk read failed.
[ 1117.918429][T11948] Dev loop9: unable to read RDB block 0
[ 1117.924494][T11948]  loop9: unable to read partition table
[ 1117.938053][T11948] loop9: partition table beyond EOD, truncated
[ 1117.944439][T11948] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1117.944439][T11948] 
) failed (rc=-5)
[ 1118.425075][T11952] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[ 1118.463893][   T30] audit: type=1326 audit(1755188734.362:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11954 comm="syz.2.1675" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed51f8ebe9 code=0x0
[ 1118.700088][T11962] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present
[ 1119.075392][ T5823] Bluetooth: hci3: unexpected event for opcode 0x0c46
[ 1119.700814][T11975] netdevsim netdevsim5: Direct firmware load for � failed with error -2
[ 1119.709728][T11975] netdevsim netdevsim5: Falling back to sysfs fallback for: �
[ 1120.151530][T11983] loop9: detected capacity change from 0 to 7
[ 1120.172421][T11983] buffer_io_error: 18 callbacks suppressed
[ 1120.172500][T11983] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1120.194574][T11983] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1120.204964][T11983] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1120.213747][T11983] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1120.222162][T11983] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1120.230642][T11983] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1120.239028][T11983] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1120.247145][T11983] ldm_validate_partition_table(): Disk read failed.
[ 1120.254336][T11983] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1120.262719][T11983] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1120.271145][T11983] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1120.279543][T11983] Dev loop9: unable to read RDB block 0
[ 1120.290957][T11983]  loop9: unable to read partition table
[ 1120.305705][T11983] loop9: partition table beyond EOD, truncated
[ 1120.312582][T11983] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1120.312582][T11983] 
) failed (rc=-5)
[ 1122.042419][T11996] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1687'.
[ 1122.629124][T11999] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=640 (1280 ns) > initial count (34 ns). Using initial count to start timer.
[ 1122.726845][   T30] audit: type=1326 audit(1755188738.612:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12001 comm="syz.3.1691" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fefcdf8ebe9 code=0x0
[ 1125.036930][ T5823] Bluetooth: hci2: unexpected event for opcode 0x0c46
[ 1125.149174][T12016] netdevsim netdevsim0: Direct firmware load for � failed with error -2
[ 1125.158091][T12016] netdevsim netdevsim0: Falling back to sysfs fallback for: �
[ 1125.558046][T12024] fuse: Bad value for 'fd'
[ 1125.579294][T12026] loop9: detected capacity change from 0 to 7
[ 1125.596914][T12026] buffer_io_error: 4 callbacks suppressed
[ 1125.596990][T12026] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1125.617179][T12026] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1125.626982][T12026] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1125.635089][T12026] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1125.643689][T12026] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1125.651893][T12026] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1125.660104][T12026] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1125.668466][T12026] ldm_validate_partition_table(): Disk read failed.
[ 1125.675517][T12026] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1125.683955][T12026] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1125.692287][T12026] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1125.700595][T12026] Dev loop9: unable to read RDB block 0
[ 1125.706525][T12026]  loop9: unable to read partition table
[ 1125.749455][T12027] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present
[ 1125.763994][T12026] loop9: partition table beyond EOD, truncated
[ 1125.770700][T12026] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1125.770700][T12026] 
) failed (rc=-5)
[ 1128.369169][T12038] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1701'.
[ 1128.512485][   T30] audit: type=1326 audit(1755188744.412:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12040 comm="syz.3.1703" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fefcdf8ebe9 code=0x0
[ 1134.321773][T12070] fuse: Bad value for 'fd'
[ 1134.845009][T12080] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1716'.
[ 1134.902099][T12082] loop9: detected capacity change from 0 to 7
[ 1134.931378][T12082] buffer_io_error: 4 callbacks suppressed
[ 1134.931460][T12082] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1134.946333][T12082] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1134.954860][T12082] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1134.967102][T12082] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1134.975579][T12082] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1134.983937][T12082] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1134.992034][T12082] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1135.000832][T12082] ldm_validate_partition_table(): Disk read failed.
