last executing test programs:

5m30.645182479s ago: executing program 0 (id=2965):
r0 = socket$tipc(0x1e, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
socket$unix(0x1, 0x1, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8937, &(0x7f0000000000)={'dummy0\x00', @random="0100002010ff"})
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x1b8}, 0x1, 0x0, 0x0, 0x4040841}, 0x4010)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xb, 0x8, &(0x7f00000003c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x32}, 0x94)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'bond0\x00'})

5m30.544375783s ago: executing program 0 (id=2968):
r0 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000040), 0x4)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r1, 0x0, 0x8, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x6, &(0x7f0000000000)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0x10, 0x2, 0x4)
r6 = dup(0xffffffffffffffff)
write$UHID_INPUT(r6, &(0x7f0000000000)={0xc, {"a2e3ad2109c752f91b5a470987f70e06d038e7ff7fc6e5539b3245078b089b3208336d060890e0878f0e1ac6e70a9b3368959b6c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b38070d095d0936cd3b78130daa61f8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6cb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="02000000010000000000000004000000000000001000000000000000200000000000000078870470b900000100000000004ff5ca9063b74387d477a09023487413703326f48b84455172b07171f673"], 0x24, 0x0)
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000011, 0x10010, r0, 0x203c0000)
r7 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSWINSZ(r7, 0x5414, &(0x7f0000000000)={0x8, 0x8000, 0xc0})

5m14.394399395s ago: executing program 0 (id=2972):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f0000000040)=0x2, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, 0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000003e40), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$SEG6_CMD_SETHMAC(r5, &(0x7f0000004440)={0x0, 0x0, &(0x7f0000004400)={&(0x7f0000000340)=ANY=[@ANYBLOB="34000000841675f38fb6dd53e9d187bb187e3cef3acbcb0632d8b29575fc63ab13bb000f9fa1e3c37c83b8280184e2ff40587a0832c1055c79f00c974e35f3751531cefef91c5af4f5346510e4d6f29d2e4d5dc9e80ca15d684c7a9e9b860c615b59cd19c1dd91ead23c625a5e08000cb19ee70d40bb48471bced0fea8c135c89482aaf05e2c", @ANYRES16=r4, @ANYBLOB="0d022bbd7000fedbdf2501000000050005000400000008000400ffff00000800030006000000050006000d000000"], 0x34}}, 0x4000)
r6 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, 0x0, 0x108)
r7 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCDELRT(r7, 0x890c, &(0x7f0000000240)={0x1, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={'nr', 0x0}, 0x5, 'syz1\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x1, 0x8, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x40000, &(0x7f0000000240)={0x11, 0xf7, 0x0, 0x1, 0x20, 0x6, @remote}, 0x14)
r8 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000240)={'hsr0\x00', <r9=>0x0})
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newneigh={0x24, 0x1c, 0x1, 0x70bd26, 0x25dfdbff, {0x2, 0x0, 0x0, r9, 0x4, 0x80, 0x7}, [@NDA_DST_IPV4={0x8, 0x1, @local}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008004}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001240)=[{{&(0x7f00000000c0)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000100)="bdc7e11ad8d313ec9f8679e29ffc69b79a1d175b7deb0b5d1cc3439cd56cd80f5c18", 0x22}, {&(0x7f00000001c0)="f66dcd6183404156c2b9", 0xa}, {&(0x7f00000002c0)="abdbce5ee82de6141aa7c22923ae7d8e36bc95043ae2df23d167bb3eff0de993b41084e5f2503aa3e2006e3a3aa58ef35ddf60", 0x33}], 0x3, &(0x7f0000000440)=[@ip_retopts={{0x48, 0x0, 0x7, {[@timestamp={0x44, 0x10, 0x69, 0x0, 0x9, [0xffffffff, 0x5, 0x7]}, @ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x23, 0xffffffffffffffff, [{0x2, 0xd, "ed077d632ebc352f7e223f"}, {0x1, 0x10, "b8ca2a69b9fe63fbc07da2b77382"}]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xe}}], 0x60}}, {{&(0x7f00000004c0)={0x2, 0x4e20, @private=0xa010100}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000500)="bcc4ce7ee49f58f4f9bd814e6931b019a963afa109394e652ee7f5a31a09351027a0f71582544d5c040c3a81ea022ab225d51b64b8bb956b4c95c31bc831a70cce411f587568f359d3c3636dd053b0abc443517ffd14a1b4bd01918f1febf782b4b526f83bdbe2042e1bdd83662bc9d5ede809e4a18dfca7ec0ebd0e", 0x7c}, {&(0x7f0000000580)="d994d2b3a6c3828fbb930b1c665d5d74234d6798c12be2c40ec19a755c1cda3de9ab53e4d118de7501b34471bd3838a839e7ac3b07e090aeb15204a42afec7de5ba1f60ac01920973994420f9ac602d86550a75abca3ad4259ef38b5ea5806267f1be25306f4b15f49b4269d7278aaf4b5787c80f814b313b36f0c", 0x7b}, {&(0x7f0000000600)="f168451d1980476c5b3811b9cdf93b93f3c8e101e2ac612b4855ad857cfbd18fe5915d0c03c7e2fb7866e93f3f67e37fe465d9bb2685a8a728", 0x39}, {&(0x7f0000000640)="b30b24f4dc08539ca1918d2f5d79ec2bdf2a3a770a7ec5065aaeab584396dd2860580b89cfc2412536b1affbabf6b9f18db8d65023f4780c45d36da19c6f9dc420bd0b4d2f1b2947161887c931db1f65b4f0d7e6600568781a4b9546c0ec4756b02377e34969d13f10ab349797bad46bd903866613480b4b2e932627da98c896e7f04c8b9621d520fbc6e2c909b45d2fe13b60c00201c13bc5c8717b5820a52228f71f1eacf528a0f48a5a2adee7e8e8e296944bfcd2e568c637ee6508d8c6fa91e520", 0xc3}], 0x4, &(0x7f0000000800)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x8000}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x40}}, @ip_retopts={{0x48, 0x0, 0x7, {[@timestamp={0x44, 0x24, 0xde, 0x0, 0x4, [0x8, 0x3, 0x5, 0xff, 0x8001, 0x0, 0x8, 0x4]}, @timestamp_prespec={0x44, 0xc, 0xbd, 0x3, 0x9, [{@multicast2}]}, @ra={0x94, 0x4, 0x1}, @end]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x64010100, @local}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @private=0xa010100}}}], 0xe8}}, {{&(0x7f0000000900)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000001040)=[{&(0x7f0000000a00)="f6c351a812a58c9ad05cb1e92c1e2ee6e2640db2c059b54af77a241541e68743f39401b86b0b5504746c78b5fd660f139a6e7630dafa822e9f4d73b7c8b954d7a34b8a6663c60ed04a0e33d0551d8aba43521ba25b75371cef3dc7c18cf84172a499563504059869ed9cf067a2e48e424113412da65db9107e622a2e76edf59495d8e649289bfc2e1e0962a216f232c3a6204d8b54584e147547d1e850e2b7be55889c75a09096eaa1256c649e8020e33e548a43f064e7f97c320ac92de2c0ef65b81219ee25976ad2fd51d1d055b21d54f8", 0xd2}, {&(0x7f0000000b00)="0a6e6f79fcc5ce08e7d26bb70118c690587321597f25f023188ef09cd18cc9598cbbc00a02bb26c623ef07f08356a84f4e747b09bace749d00123f1a067a363136ce4ffd75cc03f444fd6b2f0e6ae3bf294e5978b884f9fcc9572b9504f9c4d07984905cd462c81ea6b0874df7870d3baab5de51b45502797af2943599231b5b14d23d3be2305121f4d3414dd4054a1f752d9b2360342ea610cc8e495cb899b335", 0xa1}, {&(0x7f0000000bc0)="e3a6741893f892472a4b8594bf20dd7eb7bf959c70ede52d82689fe8b449d86a9df9aae7365d11d591b4d466d0b088a30db2f661db2ba3b123584db3defec4243c94f9f87d371ce92c7a41edaf91930a4928249317576753feee39110fcb388e940773c3fb7b422fde9ea704bd548479e897e6feea8c797891b3516c63b1b9970d06bd4042885adc83", 0x89}, {&(0x7f0000000940)="d5126c6f9698137d7fb3ffd3eb7201a226889c3c2deb0c111fe5680dee85dd12514c0917680bee55f26188ca4a3a0eca86f3915cbbf375dc1a60757985fabd15798b2a1cf6a4be7908d2", 0x4a}, {&(0x7f0000000c80)="1aed6a0e939caccf278fbcd91c788db71c137fdd9240579dcad6f13a50616e73c14f4f281d51ff82a25ed986e220ff042319980d755a2db4a7e8e8151c016e9ea1361b96149aa6fd5d5efce6279f2701f61db84f70d38a969b4ed842a017d2c71594770d42b38c14218f51199845b83033fd0699c0535a9e5b9a932a4fadd39a8e7804e9e21fbe70f57c673a1f125376d586af5cce78352ce02799fc62131cf33147adb86c7365c9f0c7186e3a68f66b648651d75001e0030e1212de0cfad8a5949fb5a0317ff7e9f9520a02a89793f57d068005e01223762d61bdf016187d26e881c1c605dc3613d6275e", 0xeb}, {&(0x7f0000000d80)}, {&(0x7f0000000dc0)="3ea74c1182ab178d6b0bfc46064e544ad039952cd71d6ae1690fc3510cdc29398f6873c962104ad039cfd7e096afbeeeeb637c535e434ce2c7412048ba442e9c0fa9c7e1a24bfc4bf9896f8adce5cf7da8a9f5e1d7234c5a587036", 0x5b}, {&(0x7f0000000e40)="317f4abb8215c85af432a124ac8a6f902616a562f23d432f9a6d77e13225ee1d9b7551de6c667a63907d66c77231542dda549b33675aaf5582a1a2b55be0e36194bd87b13b2a1f5f1af9c8231d623e396e8d16e783c3e2d051c51f6ac6a51c6bc99292b5aa4a634a7613e5fbd880452ffc0b873bc5552633c0e95aa48b0051ba5d0096d0a404493e0e99e786e771a9a3edcfb4bf81e43d063aaf9dc235fe63a1d6aa3d357e2e19f73e5a1740ec5916c5e880f38b9b295d3da82cc4eb9aea9568e3afc40d7f4fc12ba5a1b46e2269b5a2dcc56574c1103af47ae55e4d993f43500c6b82c90fb490a10582d5182716ac6e03f484", 0xf3}, {&(0x7f0000000f40)="09d2c6ec86969d552d262669e68f2996b365a809f739c4af342a0faa0d02d89695a6ed35893eef827ba9e087851923418c6c4dec6df98390fe7400bc74550285ff88d8ebab1b6f5a", 0x48}, {&(0x7f0000000fc0)="dcc239d59e76456a1d479f12baddc98834e488a759e36ecfed845ebe6c3b80d98660defd173aef120452338b56f736040e4ac3e8a851fd0bc96d835773146f7eaade21c93d591016dfa8", 0x4a}], 0xa, &(0x7f0000001180)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @remote}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @dev={0xac, 0x14, 0x14, 0x17}, @multicast1}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x2}}, @ip_ttl={{0x14, 0x0, 0x2, 0x80}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8000}}], 0x88}}], 0x3, 0xc0)

