last executing test programs:

11m33.918249136s ago: executing program 4 (id=133):
prctl$PR_GET_CHILD_SUBREAPER(0x25)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000540)={0x2, 0x4e60, @multicast1}, 0x10)
sendmmsg$inet(r3, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94)
r4 = socket$alg(0x26, 0x5, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r5, 0x84, 0x15, &(0x7f0000000100)={0x2}, 0x1)
r6 = msgget(0x2, 0x14)
msgctl$IPC_RMID(r6, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000004c0)={'veth1_to_bridge\x00', &(0x7f0000000480)=@ethtool_gfeatures={0x3a, 0x3, [{}, {}, {}]}})
r7 = accept4(r4, 0x0, 0x0, 0x80800)
sendmmsg$alg(r7, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459", 0x53}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)=""/84, 0x54}, {&(0x7f0000000280)=""/99, 0x63}], 0x2}, 0x0)
r8 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r9 = accept4$llc(r8, &(0x7f0000000300)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000340)=0x10, 0x800)
setsockopt$SO_TIMESTAMP(r9, 0x1, 0x0, &(0x7f0000000440)=0x1, 0x4)

11m32.240702123s ago: executing program 4 (id=136):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r4 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(r4, r4, &(0x7f0000000080), 0x7f03)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xc}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r7, {0xf000, 0xffff}, {}, {0x6}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0x4}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r8 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r9=>0x0})
bind$can_raw(r8, &(0x7f00000001c0)={0x1d, r9}, 0x10)
recvmmsg(r8, &(0x7f0000003b80)=[{{0x0, 0x0, &(0x7f0000000180)=[{0x0}, {&(0x7f0000000240)=""/122, 0x7a}], 0x2}, 0xdc}], 0x1, 0x40000002, 0x0)
sendmsg$can_raw(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "0000000000000003"}, 0x10}}, 0x0)

11m27.871957548s ago: executing program 4 (id=142):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x9, 0x10, &(0x7f0000000380)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x4)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="640000001e00530f00007000fbdbdf2520010000000000000000000000000002000002880a003300ff0200000000000000000000000000010d000000"], 0x64}, 0x1, 0x0, 0x0, 0x200040c0}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'ip6_vti0\x00', 0x0})
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000080)=0x6)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54d24f15655595860608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"})
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
unshare(0x4000280)
landlock_create_ruleset(&(0x7f0000000180)={0x100, 0x0, 0x80ffff}, 0x18, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001b40)=@expire={0xf8, 0x18, 0x1, 0x0, 0x0, {{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2}, {@in6=@rand_addr=' \x01\x00'}, @in=@dev={0xac, 0x14, 0x14, 0x13}, {}, {}, {}, 0x0, 0x0, 0x0, 0x2}}}, 0xf8}}, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x8}})
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0))

11m26.305802044s ago: executing program 4 (id=147):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
timer_delete(0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6}]}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000280)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @parameter_prob={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x0, @private, @local}}}}}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r6, &(0x7f0000000000)={0x2, @long={0x3, 0x0, {0xaaaaaaaaaaaa0302}}}, 0x14)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x4001, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r6, 0x8983, &(0x7f0000000340)={0x3, 'veth1_to_batadv\x00', {0x1}, 0x7})
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r8=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)=@newlink={0x28, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215}, [@IFLA_MASTER={0x8, 0xa, r8}]}, 0x28}, 0x1, 0xba01}, 0x0)

11m21.431567274s ago: executing program 4 (id=154):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8002, 0x0)
read$msr(r1, &(0x7f0000019540)=""/102400, 0x19000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c40)={{0x14}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8}, @NFTA_RANGE_OP={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RANGE_TO_DATA={0x4}, @NFTA_RANGE_FROM_DATA={0x8, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x4}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x88}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000a40)=@newtaction={0x44, 0x32, 0x216822a75a8bdd29, 0xffe4, 0x0, {}, [{0x30, 0x1, [@m_ct={0x2c, 0x1, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}}, 0x0)
socket$kcm(0x23, 0x5, 0x0)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$rds(0x15, 0x5, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0xc8)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r5, 0x114, 0xa, 0x0, 0x0)
r6 = syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x62ff, 0x400, 0x40000, 0x115}, &(0x7f0000000400)=<r7=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r6, 0x5830, 0x0, 0x41, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv2(r8, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4000003, 0x13, r9, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x5, &(0x7f0000000100)=@framed={{}, [@map_idx_val={0x18, 0x9, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffc}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, r9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r10}, 0x10)
sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYRES16=r4, @ANYBLOB="010000000000000000000b0000"], 0x20}}, 0x0)

11m17.154702728s ago: executing program 4 (id=162):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f00000000c0)={0x84, @dev={0xac, 0x14, 0x14, 0x3d}, 0x4e20, 0x3, 'dh\x00', 0x1, 0x800002, 0x6e}, 0x2c)
lsm_get_self_attr(0x65, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0x1)
mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
syz_clone(0x20022180, 0x0, 0xfe02, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(0xffffffffffffffff, 0x40485404, &(0x7f0000000300)={{0x1, 0x0, 0xfffffffe, 0x1, 0x81}, 0x5, 0x78})
pread64(0xffffffffffffffff, 0x0, 0x0, 0x9)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)

11m1.003237573s ago: executing program 32 (id=162):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f00000000c0)={0x84, @dev={0xac, 0x14, 0x14, 0x3d}, 0x4e20, 0x3, 'dh\x00', 0x1, 0x800002, 0x6e}, 0x2c)
lsm_get_self_attr(0x65, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0x1)
mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
syz_clone(0x20022180, 0x0, 0xfe02, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(0xffffffffffffffff, 0x40485404, &(0x7f0000000300)={{0x1, 0x0, 0xfffffffe, 0x1, 0x81}, 0x5, 0x78})
pread64(0xffffffffffffffff, 0x0, 0x0, 0x9)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)

1m36.92218416s ago: executing program 5 (id=1924):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
unshare(0x20060400)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
vmsplice(r2, 0x0, 0x0, 0x4)

1m36.591250909s ago: executing program 5 (id=1926):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff)
mknod$loop(&(0x7f00000017c0)='./file0\x00', 0x2480, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
mount(&(0x7f00000000c0)=@filename='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='ubifs\x00', 0x0, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x240048cc)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5df6}, 0x94)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r7, 0x40046210, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r6}, 0x18)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'veth1_to_team\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x24}}, 0x0)
write$vhost_msg(r5, &(0x7f0000000300)={0x1, {&(0x7f00000001c0), 0x0, 0x0, 0x3, 0x3}}, 0x48)
syz_emit_vhci(&(0x7f0000000240)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x10}, {0x1, [{@any, 0x4, 0x9, 0xb, "13aa8d", 0x2, 0x5}]}}}, 0x13)

1m35.707983785s ago: executing program 5 (id=1929):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x0, 0x4, 0xd, 0x3}, {0x10000002, 0x0, 0xf, 0x6}], 0x10, 0x4000000}, 0x94)
r0 = socket$kcm(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x84, 0x64, &(0x7f0000000000)=r3, 0x10)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000280)={0x2, 0x10, @local}, 0x10, &(0x7f0000000140)=[{&(0x7f00000005c0)="df", 0x1a000}], 0x1}, 0x0)

1m34.41666988s ago: executing program 5 (id=1938):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

1m34.105362682s ago: executing program 5 (id=1941):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_freezer_state(r1, &(0x7f0000000040)='FROZEN\x00', 0x7)
mkdirat$cgroup(r0, &(0x7f00000000c0)='syz1\x00', 0x1ff)
mkdirat$cgroup(r0, &(0x7f0000000100)='syz0\x00', 0x1ff)
sendfile(r1, r1, 0x0, 0x9)

1m33.516097321s ago: executing program 5 (id=1945):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, 0x0, 0x4048841)
r2 = fsopen(&(0x7f0000000040)='f2fs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f00000004c0)='Y\'\x01\xfe\xac\xa4\x04W\x01?\x1f\x13\x14\x1cK}\x00\x82\xccg\xa8wF\xd5\xb5\xb0=-\xb3\x97x', &(0x7f00000003c0)='\xff\\\'X\x1bO\xc4\x9e\x98\n\x9a\xf0\x13\xd4\xbb\a\xce\a\xa7v\xe53\xee\x95\x9a\xb5\xc2\xe7\xa1\x93\x05\xc14\xe0\xa7\t\xfd\xe2!,\f\x84\xaf[\x93\x93\xc1\xa2\xa4a\x06<\xac\x1b\xe0\xf7\xfc\x8c\x15m\x9f\xbf!q\xb1\xdbt\xc5\nv+K Q(\v\x9e\xe6\x9a\xc5\xeb\x80\xd9\x82\xcfM\x91J\xcf\x9c\xe3I\x87\xd9\x98\xbb\x00\x12\x00\xc2@.\x8c\xe6\xff\x00z\xc4\xe8^\x1a\x00\xb9`h\xa1\x1a;\xde\xfcn\xee\r\xe6=v\xbe\x1c2\xe6\x13\xd4\xe8\xbcF~!Z\xbbH.\x9ei\x1aq\xf2t\x1b\xdb\xb3Q\x8fg\xf0nDC\xbf\xd8L!\x9d\xd2\xff\xdfG\xb8$\xc0~F\x15\xdb\n\x90N\nn\x85\x8f\x88O\x1d\xa2<\xab\xf2M\xbfpC\xf0\x14!\xa1k@\x83R\xa8', 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4000800)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000400)='system.posix_acl_default\x00', &(0x7f0000000500)=ANY=[@ANYBLOB="0200000008000c000000000002000200", @ANYRES32=0x0, @ANYBLOB="040000000000007f26ae950010000300000000002000000088"], 0x2c, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019640)=""/102392, 0x18ff8)
r4 = openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r6)
setsockopt$SO_J1939_SEND_PRIO(0xffffffffffffffff, 0x6b, 0x3, &(0x7f0000000300), 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x2c, r7, 0x1, 0x4, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SCAN_SUPP_RATES={0x8, 0x7d, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x4}]}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004014}, 0x4004000)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r4, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x34, r7, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x7ff, 0x3b}}}}, [@NL80211_ATTR_SSID={0x7, 0x34, @random="8a994f"}, @NL80211_ATTR_BSSID={0xa, 0xf5, @random="e261681546c5"}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x41)
socket(0x848000000015, 0x805, 0x0)
r9 = syz_init_net_socket$ax25(0x3, 0x2, 0x1)
ioctl$SIOCAX25ADDUID(r9, 0x89e1, &(0x7f0000000080)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xee01})
ioctl$SIOCAX25GETUID(r9, 0x89e0, &(0x7f0000000480)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}})
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x8000)
socket$nl_netfilter(0x10, 0x3, 0xc)

1m33.057181439s ago: executing program 33 (id=1945):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, 0x0, 0x4048841)
r2 = fsopen(&(0x7f0000000040)='f2fs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f00000004c0)='Y\'\x01\xfe\xac\xa4\x04W\x01?\x1f\x13\x14\x1cK}\x00\x82\xccg\xa8wF\xd5\xb5\xb0=-\xb3\x97x', &(0x7f00000003c0)='\xff\\\'X\x1bO\xc4\x9e\x98\n\x9a\xf0\x13\xd4\xbb\a\xce\a\xa7v\xe53\xee\x95\x9a\xb5\xc2\xe7\xa1\x93\x05\xc14\xe0\xa7\t\xfd\xe2!,\f\x84\xaf[\x93\x93\xc1\xa2\xa4a\x06<\xac\x1b\xe0\xf7\xfc\x8c\x15m\x9f\xbf!q\xb1\xdbt\xc5\nv+K Q(\v\x9e\xe6\x9a\xc5\xeb\x80\xd9\x82\xcfM\x91J\xcf\x9c\xe3I\x87\xd9\x98\xbb\x00\x12\x00\xc2@.\x8c\xe6\xff\x00z\xc4\xe8^\x1a\x00\xb9`h\xa1\x1a;\xde\xfcn\xee\r\xe6=v\xbe\x1c2\xe6\x13\xd4\xe8\xbcF~!Z\xbbH.\x9ei\x1aq\xf2t\x1b\xdb\xb3Q\x8fg\xf0nDC\xbf\xd8L!\x9d\xd2\xff\xdfG\xb8$\xc0~F\x15\xdb\n\x90N\nn\x85\x8f\x88O\x1d\xa2<\xab\xf2M\xbfpC\xf0\x14!\xa1k@\x83R\xa8', 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4000800)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000400)='system.posix_acl_default\x00', &(0x7f0000000500)=ANY=[@ANYBLOB="0200000008000c000000000002000200", @ANYRES32=0x0, @ANYBLOB="040000000000007f26ae950010000300000000002000000088"], 0x2c, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019640)=""/102392, 0x18ff8)
r4 = openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r6)
setsockopt$SO_J1939_SEND_PRIO(0xffffffffffffffff, 0x6b, 0x3, &(0x7f0000000300), 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x2c, r7, 0x1, 0x4, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_SCAN_SUPP_RATES={0x8, 0x7d, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x4}]}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004014}, 0x4004000)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r4, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x34, r7, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x7ff, 0x3b}}}}, [@NL80211_ATTR_SSID={0x7, 0x34, @random="8a994f"}, @NL80211_ATTR_BSSID={0xa, 0xf5, @random="e261681546c5"}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x41)
socket(0x848000000015, 0x805, 0x0)
r9 = syz_init_net_socket$ax25(0x3, 0x2, 0x1)
ioctl$SIOCAX25ADDUID(r9, 0x89e1, &(0x7f0000000080)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xee01})
ioctl$SIOCAX25GETUID(r9, 0x89e0, &(0x7f0000000480)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}})
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x8000)
socket$nl_netfilter(0x10, 0x3, 0xc)

1m6.140056447s ago: executing program 0 (id=2095):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000140)={0x20001, 0x0, [0x7, 0x4e6a, 0x7, 0x2d5, 0x9, 0x400, 0x3, 0x7]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f00000000c0)="2ef2dd050080000048b844410000000000000f23d00f21f835000000010f23f836362e6726af440f20c0350e000000440f22c0b805000000b9009800000f01d90f01c965470f01c4410f79d226450f01cb660f013b", 0x55}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m5.897988133s ago: executing program 0 (id=2099):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x2082)
read(r2, &(0x7f0000000100)=""/140, 0xde)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000040)={0x197, @tick, 0x0, {}, 0xff, 0x2})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r2, 0xc0605345, &(0x7f00000001c0)={0xfffffffd, 0x2, {0xffffffffffffffff, 0x0, 0x8, 0x3, 0x8}, 0x3})
tkill(r1, 0x7)

1m4.944399745s ago: executing program 0 (id=2103):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='huge=within_size'])
chdir(&(0x7f0000000280)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0xeffd, 0x5)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

1m4.42370074s ago: executing program 0 (id=2107):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

1m4.277381886s ago: executing program 0 (id=2110):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/65, 0x328000, 0x800}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
r1 = syz_clone(0x80040000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000007640)={0x1ff, 0x400, {r1}, {0xee00}, 0x51, 0x6})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)

1m3.376380745s ago: executing program 0 (id=2117):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x4, <r3=>r1})
ioctl$DMA_BUF_SET_NAME_A(r3, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
ioctl$DMA_BUF_IOCTL_SYNC(r3, 0xc0086202, &(0x7f0000000080)=0x2)

1m3.169487053s ago: executing program 34 (id=2117):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x4, <r3=>r1})
ioctl$DMA_BUF_SET_NAME_A(r3, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
ioctl$DMA_BUF_IOCTL_SYNC(r3, 0xc0086202, &(0x7f0000000080)=0x2)

10.424257964s ago: executing program 2 (id=2410):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r0, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r1, &(0x7f00000004c0)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)
listen(r1, 0x80)
r2 = accept$netrom(r1, 0x0, 0x0)
openat$mice(0xffffffffffffff9c, 0x0, 0x20200)
writev(r2, &(0x7f0000000780)=[{&(0x7f0000000380)='x', 0x1}], 0x1)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000180)="99", 0x1}], 0x1)

9.388161563s ago: executing program 2 (id=2416):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x80383, 0x0)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x4, 0xbfdffffc}, &(0x7f0000000340)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000400)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000480))
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f00000003c0)={r4, 0xfffffffffffffa6f, 0xfffffffc})