[ 1135.007831][T12082] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1135.016015][T12082] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1135.024386][T12082] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1135.038685][T12082] Dev loop9: unable to read RDB block 0
[ 1135.044804][T12082]  loop9: unable to read partition table
[ 1135.071917][T12082] loop9: partition table beyond EOD, truncated
[ 1135.078829][T12082] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1135.078829][T12082] 
) failed (rc=-5)
[ 1135.835321][   T30] audit: type=1326 audit(1755188751.742:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12092 comm="syz.0.1721" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8c92f8ebe9 code=0x0
[ 1141.796325][ T5823] Bluetooth: hci0: unexpected event for opcode 0x0c46
[ 1142.716094][T12131] loop9: detected capacity change from 0 to 7
[ 1142.723644][T12131] buffer_io_error: 4 callbacks suppressed
[ 1142.723721][T12131] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1142.738108][T12131] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1142.746371][T12131] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1142.754696][T12131] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1142.763011][T12131] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1142.774121][T12131] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1142.782452][T12131] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1142.790654][T12131] ldm_validate_partition_table(): Disk read failed.
[ 1142.797868][T12131] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1142.808253][T12131] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1142.822493][T12131] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1142.832141][T12131] Dev loop9: unable to read RDB block 0
[ 1142.838429][T12131]  loop9: unable to read partition table
[ 1142.845104][T12131] loop9: partition table beyond EOD, truncated
[ 1142.851831][T12131] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1142.851831][T12131] 
) failed (rc=-5)
[ 1143.875920][   T30] audit: type=1326 audit(1755188759.462:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12140 comm="syz.5.1739" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4f4258ebe9 code=0x0
[ 1144.038545][T12144] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 1148.277917][ T5823] Bluetooth: hci3: unexpected event for opcode 0x0c46
[ 1151.369907][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[ 1151.376565][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[ 1151.701506][ T5823] Bluetooth: hci2: unexpected event for opcode 0x0c46
[ 1152.041273][T12211] =====================================================
[ 1152.048718][T12211] BUG: KMSAN: kernel-infoleak in _copy_to_iter+0xf0e/0x33f0
[ 1152.056393][T12211]  _copy_to_iter+0xf0e/0x33f0
[ 1152.061386][T12211]  __skb_datagram_iter+0x196/0x12c0
[ 1152.066691][T12211]  skb_copy_datagram_iter+0x5b/0x1e0
[ 1152.072152][T12211]  netlink_recvmsg+0x4bb/0xfe0
[ 1152.077023][T12211]  sock_recvmsg+0x2df/0x390
[ 1152.082205][T12211]  sock_read_iter+0x2c8/0x360
[ 1152.087102][T12211]  do_iter_readv_writev+0x9cd/0xc00
[ 1152.094867][T12211]  vfs_readv+0x34a/0xf30
[ 1152.099704][T12211]  do_readv+0x1b5/0x580
[ 1152.104006][T12211]  __x64_sys_readv+0x99/0xf0
[ 1152.109652][T12211]  x64_sys_call+0x3398/0x3e20