5m13.460263747s ago: executing program 0 (id=2996):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f0000000040)=0x2, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, 0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000003e40), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$SEG6_CMD_SETHMAC(r5, &(0x7f0000004440)={0x0, 0x0, &(0x7f0000004400)={&(0x7f0000000340)=ANY=[@ANYRES16=r4, @ANYBLOB="0d022bbd7000fedbdf2501000000050005000400000008"], 0x34}}, 0x4000)
socket$inet_icmp(0x2, 0x2, 0x1)
r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCDELRT(r6, 0x890c, &(0x7f0000000240)={0x1, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={'nr', 0x0}, 0x5, 'syz1\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x1, 0x8, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x40000, &(0x7f0000000240)={0x11, 0xf7, 0x0, 0x1, 0x20, 0x6, @remote}, 0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000001100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000001140)=0x14)
r7 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000240)={'hsr0\x00', <r8=>0x0})
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newneigh={0x24, 0x1c, 0x1, 0x70bd26, 0x25dfdbff, {0x2, 0x0, 0x0, r8, 0x4, 0x80, 0x7}, [@NDA_DST_IPV4={0x8, 0x1, @local}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008004}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001240)=[{{&(0x7f00000000c0)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000100)="bdc7e11ad8d313ec9f8679e29ffc69b79a1d175b7deb0b5d1cc3439cd56cd80f5c18", 0x22}, {&(0x7f00000001c0)="f66dcd6183", 0x5}, {&(0x7f00000002c0)="abdbce5ee82de6141aa7c22923ae7d8e36bc95043ae2df23d167bb3eff0de993b41084e5f2503aa3e2006e3a3aa58ef35ddf", 0x32}], 0x3, &(0x7f0000000440)=[@ip_retopts={{0x48, 0x0, 0x7, {[@timestamp={0x44, 0x10, 0x69, 0x0, 0x9, [0xffffffff, 0x5, 0x7]}, @ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x23, 0xffffffffffffffff, [{0x2, 0xd, "ed077d632ebc352f7e223f"}, {0x1, 0x10, "b8ca2a69b9fe63fbc07da2b77382"}]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xe}}], 0x60}}, {{&(0x7f00000004c0)={0x2, 0x4e20, @private=0xa010100}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000500)="bcc4ce7ee49f58f4f9bd814e6931b019a963afa109394e652ee7f5a31a09351027a0f71582544d5c040c3a81ea022ab225d51b64b8bb956b4c95c31bc831a70cce411f587568f359d3c3636dd053b0abc443517ffd14a1b4bd01918f1febf782b4b526f83bdbe2042e1bdd8366", 0x6d}, {&(0x7f0000000580)="d994d2b3a6c3828fbb930b1c665d5d74234d6798c12be2c40ec19a755c1cda3de9ab53e4d118de7501b34471bd3838a839e7ac3b07e090aeb15204a42afec7de5ba1f60ac01920973994420f9ac602d86550a75abca3ad4259ef38b5ea5806267f1be25306f4b15f49b4269d7278aaf4b5787c80f814b313b36f0c", 0x7b}, {&(0x7f0000000600)="f168451d1980476c5b3811b9cdf93b93f3c8e101e2ac612b4855ad857cfbd18fe5915d0c03c7e2fb7866e9", 0x2b}, {&(0x7f0000000640)="b30b24f4dc08539ca1918d2f5d79ec2bdf2a3a770a7ec5065aaeab584396dd2860580b89cfc2412536b1affbabf6b9f18db8d65023f4780c45d36da19c6f9dc420bd0b4d2f1b2947161887c931db1f65b4f0d7e6600568781a4b9546c0ec4756b02377e34969d13f10ab349797bad46bd903866613480b4b2e932627da98c896e7f04c8b9621d520fbc6e2c909b45d2fe13b60c00201c13bc5c8717b5820a52228f71f1eacf528a0f48a5a2adee7e8e8e296944bfcd2e568c637ee6508d8c6fa91e520", 0xc3}], 0x4}}, {{&(0x7f0000000900)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000001040)=[{0x0}, {&(0x7f0000000bc0)="e3a6741893f892472a4b8594bf20dd7eb7bf959c70ede52d82689fe8b449d86a9df9aae7365d11d591b4d466d0b088a30db2f661db2ba3b123584db3defec4243c94f9f87d371ce92c7a41edaf91930a4928249317576753feee39110fcb388e940773c3fb7b422fde9ea704bd548479e897e6feea8c797891b3516c63b1b9970d06bd4042885adc", 0x88}, {&(0x7f0000000940)}, {&(0x7f0000000c80)="1aed6a0e939caccf278fbcd91c788db71c137fdd9240579dcad6f13a50616e73c14f4f281d51ff82a25ed986e220ff042319980d755a2db4a7e8e8151c016e9ea1361b96149aa6fd5d5efce6279f2701f61db84f70d38a969b4ed842a017d2c71594770d42b38c14218f51199845b83033fd0699c0535a9e5b9a932a4fadd39a8e7804e9e21fbe70f57c673a1f125376d586af5cce78352ce02799fc62131cf33147adb86c7365c9f0c7186e3a68f66b648651d75001e0030e1212de0cfad8a5949fb5a0317ff7e9f9520a02a89793f57d068005e01223762d61bdf016", 0xdd}, {&(0x7f0000000d80)}, {&(0x7f0000000dc0)="3ea74c1182ab178d6b0bfc46064e544ad039952cd71d6ae1690fc3510cdc29398f6873c962104ad039cfd7e096afbeeeeb637c535e434ce2c7412048ba442e9c0fa9c7e1a24bfc4bf9896f8adce5cf7da8a9f5e1d7234c5a587036", 0x5b}, {&(0x7f0000000e40)}, {0x0}], 0x8, &(0x7f0000001180)}}], 0x3, 0xc0)

5m11.130398358s ago: executing program 0 (id=3000):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000021c0)=ANY=[@ANYBLOB="140000003a00010325bd7000fcffffff06"], 0x5a}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)
getpgrp(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
fchdir(r5)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r7, &(0x7f0000004200)='t', 0x1)
sendfile(r7, r6, 0x0, 0x40001)