9.20641269s ago: executing program 6 (id=2420):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000002140)=[{{0x0, 0x0, &(0x7f0000001fc0)=[{&(0x7f0000000d40)="104e915b78a639c9117a31aea64e718a754adc3697f0594a59c0872b4e0e8c4661de7b429d6e06df7ca0f49b8a15bdb5752214799fc670e9cf92dc1a6caca554e8ac9557e5025918c839ffc26d5d84e38265116ff9706bed83f2081e486aafd6e38c622dffd3655f812b3cb14da448c5781166daa570da4c5563407488f71dd3211173a66ee14aaa1a98749666f0cb1516e7714d4cf2c1e3fbb154b703bf960b8c263a977435ea41b5032eedab1342ef8a635685bd0b3b3bc4fdb810d630448641d6bf8a5d80db6ad5721dfe486fbee5264c6f7650b1d4c4298d07abec69993d5f5880440d11bc2ad9f2ece0594fb3f4280213ba5b9128748d3d952949016c317837e711b85fdc6b5ba0731e32b476e9d2cfa12c0f0d20832e828ec93130de35a2435627687341345855880085f53e6c0cfa04a9a9044f14636c9100ef2e0eb25fc312a0762a5b9305df0b292ad3e8da77375197ff3ed0a6bc60a00de5267c05e3d5c509bcced6c438a7436fb3ae6926a385aff1a2a8716def99aade413b3b2cfe3fae374459577d90301dbb8b533fca1f5cb037fdb8e32afba284254ad62570d3a83472f6e780e14d93280dca6c829877e2986c13ef98e119c4f2f4d1ad967d6727241ae6f84399042478e1c1dca2e2c3e648f81f3d1cce7f59010f1cd153faac84426e1c0f8b4d5d4456cbcaccd82264530caa7e57a121b9c8e543b871ee469ad2723f8509d87863ce48ac7090c1e492f1cec89bf8cc57fe5366b5decb75458244d352787048d9cac92ff350641354a343738c50961e703811c6d5ce72c09d2b9476e176223ef79d5eaaf04968a4f936857f816e5778533efae9ee3ccfc4f9290992c93d3807e121ee0f475c57b0f24fbf0b5cfa16192f84c0d2927d3ff5ca051ec74d60a888ed0ee43434f4fff1b14e13b94efeb44326106c4a896731a72776b5b3963a57d0ac64fa64f182cfbaa7d6e4172de261d404d456b270777a426625d90f9840794f190d55753f9819730f8ece01ca8ac14599fd449800d9dfafc3f4368cb6da69e83766f3f06800e8e66ae11ed28e60def286feb2fb598a60d765499eea81e068985624e8b69156fa6178aaf057304bc0449c751cdf1fddb51703bb527c2b487663a1c91c51ae249cb09c92f1ba23034c357267d2741c5de9a272ac2487819d0cc1f86225f220248266e89f3e4ed1739e96cc343288f3f2b59a1d301e9638e04bc3d3f4b1181ca2b2b997c8ca35a2d75dbb3664b0b740783a8c5336a5e773d03b4a71850cc05888bcab02c509c87152afbdeb5aa0e4246302b2507561b33079594749061b96755d500c1f5ec84cb2d40afe8d0c05084917ffd49d7c9cedd3fcb8260dab17c5651fe0a1e5ebd5cbb241b2e63eb3b734b77bd446724f3d054524e23ed6c91a00245418a9ce20a56e896fbd93e3d9eb183b3f2559b9121590c975e1bf401a26bfc6c50df94f47e10bfe70784ab21a16dc883fed78c99fcf0b3e288f5a49c1edfda1fb7f98dae9034a9b696545e3facb2b6e8078965d21d460d7328f9992b6bd9e3ee8350c06c6b9cf06d93f2d7bc14868aa9213c901ba117ed4da4b17fa9b7ddff983b39a2c0effe63231aca2c2275a67f6e718f83bdb9b1cad12203786ff93a307a48b8e3096a931370aefac82824be28fca4859d7963beb3e9390a75b4904902e8c07fbe9d5f4e22187f1ac8643f009d24421493528f1928aeadceb1f7c1b4d64a1c8f2235d88f9e8e916e7aace7eaa43a515aba604b3232b5bc99ff523e8eb28b66c859585088b03f967094e4214a46756fc402083d33ba8e03f6af8de3edc9b0af9cd2f9e2943732a4ae69396cc97374008741f28577a4c77bf9257088f5675a2b2fc0697a19996ff6e29578e5aeed780ab438c1075ba2504529cacd6eb332b5666e3787bf463c0b525159845b217289fc09a55a5", 0x561}], 0x1}}], 0x1, 0x448c0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

9.205001431s ago: executing program 7 (id=2421):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff)
mknod$loop(&(0x7f00000017c0)='./file0\x00', 0x2480, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
mount(&(0x7f00000000c0)=@filename='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='ubifs\x00', 0x0, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x240048cc)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5df6}, 0x94)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r7, 0x40046210, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r6}, 0x18)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'veth1_to_team\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x24}}, 0x0)
write$vhost_msg(r5, &(0x7f0000000300)={0x1, {&(0x7f00000001c0), 0x0, 0x0, 0x3, 0x3}}, 0x48)
syz_emit_vhci(&(0x7f0000000240)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x10}, {0x1, [{@any, 0x4, 0x9, 0xb, "13aa8d", 0x2, 0x5}]}}}, 0x13)

7.740680542s ago: executing program 6 (id=2425):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2101, 0x0)
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}}, &(0x7f00000003c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r3}, 0x10)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0xff)

7.692973629s ago: executing program 7 (id=2426):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x4a276012}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003c58b3bd0000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x2, {0x0, 0x1e}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r4, 0x0, 0x20000)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e1100d6704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6ccb0e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f41c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111ff6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab43fa6104d5a99aa36b73ac3622ccae12252457cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd4132290b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc408a1258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a16d470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="50010000000000000000000000000000060000000000000002000000000000000600000000000000060000000000000005000000ffffffff090000000000000003000000000000000e010000000000000400000000000000000000000000000008000000000000000001000003000000040000000020000005000000", @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0300000007000000000000000400000000000000000003000000000008"], 0x0, 0x0, 0x0})

7.078617532s ago: executing program 2 (id=2429):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

6.900445119s ago: executing program 3 (id=2431):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000500)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000540)={0x8, 0x0, &(0x7f0000000100)=[@acquire], 0x0, 0x0, 0x0})

6.749332814s ago: executing program 6 (id=2432):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount(&(0x7f00000003c0)=@sr0, 0x0, &(0x7f0000000440)='cifs\x00', 0x0, 0x0)
r0 = semget$private(0x0, 0x0, 0x280)
semctl$SEM_STAT_ANY(r0, 0x3, 0x14, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000003c0)='net/ipv6_route\x00')
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYRES16=r4, @ANYBLOB="050026bf7000000004fa0e00000008000300", @ANYRES32=r6], 0x7c}}, 0x20000014)
io_setup(0xb, 0x0)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x101002)
io_submit(0x0, 0x0, 0x0)
lseek(r2, 0x10001, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f0000000000)='[', 0x1, 0x0, 0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xd)
ioctl$VIDIOC_SUBDEV_S_CROP(r2, 0xc038563c, 0x0)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r7, &(0x7f0000000500)=[{&(0x7f0000000040)=@in={0x2, 0xb, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000700)=[{&(0x7f00000000c0)='l', 0x1}, {&(0x7f0000000240)}, {0x0}], 0x3, 0x0, 0x0, 0x14001}], 0x1, 0x4044040)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x3}, 0x28)
lsm_set_self_attr(0x69, &(0x7f0000000140)=ANY=[@ANYBLOB="68000000000000000700000000000000200000000000000000000000000000001349658dec1cdc8d76f51d3360134a3345c7"], 0x20, 0x0)

6.680346459s ago: executing program 3 (id=2433):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDRV_PCM_IOCTL_REWIND(0xffffffffffffffff, 0x40084146, 0x0)
ioctl$F2FS_IOC_DEFRAGMENT(r2, 0xc010f508, 0x0)
syz_io_uring_setup(0x49f, 0x0, 0x0, 0x0)
eventfd2(0xff, 0x80001)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{0x0}], 0x1)
mount(0x0, 0x0, &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
userfaultfd(0x801)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, 0x0, 0x0, 0x0)
preadv2(r0, &(0x7f0000000140), 0x10000000000002dd, 0x10001, 0xa78, 0x0)

6.116675602s ago: executing program 7 (id=2434):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r1, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo\x00')
fchdir(r2)
accept(r1, 0x0, 0x0)

5.83386997s ago: executing program 6 (id=2435):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000093c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x66017, 0x3, 0x0, 0x0, 0x9835}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
getdents64(r4, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xb0, 0x0, 0x0, [{{0x3, 0x2, 0x37a, 0x6, 0x9b, 0xc4b0, {0x0, 0x4, 0x8fb, 0x2000000ec3, 0x7, 0x8, 0x7f, 0xfffff5e3, 0x1, 0xa000, 0x5, r2, r3, 0xfffff077, 0xa}}, {0x4, 0x4, 0x8, 0x800, 'rootmode'}}]}, 0x0, 0x0, 0x0})

5.756171203s ago: executing program 1 (id=2436):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff)
mknod$loop(&(0x7f00000017c0)='./file0\x00', 0x2480, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
mount(&(0x7f00000000c0)=@filename='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='ubifs\x00', 0x0, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x240048cc)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5df6}, 0x94)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r7, 0x40046210, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r6}, 0x18)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'veth1_to_team\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x24}}, 0x0)
write$vhost_msg(r5, &(0x7f0000000300)={0x1, {&(0x7f00000001c0), 0x0, 0x0, 0x3, 0x3}}, 0x48)
syz_emit_vhci(&(0x7f0000000240)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x10}, {0x1, [{@any, 0x4, 0x9, 0xb, "13aa8d", 0x2, 0x5}]}}}, 0x13)

4.401060747s ago: executing program 1 (id=2437):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount(&(0x7f00000003c0)=@sr0, 0x0, &(0x7f0000000440)='cifs\x00', 0x0, 0x0)
r0 = semget$private(0x0, 0x0, 0x280)
semctl$SEM_STAT_ANY(r0, 0x3, 0x14, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000003c0)='net/ipv6_route\x00')
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="050026bf7000000004fa0e00000008000300", @ANYRES32=r6], 0x7c}}, 0x20000014)
io_setup(0xb, 0x0)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x101002)
io_submit(0x0, 0x0, 0x0)
lseek(r2, 0x10001, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f0000000000)='[', 0x1, 0x0, 0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xd)
ioctl$VIDIOC_SUBDEV_S_CROP(r2, 0xc038563c, 0x0)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r7, &(0x7f0000000500)=[{&(0x7f0000000040)=@in={0x2, 0xb, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000700)=[{&(0x7f00000000c0)='l', 0x1}, {&(0x7f0000000240)}, {0x0}], 0x3, 0x0, 0x0, 0x14001}], 0x1, 0x4044040)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x3}, 0x28)
lsm_set_self_attr(0x69, &(0x7f0000000140)=ANY=[@ANYBLOB="68000000000000000700000000000000200000000000000000000000000000001349658dec1cdc8d76f51d3360134a3345c7"], 0x20, 0x0)

4.214795062s ago: executing program 3 (id=2438):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x11, 0x4, 0x4, 0x1000ff, 0x4}, 0x50)

4.184833526s ago: executing program 7 (id=2439):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000380)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0x648b}, {0x6, 0x0, 0x0, 0x2}]}, 0x10)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'gre0\x00', <r3=>0x0})
bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r3}, 0x14)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="02017d29012918000e3580009f0001140000002f0600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304a80500ffffca88faca"], 0xdd12}], 0x1}, 0x0)

4.092391686s ago: executing program 6 (id=2440):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0xcb)
r1 = fsopen(&(0x7f0000000140)='iso9660\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x0)
pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
tee(r4, r5, 0x4e, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x9, 0x0, 0x7ffc9ffb}]})
mlockall(0x4)
getsockopt$ax25_int(r0, 0x101, 0x9, &(0x7f0000000100), 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, 0x0)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r7, 0x0, 0xd1, &(0x7f0000000000)=0x3, 0x4)
setsockopt$MRT_ADD_VIF(r7, 0x0, 0xca, &(0x7f0000000040)={0x1, 0x4, 0x89, 0x9, @vifc_lcl_ifindex, @dev={0xac, 0x14, 0x14, 0x1f}}, 0x10)
setsockopt$MRT_INIT(r7, 0x0, 0xc8, &(0x7f0000000080), 0x4)

4.091577015s ago: executing program 1 (id=2441):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1800272c88840920c48284d89e0000040000000200000020000000e72f93648457f9021d3ed322dbbe1b04000000252c6dde6a74", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES16], 0x50)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x13, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xfffffffffffffea1, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x44880)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000004c00)=""/102392, 0x18ff8)
r3 = socket(0x23, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000000)={0x11, @loopback, 0x0, 0x0, 'lblcr\x00', 0x0, 0x0, 0xfffffffc}, 0x2c)
socket(0x11, 0x800000003, 0x0)
socket$netlink(0x10, 0x3, 0x4)
setsockopt$IP_VS_SO_SET_FLUSH(r3, 0x0, 0x485, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
futex(&(0x7f000000cffc), 0x8c, 0x1, 0x0, &(0x7f0000048000), 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="c400000000010104000000000084b5000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000002000000000000010c00028005000100000000003c0002802c000180140003002001000200000000000000000000000114000400fe80000000000000000000000000001f0c0002800500010000000000080007400000000030000e802c00018014000300fe8800"], 0xc4}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
socket$nl_route(0x10, 0x3, 0x0)

4.063279251s ago: executing program 3 (id=2442):
r0 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000340)=ANY=[@ANYRES32], 0x1)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000000c0)={<r1=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xb}}, 0x1, r1})
r3 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x19, &(0x7f0000000000)=0x1, 0x4)
ioctl(r3, 0x8916, &(0x7f0000000000))
ioctl(r3, 0x8936, &(0x7f0000000000))

3.932839849s ago: executing program 1 (id=2443):
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)="5c00000015006b0300224ed86e6c1d000a117ea6e070d6064e22000300000000250002000f00000017d34460bc24eab556a705251e6182949a00003d3b48dfd8cdbf9767b4fa51f62a64c9f4060046d88037e786a6d0a5d700000017", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

3.921768311s ago: executing program 2 (id=2444):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff)
mknod$loop(&(0x7f00000017c0)='./file0\x00', 0x2480, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
mount(&(0x7f00000000c0)=@filename='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='ubifs\x00', 0x0, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x240048cc)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5df6}, 0x94)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r6, 0x40046210, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r5}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'veth1_to_team\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r8}}, 0x24}}, 0x0)
write$vhost_msg(r4, &(0x7f0000000300)={0x1, {&(0x7f00000001c0), 0x0, 0x0, 0x3, 0x3}}, 0x48)
syz_emit_vhci(&(0x7f0000000240)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x10}, {0x1, [{@any, 0x4, 0x9, 0xb, "13aa8d", 0x2, 0x5}]}}}, 0x13)

3.910889088s ago: executing program 7 (id=2445):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount(&(0x7f00000003c0)=@sr0, 0x0, &(0x7f0000000440)='cifs\x00', 0x0, 0x0)
r0 = semget$private(0x0, 0x0, 0x280)
semctl$SEM_STAT_ANY(r0, 0x3, 0x14, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000003c0)='net/ipv6_route\x00')
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYRES16=r4, @ANYBLOB="050026bf7000000004fa0e00000008000300", @ANYRES32=r6], 0x7c}}, 0x20000014)
io_setup(0xb, 0x0)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x101002)
io_submit(0x0, 0x0, 0x0)
lseek(r2, 0x10001, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f0000000000)='[', 0x1, 0x0, 0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xd)
ioctl$VIDIOC_SUBDEV_S_CROP(r2, 0xc038563c, 0x0)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r7, &(0x7f0000000500)=[{&(0x7f0000000040)=@in={0x2, 0xb, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000700)=[{&(0x7f00000000c0)='l', 0x1}, {&(0x7f0000000240)}, {0x0}], 0x3, 0x0, 0x0, 0x14001}], 0x1, 0x4044040)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x3}, 0x28)
lsm_set_self_attr(0x69, &(0x7f0000000140)=ANY=[@ANYBLOB="68000000000000000700000000000000200000000000000000000000000000001349658dec1cdc8d76f51d3360134a3345c7"], 0x20, 0x0)