[ 1152.114560][T12211]  do_syscall_64+0xd9/0x210
[ 1152.119551][T12211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1152.125796][T12211] 
[ 1152.128321][T12211] Uninit was created at:
[ 1152.136223][T12211]  __kmalloc_node_track_caller_noprof+0x96d/0x12f0
[ 1152.143923][T12211]  kmalloc_reserve+0x22f/0x4b0
[ 1152.149006][T12211]  __alloc_skb+0x347/0x7d0
[ 1152.153512][T12211]  netlink_dump+0x24f/0x17d0
[ 1152.158285][T12211]  __netlink_dump_start+0x716/0xd60
[ 1152.163636][T12211]  rtnetlink_rcv_msg+0x1262/0x14b0
[ 1152.169056][T12211]  netlink_rcv_skb+0x54a/0x680
[ 1152.173994][T12211]  rtnetlink_rcv+0x35/0x40
[ 1152.178614][T12211]  netlink_unicast+0xf04/0x12b0
[ 1152.183561][T12211]  netlink_sendmsg+0x10b3/0x1250
[ 1152.188755][T12211]  __sock_sendmsg+0x333/0x3d0
[ 1152.193557][T12211]  ____sys_sendmsg+0x7e0/0xd80
[ 1152.198813][T12211]  ___sys_sendmsg+0x271/0x3b0
[ 1152.203586][T12211]  __x64_sys_sendmsg+0x211/0x3e0
[ 1152.208720][T12211]  x64_sys_call+0x1dfd/0x3e20
[ 1152.213603][T12211]  do_syscall_64+0xd9/0x210
[ 1152.218334][T12211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1152.224326][T12211] 
[ 1152.226674][T12211] Bytes 32-35 of 44 are uninitialized
[ 1152.235803][T12211] Memory access of size 44 starts at ffff888032226000
[ 1152.243480][T12211] Data copied to user address 0000200000000200
[ 1152.249804][T12211] 
[ 1152.252194][T12211] CPU: 1 UID: 0 PID: 12211 Comm: syz.5.1763 Tainted: G        W           6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(none) 
[ 1152.266193][T12211] Tainted: [W]=WARN
[ 1152.270130][T12211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1152.280430][T12211] =====================================================
[ 1152.287571][T12211] Disabling lock debugging due to kernel taint
[ 1152.293770][T12211] Kernel panic - not syncing: kmsan.panic set ...
[ 1152.300328][T12211] CPU: 1 UID: 0 PID: 12211 Comm: syz.5.1763 Tainted: G    B   W           6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(none) 
[ 1152.314108][T12211] Tainted: [B]=BAD_PAGE, [W]=WARN
[ 1152.319175][T12211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1152.329298][T12211] Call Trace:
[ 1152.332616][T12211]  <TASK>
[ 1152.335626][T12211]  __dump_stack+0x26/0x30
[ 1152.340164][T12211]  dump_stack_lvl+0x53/0x270
[ 1152.344925][T12211]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1152.350920][T12211]  dump_stack+0x1e/0x25
[ 1152.355173][T12211]  vpanic+0x361/0xc50
[ 1152.359260][T12211]  panic+0x15d/0x160
[ 1152.363305][T12211]  kmsan_report+0x31c/0x320
[ 1152.367903][T12211]  ? kmsan_internal_check_memory+0x16c/0x230
[ 1152.373996][T12211]  ? kmsan_copy_to_user+0xf1/0x190
[ 1152.379189][T12211]  ? _copy_to_iter+0xf0e/0x33f0
[ 1152.384161][T12211]  ? __skb_datagram_iter+0x196/0x12c0
[ 1152.389626][T12211]  ? skb_copy_datagram_iter+0x5b/0x1e0
[ 1152.395180][T12211]  ? netlink_recvmsg+0x4bb/0xfe0
[ 1152.400323][T12211]  ? sock_recvmsg+0x2df/0x390
[ 1152.405189][T12211]  ? sock_read_iter+0x2c8/0x360
[ 1152.410258][T12211]  ? do_iter_readv_writev+0x9cd/0xc00
[ 1152.415771][T12211]  ? vfs_readv+0x34a/0xf30
[ 1152.420268][T12211]  ? do_readv+0x1b5/0x580
[ 1152.424694][T12211]  ? __x64_sys_readv+0x99/0xf0
[ 1152.429826][T12211]  ? x64_sys_call+0x3398/0x3e20
[ 1152.435255][T12211]  ? do_syscall_64+0xd9/0x210