5m7.373895541s ago: executing program 0 (id=3001):
r0 = syz_open_procfs$userns(0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4043, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r3)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f00000002c0)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02\\\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab?P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb8\x10\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\x03\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7vC\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r4 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r4, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r4, 0x402)
r5 = syz_usb_connect$uac1(0x2, 0xa5, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902930003010000000904000000010100000a240100000002010213240600000600000000000000dfff000000000924030000000000000924050000f8431cfd09240300000300040206240504"], 0x0)
syz_usb_control_io(r5, &(0x7f00000009c0)={0x2c, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x816}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r5, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x4, @lang_id={0x4}}}, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, &(0x7f0000002640)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000a80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)={0x40, 0xb, 0x2, "e302"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r5, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000340)={0x0, 0x3, 0x56, @string={0x56, 0x3, "ff0f9ca5c66b46921fe706c4f6f153c06c1c17e54654bf66c6879ffdbb867052e832a8f7b8e82c829f923d2b0eb6df32af533b8c30c1b61f33ae039c76ef71336a8a3f2aa6b6dc7fe0e9bf752cf9a81bcdea9aa3"}}}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0x7ff, 0x8, 0x8, 0x80, 0x8, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0xa, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0xff, 0x6, 0x5, 0x4, 0x0, 0x7, 0x3c57, 0x0, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x5, 0x7, 0x83, 0x9, 0x4c74, 0x0, 0x242, 0x2, 0xe, 0x0, 0x400, 0x7, 0x17, 0x21, 0x7, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x85, 0x6, 0xffff8001, 0x2, 0x83, 0x0, 0x5, 0x6, 0x8, 0x4, 0xffffffff, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0x88, 0xf9, 0x388000, 0x2bb, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2b, 0xe, 0x312, 0x78, 0xea4, 0x0, 0xfff, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x4, 0x0, 0x1000ff, 0x5, 0x1000005, 0x5f31, 0xf, 0xd86, 0x2, 0x4, 0x8, 0x4, 0x9, 0x9, 0x9, 0x6, 0x47, 0xbc2, 0x1, 0xfe000000, 0x8, 0x2, 0x200004, 0x9, 0x3, 0x3, 0x9, 0x4, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x1, 0x4, 0x5, 0x71d, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x3, 0x5, 0x800000, 0x1ef, 0x8, 0x8, 0x86, 0x3, 0x3038, 0xff, 0xb, 0x2, 0x2, 0x2, 0x7, 0x20000008, 0x4, 0x16d01, 0x2, 0x8, 0x800003, 0x600, 0x80, 0xaf7, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x4a9, 0x5, 0x6, 0xac8, 0x5, 0x7, 0x3, 0x7ff, 0x127, 0x4, 0x1, 0x542, 0x3, 0x5, 0x1b, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x80000000], [0x9, 0xbb33, 0xa, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x3, 0xfffd, 0x9, 0x7fff, 0xffff, 0xa620, 0x1, 0x7, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x10000016, 0xffffffff, 0x80000000, 0x5, 0xffffffff, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xae, 0x8, 0x6, 0x226, 0x3, 0x100, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x8, 0x4, 0x5, 0x40b1e, 0xd7, 0x200, 0xffff3441, 0x7ff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000240)={0xd0, 0x0, &(0x7f00000005c0)=[@request_death, @reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000040)={@fda={0x66646185, 0x7, 0x2, 0x6}, @fda={0x66646185, 0x0, 0x1, 0xa}, @ptr={0x70742a85, 0x0, &(0x7f0000000840)=""/4096, 0x1000, 0x1, 0x6}}, &(0x7f00000000c0)={0x0, 0x20, 0x40}}}, @reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000540)={@ptr={0x70742a85, 0x1, &(0x7f0000000440)=""/226, 0xe2, 0x2}, @flat=@weak_binder={0x77622a85, 0x103, 0x1}, @flat=@handle={0x73682a85, 0x10b, 0x1}}, &(0x7f00000001c0)={0x0, 0x28, 0x40}}}, @acquire_done={0x40106309, 0x3}, @acquire={0x40046305, 0x2}, @acquire_done, @release={0x40046306, 0x2}], 0xb1, 0x0, &(0x7f00000006c0)="8f2e1244ba8423c1b03191065078ac71cbebf10c63469a1132fcdb7256a07c702d807087cbc229bf3d674bfdcc49f65f918b3910c75dcdef3a62968442d34b1a91bf5b4f98c039f6df1177d2618cb5cbb5f6d44b4f2a04f6b5cfcaa69770fbb41f897bc64dcf5e13d0151315ffe0d1a0803e7ad9c9cf65c1dd4838d5e08ffb78d1624e26b4c167fc8913c910e612a7ed36985df8f49d0261f00d601f811fce6617d1a32a0a489313b6aca7cda7c005d62a"})
ioctl$NS_GET_OWNER_UID(r0, 0xb704, 0xfffffffffffffffe)

4m51.672949943s ago: executing program 32 (id=3001):
r0 = syz_open_procfs$userns(0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4043, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r3)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f00000002c0)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02\\\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab?P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb8\x10\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\x03\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7vC\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r4 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r4, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r4, 0x402)
r5 = syz_usb_connect$uac1(0x2, 0xa5, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902930003010000000904000000010100000a240100000002010213240600000600000000000000dfff000000000924030000000000000924050000f8431cfd09240300000300040206240504"], 0x0)
syz_usb_control_io(r5, &(0x7f00000009c0)={0x2c, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x816}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r5, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x4, @lang_id={0x4}}}, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, &(0x7f0000002640)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000a80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)={0x40, 0xb, 0x2, "e302"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r5, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000340)={0x0, 0x3, 0x56, @string={0x56, 0x3, "ff0f9ca5c66b46921fe706c4f6f153c06c1c17e54654bf66c6879ffdbb867052e832a8f7b8e82c829f923d2b0eb6df32af533b8c30c1b61f33ae039c76ef71336a8a3f2aa6b6dc7fe0e9bf752cf9a81bcdea9aa3"}}}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0x7ff, 0x8, 0x8, 0x80, 0x8, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0xa, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0xff, 0x6, 0x5, 0x4, 0x0, 0x7, 0x3c57, 0x0, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x5, 0x7, 0x83, 0x9, 0x4c74, 0x0, 0x242, 0x2, 0xe, 0x0, 0x400, 0x7, 0x17, 0x21, 0x7, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x85, 0x6, 0xffff8001, 0x2, 0x83, 0x0, 0x5, 0x6, 0x8, 0x4, 0xffffffff, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0x88, 0xf9, 0x388000, 0x2bb, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2b, 0xe, 0x312, 0x78, 0xea4, 0x0, 0xfff, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x4, 0x0, 0x1000ff, 0x5, 0x1000005, 0x5f31, 0xf, 0xd86, 0x2, 0x4, 0x8, 0x4, 0x9, 0x9, 0x9, 0x6, 0x47, 0xbc2, 0x1, 0xfe000000, 0x8, 0x2, 0x200004, 0x9, 0x3, 0x3, 0x9, 0x4, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x1, 0x4, 0x5, 0x71d, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x3, 0x5, 0x800000, 0x1ef, 0x8, 0x8, 0x86, 0x3, 0x3038, 0xff, 0xb, 0x2, 0x2, 0x2, 0x7, 0x20000008, 0x4, 0x16d01, 0x2, 0x8, 0x800003, 0x600, 0x80, 0xaf7, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x4a9, 0x5, 0x6, 0xac8, 0x5, 0x7, 0x3, 0x7ff, 0x127, 0x4, 0x1, 0x542, 0x3, 0x5, 0x1b, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x80000000], [0x9, 0xbb33, 0xa, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x3, 0xfffd, 0x9, 0x7fff, 0xffff, 0xa620, 0x1, 0x7, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x10000016, 0xffffffff, 0x80000000, 0x5, 0xffffffff, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xae, 0x8, 0x6, 0x226, 0x3, 0x100, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x8, 0x4, 0x5, 0x40b1e, 0xd7, 0x200, 0xffff3441, 0x7ff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000240)={0xd0, 0x0, &(0x7f00000005c0)=[@request_death, @reply={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000040)={@fda={0x66646185, 0x7, 0x2, 0x6}, @fda={0x66646185, 0x0, 0x1, 0xa}, @ptr={0x70742a85, 0x0, &(0x7f0000000840)=""/4096, 0x1000, 0x1, 0x6}}, &(0x7f00000000c0)={0x0, 0x20, 0x40}}}, @reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000540)={@ptr={0x70742a85, 0x1, &(0x7f0000000440)=""/226, 0xe2, 0x2}, @flat=@weak_binder={0x77622a85, 0x103, 0x1}, @flat=@handle={0x73682a85, 0x10b, 0x1}}, &(0x7f00000001c0)={0x0, 0x28, 0x40}}}, @acquire_done={0x40106309, 0x3}, @acquire={0x40046305, 0x2}, @acquire_done, @release={0x40046306, 0x2}], 0xb1, 0x0, &(0x7f00000006c0)="8f2e1244ba8423c1b03191065078ac71cbebf10c63469a1132fcdb7256a07c702d807087cbc229bf3d674bfdcc49f65f918b3910c75dcdef3a62968442d34b1a91bf5b4f98c039f6df1177d2618cb5cbb5f6d44b4f2a04f6b5cfcaa69770fbb41f897bc64dcf5e13d0151315ffe0d1a0803e7ad9c9cf65c1dd4838d5e08ffb78d1624e26b4c167fc8913c910e612a7ed36985df8f49d0261f00d601f811fce6617d1a32a0a489313b6aca7cda7c005d62a"})
ioctl$NS_GET_OWNER_UID(r0, 0xb704, 0xfffffffffffffffe)