3.800151253s ago: executing program 1 (id=2446):
getgroups(0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x45, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="34000000100001f8ffffff000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32, @ANYBLOB="08001b"], 0x34}}, 0x4004010)
r4 = socket(0x2, 0x3, 0x6)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x8)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
setresgid(0x0, 0x0, 0x0)
getresgid(0x0, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, 0x0, 0x48000, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)

3.798193816s ago: executing program 3 (id=2447):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000000)=[0x0], &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={0x0})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000001200)={0x0, 0xffffff1e, 0xffffffff, 0x4, 0x16, "001bf100eeff0000a2c2000100000000002000"})
r3 = syz_open_pts(r2, 0x101)
dup3(r3, r1, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)

2.892797469s ago: executing program 7 (id=2448):
socket(0x2b, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, 0x0, &(0x7f0000000200)='GPL\x00', 0xff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
syz_open_dev$MSR(0x0, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = socket$kcm(0x29, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40a"], &(0x7f0000000140)='GPL\x00'}, 0x94)
r4 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x20000000)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000400)={r4, r3})
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)

1.635909408s ago: executing program 3 (id=2449):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDRV_PCM_IOCTL_REWIND(0xffffffffffffffff, 0x40084146, 0x0)
ioctl$F2FS_IOC_DEFRAGMENT(r2, 0xc010f508, 0x0)
syz_io_uring_setup(0x49f, 0x0, 0x0, 0x0)
eventfd2(0xff, 0x80001)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{0x0}], 0x1)
mount(0x0, 0x0, &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
userfaultfd(0x801)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640), 0x0, 0x0)
preadv2(r0, &(0x7f0000000140), 0x10000000000002dd, 0x10001, 0xa78, 0x0)

1.305016561s ago: executing program 1 (id=2450):
openat$vcs(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f00000022c0)=ANY=[@ANYBLOB="030000000000009500000000000008006b14f81187f34b0000b5bc2780d37e00007c7cee41a70648d72aeda4b5981a85cf82062e134267cc382ad41aea779b90392e37ba69495c9f2e7e2e63db3e5771e9eb7228896ee0c51d61602319add60d7a0f23a74650d7e1f774ae0968b1819ccd3b227d1ad08287618d3c6b995816d14502fe817cf83bca0d45735d3829810d2845727a6294b47771712e40134c8c5dc2ef1d711c23ca318756c9b67cb04edf96cef06ae80592dfb65370561da7d7311607ab11"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x24, 0x7, @val=@target_btf_id=0xffffffffffffffff}, 0x14)
syz_clone3(&(0x7f0000000600)={0x8028000, 0x0, 0x0, 0x0, {0x23}, &(0x7f00000004c0)=""/128, 0x80, 0x0, 0x0}, 0x58)
r1 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r1, {0x1}}, './file0\x00'})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x14)
sendmmsg$inet(r1, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x24, 0x0, 0x0)
stat(0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x20000000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000840)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000880)={0x48, 0x2, r5})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000100)={0x28, 0x6, r4, 0x0, &(0x7f0000c00000/0x400000)=nil, 0x400000, 0x51e})
ioperm(0x0, 0x2, 0x7e)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_clone3(&(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, {0x28}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000200)={'syztnl0\x00', 0x0})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r6, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xc, &(0x7f00000006c0)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)

1.304206302s ago: executing program 2 (id=2451):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount(&(0x7f00000003c0)=@sr0, 0x0, &(0x7f0000000440)='cifs\x00', 0x0, 0x0)
r0 = semget$private(0x0, 0x0, 0x280)
semctl$SEM_STAT_ANY(r0, 0x3, 0x14, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000003c0)='net/ipv6_route\x00')
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="050026bf7000000004fa0e00000008000300", @ANYRES32=r6], 0x7c}}, 0x20000014)
io_setup(0xb, 0x0)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x101002)
io_submit(0x0, 0x0, 0x0)
lseek(r2, 0x10001, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f0000000000)='[', 0x1, 0x0, 0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xd)
ioctl$VIDIOC_SUBDEV_S_CROP(r2, 0xc038563c, 0x0)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r7, &(0x7f0000000500)=[{&(0x7f0000000040)=@in={0x2, 0xb, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000700)=[{&(0x7f00000000c0)='l', 0x1}, {&(0x7f0000000240)}, {0x0}], 0x3, 0x0, 0x0, 0x14001}], 0x1, 0x4044040)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x3}, 0x28)
lsm_set_self_attr(0x69, &(0x7f0000000140)=ANY=[@ANYBLOB="68000000000000000700000000000000200000000000000000000000000000001349658dec1cdc8d76f51d3360134a3345c7"], 0x20, 0x0)

141.317175ms ago: executing program 2 (id=2452):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff)
mknod$loop(&(0x7f00000017c0)='./file0\x00', 0x2480, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
mount(&(0x7f00000000c0)=@filename='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='ubifs\x00', 0x0, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x240048cc)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5df6}, 0x94)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r7, 0x40046210, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r6}, 0x18)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'veth1_to_team\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x24}}, 0x0)
write$vhost_msg(r5, &(0x7f0000000300)={0x1, {&(0x7f00000001c0), 0x0, 0x0, 0x3, 0x3}}, 0x48)
syz_emit_vhci(&(0x7f0000000240)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x10}, {0x1, [{@any, 0x4, 0x9, 0xb, "13aa8d", 0x2, 0x5}]}}}, 0x13)

0s ago: executing program 6 (id=2453):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1800272c88840920c48284d89e0000040000000200000020000000e72f93648457f9021d3ed322dbbe1b04000000252c6dde6a74", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES16], 0x50)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x13, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xfffffffffffffea1, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x44880)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000004c00)=""/102392, 0x18ff8)
r3 = socket(0x23, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000000)={0x11, @loopback, 0x0, 0x0, 'lblcr\x00', 0x0, 0x0, 0xfffffffc}, 0x2c)
socket(0x11, 0x800000003, 0x0)
socket$netlink(0x10, 0x3, 0x4)
setsockopt$IP_VS_SO_SET_FLUSH(r3, 0x0, 0x485, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
futex(&(0x7f000000cffc), 0x8c, 0x1, 0x0, &(0x7f0000048000), 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="c400000000010104000000000084b5000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000002000000000000010c00028005000100000000003c0002802c000180140003002001000200000000000000000000000114000400fe80000000000000000000000000001f0c0002800500010000000000080007400000000030000e802c00018014000300fe8800"], 0xc4}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
socket$nl_route(0x10, 0x3, 0x0)

kernel console output (not intermixed with test programs):