[ 1152.440076][T12211]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1152.446432][T12211]  ? kmsan_get_metadata+0xfb/0x160
[ 1152.451664][T12211]  ? kmsan_get_metadata+0xfb/0x160
[ 1152.456901][T12211]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1152.463493][T12211]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1152.469700][T12211]  ? finish_task_switch+0x263/0x920
[ 1152.475085][T12211]  ? kmsan_get_metadata+0xfb/0x160
[ 1152.480295][T12211]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1152.486220][T12211]  kmsan_internal_check_memory+0x16c/0x230
[ 1152.492201][T12211]  kmsan_copy_to_user+0xf1/0x190
[ 1152.497361][T12211]  _copy_to_iter+0xf0e/0x33f0
[ 1152.502363][T12211]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1152.508980][T12211]  ? kmsan_get_metadata+0xfb/0x160
[ 1152.514202][T12211]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1152.520134][T12211]  ? kmsan_get_metadata+0xfb/0x160
[ 1152.525387][T12211]  ? kmsan_save_stack_with_flags+0x31/0x60
[ 1152.531796][T12211]  ? kmsan_get_metadata+0xfb/0x160
[ 1152.537073][T12211]  __skb_datagram_iter+0x196/0x12c0
[ 1152.542442][T12211]  ? __pfx_simple_copy_to_iter+0x10/0x10
[ 1152.548381][T12211]  skb_copy_datagram_iter+0x5b/0x1e0
[ 1152.553778][T12211]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1152.559698][T12211]  netlink_recvmsg+0x4bb/0xfe0
[ 1152.564647][T12211]  ? aa_sock_msg_perm+0x29c/0x2f0
[ 1152.569785][T12211]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1152.575184][T12211]  sock_recvmsg+0x2df/0x390
[ 1152.579908][T12211]  sock_read_iter+0x2c8/0x360
[ 1152.584715][T12211]  ? __pfx_sock_read_iter+0x10/0x10
[ 1152.590018][T12211]  do_iter_readv_writev+0x9cd/0xc00
[ 1152.595347][T12211]  vfs_readv+0x34a/0xf30
[ 1152.599746][T12211]  ? filter_irq_stacks+0x49/0x190
[ 1152.604894][T12211]  ? stack_depot_save_flags+0x35/0x7b0
[ 1152.610461][T12211]  ? kmsan_get_metadata+0xfb/0x160
[ 1152.615678][T12211]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1152.622829][T12211]  ? kmsan_get_metadata+0xfb/0x160
[ 1152.628085][T12211]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1152.634036][T12211]  do_readv+0x1b5/0x580
[ 1152.638279][T12211]  ? kmsan_get_metadata+0xfb/0x160
[ 1152.643532][T12211]  __x64_sys_readv+0x99/0xf0
[ 1152.648405][T12211]  x64_sys_call+0x3398/0x3e20
[ 1152.653274][T12211]  do_syscall_64+0xd9/0x210
[ 1152.657904][T12211]  ? irqentry_exit+0x16/0x60
[ 1152.662683][T12211]  ? clear_bhb_loop+0x40/0x90
[ 1152.667470][T12211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1152.673514][T12211] RIP: 0033:0x7f4f4258ebe9
[ 1152.678002][T12211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1152.697963][T12211] RSP: 002b:00007f4f43431038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[ 1152.706557][T12211] RAX: ffffffffffffffda RBX: 00007f4f427b5fa0 RCX: 00007f4f4258ebe9
[ 1152.714774][T12211] RDX: 0000000000000001 RSI: 0000200000000600 RDI: 0000000000000004
[ 1152.722819][T12211] RBP: 00007f4f42611e19 R08: 0000000000000000 R09: 0000000000000000
[ 1152.730940][T12211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1152.739097][T12211] R13: 00007f4f427b6038 R14: 00007f4f427b5fa0 R15: 00007fff18e74308
[ 1152.747200][T12211]  </TASK>
[ 1152.750671][T12211] Kernel Offset: disabled
[ 1152.755063][T12211] Rebooting in 86400 seconds..