16.50398814s ago: executing program 1 (id=3664):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000cf8bed20d90f25004029730000010902120001000000000904"], 0x0)
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000083667d1040206402d14e0102030109021b000100000000090400000190f19c00090584"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f00000006c0)={0x84, &(0x7f00000002c0)={0x20, 0x6, 0x1, '6'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_connect$cdc_ecm(0x2, 0x60, &(0x7f0000000100)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x4e, 0x1, 0x1, 0xd4, 0x0, 0x9, [{{0x9, 0x4, 0x0, 0x7f, 0x3, 0x2, 0x6, 0x0, 0x8, {{0xb, 0x24, 0x6, 0x0, 0x0, "d845518ddba5"}, {0x5, 0x24, 0x0, 0xfffa}, {0xd, 0x24, 0xf, 0x1, 0x6, 0x7, 0x68, 0x9}, [@acm={0x4, 0x24, 0x2, 0x8}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x10, 0x6, 0x3, 0xd}}], {{0x9, 0x5, 0x82, 0x2, 0x40, 0x3, 0x1, 0xf6}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x3, 0x0, 0x13}}}}}]}}]}}, &(0x7f0000000400)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x200, 0x8, 0xfe, 0x9, 0x20, 0x3}, 0xc, &(0x7f0000000280)={0x5, 0xf, 0xc, 0x1, [@ext_cap={0x7, 0x10, 0x2, 0x12, 0x3, 0x1, 0xb}]}, 0x4, [{0x7, &(0x7f0000000300)=@string={0x7, 0x3, "f79cda9bff"}}, {0x3e, &(0x7f0000000340)=@string={0x3e, 0x3, "4c3c727eaa93663f27ca9ceaa4c63d118de43bc8ff7e633c9711068288113a0f2a6b994b4c0b8b287811dbfe5d1dbb98b6c9eaaf564b253e8fb1d258"}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x427}}, {0x32, &(0x7f00000003c0)=@string={0x32, 0x3, "3d0b60874eb1e45cfb4766fe8c4053a3fd9f9bba76ffccad42a8dabb352ccff9c880eab97c1400938c927c8786635028"}}]})
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f0000000200)={0x44, &(0x7f0000000080)=ANY=[@ANYRES8=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_SMBUS(r2, 0x720, &(0x7f0000000180)={0x1, 0x28, 0x6, &(0x7f00000001c0)={0x8, "c6c1f7b51030c4b7c54bf28facb1ed3ee2df9c00000000000000b3b94bce47509d"}})

15.824384308s ago: executing program 2 (id=3666):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace', 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0xc000)
r5 = socket(0xa, 0x3, 0x87)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'lo\x00', <r7=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000000)={@remote, 0x18, r7})
ioctl$sock_inet6_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000300)={@local, 0x18, r7})
ioctl$sock_inet6_tcp_SIOCINQ(r5, 0x8936, &(0x7f0000000000))
r8 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r9, 0x84, 0x64, &(0x7f0000000380)=[@in6={0xa, 0x4e24, 0x16f9, @local, 0x5}, @in6={0xa, 0x4e24, 0x9, @remote, 0x7ff}, @in6={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x7a}, @in={0x2, 0x4e23, @local}, @in6={0xa, 0x4e24, 0x100, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x5}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e23, @local}, @in6={0xa, 0x4e23, 0x5, @empty, 0x40}], 0xbc)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x40, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r8}})

15.814787715s ago: executing program 3 (id=3667):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, &(0x7f0000000200)='bridge0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c240dc4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, r1)
setpgid(0x0, r1)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x183203, 0x0)

14.304291095s ago: executing program 2 (id=3670):
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079104800000000006104000000000000950000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
r0 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x14884, 0x10000, 0x4, 0x1d}, &(0x7f0000000340)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0x4000, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r5, 0x0, 0x0, 0x0, 0x12321, 0x1, {0x1}})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

14.270783144s ago: executing program 3 (id=3671):
socket$phonet(0x23, 0x2, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e7", 0x9b}], 0x3}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1, 0x0, 0x0, 0xff8d}, 0x0)

12.964700008s ago: executing program 1 (id=3673):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000f80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
lstat(&(0x7f0000000180)='./file2\x00', &(0x7f0000000300))
dup(0xffffffffffffffff)
fchdir(0xffffffffffffffff)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @none, 0x0, 0x1}, 0xe)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r4, 0x6, 0x1, 0x0, &(0x7f00000000c0))
ioctl$SIOCAX25DELUID(0xffffffffffffffff, 0x89e2, &(0x7f0000000200)={0x3, @bcast})

12.963610338s ago: executing program 3 (id=3674):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0xd, &(0x7f0000000080)=ANY=[@ANYBLOB="180200000000000000000000000000008510000001"], 0x0, 0x8, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x36}, 0x94)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000080)={0x0, 0x1, 0x6})
r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="1f590000", @ANYRES16=r2, @ANYBLOB="010027b57000fddbde2503000000050003000600000005000300040000000500050074000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20009805}, 0x24000004)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)
sendmsg$NFT_BATCH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000740)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x801, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x54}, 0x1, 0x0, 0x0, 0x28008000}, 0x20000800)
r5 = socket$isdn_base(0x22, 0x3, 0x0)
pread64(r5, &(0x7f0000000040)=""/5, 0x5, 0x9)
ioctl$VIDIOC_QUERY_EXT_CTRL(r1, 0xc0e85667, &(0x7f0000000340)={0x0, 0x4, "fa5e78f3805c208d99b5fccaf8e719f684958ce7a2b0319f1bc7821ddca46ac2", 0x7ff, 0x0, 0x2003, 0x7, 0x4, 0x400, 0x8, 0xfffffffe, [0x1ff, 0xd286, 0x428, 0x7]})
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCOUTQ(r6, 0x5411, &(0x7f0000001080))
syz_clone3(&(0x7f0000003a80)={0x20218000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
socket$packet(0x11, 0x3, 0x300)

11.410401898s ago: executing program 1 (id=3675):
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000040), 0x4)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x8, 0x0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x5, 0x6, &(0x7f0000000000)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0x10, 0x2, 0x4)
r6 = dup(r1)
write$UHID_INPUT(r6, &(0x7f0000000000)={0xc, {"a2e3ad2109c752f91b5a470987f70e06d038e7ff7fc6e5539b3245078b089b3208336d060890e0878f0e1ac6e70a9b3368959b6c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b38070d095d0936cd3b78130daa61f8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6cb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
name_to_handle_at(r6, &(0x7f0000002140)='./cgroup.net/cgroup.procs\x00', 0x0, 0x0, 0x600)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="02000000010000000000000004000000000000001000000000000000200000000000000078870470b900000100000000004ff5ca9063b74387d477a09023487413703326f48b84455172b07171f673"], 0x24, 0x0)
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)

11.3339921s ago: executing program 2 (id=3676):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r2 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0x2})
r4 = syz_open_dev$vim2m(&(0x7f0000000200), 0x7, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = dup(r6)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r5, &(0x7f0000000440)={@val={0xa, 0x72122ddbeb100a2b}, @void, @eth={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv6={0x86dd, @tcp={0xe, 0x6, "cf7095", 0x14, 0x6, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev={0xfe, 0x80, '\x00', 0x30}, {[], {{0x4e21, 0x4e21, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x40, 0x2, 0x0, 0x9}}}}}}}}, 0x4e)
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000040)=0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r8, <r10=>0xffffffffffffffff}, &(0x7f0000000840), &(0x7f0000000880)=r9}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000280)={r10, &(0x7f0000000240)}, 0x20)
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000100)=0x1)
r11 = eventfd2(0x7, 0x800)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000080)={r11, 0x4})
write$eventfd(r11, &(0x7f0000000080)=0x4311, 0x8)
bind$llc(r1, 0x0, 0x0)