ket: 8
[  633.385002][T10808] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1005'.
[  633.409915][ T1831] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  633.422240][ T1831] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  633.432501][ T1209] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  633.442371][ T1209] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  633.450568][ T1831] usb 6-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  633.470052][ T1209] usb 4-1: Product: syz
[  633.474580][ T1831] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.483171][ T1209] usb 4-1: Manufacturer: syz
[  633.513602][ T1209] usb 4-1: SerialNumber: syz
[  633.539119][ T1831] usb 6-1: config 0 descriptor??
[  633.548695][ T1209] usb 4-1: config 0 descriptor??
[  633.602712][ T1209] gspca_main: se401-2.14.0 probing 047d:5003
[  633.815651][T10818] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1008'.
[  634.229052][ T1209] gspca_se401: Bayer format not supported!
[  634.330482][ T1831] hid-led 0003:0FC5:B080.0002: unknown main item tag 0x0
[  634.423050][T10828] netlink: 'syz.2.1012': attribute type 4 has an invalid length.
[  634.445238][   T24] usb 4-1: USB disconnect, device number 11
[  634.490637][T10828] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  634.534315][ T1831] hid-led 0003:0FC5:B080.0002: probe with driver hid-led failed with error -71
[  634.582671][ T1831] usb 6-1: USB disconnect, device number 7
[  635.427053][T10842] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1017'.
[  635.595240][T10844] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1018'.
[  637.043404][ T1831] kernel write not supported for file /vcsu (pid: 1831 comm: kworker/0:3)
[  638.201973][T10901] netlink: 'syz.0.1037': attribute type 27 has an invalid length.
[  639.123968][T10917] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  639.706766][    T9] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  640.474281][    T9] usb 4-1: Using ep0 maxpacket: 16
[  640.481506][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  640.493205][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  640.520706][T10938] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  640.538511][    T9] usb 4-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.00
[  640.550970][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  640.751490][   T24] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  641.037144][    T9] usb 4-1: config 0 descriptor??
[  641.185262][   T24] usb 6-1: Using ep0 maxpacket: 8
[  641.195311][   T24] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  641.205545][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  641.228373][   T24] pvrusb2: Hardware description: Terratec Grabster AV400
[  641.243354][   T24] pvrusb2: **********
[  641.249005][   T24] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  641.263092][   T24] pvrusb2: Important functionality might not be entirely working.
[  641.271369][   T24] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  641.285073][   T24] pvrusb2: **********
[  641.433551][ T2344] pvrusb2: Invalid write control endpoint
[  641.506487][    T9] logitech 0003:046D:C623.0003: unknown main item tag 0x6
[  641.530830][    T9] logitech 0003:046D:C623.0003: collection stack underflow
[  641.566472][    T9] logitech 0003:046D:C623.0003: item 0 4 0 12 parsing failed
[  641.590130][ T2344] pvrusb2: Invalid write control endpoint
[  641.597041][    T9] logitech 0003:046D:C623.0003: parse failed
[  641.603141][    T9] logitech 0003:046D:C623.0003: probe with driver logitech failed with error -22
[  641.625717][ T2344] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  641.642764][T10962] netlink: 'syz.2.1059': attribute type 4 has an invalid length.
[  641.645744][ T2344] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  641.684363][ T2344] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  641.704331][ T2344] pvrusb2: Device being rendered inoperable
[  641.712438][    T9] usb 4-1: USB disconnect, device number 12
[  641.742812][T10934] pvrusb2: Attempted to execute control transfer when device not ok
[  641.767142][ T2344] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  641.769618][   T24] usb 6-1: USB disconnect, device number 8
[  641.786507][ T2344] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  641.803765][ T2344] pvrusb2: Attached sub-driver cx25840
[  641.819766][ T2344] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  641.834390][ T2344] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  642.260781][T10982] netlink: 'syz.2.1063': attribute type 10 has an invalid length.
[  642.363346][T10982] team0: Port device wlan1 removed
[  642.398056][T10982] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  642.554503][   T43] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  642.602911][T10996] bridge0: port 3(veth0_to_bridge) entered blocking state
[  642.622797][T10996] bridge0: port 3(veth0_to_bridge) entered disabled state
[  642.632052][T10996] veth0_to_bridge: entered allmulticast mode
[  642.643441][T10996] veth0_to_bridge: entered promiscuous mode
[  642.652182][T10996] bridge0: port 3(veth0_to_bridge) entered blocking state
[  642.659478][T10996] bridge0: port 3(veth0_to_bridge) entered listening state
[  642.709126][   T43] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  642.728881][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  642.743635][   T43] usb 4-1: config 0 descriptor??
[  642.761333][   T43] cp210x 4-1:0.0: cp210x converter detected
[  642.924357][ T1831] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  643.084244][ T1831] usb 6-1: Using ep0 maxpacket: 32
[  643.091456][ T1831] usb 6-1: config 0 has an invalid interface number: 85 but max is 0
[  643.100027][ T1831] usb 6-1: config 0 has no interface number 0
[  643.107000][ T1831] usb 6-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  643.119602][ T1831] usb 6-1: config 0 interface 85 has no altsetting 0
[  643.130840][ T1831] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  643.140222][ T1831] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  643.149279][ T1831] usb 6-1: Product: syz
[  643.153948][ T1831] usb 6-1: Manufacturer: syz
[  643.163141][ T1831] usb 6-1: SerialNumber: syz
[  643.169841][   T43] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32
[  643.181671][ T1831] usb 6-1: config 0 descriptor??
[  643.222448][   T43] usb 4-1: cp210x converter now attached to ttyUSB0
[  643.337131][    C0] bridge0: port 3(veth0_to_bridge) entered blocking state
[  643.533133][   T24] usb 4-1: USB disconnect, device number 13
[  643.643247][T11021] Invalid source name
[  643.647377][T11021] UBIFS error (pid: 11021): cannot open "./file0", error -22
[  643.945371][ T1831] appletouch 6-1:0.85: Geyser mode initialized.
[  644.064580][   T24] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  644.116980][ T1831] input: appletouch as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.85/input/input6
[  644.117643][   T24] cp210x 4-1:0.0: device disconnected
[  644.303003][    C0] appletouch 6-1:0.85: atp_complete: usb_submit_urb failed with result -19
[  644.311863][ T1831] usb 6-1: USB disconnect, device number 9
[  644.397235][ T1831] appletouch 6-1:0.85: input: appletouch disconnected
[  644.568704][T11031] bridge0: port 2(bridge_slave_1) entered disabled state
[  646.676494][T11076] Invalid source name
[  646.680559][T11076] UBIFS error (pid: 11076): cannot open "./file0", error -22
[  646.691792][T11076] binder: 11069:11076 ioctl 40046210 0 returned -14
[  647.832543][T11100] Invalid source name
[  647.836667][T11100] UBIFS error (pid: 11100): cannot open "./file0", error -22
[  647.928875][T11102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1094'.
[  649.264956][   T43] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  649.434319][   T43] usb 6-1: Using ep0 maxpacket: 16
[  649.443759][   T43] usb 6-1: config 0 has no interfaces?
[  649.451539][   T43] usb 6-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  649.482517][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  649.549456][   T43] usb 6-1: config 0 descriptor??
[  649.729790][T11139] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1109'.
[  649.863170][    T9] usb 6-1: USB disconnect, device number 10
[  650.349008][T11165] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1118'.
[  650.417581][T11165] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1118'.
[  650.946620][T11187] netlink: 'syz.2.1123': attribute type 27 has an invalid length.
[  651.207210][T11188] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1125'.
[  652.070754][T11200] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1130'.
[  652.960381][ T1831] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  653.051928][T11241] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1146'.
[  653.144568][ T1831] usb 6-1: Using ep0 maxpacket: 32
[  653.172146][ T1831] usb 6-1: config 0 interface 0 has no altsetting 0
[  653.191826][ T1831] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  653.239337][ T1831] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  653.306495][ T1831] usb 6-1: Product: syz
[  653.310713][ T1831] usb 6-1: Manufacturer: syz
[  653.315723][ T1831] usb 6-1: SerialNumber: syz
[  653.325144][ T1831] usb 6-1: config 0 descriptor??
[  653.505857][T11251] netlink: 'syz.3.1150': attribute type 4 has an invalid length.
[  653.527040][T11252] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1151'.
[  653.566530][T11252] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1151'.
[  653.599111][T11252] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1151'.
[  653.752765][ T1831] gs_usb 6-1:0.0: Configuring for 1 interfaces
[  653.777861][   T30] audit: type=1400 audit(1750891554.036:688): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=11262 comm="syz.1.1156" dest=20002 netif=wpan0
[  653.955423][   T30] audit: type=1326 audit(1750891554.216:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11265 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  653.995055][   T30] audit: type=1326 audit(1750891554.216:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11265 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  654.018686][   T30] audit: type=1326 audit(1750891554.216:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11265 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  654.047448][   T30] audit: type=1326 audit(1750891554.216:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11265 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  654.075376][   T30] audit: type=1326 audit(1750891554.216:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11265 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  654.099468][   T30] audit: type=1326 audit(1750891554.216:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11265 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  654.124895][   T30] audit: type=1326 audit(1750891554.216:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11265 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  654.146954][   T30] audit: type=1326 audit(1750891554.216:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11265 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  654.177917][   T30] audit: type=1326 audit(1750891554.216:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11265 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  654.187120][ T1831] gs_usb 6-1:0.0: Couldn't get extended bit timing const for channel 0 (-EPROTO)
[  654.252171][ T1831] gs_usb 6-1:0.0: probe with driver gs_usb failed with error -71
[  654.289389][ T1831] usb 6-1: USB disconnect, device number 11
[  654.500806][T11290] netlink: 'syz.3.1164': attribute type 6 has an invalid length.
[  654.751532][T11299] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1168'.
[  657.361627][T11345] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1184'.
[  657.925859][T11355] Invalid source name
[  657.929930][T11355] UBIFS error (pid: 11355): cannot open "./file0", error -22
[  657.941724][T11355] binder: 11349:11355 ioctl 40046210 0 returned -14
[  657.961172][T11355] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1188'.
[  659.342542][T11355] team0: Port device team_slave_1 removed
[  659.477130][ T3488] wlan1: Trigger new scan to find an IBSS to join
[  660.591530][T11383] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1193'.
[  661.179307][T11398] Invalid source name
[  661.183377][T11398] UBIFS error (pid: 11398): cannot open "./file0", error -22
[  661.194511][T11398] binder: 11393:11398 ioctl 40046210 0 returned -14
[  661.293439][T11399] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1200'.
[  661.720244][T11388] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1198'.
[  662.368973][   T30] kauditd_printk_skb: 31 callbacks suppressed
[  662.368990][   T30] audit: type=1326 audit(1750891562.626:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11412 comm="syz.5.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f044578e929 code=0x7ffc0000
[  662.484701][T11418] Invalid source name
[  662.488759][T11418] UBIFS error (pid: 11418): cannot open "./file0", error -22
[  662.498079][T11418] binder: 11410:11418 ioctl 40046210 0 returned -14
[  662.594227][T11419] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1205'.
[  662.937592][   T30] audit: type=1326 audit(1750891562.636:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11412 comm="syz.5.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f044578e929 code=0x7ffc0000
[  662.959498][   T30] audit: type=1326 audit(1750891562.636:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11412 comm="syz.5.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f044578e929 code=0x7ffc0000
[  662.998065][   T30] audit: type=1326 audit(1750891562.636:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11412 comm="syz.5.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f044578e929 code=0x7ffc0000
[  663.150778][   T30] audit: type=1326 audit(1750891562.636:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11412 comm="syz.5.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f044578e929 code=0x7ffc0000
[  663.173942][   T30] audit: type=1326 audit(1750891562.636:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11412 comm="syz.5.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f044578e929 code=0x7ffc0000
[  663.244277][   T30] audit: type=1326 audit(1750891562.636:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11412 comm="syz.5.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f044578e929 code=0x7ffc0000
[  663.337612][   T49] wlan1: Trigger new scan to find an IBSS to join
[  663.455810][   T30] audit: type=1326 audit(1750891562.636:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11412 comm="syz.5.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f044578e929 code=0x7ffc0000
[  663.831746][   T30] audit: type=1326 audit(1750891562.646:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11412 comm="syz.5.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f044578e929 code=0x7ffc0000
[  663.942572][   T30] audit: type=1326 audit(1750891562.646:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11412 comm="syz.5.1207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f044578e929 code=0x7ffc0000
[  664.051089][T11440] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1215'.
[  664.513062][T11468] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1229'.
[  664.660696][T11476] bridge0: entered promiscuous mode
[  664.955219][T11484] binder: 11475:11484 ioctl 40046210 0 returned -14
[  665.608352][T11489] syzkaller0: tun_chr_ioctl cmd 1074025676
[  665.631608][T11489] syzkaller0: owner set to 1
[  665.671160][T11498] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1241'.
[  665.819585][T11502] netlink: 'syz.1.1243': attribute type 1 has an invalid length.
[  665.864016][T11502] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1243'.
[  666.166532][T11511] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1242'.
[  666.302726][ T3542] wlan1: Creating new IBSS network, BSSID 6e:4e:8c:2f:18:c1
[  668.403035][T11542] fuse: Bad value for 'fd'
[  668.415355][T11536] Invalid source name
[  668.419440][T11536] UBIFS error (pid: 11536): cannot open "./file0", error -22
[  668.483851][T11542] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1251'.
[  668.586338][T11540] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  668.763575][T11541] netlink: 'syz.0.1256': attribute type 4 has an invalid length.
[  669.280589][T11550] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1258'.
[  671.136022][T11590] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1272'.
[  671.195355][T11592] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1273'.
[  671.602362][T11600] netlink: 'syz.0.1279': attribute type 4 has an invalid length.
[  671.641268][T11600] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  671.803837][T11607] Invalid source name
[  671.808060][T11607] UBIFS error (pid: 11607): cannot open "./file0", error -22
[  671.826022][T11607] binder: 11596:11607 ioctl 40046210 0 returned -14
[  671.927040][T11608] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1276'.
[  673.019414][T11635] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  673.120681][T11617] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1281'.
[  673.132869][T11635] overlayfs: fs on './file0' does not support file handles, falling back to xino=off.
[  673.256396][ T5895] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  673.437267][ T5895] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  673.616800][T11651] Invalid source name
[  673.620829][T11651] UBIFS error (pid: 11651): cannot open "./file0", error -22
[  673.639362][ T5895] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  673.657696][ T5895] usb 6-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  673.666911][ T5895] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  673.689750][T11653] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1291'.
[  674.608533][T11654] Invalid source name
[  674.612648][T11654] UBIFS error (pid: 11654): cannot open "./file0", error -22
[  674.750174][ T5895] usb 6-1: config 0 descriptor??
[  675.224338][T11654] binder: 11649:11654 ioctl 40046210 0 returned -14
[  675.466377][T11659] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1292'.
[  675.871111][ T5895] hid-led 0003:27B8:01ED.0004: unbalanced delimiter at end of report description
[  675.915336][ T5895] hid-led 0003:27B8:01ED.0004: probe with driver hid-led failed with error -22
[  676.022504][T11671] xt_CT: No such helper "snmp"
[  676.101252][   T10] usb 6-1: USB disconnect, device number 12
[  676.117869][T11680] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1302'.
[  676.467642][T11698] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1308'.
[  676.478154][T11698] smc: net device bond0 applied user defined pnetid SY
[  676.498307][T11698] smc: net device bond0 erased user defined pnetid SY
[  676.538675][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  676.538690][   T30] audit: type=1326 audit(1750891576.796:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  676.571702][   T30] audit: type=1326 audit(1750891576.796:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  676.594773][   T30] audit: type=1326 audit(1750891576.806:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  676.666667][   T30] audit: type=1326 audit(1750891576.806:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  676.700625][   T30] audit: type=1326 audit(1750891576.806:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  676.712044][T11708] tun0: tun_chr_ioctl cmd 1074025675
[  676.723364][   T30] audit: type=1326 audit(1750891576.806:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  676.733226][T11708] tun0: persist enabled
[  676.754520][   T30] audit: type=1326 audit(1750891576.806:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  676.785867][   T30] audit: type=1326 audit(1750891576.806:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  676.814266][   T30] audit: type=1326 audit(1750891576.806:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  677.011842][   T30] audit: type=1326 audit(1750891576.806:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11697 comm="syz.1.1309" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  677.027677][T11711] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1313'.
[  677.232941][T11708] tun0: tun_chr_ioctl cmd 1074025675
[  677.238899][T11708] tun0: persist disabled
[  677.654454][   T24] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  677.779572][T11725] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1319'.
[  677.834269][   T24] usb 4-1: Using ep0 maxpacket: 16
[  677.951862][   T24] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  677.999455][   T24] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 170, changing to 11
[  678.013797][   T24] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid maxpacket 34661, setting to 1024
[  678.026274][   T24] usb 4-1: config 0 interface 0 has no altsetting 0
[  678.060472][   T24] usb 4-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  678.071182][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  678.079395][   T24] usb 4-1: Product: syz
[  678.084322][   T24] usb 4-1: Manufacturer: syz
[  678.103361][   T24] usb 4-1: SerialNumber: syz
[  678.129295][   T24] usb 4-1: config 0 descriptor??
[  678.136106][T11719] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  678.365600][T11719] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  678.383270][   T24] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input7
[  678.611580][   T10] usb 4-1: USB disconnect, device number 14
[  678.734201][   T24] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  678.886723][   T24] usb 6-1: Using ep0 maxpacket: 32
[  678.896920][   T24] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  678.910726][   T24] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  678.926926][   T24] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  678.939300][   T24] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  678.955492][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  678.966938][   T24] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  678.977898][   T24] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  678.987871][   T24] usb 6-1: Product: syz
[  678.992186][   T24] usb 6-1: Manufacturer: syz
[  679.000660][   T24] usb 6-1: SerialNumber: syz
[  679.010884][   T24] usb 6-1: config 0 descriptor??
[  679.027570][   T24] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  679.046320][   T24] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  679.750877][T11747] Invalid source name
[  679.755038][T11747] UBIFS error (pid: 11747): cannot open "./file0", error -22
[  679.768081][T11747] binder: 11739:11747 ioctl 40046210 0 returned -14
[  679.862969][T11748] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1326'.