11.063435503s ago: executing program 3 (id=3677):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000200)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000003c0)={r1, <r2=>0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000100))
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, 0xffffffffffffffff, 0x0)
set_mempolicy(0x3, &(0x7f0000000040)=0x4, 0x1000004)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x1000000)
preadv(0xffffffffffffffff, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x4d, 0x5, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
bind$unix(0xffffffffffffffff, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x1c)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$PPPIOCSACTIVE(r4, 0x40107446, &(0x7f0000000240)={0x2, &(0x7f0000000140)=[{0x48, 0x0, 0x0, 0x6}, {0x6, 0x1, 0xfb, 0x2}]})
write(r4, &(0x7f0000000280)="1a2fdc", 0x3)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000480)={'ip_vti0\x00', &(0x7f0000000440)={'sit0\x00', 0x0, 0x8, 0x1, 0xec9, 0x5, {{0x7, 0x4, 0x1, 0x30, 0x1c, 0x66, 0x0, 0xfd, 0x29, 0x0, @private=0xa010100, @rand_addr=0x64010102, {[@ssrr={0x89, 0x7, 0x7f, [@dev={0xac, 0x14, 0x14, 0x22}]}]}}}}})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000005c0)={&(0x7f00000004c0)=@delchain={0x58, 0x65, 0x100, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xd, 0x6}, {0x4, 0xd}, {0x0, 0xd}}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_u32={{0x8}, {0x14, 0x2, [@TCA_U32_CLASSID={0x8, 0x1, {0xb}}, @TCA_U32_HASH={0x8, 0x2, 0x6}]}}, @TCA_CHAIN={0x8, 0xb, 0x1}, @TCA_CHAIN={0x8, 0xb, 0x6}]}, 0x58}, 0x1, 0x0, 0x0, 0x4004000}, 0x4000091)
ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000040)={0x0, r2, r3, 0x2000001, 0x80000001, 0x7f, 0x0, 0x2, 0x2, 0x1, 0x20000})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r9, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
sendmmsg(r8, &(0x7f0000001c00), 0x400000000000159, 0x40840)
syz_usb_connect(0x2, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000088492d08240430cff494010203010104000001020010030904dc02009389f800"], 0x0)

9.10838942s ago: executing program 5 (id=3678):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r0)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r5 = accept(r3, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0x80}, 0x0)
write$UHID_SET_REPORT_REPLY(r5, &(0x7f0000000500)={0xe, {0x3, 0x3, 0x2, 0xa4, "6b5a65989ce3e3e5d77c97d84e78f280047a55b8bc9885e02fefe7a889fbf57087844577d479e98133750d6df10eadd8b8dff0f15fe77616a2e72cdd7d08f4aa6d6e9fb1b95818c9471bfcb1ead452d87427b0cd012457040e78c9216c56017bd72df5429d7761a04defb3e425b81ed73626b1691a1b0f479cc399f8b8b0be0562eeee2145499841bdf146666bf31b8ae54f365138c4cf629ad84f204bc0f8ecd218276f"}}, 0xb0)
recvfrom(r4, &(0x7f0000000280)=""/90, 0xfffffffffffffe4a, 0x500, 0x0, 0x0)
connect$unix(r5, &(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)={0x1c, r1, 0x1, 0x0, 0x0, {0x1c}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x1c}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})

8.156477321s ago: executing program 5 (id=3680):
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000f80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
creat(&(0x7f00000002c0)='./file0\x00', 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x200000b9, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r3], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @none, 0x0, 0x1}, 0xe)

7.117450124s ago: executing program 5 (id=3681):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, &(0x7f0000000200)='bridge0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c240dc4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, r1)
setpgid(0x0, r1)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x183203, 0x0)

7.030936139s ago: executing program 4 (id=3682):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f0000000040)=0x2, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, 0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000003e40), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$SEG6_CMD_SETHMAC(r5, &(0x7f0000004440)={0x0, 0x0, &(0x7f0000004400)={&(0x7f0000000340)=ANY=[@ANYBLOB="34000000841675f38fb6dd53e9d187bb187e3cef3acbcb0632d8b29575fc63ab13bb000f9fa1e3c37c83b8280184e2ff40587a0832c1055c79f00c974e35f3751531cefef91c5af4f5346510e4d6f29d2e4d5dc9e80ca15d684c7a9e9b860c615b59cd19c1dd91ead23c625a5e08000cb19ee70d40bb48471bced0fea8c135c89482aaf05e2c", @ANYRES16=r4, @ANYBLOB="0d022bbd7000fedbdf2501000000050005000400000008000400ffff00000800030006000000050006000d000000"], 0x34}}, 0x4000)
r6 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, 0x0, 0x108)
r7 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCDELRT(r7, 0x890c, &(0x7f0000000240)={0x1, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={'nr', 0x0}, 0x5, 'syz1\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x1, 0x8, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x40000, &(0x7f0000000240)={0x11, 0xf7, 0x0, 0x1, 0x20, 0x6, @remote}, 0x14)
r8 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000240)={'hsr0\x00', <r9=>0x0})
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newneigh={0x24, 0x1c, 0x1, 0x70bd26, 0x25dfdbff, {0x2, 0x0, 0x0, r9, 0x4, 0x80, 0x7}, [@NDA_DST_IPV4={0x8, 0x1, @local}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008004}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001240)=[{{&(0x7f00000000c0)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000100)="bdc7e11ad8d313ec9f8679e29ffc69b79a1d175b7deb0b5d1cc3439cd56cd80f5c18", 0x22}, {&(0x7f00000001c0)="f66dcd6183404156c2b9", 0xa}, {&(0x7f00000002c0)="abdbce5ee82de6141aa7c22923ae7d8e36bc95043ae2df23d167bb3eff0de993b41084e5f2503aa3e2006e3a3aa58ef35ddf60", 0x33}], 0x3, &(0x7f0000000440)=[@ip_retopts={{0x48, 0x0, 0x7, {[@timestamp={0x44, 0x10, 0x69, 0x0, 0x9, [0xffffffff, 0x5, 0x7]}, @ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x23, 0xffffffffffffffff, [{0x2, 0xd, "ed077d632ebc352f7e223f"}, {0x1, 0x10, "b8ca2a69b9fe63fbc07da2b77382"}]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xe}}], 0x60}}, {{&(0x7f00000004c0)={0x2, 0x4e20, @private=0xa010100}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000500)="bcc4ce7ee49f58f4f9bd814e6931b019a963afa109394e652ee7f5a31a09351027a0f71582544d5c040c3a81ea022ab225d51b64b8bb956b4c95c31bc831a70cce411f587568f359d3c3636dd053b0abc443517ffd14a1b4bd01918f1febf782b4b526f83bdbe2042e1bdd83662bc9d5ede809e4a18dfca7ec0ebd0e", 0x7c}, {&(0x7f0000000580)="d994d2b3a6c3828fbb930b1c665d5d74234d6798c12be2c40ec19a755c1cda3de9ab53e4d118de7501b34471bd3838a839e7ac3b07e090aeb15204a42afec7de5ba1f60ac01920973994420f9ac602d86550a75abca3ad4259ef38b5ea5806267f1be25306f4b15f49b4269d7278aaf4b5787c80f814b313b36f0c", 0x7b}, {&(0x7f0000000600)="f168451d1980476c5b3811b9cdf93b93f3c8e101e2ac612b4855ad857cfbd18fe5915d0c03c7e2fb7866e93f3f67e37fe465d9bb2685a8a728", 0x39}], 0x3, &(0x7f0000000800)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x8000}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x40}}, @ip_retopts={{0x48, 0x0, 0x7, {[@timestamp={0x44, 0x24, 0xde, 0x0, 0x4, [0x8, 0x3, 0x5, 0xff, 0x8001, 0x0, 0x8, 0x4]}, @timestamp_prespec={0x44, 0xc, 0xbd, 0x3, 0x9, [{@multicast2}]}, @ra={0x94, 0x4, 0x1}, @end]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x64010100, @local}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @private=0xa010100}}}], 0xe8}}, {{&(0x7f0000000900)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000001040)=[{&(0x7f0000000a00)="f6c351a812a58c9ad05cb1e92c1e2ee6e2640db2c059b54af77a241541e68743f39401b86b0b5504746c78b5fd660f139a6e7630dafa822e9f4d73b7c8b954d7a34b8a6663c60ed04a0e33d0551d8aba43521ba25b75371cef3dc7c18cf84172a499563504059869ed9cf067a2e48e424113412da65db9107e622a2e76edf59495d8e649289bfc2e1e0962a216f232c3a6204d8b54584e147547d1e850e2b7be55889c75a09096eaa1256c649e8020e33e548a43f064e7f97c320ac92de2c0ef65b81219ee25976ad2fd51d1d055b21d54f80f52df8dc5106150e5d58a4ea8c3a7827c63597c43d6f68b214f9e0bad", 0xef}, {&(0x7f0000000b00)="0a6e6f79fcc5ce08e7d26bb70118c690587321597f25f023188ef09cd18cc9598cbbc00a02bb26c623ef07f08356a84f4e747b09bace749d00123f1a067a363136ce4ffd75cc03f444fd6b2f0e6ae3bf294e5978b884f9fcc9572b9504f9c4d07984905cd462c81ea6b0874df7870d3baab5de51b45502797af2943599231b5b14d23d3be2305121f4d3414dd4054a1f752d9b2360342ea610cc8e495cb899b335", 0xa1}, {&(0x7f0000000bc0)="e3a6741893f892472a4b8594bf20dd7eb7bf959c70ede52d82689fe8b449d86a9df9aae7365d11d591b4d466d0b088a30db2f661db2ba3b123584db3defec4243c94f9f87d371ce92c7a41edaf91930a4928249317576753feee39110fcb388e940773c3fb7b422fde9ea704bd548479e897e6feea8c797891b3516c63b1b9970d06bd4042885adc83", 0x89}, {&(0x7f0000000940)="d5126c6f9698137d7fb3ffd3eb7201a226889c3c2deb0c111fe5680dee85dd12514c0917680bee55f26188ca4a3a0eca86f3915cbbf375dc1a60757985fabd15798b2a1cf6a4be7908d2", 0x4a}, {&(0x7f0000000c80)="1aed6a0e939caccf278fbcd91c788db71c137fdd9240579dcad6f13a50616e73c14f4f281d51ff82a25ed986e220ff042319980d755a2db4a7e8e8151c016e9ea1361b96149aa6fd5d5efce6279f2701f61db84f70d38a969b4ed842a017d2c71594770d42b38c14218f51199845b83033fd0699c0535a9e5b9a932a4fadd39a8e7804e9e21fbe70f57c673a1f125376d586af5cce78352ce02799fc62131cf33147adb86c7365c9f0c7186e3a68f66b648651d75001e0030e1212de0cfad8a5949fb5a0317ff7e9f9520a02a89793f57d068005e01223762d61bdf016187d26e881c1c605dc3613d6275e", 0xeb}, {&(0x7f0000000d80)}, {&(0x7f0000000dc0)="3ea74c1182ab178d6b0bfc46064e544ad039952cd71d6ae1690fc3510cdc29398f6873c962104ad039cfd7e096afbeeeeb637c535e434ce2c7412048ba442e9c0fa9c7e1a24bfc4bf9896f8adce5cf7da8a9f5e1d7234c5a587036", 0x5b}, {&(0x7f0000000e40)="317f4abb8215c85af432a124ac8a6f902616a562f23d432f9a6d77e13225ee1d9b7551de6c667a63907d66c77231542dda549b33675aaf5582a1a2b55be0e36194bd87b13b2a1f5f1af9c8231d623e396e8d16e783c3e2d051c51f6ac6a51c6bc99292b5aa4a634a7613e5fbd880452ffc0b873bc5552633c0e95aa48b0051ba5d0096d0a404493e0e99e786e771a9a3edcfb4bf81e43d063aaf9dc235fe63a1d6aa3d357e2e19f73e5a1740ec5916c5e880f38b9b295d3da82cc4eb9aea9568e3afc40d7f4fc12ba5a1b46e2269b5a2dcc56574c1103af47ae55e4d993f43500c6b82c90fb490a10582d5182716ac6e03f484", 0xf3}, {&(0x7f0000000f40)="09d2c6ec86969d552d262669e68f2996b365a809f739c4af342a0faa0d02d89695a6ed35893eef827ba9e087851923418c6c4dec6df98390fe7400bc74550285ff88d8ebab1b6f5a", 0x48}, {&(0x7f0000000fc0)="dcc239d59e76456a1d479f12baddc98834e488a759e36ecfed845ebe6c3b80d98660defd173aef120452338b56f736040e4ac3e8a851fd0bc96d835773146f7eaade21c93d591016dfa8", 0x4a}], 0xa, &(0x7f0000001180)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @remote}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @dev={0xac, 0x14, 0x14, 0x17}, @multicast1}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x80}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8000}}], 0x70}}], 0x3, 0xc0)

6.736066263s ago: executing program 3 (id=3683):
socket$alg(0x26, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/address_bits', 0x395180, 0x149)
linkat(r2, &(0x7f0000000480)='./file0\x00', r2, 0x0, 0x1000)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = syz_open_dev$sndctrl(&(0x7f0000000200), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r3, 0xc1205531, &(0x7f0000000540)={0x1, 0x1, 0x0, 0x5, '\x00', '\x00', '\x00', 0x0, 0x0, 0x9, 0x0, "b6855a32474ffa64f778ddcf29c94337"})
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000006c0)=ANY=[], 0x33fe0}}, 0x40010)
write$vga_arbiter(0xffffffffffffffff, 0x0, 0xffffffffffffffa8)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="10000000000000000b000000000000100100000c0000002900000000000000a72a552f0864"], 0x28}, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r4, 0x7b2, 0x0)
ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r4, 0x7b0, &(0x7f00000000c0)={@hyper, 0x1})
add_key$user(&(0x7f0000000200), 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
socket$inet_tcp(0x2, 0x1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x4, 0x4, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x1, 0x17, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1ffffc}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0x6, 0x9, 0x0, 0x6, 0xe7030000}, {0x4, 0x0, 0x0, 0x6}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x4, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x14}}], {{0x5, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x2}, {0x85, 0x0, 0x17, 0xcb}}}, &(0x7f00000000c0)='syzkaller\x00', 0xe, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)

6.153604916s ago: executing program 5 (id=3684):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x2, 0x96, 0xd1, 0xca, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0xd, 0x0, 0x6}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0) (async)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000000c0)={0x84, &(0x7f0000000200)={0x0, 0x3, 0x5, "0da5c46c57"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

5.969746416s ago: executing program 4 (id=3685):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000f80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
lstat(&(0x7f0000000180)='./file2\x00', &(0x7f0000000300))
dup(0xffffffffffffffff)
fchdir(0xffffffffffffffff)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @none, 0x0, 0x1}, 0xe)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r4, 0x6, 0x1, 0x0, &(0x7f00000000c0))
ioctl$SIOCAX25DELUID(0xffffffffffffffff, 0x89e2, &(0x7f0000000200)={0x3, @bcast})

5.96866748s ago: executing program 1 (id=3686):
socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x4, 0x36, &(0x7f00000000c0)=ANY=[], 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000f40)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, <r2=>0xffffffffffffffff]}}], 0x78}, 0x10040)
sendmsg$NFC_CMD_DEV_UP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c00", @ANYRES16=r2, @ANYBLOB="010028bd700007000000020000"], 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000040000000000000000040000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000018c0000000c0a01030000000000000000070000080900020073797a31000000000900010073797a3000000000600003805c000080080003400000000250000b802c0001800a0001006c696d69740000001c0002800c00014000000000000000030c0002400000000000000010200001800e000100636f6e6e6c696d69740000000c000280080001"], 0x110}}, 0x0)

5.043657763s ago: executing program 4 (id=3687):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002dc0)={0x11, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000010000001c000180060001000200000008000300ac1414aa0800060006000000bdf3b3ca772f61cfe803e38313387c0cf025dafdbed2bcefd4aceda9c214b29a13a2cc084f7d4fe363638a89f312e5a5d8b2becef44393965c4036c3d6b6e58fe9921b168c9ed9ff120cb4d87fc58cb371e723f610e4c057f689a22b41e20525c92facc679415c2b6761a086a385d698ea205da43afce0119202b8d67ee919defa110dbbc628f42931c61865a6ba78"], 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x6f6)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000001fff07000000140001800500020001000000080006001a"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x14000818)

4.76036545s ago: executing program 4 (id=3688):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0xc)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x20881)
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r4, 0x80585414, &(0x7f0000000300))
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240))
setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f0000000180), 0x4)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100), 0x10)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000001c0)={'sit0\x00', &(0x7f0000000100)={'tunl0\x00', 0x0, 0x700, 0x700, 0x4, 0x4, {{0x7, 0x4, 0x1, 0x2, 0x1c, 0x65, 0x0, 0x9, 0x2f, 0x0, @remote, @multicast2, {[@generic={0x94, 0x8, "e060c5a40161"}]}}}}})
r5 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r5, 0x4020565b, &(0x7f0000000000)={0x4, 0x2, 0x7})

3.893795824s ago: executing program 4 (id=3689):
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r0 = getpgrp(0xffffffffffffffff)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
fchdir(r5)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r7, &(0x7f0000004200)='t', 0x1)
sendfile(r7, r6, 0x0, 0x40001)