[  680.757045][T11763] Invalid source name
[  680.761112][T11763] UBIFS error (pid: 11763): cannot open "./file0", error -22
[  680.895221][T11763] binder: 11755:11763 ioctl 40046210 0 returned -14
[  680.920536][T11764] Invalid source name
[  680.924775][T11764] UBIFS error (pid: 11764): cannot open "./file0", error -22
[  680.927008][T11764] binder: 11757:11764 ioctl 40046210 0 returned -14
[  681.360450][T11765] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1333'.
[  682.206344][   T24] usb 6-1: USB disconnect, device number 13
[  682.280284][   T24] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  682.594480][ T5895] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  682.794590][   T24] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  682.826336][ T5895] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  683.754433][T11790] netlink: 'syz.0.1344': attribute type 1 has an invalid length.
[  683.793081][ T5895] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  683.803816][ T5895] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  683.814632][ T5895] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  683.828448][ T5895] usb 4-1: config 0 descriptor??
[  683.850515][T11792] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1332'.
[  683.934365][   T24] usb 6-1: Using ep0 maxpacket: 16
[  683.948278][   T24] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  683.961677][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  683.970222][   T24] usb 6-1: Product: syz
[  683.974854][   T24] usb 6-1: Manufacturer: syz
[  683.979570][   T24] usb 6-1: SerialNumber: syz
[  683.987877][   T24] usb 6-1: config 0 descriptor??
[  684.020805][   T24] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[  684.036541][   T24] usb 6-1: Detected FT232H
[  684.518773][   T24] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  684.565316][ T5895] usb 4-1: string descriptor 0 read error: -22
[  684.722440][T11810] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  684.934572][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  684.979824][   T24] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  684.988118][ T5895] uclogic 0003:256C:006D.0005: failed retrieving string descriptor #100: -71
[  684.999120][ T5895] uclogic 0003:256C:006D.0005: failed retrieving pen parameters: -71
[  685.009085][ T5895] uclogic 0003:256C:006D.0005: failed probing pen v1 parameters: -71
[  685.018078][ T5895] uclogic 0003:256C:006D.0005: failed probing parameters: -71
[  685.025830][ T5895] uclogic 0003:256C:006D.0005: probe with driver uclogic failed with error -71
[  685.037791][ T5895] usb 4-1: USB disconnect, device number 15
[  685.290123][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  685.373221][ T5895] usb 6-1: USB disconnect, device number 14
[  685.664687][ T5895] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  685.692867][ T5895] ftdi_sio 6-1:0.0: device disconnected
[  686.338981][T11849] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[  686.373826][T11849] netdevsim netdevsim1: Falling back to sysfs fallback for: ./file0
[  686.497281][   T30] kauditd_printk_skb: 13 callbacks suppressed
[  686.497298][   T30] audit: type=1326 audit(1750891586.756:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11854 comm="syz.0.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  686.531158][   T30] audit: type=1326 audit(1750891586.756:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11854 comm="syz.0.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  686.565384][   T30] audit: type=1326 audit(1750891586.756:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11854 comm="syz.0.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  686.595653][   T30] audit: type=1326 audit(1750891586.756:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11854 comm="syz.0.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  686.620882][   T30] audit: type=1326 audit(1750891586.756:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11854 comm="syz.0.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  686.642766][   T30] audit: type=1326 audit(1750891586.756:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11854 comm="syz.0.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  686.664816][   T30] audit: type=1326 audit(1750891586.756:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11854 comm="syz.0.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  686.686736][   T30] audit: type=1326 audit(1750891586.756:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11854 comm="syz.0.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  686.710046][   T30] audit: type=1326 audit(1750891586.756:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11854 comm="syz.0.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  686.731926][   T30] audit: type=1326 audit(1750891586.756:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11854 comm="syz.0.1364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  686.854333][ T1831] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  687.026710][ T1831] usb 4-1: New USB device found, idVendor=0545, idProduct=800d, bcdDevice= 3.0a
[  687.049873][ T1831] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  687.065712][ T1831] usb 4-1: config 0 descriptor??
[  687.074810][ T1831] gspca_main: xirlink-cit-2.14.0 probing 0545:800d
[  687.084315][ T1831] input: xirlink-cit as /devices/platform/dummy_hcd.3/usb4/4-1/input/input8
[  687.281231][ T1831] usb 4-1: USB disconnect, device number 16
[  687.323809][T11878] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1373'.
[  687.399027][T11882] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  688.168733][T11903] netlink: 'syz.3.1384': attribute type 1 has an invalid length.
[  688.406599][T11904] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  688.514616][T11923] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1391'.
[  688.617226][   T24] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  688.913271][   T24] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  688.928162][   T24] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  688.964136][   T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  688.973152][   T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  689.053203][   T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  689.070392][   T24] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  689.101543][T11930] random: crng reseeded on system resumption
[  689.113888][   T24] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  689.132429][   T24] usb 6-1: Product: syz
[  689.142565][   T24] usb 6-1: Manufacturer: syz
[  689.159942][   T24] cdc_wdm 6-1:1.0: skipping garbage
[  689.166944][   T24] cdc_wdm 6-1:1.0: skipping garbage
[  689.176027][   T24] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  689.187318][   T24] cdc_wdm 6-1:1.0: Unknown control protocol
[  689.239440][T11939] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1397'.
[  689.465332][T11948] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1402'.
[  689.695364][T11961] 9pnet_fd: Insufficient options for proto=fd
[  689.796934][T11970] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1412'.
[  689.907150][T11977] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1415'.
[  691.148912][T12015] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1425'.
[  691.356101][T12022] tunl0 speed is unknown, defaulting to 1000
[  691.394419][  T927] usb 6-1: USB disconnect, device number 15
[  691.676790][T12037] Invalid source name
[  691.680858][T12037] UBIFS error (pid: 12037): cannot open "./file0", error -22
[  691.774497][T12038] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1435'.
[  692.139539][   T30] kauditd_printk_skb: 41 callbacks suppressed
[  692.139555][   T30] audit: type=1326 audit(1750891592.396:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12032 comm="syz.5.1436" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f044578e929 code=0x0
[  692.622549][T12022] lo speed is unknown, defaulting to 1000
[  693.365525][T12062] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1444'.
[  693.703568][T12075] net_ratelimit: 129 callbacks suppressed
[  693.703590][T12075] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  693.915255][T12080] Invalid source name
[  693.919327][T12080] UBIFS error (pid: 12080): cannot open "./file0", error -22
[  693.933481][T12080] binder: 12069:12080 ioctl 40046210 0 returned -14
[  694.036572][T12081] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1448'.
[  695.144961][   T30] audit: type=1326 audit(1750891595.356:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12083 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  695.445693][   T30] audit: type=1326 audit(1750891595.366:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12083 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  695.539552][   T30] audit: type=1326 audit(1750891595.386:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12083 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  695.561116][    C0] vkms_vblank_simulate: vblank timer overrun
[  695.721875][   T30] audit: type=1326 audit(1750891595.396:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12083 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  695.743493][    C0] vkms_vblank_simulate: vblank timer overrun
[  696.064648][   T30] audit: type=1326 audit(1750891595.446:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12083 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  696.274218][   T30] audit: type=1326 audit(1750891595.446:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12083 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  696.295802][    C0] vkms_vblank_simulate: vblank timer overrun
[  696.341564][   T30] audit: type=1326 audit(1750891595.446:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12083 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  696.363618][   T30] audit: type=1326 audit(1750891595.446:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12083 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  696.395639][   T30] audit: type=1326 audit(1750891595.476:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12083 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  696.478520][T12113] IPVS: Scheduler module ip_vs_sip not found
[  696.905923][T12128] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1463'.
[  697.607399][T12140] fuse: Bad value for 'fd'
[  697.617073][T12140] Invalid source name
[  697.621134][T12140] UBIFS error (pid: 12140): cannot open "./file0", error -22
[  697.635514][T12140] binder: 12136:12140 ioctl 40046210 0 returned -14
[  697.737822][T12141] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1466'.
[  698.472638][T12157] overlay: filesystem on ./bus not supported as upperdir
[  699.289847][T12180] fuse: Bad value for 'fd'
[  699.299153][T12180] Invalid source name
[  699.303686][T12180] UBIFS error (pid: 12180): cannot open "./file0", error -22
[  699.318244][T12180] binder: 12176:12180 ioctl 40046210 0 returned -14
[  699.422586][T12182] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1482'.
[  700.567803][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  700.567828][   T30] audit: type=1326 audit(1750891600.826:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12201 comm="syz.0.1486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  700.700042][   T30] audit: type=1326 audit(1750891600.826:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12201 comm="syz.0.1486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  700.723997][   T30] audit: type=1326 audit(1750891600.866:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12201 comm="syz.0.1486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  700.752695][   T30] audit: type=1326 audit(1750891600.866:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12201 comm="syz.0.1486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  700.775144][   T30] audit: type=1326 audit(1750891600.866:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12201 comm="syz.0.1486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  700.797177][   T30] audit: type=1326 audit(1750891600.866:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12201 comm="syz.0.1486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  700.875853][   T30] audit: type=1326 audit(1750891600.866:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12201 comm="syz.0.1486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  700.924287][   T10] usb 6-1: new full-speed USB device number 16 using dummy_hcd
[  700.949455][   T30] audit: type=1326 audit(1750891600.866:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12201 comm="syz.0.1486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  700.978640][   T30] audit: type=1326 audit(1750891600.866:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12201 comm="syz.0.1486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  701.006271][   T30] audit: type=1326 audit(1750891600.866:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12201 comm="syz.0.1486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  701.072606][T12213] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1492'.
[  701.127329][   T10] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  701.152068][   T10] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  701.203976][   T10] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  701.244257][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  701.471855][   T10] usb 6-1: usb_control_msg returned -32
[  701.485370][T12207] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  701.498382][   T10] usbtmc 6-1:16.0: can't read capabilities
[  701.508129][T12207] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  701.572598][   T10] usb 6-1: USB disconnect, device number 16
[  703.385396][T12257] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1504'.
[  703.689207][T12260] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1507'.
[  703.790539][T12266] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1508'.
[  705.094391][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  705.565374][T12320] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1528'.
[  707.714282][   T10] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  707.945586][   T10] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  707.963986][   T10] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  707.984597][   T10] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  708.032184][   T10] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  708.044132][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  708.231739][   T10] usb 4-1: Product: syz
[  708.244267][   T10] usb 4-1: Manufacturer: syz
[  708.249083][   T10] usb 4-1: SerialNumber: syz
[  708.534596][   T10] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 17 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  708.555691][   T30] kauditd_printk_skb: 35 callbacks suppressed
[  708.555706][   T30] audit: type=1326 audit(1750891608.806:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.0.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  708.838591][   T10] usb 4-1: USB disconnect, device number 17
[  709.056844][   T10] usblp0: removed
[  709.346676][   T30] audit: type=1326 audit(1750891608.806:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.0.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  709.589647][   T30] audit: type=1326 audit(1750891608.806:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.0.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  709.629349][   T30] audit: type=1326 audit(1750891608.806:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.0.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  709.657981][   T30] audit: type=1326 audit(1750891608.806:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.0.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  709.684158][   T30] audit: type=1326 audit(1750891608.806:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.0.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  709.708715][   T30] audit: type=1326 audit(1750891608.806:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.0.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  709.745872][   T30] audit: type=1326 audit(1750891608.806:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.0.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  710.049206][   T30] audit: type=1326 audit(1750891608.806:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.0.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  710.222829][   T30] audit: type=1326 audit(1750891608.806:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12360 comm="syz.0.1544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c878e929 code=0x7ffc0000
[  710.853786][T12391] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  710.873054][T12393] tunl0 speed is unknown, defaulting to 1000
[  712.304919][T12393] lo speed is unknown, defaulting to 1000
[  712.311618][T12422] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1559'.
[  712.635763][T12393] netlink: 'syz.5.1553': attribute type 16 has an invalid length.
[  712.643796][T12393] netlink: 'syz.5.1553': attribute type 17 has an invalid length.
[  712.658989][T12393] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  713.129352][   T24] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  713.382935][T12424] syz.2.1561 (12424): drop_caches: 2
[  713.844917][   T24] usb 4-1: Using ep0 maxpacket: 32
[  713.921632][   T24] usb 4-1: config 0 has an invalid interface number: 85 but max is 0
[  713.934237][   T24] usb 4-1: config 0 has no interface number 0
[  713.943788][   T24] usb 4-1: config 0 interface 85 has no altsetting 0
[  714.040127][   T24] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  714.114346][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  714.133348][T12452] syzkaller1: entered promiscuous mode
[  714.167001][T12452] syzkaller1: entered allmulticast mode
[  714.172988][   T24] usb 4-1: Product: syz
[  714.185628][   T24] usb 4-1: Manufacturer: syz
[  714.207031][   T24] usb 4-1: SerialNumber: syz
[  714.220240][T12482] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1574'.
[  714.295090][   T24] usb 4-1: config 0 descriptor??
[  714.319035][   T24] appletouch 4-1:0.85: Could not find int-in endpoint
[  714.340434][   T24] appletouch 4-1:0.85: probe with driver appletouch failed with error -5
[  714.365930][   T24] usbhid 4-1:0.85: couldn't find an input interrupt endpoint
[  715.547043][  T927] usb 4-1: USB disconnect, device number 18
[  715.691785][T12505] usb usb8: usbfs: process 12505 (+}[@) did not claim interface 0 before use
[  715.856973][T12511] netlink: 'syz.5.1587': attribute type 12 has an invalid length.
[  715.864946][T12511] netlink: 'syz.5.1587': attribute type 29 has an invalid length.
[  715.888139][T12511] netlink: 148 bytes leftover after parsing attributes in process `syz.5.1587'.
[  715.903644][T12513] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  715.913656][T12511] netlink: 'syz.5.1587': attribute type 1 has an invalid length.
[  716.088231][T12520] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1589'.
[  716.136027][T12519] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1590'.
[  717.945022][T12534] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1596'.
[  717.994225][T12534] batman_adv: batadv0: Removing interface: batadv_slave_0
[  718.229421][T12534] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  718.254352][T12534] batman_adv: batadv0: Removing interface: batadv_slave_1
[  718.277526][    T9] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  718.320492][    T9] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  718.409106][T12534] bond0: (slave batadv0): Releasing backup interface
[  718.669668][T12552] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1604'.
[  720.129725][T12574] loop2: detected capacity change from 0 to 524287999
[  720.342013][T12585] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1610'.
[  721.165895][T12598] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1616'.
[  722.126192][T12608] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  722.315042][T12612] fuse: Bad value for 'fd'
[  722.324271][T12612] Invalid source name
[  722.328331][T12612] UBIFS error (pid: 12612): cannot open "./file0", error -22
[  722.342732][T12612] binder: 12605:12612 ioctl 40046210 0 returned -14
[  722.362073][  T927] usb 6-1: new low-speed USB device number 17 using dummy_hcd
[  722.442715][T12613] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1620'.
[  722.559897][  T927] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  722.722298][  T927] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  722.781668][  T927] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  722.810016][  T927] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  722.834242][  T927] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  722.875382][  T927] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  722.892552][  T927] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  722.903607][  T927] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  722.918472][  T927] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  722.983391][  T927] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  723.020721][  T927] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  723.056531][  T927] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  723.096291][  T927] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  723.133379][  T927] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  723.150390][  T927] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  723.175345][  T927] usb 6-1: string descriptor 0 read error: -22
[  723.183975][  T927] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  723.205794][  T927] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  723.236308][  T927] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  723.520942][   T24] usb 6-1: USB disconnect, device number 17
[  723.588870][T12634] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1629'.
[  724.548441][T12659] veth0: entered promiscuous mode
[  724.557539][T12656] veth0: left promiscuous mode
[  725.704490][T12674] Bluetooth: hci0: invalid length 0, exp 2 for type 23
[  725.944742][T12684] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1643'.
[  726.147834][T12685] loop3: detected capacity change from 0 to 1
[  726.392247][T12685] Dev loop3: unable to read RDB block 1
[  726.399667][T12685]  loop3: unable to read partition table
[  726.405724][T12685] loop3: partition table beyond EOD, truncated
[  726.411943][T12685] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  726.650508][T12697] overlayfs: failed to clone upperpath
[  726.678954][T12698] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  726.935725][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  728.263694][T12734] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1660'.