3.729816283s ago: executing program 2 (id=3690):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x23, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00')
open_by_handle_at(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="20000000f100000002"], 0x440080)
socket$nl_route(0x10, 0x3, 0x0)
write(0xffffffffffffffff, &(0x7f00000002c0)="fc0000001c000704ab5b2509b86803000aab087a0400000001481193210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0))
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
write$binfmt_script(r6, &(0x7f0000000b80)={'#! ', './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0xff1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000400))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000440))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000480))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000004c0))
sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000640)={&(0x7f0000000180)=ANY=[], 0x110}, 0x1, 0x0, 0x0, 0x840}, 0xc880)
sendmsg$NFT_MSG_GETTABLE(0xffffffffffffffff, 0x0, 0x4000)

3.704047838s ago: executing program 3 (id=3691):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x8, "c94ffb00"}]}}, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000300)='./file2\x00', 0x0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r5, 0x0)
setpgid(0x0, r5)
openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockopt$WPAN_WANTACK(r6, 0x0, 0x0, 0x0, &(0x7f0000001e40))
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, 0x0)
unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder1\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file3\x00', 0xffffffffffffff9c, &(0x7f00000007c0)='./file7\x00', 0x0)

2.501659091s ago: executing program 1 (id=3692):
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)=0xe)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r2, 0x800448f0, &(0x7f00000000c0)={0x0, 0x2, '\x00', 0x9, 0xf8})
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
open$dir(0x0, 0xb40, 0x10a)
syz_pidfd_open(0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0xaa142, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1f, 0x11, &(0x7f00000004c0)=@framed={{}, [@snprintf={{}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x6a}}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r4}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_tracing={0x1a, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="0000000000000000186a00000000000000000000030000009dfcb8097b24008becaff14940675532c548"], &(0x7f0000000080)='GPL\x00', 0x200, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, 0x17, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x4, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x2a9bf, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000140)}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)

2.344184042s ago: executing program 2 (id=3693):
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000340)=0xe)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r2, 0x800448f0, &(0x7f00000000c0)={0x0, 0x2, '\x00', 0x9, 0xf8})
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
open$dir(0x0, 0xb40, 0x10a)
syz_pidfd_open(0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0xaa142, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1f, 0x11, &(0x7f00000004c0)=@framed={{}, [@snprintf={{}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x6a}}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r4}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)

2.130605276s ago: executing program 4 (id=3694):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000001c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
sendmsg$inet(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000000340)="5c00000013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000330000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x4040844)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
syz_open_dev$vim2m(&(0x7f0000000040), 0xa, 0x2)
r6 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
ftruncate(r6, 0x80079a0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r6, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
modify_ldt$write(0x1, &(0x7f0000000000)={0xfff, 0x100000, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x10)
lseek(r6, 0x0, 0x4)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x6)
mlock2(&(0x7f0000440000/0x2000)=nil, 0x2000, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})

2.015911261s ago: executing program 5 (id=3695):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f0000000040)=0x2, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4e, 0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000003e40), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$SEG6_CMD_SETHMAC(r5, &(0x7f0000004440)={0x0, 0x0, &(0x7f0000004400)={&(0x7f0000000340)=ANY=[@ANYBLOB="34000000841675f38fb6dd53e9d187bb187e3cef3acbcb0632d8b29575fc63ab13bb000f9fa1e3c37c83b8280184e2ff40587a0832c1055c79f00c974e35f3751531cefef91c5af4f5346510e4d6f29d2e4d5dc9e80ca15d684c7a9e9b860c615b59cd19c1dd91ead23c625a5e08000cb19ee70d40bb48471bced0fea8c135c89482aaf05e2c", @ANYRES16=r4, @ANYBLOB="0d022bbd7000fedbdf2501000000050005000400000008000400ffff00000800030006000000050006000d000000"], 0x34}}, 0x4000)
r6 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, 0x0, 0x108)
r7 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCDELRT(r7, 0x890c, &(0x7f0000000240)={0x1, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={'nr', 0x0}, 0x5, 'syz1\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x1, 0x8, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x40000, &(0x7f0000000240)={0x11, 0xf7, 0x0, 0x1, 0x20, 0x6, @remote}, 0x14)
r8 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000240)={'hsr0\x00', <r9=>0x0})
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newneigh={0x24, 0x1c, 0x1, 0x70bd26, 0x25dfdbff, {0x2, 0x0, 0x0, r9, 0x4, 0x80, 0x7}, [@NDA_DST_IPV4={0x8, 0x1, @local}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008004}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001240)=[{{&(0x7f00000000c0)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000100)="bdc7e11ad8d313ec9f8679e29ffc69b79a1d175b7deb0b5d1cc3439cd56cd80f5c18", 0x22}, {&(0x7f00000001c0)="f66dcd6183404156c2b9", 0xa}, {&(0x7f00000002c0)="abdbce5ee82de6141aa7c22923ae7d8e36bc95043ae2df23d167bb3eff0de993b41084e5f2503aa3e2006e3a3aa58ef35ddf60", 0x33}], 0x3, &(0x7f0000000440)=[@ip_retopts={{0x48, 0x0, 0x7, {[@timestamp={0x44, 0x10, 0x69, 0x0, 0x9, [0xffffffff, 0x5, 0x7]}, @ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x23, 0xffffffffffffffff, [{0x2, 0xd, "ed077d632ebc352f7e223f"}, {0x1, 0x10, "b8ca2a69b9fe63fbc07da2b77382"}]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xe}}], 0x60}}, {{&(0x7f00000004c0)={0x2, 0x4e20, @private=0xa010100}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000500)="bcc4ce7ee49f58f4f9bd814e6931b019a963afa109394e652ee7f5a31a09351027a0f71582544d5c040c3a81ea022ab225d51b64b8bb956b4c95c31bc831a70cce411f587568f359d3c3636dd053b0abc443517ffd14a1b4bd01918f1febf782b4b526f83bdbe2042e1bdd83662bc9d5ede809e4a18dfca7ec0ebd0e", 0x7c}, {&(0x7f0000000580)="d994d2b3a6c3828fbb930b1c665d5d74234d6798c12be2c40ec19a755c1cda3de9ab53e4d118de7501b34471bd3838a839e7ac3b07e090aeb15204a42afec7de5ba1f60ac01920973994420f9ac602d86550a75abca3ad4259ef38b5ea5806267f1be25306f4b15f49b4269d7278aaf4b5787c80f814b313b36f0c", 0x7b}, {&(0x7f0000000600)="f168451d1980476c5b3811b9cdf93b93f3c8e101e2ac612b4855ad857cfbd18fe5915d0c03c7e2fb7866e93f3f67e37fe465d9bb2685a8a728", 0x39}], 0x3, &(0x7f0000000800)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x8000}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x40}}, @ip_retopts={{0x48, 0x0, 0x7, {[@timestamp={0x44, 0x24, 0xde, 0x0, 0x4, [0x8, 0x3, 0x5, 0xff, 0x8001, 0x0, 0x8, 0x4]}, @timestamp_prespec={0x44, 0xc, 0xbd, 0x3, 0x9, [{@multicast2}]}, @ra={0x94, 0x4, 0x1}, @end]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x64010100, @local}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @private=0xa010100}}}], 0xe8}}, {{&(0x7f0000000900)={0x2, 0x4e24, @multicast2}, 0x10, &(0x7f0000001040)=[{&(0x7f0000000a00)="f6c351a812a58c9ad05cb1e92c1e2ee6e2640db2c059b54af77a241541e68743f39401b86b0b5504746c78b5fd660f139a6e7630dafa822e9f4d73b7c8b954d7a34b8a6663c60ed04a0e33d0551d8aba43521ba25b75371cef3dc7c18cf84172a499563504059869ed9cf067a2e48e424113412da65db9107e622a2e76edf59495d8e649289bfc2e1e0962a216f232c3a6204d8b54584e147547d1e850e2b7be55889c75a09096eaa1256c649e8020e33e548a43f064e7f97c320ac92de2c0ef65b81219ee25976ad2fd51d1d055b21d54f80f52df8dc5106150e5d58a4ea8c3a7827c63597c43d6f68b214f9e0bad", 0xef}, {&(0x7f0000000b00)="0a6e6f79fcc5ce08e7d26bb70118c690587321597f25f023188ef09cd18cc9598cbbc00a02bb26c623ef07f08356a84f4e747b09bace749d00123f1a067a363136ce4ffd75cc03f444fd6b2f0e6ae3bf294e5978b884f9fcc9572b9504f9c4d07984905cd462c81ea6b0874df7870d3baab5de51b45502797af2943599231b5b14d23d3be2305121f4d3414dd4054a1f752d9b2360342ea610cc8e495cb899b335", 0xa1}, {&(0x7f0000000bc0)="e3a6741893f892472a4b8594bf20dd7eb7bf959c70ede52d82689fe8b449d86a9df9aae7365d11d591b4d466d0b088a30db2f661db2ba3b123584db3defec4243c94f9f87d371ce92c7a41edaf91930a4928249317576753feee39110fcb388e940773c3fb7b422fde9ea704bd548479e897e6feea8c797891b3516c63b1b9970d06bd4042885adc83", 0x89}, {&(0x7f0000000940)="d5126c6f9698137d7fb3ffd3eb7201a226889c3c2deb0c111fe5680dee85dd12514c0917680bee55f26188ca4a3a0eca86f3915cbbf375dc1a60757985fabd15798b2a1cf6a4be7908d2", 0x4a}, {&(0x7f0000000c80)="1aed6a0e939caccf278fbcd91c788db71c137fdd9240579dcad6f13a50616e73c14f4f281d51ff82a25ed986e220ff042319980d755a2db4a7e8e8151c016e9ea1361b96149aa6fd5d5efce6279f2701f61db84f70d38a969b4ed842a017d2c71594770d42b38c14218f51199845b83033fd0699c0535a9e5b9a932a4fadd39a8e7804e9e21fbe70f57c673a1f125376d586af5cce78352ce02799fc62131cf33147adb86c7365c9f0c7186e3a68f66b648651d75001e0030e1212de0cfad8a5949fb5a0317ff7e9f9520a02a89793f57d068005e01223762d61bdf016187d26e881c1c605dc3613d6275e", 0xeb}, {&(0x7f0000000d80)}, {&(0x7f0000000dc0)="3ea74c1182ab178d6b0bfc46064e544ad039952cd71d6ae1690fc3510cdc29398f6873c962104ad039cfd7e096afbeeeeb637c535e434ce2c7412048ba442e9c0fa9c7e1a24bfc4bf9896f8adce5cf7da8a9f5e1d7234c5a587036", 0x5b}, {&(0x7f0000000e40)="317f4abb8215c85af432a124ac8a6f902616a562f23d432f9a6d77e13225ee1d9b7551de6c667a63907d66c77231542dda549b33675aaf5582a1a2b55be0e36194bd87b13b2a1f5f1af9c8231d623e396e8d16e783c3e2d051c51f6ac6a51c6bc99292b5aa4a634a7613e5fbd880452ffc0b873bc5552633c0e95aa48b0051ba5d0096d0a404493e0e99e786e771a9a3edcfb4bf81e43d063aaf9dc235fe63a1d6aa3d357e2e19f73e5a1740ec5916c5e880f38b9b295d3da82cc4eb9aea9568e3afc40d7f4fc12ba5a1b46e2269b5a2dcc56574c1103af47ae55e4d993f43500c6b82c90fb490a10582d5182716ac6e03f484", 0xf3}, {&(0x7f0000000f40)="09d2c6ec86969d552d262669e68f2996b365a809f739c4af342a0faa0d02d89695a6ed35893eef827ba9e087851923418c6c4dec6df98390fe7400bc74550285ff88d8ebab1b6f5a", 0x48}, {&(0x7f0000000fc0)="dcc239d59e76456a1d479f12baddc98834e488a759e36ecfed845ebe6c3b80d98660defd173aef120452338b56f736040e4ac3e8a851fd0bc96d835773146f7eaade21c93d591016dfa8", 0x4a}], 0xa, &(0x7f0000001180)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @remote}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @dev={0xac, 0x14, 0x14, 0x17}, @multicast1}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x80}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8000}}], 0x70}}], 0x3, 0xc0)