[  728.849042][T12732] input: syz1 as /devices/virtual/input/input9
[  729.009734][T12741] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1668'.
[  729.124142][   T24] usb 6-1: new full-speed USB device number 18 using dummy_hcd
[  730.055212][T12751] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1671'.
[  730.176162][   T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  730.186591][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  730.196838][   T24] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  730.217045][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  730.247312][   T24] usb 6-1: config 0 descriptor??
[  730.291890][   T24] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  730.299109][T12758] xt_hashlimit: size too large, truncated to 1048576
[  730.309390][   T24] dvb-usb: bulk message failed: -22 (3/0)
[  730.351509][   T24] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  730.367940][   T24] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  730.375847][   T24] usb 6-1: media controller created
[  730.408933][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  730.491511][   T24] dvb-usb: bulk message failed: -22 (6/0)
[  730.524321][   T24] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  730.562066][   T24] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input10
[  730.668181][   T24] dvb-usb: schedule remote query interval to 150 msecs.
[  730.858204][   T24] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  730.965637][T12770] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1676'.
[  731.459191][   T24] dvb-usb: bulk message failed: -22 (1/0)
[  731.469148][   T24] dvb-usb: error while querying for an remote control event.
[  731.485451][   T10] usb 6-1: USB disconnect, device number 18
[  731.774357][   T10] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  732.486944][T12800] vlan2: entered allmulticast mode
[  732.492143][T12800] macvtap0: entered allmulticast mode
[  732.498048][T12800] veth0_macvtap: entered allmulticast mode
[  732.594525][    T9] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  732.620264][T12806] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1689'.
[  732.779201][T12804] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1689'.
[  732.841065][    T9] usb 4-1: config 0 interface 0 has no altsetting 0
[  732.913181][    T9] usb 4-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  732.944734][T12802] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1689'.
[  733.024498][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.304952][    T9] usb 4-1: config 0 descriptor??
[  733.727705][T12822] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1690'.
[  734.212103][ T1004] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  734.607474][    T9] radio-keene 4-1:0.0: V4L2 device registered as radio48
[  734.826954][   T24] usb 4-1: USB disconnect, device number 19
[  734.939142][T12829] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1696'.
[  735.013026][T12846] netlink: 'syz.0.1699': attribute type 1 has an invalid length.
[  735.043714][T12846] 8021q: adding VLAN 0 to HW filter on device bond3
[  735.192115][T12846] bond3: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  735.747005][T12858] netlink: 'syz.3.1701': attribute type 1 has an invalid length.
[  735.784262][T12858] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1701'.
[  736.853779][   T30] kauditd_printk_skb: 30 callbacks suppressed
[  736.853797][   T30] audit: type=1326 audit(1750891637.106:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  737.010536][T12880] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1707'.
[  737.756816][T12881] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1710'.
[  737.842245][   T30] audit: type=1326 audit(1750891637.156:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  738.017422][   T30] audit: type=1326 audit(1750891637.156:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  738.048415][   T30] audit: type=1326 audit(1750891637.156:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  738.086448][   T30] audit: type=1326 audit(1750891637.156:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  738.127892][   T30] audit: type=1326 audit(1750891637.156:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  738.203747][   T30] audit: type=1326 audit(1750891637.156:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  738.262792][   T30] audit: type=1326 audit(1750891637.156:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  738.292546][   T30] audit: type=1326 audit(1750891637.156:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  738.355936][   T30] audit: type=1326 audit(1750891637.156:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12873 comm="syz.3.1708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  738.474329][  T927] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  738.654888][  T927] usb 4-1: Using ep0 maxpacket: 16
[  738.679713][  T927] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  738.745055][  T927] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  738.755715][  T927] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  738.771327][  T927] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  738.822182][  T927] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  738.847347][  T927] usb 4-1: config 0 descriptor??
[  738.902651][T12900] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1717'.
[  738.915439][T12900] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  739.010596][T12900] batman_adv: batadv0: Removing interface: batadv_slave_1
[  739.053270][T12904] kvm: Disabled LAPIC found during irq injection
[  739.269180][  T927] microsoft 0003:045E:07DA.0007: No inputs registered, leaving
[  739.285588][  T927] microsoft 0003:045E:07DA.0007: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  739.297367][  T927] microsoft 0003:045E:07DA.0007: no inputs found
[  739.303770][  T927] microsoft 0003:045E:07DA.0007: could not initialize ff, continuing anyway
[  739.464383][  T927] usb 4-1: USB disconnect, device number 20
[  739.830733][T12928] Invalid source name
[  739.835592][T12928] UBIFS error (pid: 12928): cannot open "./file0", error -22
[  739.838271][T12928] binder: 12922:12928 ioctl 40046210 0 returned -14
[  740.149002][ T3488] nci: nci_extract_activation_params_nfc_dep: unsupported activation_rf_tech_and_mode 0x6
[  740.311515][T12939] Invalid source name
[  740.315630][T12939] UBIFS error (pid: 12939): cannot open "./file0", error -22
[  740.317968][T12939] binder: 12936:12939 ioctl 40046210 0 returned -14
[  740.387399][T12949] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1732'.
[  740.767880][T12963] binder: 12962:12963 ioctl c0306201 200000000080 returned -14
[  741.325112][  T927] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  741.487836][  T927] usb 6-1: config 0 has an invalid interface number: 50 but max is 0
[  741.496689][  T927] usb 6-1: config 0 has no interface number 0
[  741.502797][  T927] usb 6-1: config 0 interface 50 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  741.516596][  T927] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[  741.525853][  T927] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  741.533866][  T927] usb 6-1: Product: syz
[  741.538237][  T927] usb 6-1: Manufacturer: syz
[  741.542833][  T927] usb 6-1: SerialNumber: syz
[  741.549776][  T927] usb 6-1: config 0 descriptor??
[  741.559925][  T927] yurex 6-1:0.50: USB YUREX device now attached to Yurex #0
[  741.766654][ T1831] usb 6-1: USB disconnect, device number 19
[  741.780714][ T1831] yurex 6-1:0.50: USB YUREX #0 now disconnected
[  743.268649][T13006] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1756'.
[  744.022775][T13041] input: syz1 as /devices/virtual/input/input12
[  744.946241][T13048] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1771'.
[  745.171981][T13068] netlink: 'syz.1.1774': attribute type 29 has an invalid length.
[  745.206836][T13068] netlink: 'syz.1.1774': attribute type 29 has an invalid length.
[  745.225578][T13070] loop2: detected capacity change from 0 to 7
[  745.237987][T13070] Dev loop2: unable to read RDB block 7
[  745.244461][T13070]  loop2: unable to read partition table
[  745.250556][T13070] loop2: partition table beyond EOD, truncated
[  745.257163][T13070] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  745.334390][   T24] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  745.515937][   T24] usb 6-1: Using ep0 maxpacket: 8
[  745.522618][   T24] usb 6-1: config 135 has an invalid interface number: 230 but max is 0
[  745.531166][   T24] usb 6-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  745.541728][   T24] usb 6-1: config 135 has no interface number 0
[  745.548027][   T24] usb 6-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  745.565257][   T24] usb 6-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  745.576787][  T927] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  745.584426][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  745.593115][   T24] usb 6-1: Product: syz
[  745.597360][   T24] usb 6-1: Manufacturer: syz
[  745.602355][   T24] usb 6-1: SerialNumber: syz
[  745.610794][   T24] usb 6-1: Found UVC 0.00 device syz (18ec:3288)
[  745.617197][   T24] usb 6-1: No valid video chain found.
[  745.819563][    T9] usb 6-1: USB disconnect, device number 20
[  745.851030][  T927] usb 4-1: Using ep0 maxpacket: 16
[  745.858415][  T927] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  745.869474][  T927] usb 4-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  745.879336][  T927] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  745.888972][  T927] usb 4-1: config 0 descriptor??
[  746.398151][  T927] holtek 0003:1241:5015.0008: unknown main item tag 0x0
[  746.406546][  T927] holtek 0003:1241:5015.0008: unknown main item tag 0x0
[  746.413612][  T927] holtek 0003:1241:5015.0008: unknown main item tag 0x0
[  746.421779][  T927] holtek 0003:1241:5015.0008: unknown main item tag 0x0
[  746.428923][  T927] holtek 0003:1241:5015.0008: unknown main item tag 0x0
[  746.447448][T13089] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1784'.
[  746.447803][  T927] holtek 0003:1241:5015.0008: hidraw0: USB HID v0.04 Device [HID 1241:5015] on usb-dummy_hcd.3-1/input0
[  746.471079][  T927] holtek 0003:1241:5015.0008: no inputs found
[  746.721945][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  746.765927][  T927] usb 4-1: USB disconnect, device number 21
[  746.853528][T13096] Invalid source name
[  746.857864][T13096] UBIFS error (pid: 13096): cannot open "./file0", error -22
[  746.859729][T13096] binder: 13092:13096 ioctl 40046210 0 returned -14
[  746.922932][T13096] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1786'.
[  750.299057][T13152] kvm: user requested TSC rate below hardware speed
[  751.588031][T13187] tunl0 speed is unknown, defaulting to 1000
[  751.624164][T13192] Invalid source name
[  751.628512][T13192] UBIFS error (pid: 13192): cannot open "./file0", error -22
[  751.631084][T13192] binder: 13191:13192 ioctl 40046210 0 returned -14
[  751.882713][T13187] lo speed is unknown, defaulting to 1000
[  753.651163][T13224] bond_slave_1: entered promiscuous mode
[  753.695177][T13223] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1825'.
[  753.799040][    T9] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  753.827681][    T9] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  753.853986][T13223] bond0: (slave bond_slave_1): Releasing backup interface
[  753.870387][T13223] bond_slave_1 (unregistering): left promiscuous mode
[  754.498772][T13254] batadv_slave_0: entered promiscuous mode
[  754.516456][T13254] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1837'.
[  754.527712][T13254] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  754.617697][T13254] batadv_slave_0 (unregistering): left promiscuous mode
[  754.627681][T13254] batman_adv: batadv0: Removing interface: batadv_slave_0
[  757.043973][T13262] veth1_to_bond: entered allmulticast mode
[  757.056838][T13262] veth1_to_bond: entered promiscuous mode
[  757.135094][T13262] veth1_to_bond: left promiscuous mode
[  757.140923][T13262] veth1_to_bond: left allmulticast mode
[  760.566361][T13352] netlink: 'syz.0.1868': attribute type 4 has an invalid length.
[  760.583915][T13352] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  760.615521][T13357] netlink: 'syz.3.1870': attribute type 4 has an invalid length.
[  760.639962][T13357] netlink: 'syz.3.1870': attribute type 4 has an invalid length.
[  760.652654][T13358] Invalid source name
[  760.656833][T13358] UBIFS error (pid: 13358): cannot open "./file0", error -22
[  760.659074][T13358] binder: 13355:13358 ioctl 40046210 0 returned -14
[  760.726536][T13366] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1871'.
[  762.953589][T13400] Invalid source name
[  762.957782][T13400] UBIFS error (pid: 13400): cannot open "./file0", error -22
[  763.011036][T13406] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1886'.
[  763.361193][T13422] loop7: detected capacity change from 0 to 16384
[  763.644544][   T24] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  763.920170][   T24] usb 4-1: Using ep0 maxpacket: 8
[  763.947326][   T24] usb 4-1: config 0 has no interfaces?
[  763.960780][   T24] usb 4-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  764.006148][T13436] Invalid source name
[  764.010170][T13436] UBIFS error (pid: 13436): cannot open "./file0", error -22
[  764.012055][T13436] binder: 13435:13436 ioctl 40046210 0 returned -14
[  764.027653][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  764.062237][   T24] usb 4-1: Product: syz
[  764.074277][   T24] usb 4-1: Manufacturer: syz
[  764.080062][   T24] usb 4-1: SerialNumber: syz
[  764.080229][T13440] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1897'.
[  764.105176][   T24] usb 4-1: config 0 descriptor??
[  764.299362][T13453] netlink: 'syz.1.1901': attribute type 4 has an invalid length.
[  764.535226][   T24] usb 4-1: USB disconnect, device number 22
[  765.640744][T13483] netlink: 'syz.5.1913': attribute type 1 has an invalid length.
[  765.640793][T13483] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1913'.
[  765.800394][T13489] Invalid source name
[  765.800479][T13489] UBIFS error (pid: 13489): cannot open "./file0", error -22
[  766.226189][T13495] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1911'.
[  767.559933][T13529] Invalid source name
[  767.563960][T13529] UBIFS error (pid: 13529): cannot open "./file0", error -22
[  767.566226][T13529] binder: 13527:13529 ioctl 40046210 0 returned -14
[  767.632065][T13530] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1926'.
[  769.849778][T13570] Invalid source name
[  769.853834][T13570] UBIFS error (pid: 13570): cannot open "./file0", error -22
[  769.856230][T13570] binder: 13569:13570 ioctl 40046210 0 returned -14
[  769.921198][T13573] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1940'.
[  770.029236][T13484] syz_tun (unregistering): left allmulticast mode
[  770.391727][   T49] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  770.612467][   T49] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  770.757099][T13584] Invalid source name
[  770.780744][   T49] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  770.782560][T13584] UBIFS error (pid: 13584): cannot open "./file0", error -22
[  770.992668][   T49] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  771.221339][T13596] loop2: detected capacity change from 0 to 7
[  771.264612][T13596]  loop2: p1
[  771.267897][T13596] loop2: partition table partially beyond EOD, truncated
[  771.326596][T13596] loop2: p1 size 3506438144 extends beyond EOD, truncated
[  771.371341][   T49] bridge_slave_1: left allmulticast mode
[  771.379630][   T49] bridge_slave_1: left promiscuous mode
[  771.392525][T13428] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  771.404275][T13428] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  771.412820][T13428] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  771.420263][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  771.433703][T13428] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  771.442716][T13428] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  771.451016][   T49] bridge_slave_0: left allmulticast mode
[  771.457127][   T49] bridge_slave_0: left promiscuous mode
[  771.463322][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  771.490547][   T49] tipc: Resetting bearer <ib:ip6gre0>
[  771.665445][   T49] tipc: Disabling bearer <ib:ip6gre0>
[  772.773497][T13620] Invalid source name
[  772.777846][T13620] UBIFS error (pid: 13620): cannot open "./file0", error -22
[  772.785617][T13620] binder: 13619:13620 ioctl 40046210 0 returned -14
[  772.811071][T13623] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1956'.
[  772.853045][T13622] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1958'.
[  773.482826][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  773.494575][   T51] Bluetooth: hci2: command tx timeout
[  773.494869][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  773.512199][   T49] bond0 (unregistering): Released all slaves
[  773.540039][T13610] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check.
[  773.719886][T13599] tunl0 speed is unknown, defaulting to 1000
[  773.744269][   T49] tipc: Disabling bearer <udp:syz2>
[  773.755070][   T49] tipc: Left network mode
[  774.801978][T13599] lo speed is unknown, defaulting to 1000
[  774.993650][T13662] Invalid source name
[  774.997793][T13662] UBIFS error (pid: 13662): cannot open "./file0", error -22
[  775.031155][T13662] binder: 13644:13662 ioctl 40046210 0 returned -14
[  775.106619][T13663] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1969'.
[  775.574180][   T51] Bluetooth: hci2: command tx timeout
[  775.630769][T13658] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1964'.
[  775.974847][   T49] hsr_slave_0: left promiscuous mode
[  776.000601][   T49] hsr_slave_1: left promiscuous mode
[  776.057110][T13670] Invalid source name
[  776.061139][T13670] UBIFS error (pid: 13670): cannot open "./file0", error -22
[  776.063346][T13670] binder: 13669:13670 ioctl 40046210 0 returned -14
[  776.122974][   T49] veth1_macvtap: left promiscuous mode
[  776.129204][T13676] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1970'.
[  776.143794][   T49] veth0_macvtap: left promiscuous mode
[  776.148804][T13678] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1971'.
[  776.149829][   T49] veth1_vlan: left promiscuous mode
[  776.163781][   T49] veth0_vlan: left promiscuous mode
[  776.837988][   T49] pimreg3 (unregistering): left allmulticast mode
[  777.373389][   T49] team0 (unregistering): Port device team_slave_0 removed
[  777.664237][   T51] Bluetooth: hci2: command tx timeout
[  778.134685][T13694] tunl0 speed is unknown, defaulting to 1000
[  778.252594][T13708] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  778.272774][T13599] chnl_net:caif_netlink_parms(): no params data found
[  778.568754][T13716] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1980'.
[  778.952216][ T8706] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  779.164778][T13599] bridge0: port 1(bridge_slave_0) entered blocking state
[  779.185680][T13599] bridge0: port 1(bridge_slave_0) entered disabled state
[  779.205450][T13599] bridge_slave_0: entered allmulticast mode
[  779.213389][T13599] bridge_slave_0: entered promiscuous mode
[  779.235881][T13694] lo speed is unknown, defaulting to 1000
[  779.236806][T13599] bridge0: port 2(bridge_slave_1) entered blocking state
[  779.250475][T13599] bridge0: port 2(bridge_slave_1) entered disabled state
[  779.260916][T13599] bridge_slave_1: entered allmulticast mode
[  779.275680][T13599] bridge_slave_1: entered promiscuous mode
[  779.496167][T13599] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  779.536787][T13599] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  779.593377][T13731] Invalid source name
[  779.599746][T13731] UBIFS error (pid: 13731): cannot open "./file0", error -22
[  779.609615][T13731] binder: 13722:13731 ioctl 40046210 0 returned -14
[  779.651617][T13599] team0: Port device team_slave_0 added
[  779.734593][   T51] Bluetooth: hci2: command tx timeout
[  779.743967][T13735] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1984'.
[  779.763312][T13599] team0: Port device team_slave_1 added
[  779.936994][T13599] batman_adv: batadv0: Adding interface: batadv_slave_0
[  780.115833][T13599] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  780.238888][T13599] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  780.393390][T13599] batman_adv: batadv0: Adding interface: batadv_slave_1
[  780.481905][T13599] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  780.525632][T13599] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  780.918182][T13599] hsr_slave_0: entered promiscuous mode
[  780.933565][T13599] hsr_slave_1: entered promiscuous mode
[  780.949492][T13599] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  780.970258][T13599] Cannot create hsr debugfs directory
[  781.229614][T13759] Invalid source name
[  781.233666][T13759] UBIFS error (pid: 13759): cannot open "./file0", error -22
[  781.235832][T13759] binder: 13758:13759 ioctl 40046210 0 returned -14
[  781.302225][T13762] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1994'.
[  781.407700][T13764] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1993'.
[  781.972291][T13599] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  782.020568][T13599] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  782.058600][T13599] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  782.128310][T13599] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  782.778505][T13779] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1997'.
[  783.218280][T13792] netlink: 'syz.0.2001': attribute type 1 has an invalid length.
[  783.256736][T13599] 8021q: adding VLAN 0 to HW filter on device bond0
[  783.308659][T13792] 8021q: adding VLAN 0 to HW filter on device bond4
[  783.342461][T13792] bond4: entered promiscuous mode
[  783.388984][T13599] 8021q: adding VLAN 0 to HW filter on device team0
[  783.420493][ T3542] bridge0: port 1(bridge_slave_0) entered blocking state
[  783.429156][ T3542] bridge0: port 1(bridge_slave_0) entered forwarding state
[  783.452694][T13803] Invalid source name
[  783.453312][ T3542] bridge0: port 2(bridge_slave_1) entered blocking state
[  783.456886][T13803] UBIFS error (pid: 13803): cannot open "./file0", error -22
[  783.463882][ T3542] bridge0: port 2(bridge_slave_1) entered forwarding state
[  783.485270][T13803] binder: 13802:13803 ioctl 40046210 0 returned -14
[  783.544612][T13809] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2006'.
[  783.758430][T13813] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2007'.
[  785.107928][T13599] 8021q: adding VLAN 0 to HW filter on device batadv0
[  785.494491][T13428] Bluetooth: hci5: command 0x1003 tx timeout
[  785.501510][T13849] overlayfs: failed to clone upperpath
[  785.501678][   T51] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  785.743650][T13599] veth0_vlan: entered promiscuous mode
[  785.796528][T13599] veth1_vlan: entered promiscuous mode
[  785.908652][T13599] veth0_macvtap: entered promiscuous mode
[  785.930477][T13864] Invalid source name
[  785.937491][T13599] veth1_macvtap: entered promiscuous mode
[  785.944296][T13864] UBIFS error (pid: 13864): cannot open "./file0", error -22
[  785.973677][T13864] binder: 13852:13864 ioctl 40046210 0 returned -14
[  785.981259][T13599] batman_adv: batadv0: Interface activated: batadv_slave_0
[  786.030724][T13599] batman_adv: batadv0: Interface activated: batadv_slave_1
[  786.086660][T13599] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  786.117989][T13599] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  786.122229][T13867] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2018'.
[  786.148850][T13599] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  786.208417][T13599] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  786.865786][ T6440] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  786.873704][ T6440] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  786.948450][ T6440] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  786.960027][ T6440] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  787.731811][T13914] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2036'.
[  788.589667][T13929] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2037'.
[  789.155014][T13949] Invalid source name
[  789.174746][T13949] UBIFS error (pid: 13949): cannot open "./file0", error -22
[  789.180024][T13949] binder: 13944:13949 ioctl 40046210 0 returned -14
[  789.263679][T13949] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2047'.
[  789.537657][T13949] team0: Port device team_slave_1 removed
[  790.144386][T13968] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2051'.
[  790.670694][T13971] loop2: detected capacity change from 0 to 7
[  790.750304][T13969] fuse: root generation should be zero
[  790.759511][T13971]  loop2: [POWERTEC] p1 p2 p3
[  790.778662][T13971] loop2: p2 start 4294967287 is beyond EOD, truncated
[  790.816094][T13971] loop2: p3 start 1932423285 is beyond EOD, truncated
[  791.099712][T13983] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2061'.
[  791.110217][T13983] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2061'.
[  791.142016][T13983] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  791.150994][T13983] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  791.160032][T13983] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  791.168996][T13983] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  791.203467][T13987] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2061'.
[  791.230751][T13987] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2061'.
[  791.710477][T14010] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2068'.
[  793.328585][T14022] Invalid source name
[  793.332658][T14022] UBIFS error (pid: 14022): cannot open "./file0", error -22
[  793.334902][T14022] binder: 14005:14022 ioctl 40046210 0 returned -14
[  793.405926][T14024] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2069'.
[  793.500558][T14027] Invalid source name
[  793.677969][T14029] Invalid source name
[  793.682005][T14029] UBIFS error (pid: 14029): cannot open "./file0", error -22
[  793.684508][T14029] binder: 14025:14029 ioctl 40046210 0 returned -14
[  793.751042][T14030] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2074'.
[  793.835618][T14027] UBIFS error (pid: 14027): cannot open "./file0", error -22
[  793.869312][T14034] syz_tun: entered allmulticast mode
[  793.931887][T14036] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2073'.
[  793.960523][T14034] syz_tun: left allmulticast mode
[  795.551046][T14062] loop2: detected capacity change from 0 to 7
[  795.577653][T14062]  loop2:
[  795.595429][T14062] loop2: partition table partially beyond EOD, truncated
[  795.737542][   T30] kauditd_printk_skb: 74 callbacks suppressed
[  795.737560][   T30] audit: type=1326 audit(1750891695.996:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14067 comm="syz.6.2087" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x0
[  795.940097][T14077] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2088'.
[  797.132900][T14094] Invalid source name
[  797.137112][T14094] UBIFS error (pid: 14094): cannot open "./file0", error -22
[  797.196624][T14095] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2089'.
[  797.602540][T14103] kvm: MWAIT instruction emulated as NOP!
[  799.797022][T14153] Invalid source name
[  799.801044][T14153] UBIFS error (pid: 14153): cannot open "./file0", error -22
[  799.803176][T14153] binder: 14135:14153 ioctl 40046210 0 returned -14
[  799.874562][T14155] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2104'.
[  800.327706][ T6440] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  800.427652][ T6440] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  800.551596][ T6440] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  800.692551][T14175] netlink: 'syz.6.2121': attribute type 72 has an invalid length.
[  800.700760][T14175] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2121'.
[  801.588053][T14177] netlink: 'syz.3.2122': attribute type 1 has an invalid length.
[  801.619562][T14177] netlink: 144 bytes leftover after parsing attributes in process `syz.3.2122'.
[  801.636203][T14179] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  801.660179][T14177] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2122'.
[  801.707350][T14182] overlayfs: failed to clone upperpath
[  801.731745][T13428] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  801.741280][T13428] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  801.754257][T13428] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  801.775232][T13428] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  801.796395][T13428] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  801.820122][ T6440] bridge_slave_1: left allmulticast mode
[  801.839045][ T6440] bridge_slave_1: left promiscuous mode
[  801.857719][ T6440] bridge0: port 2(bridge_slave_1) entered disabled state
[  801.893222][ T6440] bridge_slave_0: left allmulticast mode
[  801.911023][ T6440] bridge_slave_0: left promiscuous mode
[  801.922672][ T6440] bridge0: port 1(bridge_slave_0) entered disabled state
[  802.049479][T14194] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2128'.
[  803.089856][T14207] netlink: 'syz.1.2133': attribute type 1 has an invalid length.
[  803.480299][ T6440] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  803.491104][ T6440] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  803.501470][ T6440] bond0 (unregistering): Released all slaves
[  803.641908][ T6440] bond1 (unregistering): Released all slaves
[  803.766945][ T6440] bond2 (unregistering): Released all slaves
[  803.886105][ T6440] bond3 (unregistering): (slave veth0_to_bond): Releasing backup interface
[  803.894280][   T51] Bluetooth: hci0: command tx timeout
[  803.903570][ T6440] bond3 (unregistering): Released all slaves
[  804.022685][ T6440] bond4 (unregistering): Released all slaves
[  804.044351][T14207] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  804.112199][T14183] tunl0 speed is unknown, defaulting to 1000
[  804.162707][ T6440] : left promiscuous mode
[  804.254369][T14231] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2140'.
[  804.348464][ T6440] tipc: Left network mode
[  804.593592][T14183] lo speed is unknown, defaulting to 1000
[  804.801887][  T927] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  805.192222][T14259] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2146'.
[  805.254423][  T927] usb 4-1: Using ep0 maxpacket: 8
[  805.270499][  T927] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  805.318864][  T927] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.365751][  T927] usb 4-1: Product: syz
[  805.397668][  T927] usb 4-1: Manufacturer: syz
[  805.417687][  T927] usb 4-1: SerialNumber: syz
[  805.471243][  T927] usb 4-1: config 0 descriptor??
[  805.685408][  T927] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  805.770985][T14282] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  805.917328][ T6440] hsr_slave_0: left promiscuous mode
[  805.957428][ T6440] hsr_slave_1: left promiscuous mode
[  805.963534][ T6440] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  805.972506][ T6440] batman_adv: batadv0: Removing interface: batadv_slave_0
[  805.976051][   T51] Bluetooth: hci0: command tx timeout
[  806.038485][ T6440] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  806.204205][  T927] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  806.258566][ T6440] batman_adv: batadv0: Removing interface: batadv_slave_1
[  806.381017][  T927] usb 4-1: USB disconnect, device number 23
[  806.521103][ T6440] veth0_macvtap: left promiscuous mode
[  806.529087][ T6440] veth1_vlan: left promiscuous mode
[  806.537085][ T6440] veth0_vlan: left promiscuous mode
[  806.690847][ T6440] pimreg3 (unregistering): left allmulticast mode
[  808.066861][   T51] Bluetooth: hci0: command tx timeout
[  808.151053][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  808.645596][T14316] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2166'.
[  808.744799][T14331] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  809.026864][T14336] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2169'.
[  809.851630][ T6440] team0 (unregistering): Port device team_slave_0 removed
[  810.080810][ T6994] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  810.144240][   T51] Bluetooth: hci0: command tx timeout
[  810.187979][    T9] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  810.348790][T14183] chnl_net:caif_netlink_parms(): no params data found
[  810.364219][    T9] usb 4-1: Using ep0 maxpacket: 16
[  810.416507][    T9] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  810.504260][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  810.539766][    T9] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  810.559324][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  810.583476][    T9] usb 4-1: Product: syz
[  810.599411][    T9] usb 4-1: Manufacturer: syz
[  810.630521][    T9] usb 4-1: SerialNumber: syz
[  810.643515][    T9] usb 4-1: config 0 descriptor??
[  810.665235][T14183] bridge0: port 1(bridge_slave_0) entered blocking state
[  810.683816][T14183] bridge0: port 1(bridge_slave_0) entered disabled state
[  810.698199][T14183] bridge_slave_0: entered allmulticast mode
[  810.810167][    T9] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  810.832629][T14183] bridge_slave_0: entered promiscuous mode
[  810.851338][    T9] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[  810.859924][T14183] bridge0: port 2(bridge_slave_1) entered blocking state
[  810.877076][T14183] bridge0: port 2(bridge_slave_1) entered disabled state
[  810.900989][T14183] bridge_slave_1: entered allmulticast mode
[  810.931943][T14183] bridge_slave_1: entered promiscuous mode
[  810.967306][T14354] Invalid source name
[  810.988618][T14354] UBIFS error (pid: 14354): cannot open "./file0", error -22
[  810.994904][T14354] binder: 14348:14354 ioctl 40046210 0 returned -14
[  811.027359][T14356] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2174'.
[  811.139970][T14183] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  811.164171][T14357] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2173'.
[  811.176496][T14183] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  811.306154][T14183] team0: Port device team_slave_0 added
[  811.329927][T14183] team0: Port device team_slave_1 added
[  811.426074][T14183] batman_adv: batadv0: Adding interface: batadv_slave_0
[  811.443410][T14183] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  811.469382][    C1] vkms_vblank_simulate: vblank timer overrun
[  811.485013][    T9] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  811.496847][    T9] em28xx 4-1:0.0: Config register raw data: 0xd4
[  811.526567][T14183] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  811.550924][T14183] batman_adv: batadv0: Adding interface: batadv_slave_1
[  811.558403][T14183] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  811.584370][    C1] vkms_vblank_simulate: vblank timer overrun
[  811.767026][T14183] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  811.827547][T14183] hsr_slave_0: entered promiscuous mode
[  811.836035][T14183] hsr_slave_1: entered promiscuous mode
[  811.847439][T14183] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  811.856090][T14183] Cannot create hsr debugfs directory
[  812.732923][    T9] em28xx 4-1:0.0: AC97 chip type couldn't be determined
[  812.749962][    T9] em28xx 4-1:0.0: No AC97 audio processor
[  812.784941][    T9] usb 4-1: USB disconnect, device number 24
[  812.805855][    T9] em28xx 4-1:0.0: Disconnecting em28xx
[  812.842069][    T9] em28xx 4-1:0.0: Freeing device
[  813.049303][ T6440] IPVS: stop unused estimator thread 0...
[  813.892681][T14183] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  813.998108][T14183] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  814.814261][T14183] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  814.827601][   T30] audit: type=1326 audit(1750891715.086:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14402 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  814.868935][T14183] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  814.877493][   T30] audit: type=1326 audit(1750891715.086:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14402 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  814.907068][   T30] audit: type=1326 audit(1750891715.086:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14402 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  814.934593][   T30] audit: type=1326 audit(1750891715.086:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14402 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  814.962392][   T30] audit: type=1326 audit(1750891715.086:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14402 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  814.997510][   T30] audit: type=1326 audit(1750891715.086:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14402 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  815.022608][   T30] audit: type=1326 audit(1750891715.086:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14402 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  815.047747][   T30] audit: type=1326 audit(1750891715.086:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14402 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  815.069771][   T30] audit: type=1326 audit(1750891715.086:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14402 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  815.093195][   T30] audit: type=1326 audit(1750891715.086:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14402 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f75ed18e929 code=0x7ffc0000
[  815.149352][T14183] 8021q: adding VLAN 0 to HW filter on device bond0
[  815.177640][T14183] 8021q: adding VLAN 0 to HW filter on device team0
[  815.192792][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state
[  815.200028][ T5947] bridge0: port 1(bridge_slave_0) entered forwarding state
[  815.228435][ T8706] bridge0: port 2(bridge_slave_1) entered blocking state
[  815.235547][ T8706] bridge0: port 2(bridge_slave_1) entered forwarding state
[  815.721469][T14183] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  815.732741][T14183] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  816.008846][T14435] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  816.311538][T14183] 8021q: adding VLAN 0 to HW filter on device batadv0
[  816.507200][   T10] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  816.684374][   T10] usb 4-1: Using ep0 maxpacket: 32
[  816.740978][   T10] usb 4-1: config 0 has an invalid interface number: 12 but max is 0
[  816.755373][   T10] usb 4-1: config 0 has no interface number 0
[  816.759296][T14183] veth0_vlan: entered promiscuous mode
[  816.761570][   T10] usb 4-1: config 0 interface 12 has no altsetting 0
[  816.785479][   T10] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  816.798661][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  816.871828][T14183] veth1_vlan: entered promiscuous mode
[  817.211492][   T10] usb 4-1: Product: syz
[  817.221410][   T10] usb 4-1: Manufacturer: syz
[  817.226670][   T10] usb 4-1: SerialNumber: syz
[  817.235298][   T10] usb 4-1: config 0 descriptor??
[  817.320624][T14183] veth0_macvtap: entered promiscuous mode
[  817.333960][T14183] veth1_macvtap: entered promiscuous mode
[  817.364997][T14183] batman_adv: batadv0: Interface activated: batadv_slave_0
[  817.386586][T14183] batman_adv: batadv0: Interface activated: batadv_slave_1
[  817.401497][T14183] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  817.410501][T14183] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  817.419369][T14183] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  817.430178][T14183] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  817.460424][T14477] pimreg3: entered allmulticast mode
[  817.533150][ T8706] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  817.550840][ T8706] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  817.579657][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  817.588660][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  818.010349][T14491] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  818.609428][T14505] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2212'.
[  818.739686][   T10] f81534 4-1:0.12: f81534_set_register: reg: 1002 data: 2f failed: -71
[  818.759435][T14510] loop2: detected capacity change from 0 to 7
[  818.762598][   T10] f81534 4-1:0.12: f81534_find_config_idx: read failed: -71
[  818.789824][T14510]  loop2:
[  818.791580][   T10] f81534 4-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  818.800757][T14510] loop2: partition table partially beyond EOD, truncated
[  818.810800][   T10] f81534 4-1:0.12: probe with driver f81534 failed with error -71
[  818.857796][   T10] usb 4-1: USB disconnect, device number 25
[  818.870910][T14512] vivid-004: =================  START STATUS  =================
[  818.895175][T14512] vivid-004: Radio HW Seek Mode: Bounded
[  818.902854][T14512] vivid-004: Radio Programmable HW Seek: false
[  818.913883][T14512] vivid-004: RDS Rx I/O Mode: Block I/O
[  818.923620][T14512] vivid-004: Generate RBDS Instead of RDS: false
[  818.931973][T14512] vivid-004: RDS Reception: true
[  818.979857][T14512] vivid-004: RDS Program Type: 0 inactive
[  819.000561][T14512] vivid-004: RDS PS Name:  inactive
[  819.029107][T14512] vivid-004: RDS Radio Text:  inactive
[  819.046718][T14512] vivid-004: RDS Traffic Announcement: false inactive
[  819.053726][T14512] vivid-004: RDS Traffic Program: false inactive
[  819.068965][T14512] vivid-004: RDS Music: false inactive
[  819.077051][T14512] vivid-004: ==================  END STATUS  ==================
[  819.614435][T14526] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  819.730974][T14530] pimreg3: entered allmulticast mode
[  820.464485][T14537] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  820.517951][T14538] ubi31: attaching mtd0
[  820.528452][T14538] ubi31: scanning is finished
[  820.533169][T14538] ubi31: empty MTD device detected
[  820.670436][T14538] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  820.678318][T14538] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  820.687554][T14538] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  820.695043][T14538] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  820.702732][T14538] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  820.711268][T14538] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  820.720038][T14538] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 749664814
[  820.730500][T14538] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  820.740641][T14543] ubi31: background thread "ubi_bgt31d" started, PID 14543
[  820.795417][ T5895] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  820.944205][ T5895] usb 8-1: Using ep0 maxpacket: 16
[  820.951888][ T5895] usb 8-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  820.963895][ T5895] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  821.006673][ T5895] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  821.037745][ T5895] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  821.064961][ T5895] usb 8-1: Product: syz
[  821.069240][ T5895] usb 8-1: Manufacturer: syz
[  821.082907][ T5895] usb 8-1: SerialNumber: syz
[  821.237951][T14558] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2231'.
[  821.392979][ T5895] usb 8-1: 0:2 : does not exist
[  821.427856][ T5895] usb 8-1: 5:0: failed to get current value for ch 0 (-22)
[  821.481610][ T5895] usb 8-1: USB disconnect, device number 2
[  821.794463][   T30] kauditd_printk_skb: 51 callbacks suppressed
[  821.794485][   T30] audit: type=1326 audit(1750891722.056:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14568 comm="syz.6.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  821.826233][   T30] audit: type=1326 audit(1750891722.076:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14568 comm="syz.6.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  821.850100][   T30] audit: type=1326 audit(1750891722.076:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14568 comm="syz.6.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  821.875416][   T30] audit: type=1326 audit(1750891722.076:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14568 comm="syz.6.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  821.899729][   T30] audit: type=1326 audit(1750891722.076:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14568 comm="syz.6.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  821.921866][   T30] audit: type=1326 audit(1750891722.076:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14568 comm="syz.6.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  821.943791][   T30] audit: type=1326 audit(1750891722.076:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14568 comm="syz.6.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  822.147400][   T30] audit: type=1326 audit(1750891722.076:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14568 comm="syz.6.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  822.174362][   T30] audit: type=1326 audit(1750891722.076:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14568 comm="syz.6.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  822.204737][   T30] audit: type=1326 audit(1750891722.076:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14568 comm="syz.6.2235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  823.517632][T14608] Invalid source name
[  823.521702][T14608] UBIFS error (pid: 14608): cannot open "./file0", error -22
[  823.536252][T14608] binder: 14605:14608 ioctl 40046210 0 returned -14
[  823.637742][T14609] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2249'.
[  824.308752][T14622] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  824.357223][T14616] tunl0 speed is unknown, defaulting to 1000
[  824.472750][T14618] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2248'.
[  824.711463][T14616] lo speed is unknown, defaulting to 1000
[  825.695260][T14658] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2263'.
[  825.860772][T14661] Invalid source name
[  825.865050][T14661] UBIFS error (pid: 14661): cannot open "./file0", error -22
[  825.877960][T14661] binder: 14653:14661 ioctl 40046210 0 returned -14
[  825.973804][T14662] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2262'.
[  826.294535][T14660] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2263'.
[  826.748529][T14678] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  826.845874][T14680] netlink: 'syz.1.2269': attribute type 11 has an invalid length.
[  826.951283][    T9] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  827.121377][    T9] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  827.134871][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  827.150595][    T9] usb 7-1: Product: syz
[  827.160907][    T9] usb 7-1: Manufacturer: syz
[  827.171144][    T9] usb 7-1: SerialNumber: syz
[  827.189089][   T30] kauditd_printk_skb: 45 callbacks suppressed
[  827.189105][   T30] audit: type=1326 audit(1750891727.446:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14687 comm="syz.3.2272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  827.195793][    T9] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  827.244167][   T30] audit: type=1326 audit(1750891727.446:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14687 comm="syz.3.2272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  827.306549][   T10] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  827.334878][   T30] audit: type=1326 audit(1750891727.496:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14687 comm="syz.3.2272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  827.414416][   T30] audit: type=1326 audit(1750891727.496:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14687 comm="syz.3.2272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  827.421118][T14697] syz_tun: entered allmulticast mode
[  827.535583][T14695] syz_tun: left allmulticast mode
[  827.584774][   T30] audit: type=1326 audit(1750891727.496:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14687 comm="syz.3.2272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  827.634133][   T30] audit: type=1326 audit(1750891727.506:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14687 comm="syz.3.2272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  827.705124][   T30] audit: type=1326 audit(1750891727.506:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14687 comm="syz.3.2272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  827.750622][T14701] Invalid source name
[  827.754775][T14701] UBIFS error (pid: 14701): cannot open "./file0", error -22
[  827.763203][T14701] binder: 14696:14701 ioctl 40046210 0 returned -14
[  827.848661][T14702] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2276'.
[  828.043110][   T30] audit: type=1326 audit(1750891727.506:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14687 comm="syz.3.2272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  828.101627][T14705] netlink: 'syz.6.2266': attribute type 1 has an invalid length.
[  828.215658][T14705] netlink: 224 bytes leftover after parsing attributes in process `syz.6.2266'.
[  828.387161][   T30] audit: type=1326 audit(1750891727.506:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14687 comm="syz.3.2272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  828.496173][   T10] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[  828.503624][   T10] ath9k_htc: Failed to initialize the device
[  828.567102][   T10] usb 7-1: ath9k_htc: USB layer deinitialized
[  828.584595][   T30] audit: type=1326 audit(1750891727.506:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14687 comm="syz.3.2272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7efcddb8e929 code=0x7ffc0000
[  828.900627][    T9] usb 7-1: USB disconnect, device number 2
[  828.947817][T14724] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2280'.
[  828.990380][T14726] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2281'.
[  829.758993][T14759] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2294'.
[  830.255358][T14767] netlink: 'syz.3.2296': attribute type 12 has an invalid length.
[  830.451106][T14770] tunl0 speed is unknown, defaulting to 1000
[  830.786375][T14783] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2303'.
[  830.884331][    T9] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  830.926904][T14790] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  831.047162][    T9] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  831.076358][    T9] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  831.105818][    T9] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  831.127217][T14770] lo speed is unknown, defaulting to 1000
[  831.137585][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  831.166893][T14779] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  831.187460][    T9] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  831.260272][T14798] nbd2: detected capacity change from 0 to 4294967296
[  831.283504][T14799] block nbd2: shutting down sockets
[  831.399408][    T9] usb 7-1: USB disconnect, device number 3
[  831.526634][ T5895] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  831.740149][ T5895] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  831.765904][ T5895] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  831.784229][ T5895] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  831.800135][ T5895] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  831.810436][ T5895] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  831.826423][ T5895] usb 4-1: config 0 descriptor??
[  832.054219][   T24] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  832.224625][   T24] usb 8-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  832.283786][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  832.314544][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  832.354370][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  832.373298][   T24] usb 8-1: config 0 descriptor??
[  832.399169][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  832.448225][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  832.469100][   T24] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  832.522801][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  832.592525][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  832.672085][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  832.747909][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  832.807430][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  832.888348][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  832.969793][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  833.041596][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  833.128386][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  833.196380][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  833.203782][ T5895] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  833.261657][ T5895] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[  833.269943][T14819] xt_hashlimit: size too large, truncated to 1048576
[  833.300239][T14823] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2318'.
[  833.310789][T14823] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2318'.
[  833.310979][ T5895] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  833.320218][T14823] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2318'.
[  833.710085][ T5895] usb 4-1: USB disconnect, device number 26
[  833.849618][   T24] gspca_stv06xx: I2C: Read error writing address: -71
[  833.871089][   T24] usb 8-1: USB disconnect, device number 3
[  835.596420][T14853] netlink: 'syz.3.2324': attribute type 21 has an invalid length.
[  835.606200][T14853] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2324'.
[  836.201369][T14866] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2329'.
[  836.222578][T14866] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2329'.
[  836.256080][T14863] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2327'.
[  837.134199][   T24] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  837.408471][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  837.479314][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  837.528654][   T24] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  837.583271][T14885] block nbd2: shutting down sockets
[  837.608925][   T24] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  837.688330][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  837.730113][   T24] usb 8-1: config 0 descriptor??
[  837.857585][T14892] Bluetooth: MGMT ver 1.23
[  838.077282][T14894] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  838.207909][   T24] plantronics 0003:047F:FFFF.000B: unknown main item tag 0x6
[  838.241853][   T24] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  838.307093][   T24] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  838.413380][T14903] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2343'.
[  838.541326][   T24] usb 8-1: USB disconnect, device number 4
[  838.793279][T14911] tipc: Started in network mode
[  838.829922][T14911] tipc: Node identity be483235fc5b, cluster identity 4711
[  838.838837][T14911] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  838.972647][T14916] Invalid source name
[  839.014344][T14916] UBIFS error (pid: 14916): cannot open "./file0", error -22
[  839.064234][T14916] binder: 14895:14916 ioctl 40046210 0 returned -14
[  839.106291][T14911] syzkaller0: entered promiscuous mode
[  839.162313][T14911] syzkaller0: entered allmulticast mode
[  839.168702][T14911] tipc: Resetting bearer <eth:syzkaller0>
[  839.245024][T14910] tipc: Resetting bearer <eth:syzkaller0>
[  839.303165][T14917] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2341'.
[  839.600594][T14921] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2348'.
[  839.854240][   T10] tipc: Node number set to 1108554293
[  841.555257][T14910] tipc: Disabling bearer <eth:syzkaller0>
[  841.566376][T14928] sch_tbf: burst 32854 is lower than device lo mtu (65550) !
[  842.860403][T14960] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2359'.
[  842.870791][  T927] IPVS: starting estimator thread 0...
[  842.875725][T14957] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  842.976929][T14964] IPVS: using max 33 ests per chain, 79200 per kthread
[  843.409647][T14977] netlink: 'syz.7.2362': attribute type 4 has an invalid length.
[  843.579340][T14984] syz_tun: entered allmulticast mode
[  843.649928][T14981] syz_tun: left allmulticast mode
[  843.688862][T14987] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  843.785820][T14989] macvlan2: entered allmulticast mode
[  843.794593][T14989] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  844.302898][T15010] overlayfs: failed to clone upperpath
[  844.568736][T15016] Invalid source name
[  844.572802][T15016] UBIFS error (pid: 15016): cannot open "./file0", error -22
[  844.586821][T15016] binder: 15008:15016 ioctl 40046210 0 returned -14
[  844.607924][T15016] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2377'.
[  845.121622][T15016] team0: Port device team_slave_1 removed
[  845.146819][T15018] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2379'.
[  845.834214][T15033] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  845.834214][T15033]    program syz.2.2384 not setting count and/or reply_len properly
[  846.979179][T15046] netlink: 'syz.7.2390': attribute type 4 has an invalid length.
[  847.194530][T15047] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  848.259348][T15067] Invalid source name
[  848.263421][T15067] UBIFS error (pid: 15067): cannot open "./file0", error -22
[  848.278545][T15067] binder: 15058:15067 ioctl 40046210 0 returned -14
[  848.377078][T15069] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2394'.
[  849.436316][   T30] kauditd_printk_skb: 33 callbacks suppressed
[  849.436334][   T30] audit: type=1804 audit(1750891749.696:1175): pid=15085 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.6.2402" name="/newroot/85/file0" dev="tmpfs" ino=474 res=1 errno=0
[  852.516454][T15117] Invalid source name
[  852.521507][T15117] UBIFS error (pid: 15117): cannot open "./file0", error -22
[  853.017139][T15118] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2407'.
[  853.723769][T15130] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2412'.
[  854.347152][T15143] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  854.735815][T15158] Invalid source name
[  854.739884][T15158] UBIFS error (pid: 15158): cannot open "./file0", error -22
[  854.751857][T15158] binder: 15150:15158 ioctl 40046210 0 returned -14
[  854.851877][T15160] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2421'.
[  856.008156][   T30] audit: type=1326 audit(1750891756.256:1176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15138 comm="syz.2.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f778e98e929 code=0x7fc00000
[  856.199992][   T30] audit: type=1326 audit(1750891756.456:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15138 comm="syz.2.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f778e98e929 code=0x7fc00000
[  856.270689][T15180] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2428'.
[  858.246631][T15203] Invalid source name
[  858.250700][T15203] UBIFS error (pid: 15203): cannot open "./file0", error -22
[  858.918358][T15205] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2436'.
[  859.645156][T15216] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2441'.
[  860.789962][   T30] audit: type=1326 audit(1750891761.046:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15218 comm="syz.6.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  860.842713][   T30] audit: type=1326 audit(1750891761.046:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15218 comm="syz.6.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  860.999807][T15236] Invalid source name
[  861.003832][T15236] UBIFS error (pid: 15236): cannot open "./file0", error -22
[  861.006224][T15236] binder: 15223:15236 ioctl 40046210 0 returned -14
[  861.214473][T15239] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2444'.
[  861.843305][   T30] audit: type=1326 audit(1750891761.316:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15218 comm="syz.6.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  862.192678][T15243] pimreg: entered allmulticast mode
[  862.198284][   T30] audit: type=1326 audit(1750891761.316:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15218 comm="syz.6.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  862.571217][   T30] audit: type=1326 audit(1750891761.316:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15218 comm="syz.6.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  862.592913][    C0] vkms_vblank_simulate: vblank timer overrun
[  862.648286][T15258] netlink: 'syz.1.2450': attribute type 4 has an invalid length.
[  863.457804][ T8706] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  863.468324][   T30] audit: type=1326 audit(1750891761.326:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15218 comm="syz.6.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  863.489985][    C0] vkms_vblank_simulate: vblank timer overrun
[  863.496874][   T30] audit: type=1326 audit(1750891761.326:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15218 comm="syz.6.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  863.519482][   T30] audit: type=1326 audit(1750891762.066:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15218 comm="syz.6.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  863.541059][    C0] vkms_vblank_simulate: vblank timer overrun
[  863.548060][   T30] audit: type=1326 audit(1750891762.066:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15218 comm="syz.6.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  863.570540][   T30] audit: type=1326 audit(1750891762.066:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15218 comm="syz.6.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  863.586799][ T8706] ------------[ cut here ]------------
[  863.592207][    C0] vkms_vblank_simulate: vblank timer overrun
[  863.603937][   T30] audit: type=1326 audit(1750891762.086:1188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15218 comm="syz.6.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  863.625535][    C0] vkms_vblank_simulate: vblank timer overrun
[  863.760933][ T8706] UBSAN: array-index-out-of-bounds in net/mac80211/scan.c:1223:5
[  863.816153][ T8706] index 11 is out of range for type 'struct ieee80211_channel *[] __counted_by(n_channels)' (aka 'struct ieee80211_channel *[]')
[  863.904215][T15266] Invalid source name
[  863.908284][T15266] UBIFS error (pid: 15266): cannot open "./file0", error -22
[  863.921737][T15266] binder: 15260:15266 ioctl 40046210 0 returned -14
[  864.022016][T15267] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2452'.
[  864.383571][   T30] audit: type=1326 audit(1750891762.096:1189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15218 comm="syz.6.2440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0bbf78e929 code=0x7ffc0000
[  864.413988][ T8706] CPU: 1 UID: 0 PID: 8706 Comm: kworker/u8:15 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) 
[  864.414007][ T8706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  864.414014][ T8706] Workqueue: events_unbound cfg80211_wiphy_work
[  864.414039][ T8706] Call Trace:
[  864.414050][ T8706]  <TASK>
[  864.414058][ T8706]  dump_stack_lvl+0x189/0x250
[  864.414086][ T8706]  ? __pfx_dump_stack_lvl+0x10/0x10
[  864.414103][ T8706]  ? __pfx__printk+0x10/0x10
[  864.414120][ T8706]  ubsan_epilogue+0xa/0x40
[  864.414131][ T8706]  __ubsan_handle_out_of_bounds+0xe9/0xf0
[  864.414150][ T8706]  ieee80211_request_ibss_scan+0x600/0x8b0
[  864.414172][ T8706]  ieee80211_ibss_work+0xd85/0x1060
[  864.414185][ T8706]  ? lockdep_hardirqs_on+0x9c/0x150
[  864.414200][ T8706]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  864.414212][ T8706]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  864.414223][ T8706]  ? kcov_remote_stop+0x17e/0x6d0
[  864.414235][ T8706]  ? __pfx_ieee80211_ibss_work+0x10/0x10
[  864.414250][ T8706]  ? skb_dequeue+0x10e/0x150
[  864.414264][ T8706]  ? ieee80211_iface_work+0xcd4/0xfe0
[  864.414279][ T8706]  ? ieee80211_iface_work+0xf39/0xfe0
[  864.414303][ T8706]  cfg80211_wiphy_work+0x2df/0x460
[  864.414314][ T8706]  ? process_scheduled_works+0x9ef/0x17b0
[  864.414329][ T8706]  process_scheduled_works+0xade/0x17b0
[  864.414358][ T8706]  ? __pfx_process_scheduled_works+0x10/0x10
[  864.414381][ T8706]  worker_thread+0x8a0/0xda0
[  864.414397][ T8706]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  864.414414][ T8706]  ? __kthread_parkme+0x7b/0x200
[  864.414433][ T8706]  kthread+0x70e/0x8a0
[  864.414445][ T8706]  ? __pfx_worker_thread+0x10/0x10
[  864.414458][ T8706]  ? __pfx_kthread+0x10/0x10
[  864.414469][ T8706]  ? _raw_spin_unlock_irq+0x23/0x50
[  864.414481][ T8706]  ? lockdep_hardirqs_on+0x9c/0x150
[  864.414492][ T8706]  ? __pfx_kthread+0x10/0x10
[  864.414503][ T8706]  ret_from_fork+0x3fc/0x770
[  864.414519][ T8706]  ? __pfx_ret_from_fork+0x10/0x10
[  864.414534][ T8706]  ? __switch_to_asm+0x39/0x70
[  864.414543][ T8706]  ? __switch_to_asm+0x33/0x70
[  864.414550][ T8706]  ? __pfx_kthread+0x10/0x10
[  864.414560][ T8706]  ret_from_fork_asm+0x1a/0x30
[  864.414579][ T8706]  </TASK>
[  864.714767][ T8706] ---[ end trace ]---
[  864.769149][ T8706] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[  864.776377][ T8706] CPU: 1 UID: 0 PID: 8706 Comm: kworker/u8:15 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) 
[  864.788623][ T8706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  864.798677][ T8706] Workqueue: events_unbound cfg80211_wiphy_work
[  864.805185][ T8706] Call Trace:
[  864.808453][ T8706]  <TASK>
[  864.811372][ T8706]  dump_stack_lvl+0x99/0x250
[  864.815962][ T8706]  ? __asan_memcpy+0x40/0x70
[  864.820549][ T8706]  ? __pfx_dump_stack_lvl+0x10/0x10
[  864.825742][ T8706]  ? __pfx__printk+0x10/0x10
[  864.830330][ T8706]  panic+0x2db/0x790
[  864.834224][ T8706]  ? __pfx_panic+0x10/0x10
[  864.838633][ T8706]  ? _printk+0xcf/0x120
[  864.842790][ T8706]  ? __pfx__printk+0x10/0x10
[  864.847374][ T8706]  check_panic_on_warn+0x89/0xb0
[  864.852301][ T8706]  __ubsan_handle_out_of_bounds+0xe9/0xf0
[  864.858020][ T8706]  ieee80211_request_ibss_scan+0x600/0x8b0
[  864.863828][ T8706]  ieee80211_ibss_work+0xd85/0x1060
[  864.869020][ T8706]  ? lockdep_hardirqs_on+0x9c/0x150
[  864.874216][ T8706]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  864.880195][ T8706]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  864.886516][ T8706]  ? kcov_remote_stop+0x17e/0x6d0
[  864.891535][ T8706]  ? __pfx_ieee80211_ibss_work+0x10/0x10
[  864.897165][ T8706]  ? skb_dequeue+0x10e/0x150
[  864.901746][ T8706]  ? ieee80211_iface_work+0xcd4/0xfe0
[  864.907115][ T8706]  ? ieee80211_iface_work+0xf39/0xfe0
[  864.912488][ T8706]  cfg80211_wiphy_work+0x2df/0x460
[  864.917588][ T8706]  ? process_scheduled_works+0x9ef/0x17b0
[  864.923317][ T8706]  process_scheduled_works+0xade/0x17b0
[  864.928876][ T8706]  ? __pfx_process_scheduled_works+0x10/0x10
[  864.934868][ T8706]  worker_thread+0x8a0/0xda0
[  864.939460][ T8706]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  864.945802][ T8706]  ? __kthread_parkme+0x7b/0x200
[  864.950741][ T8706]  kthread+0x70e/0x8a0
[  864.954824][ T8706]  ? __pfx_worker_thread+0x10/0x10
[  864.959927][ T8706]  ? __pfx_kthread+0x10/0x10
[  864.964508][ T8706]  ? _raw_spin_unlock_irq+0x23/0x50
[  864.969785][ T8706]  ? lockdep_hardirqs_on+0x9c/0x150
[  864.975067][ T8706]  ? __pfx_kthread+0x10/0x10
[  864.979652][ T8706]  ret_from_fork+0x3fc/0x770
[  864.984243][ T8706]  ? __pfx_ret_from_fork+0x10/0x10
[  864.989361][ T8706]  ? __switch_to_asm+0x39/0x70
[  864.994117][ T8706]  ? __switch_to_asm+0x33/0x70
[  864.998873][ T8706]  ? __pfx_kthread+0x10/0x10
[  865.003459][ T8706]  ret_from_fork_asm+0x1a/0x30
[  865.008225][ T8706]  </TASK>
[  865.011482][ T8706] Kernel Offset: disabled
[  865.015864][ T8706] Rebooting in 86400 seconds..