979.546871ms ago: executing program 5 (id=3696):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
io_setup(0x13, &(0x7f00000003c0))
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(0xffffffffffffffff, 0xc058534f, 0x0)
syz_io_uring_setup(0x8049a, &(0x7f0000000380)={0x0, 0x8b8e, 0x800, 0x0, 0x7}, &(0x7f0000000340), &(0x7f0000000040))
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = syz_open_procfs(0x0, 0x0)
getgid()
sendmsg$NL80211_CMD_TDLS_MGMT(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)={0xd1e6f144900d88d0, 0x0, 0x10, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x1, 0x3}}}}}, 0x28}}, 0x0)
sendmsg$NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)={0x5c, 0x0, 0x1, 0x70bd28, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x1ff}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x3}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x9}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x5}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x2}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x4}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0xffff}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x3}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x32}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8004040}, 0x40000)
stat(0x0, &(0x7f0000008c40))
pread64(r6, 0x0, 0x0, 0xadc)
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="0f8666f2a665f0ff0f0fc73666ba21003e0f01c5c4c1ed665a0aa00f06ea009000002c00c4c1b81516", 0x29}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

544.895897ms ago: executing program 1 (id=3697):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000f80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
lstat(&(0x7f0000000180)='./file2\x00', &(0x7f0000000300))
dup(0xffffffffffffffff)
fchdir(0xffffffffffffffff)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @none, 0x0, 0x1}, 0xe)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r4, 0x6, 0x1, 0x0, &(0x7f00000000c0))
ioctl$SIOCAX25DELUID(0xffffffffffffffff, 0x89e2, &(0x7f0000000200)={0x3, @bcast})

0s ago: executing program 2 (id=3698):
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$kvm(0xffffff9c, 0x0, 0x0, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x8, 0xb)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x5, &(0x7f0000000000)=0x2, 0x8, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)={{0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x87}, 0x0, 0x0, 0x4, 0xfffffffffffffffc, 0x0, 0x209, 0xffffffffffffffff, 0x69d0})
recvmmsg(r0, &(0x7f00000000c0), 0x0, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001f80)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x2, 0x18000000, 0x7fffffff, 0xb47, 0x9, 0x8, 0x80000001, 0x1}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='fd/3\x00')
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r2 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000000000/0x4000)=nil)
shmctl$IPC_RMID(r2, 0x0)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r4 = msgget$private(0x0, 0x3ac)
msgsnd(r4, 0x0, 0x1fa, 0x800)
msgrcv(r4, 0x0, 0x0, 0x0, 0x5800)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r5, 0x107, 0xd, 0x0, 0x0)
sendmmsg$sock(r5, 0x0, 0x0, 0x40001)
socket$nl_generic(0x10, 0x3, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x1000, 0xf)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

kernel console output (not intermixed with test programs):

[ 1143.244499][   T24] usb 1-1: new high-speed USB device number 93 using dummy_hcd
[ 1143.262656][T17975] batadv0: mtu less than device minimum
[ 1143.269722][T17975] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1143.281078][T17975] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1143.291956][T17975] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1143.302774][T17975] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1143.313586][T17975] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1143.324439][T17975] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1143.335286][T17975] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1143.346094][T17975] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1143.356903][T17975] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1143.384496][   T24] usb 1-1: device descriptor read/64, error -71
[ 1143.439009][T17937] chnl_net:caif_netlink_parms(): no params data found
[ 1143.714687][   T24] usb 1-1: new high-speed USB device number 94 using dummy_hcd
[ 1143.864948][ T5903] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[ 1143.920370][ T4428] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1143.935994][T11060] Bluetooth: hci2: command tx timeout
[ 1143.970577][T17937] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1143.978153][T17937] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1143.984452][   T24] usb 1-1: device descriptor read/64, error -71
[ 1143.985596][T17937] bridge_slave_0: entered allmulticast mode
[ 1144.009544][T17937] bridge_slave_0: entered promiscuous mode
[ 1144.044315][ T5903] usb 5-1: Using ep0 maxpacket: 8
[ 1144.065797][ T5903] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 120, changing to 10
[ 1144.077400][ T5903] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[ 1144.078655][ T4428] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1144.088632][ T5903] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1144.149167][   T24] usb usb1-port1: attempt power cycle
[ 1144.155203][ T5903] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1144.164559][    T9] usb 2-1: new high-speed USB device number 102 using dummy_hcd
[ 1144.217216][T17937] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1144.232225][T17937] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1144.246480][ T5903] usb 5-1: config 0 descriptor??
[ 1144.254920][T17937] bridge_slave_1: entered allmulticast mode
[ 1144.293196][T17937] bridge_slave_1: entered promiscuous mode
[ 1144.327366][ T4428] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1144.345469][    T9] usb 2-1: Using ep0 maxpacket: 16
[ 1144.352701][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1144.365434][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[ 1144.379448][    T9] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1144.389095][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1144.402103][    T9] usb 2-1: config 0 descriptor??
[ 1144.411601][    T9] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1144.417871][T17937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1144.468296][ T5903] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1144.490003][ T4428] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1144.514546][   T24] usb 1-1: new high-speed USB device number 95 using dummy_hcd
[ 1144.534745][ T5900] usb 3-1: new high-speed USB device number 97 using dummy_hcd
[ 1144.535645][T17937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1144.553213][   T24] usb 1-1: device descriptor read/8, error -71
[ 1144.588403][T17937] team0: Port device team_slave_0 added
[ 1144.596518][T17937] team0: Port device team_slave_1 added
[ 1144.617079][T17983] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2933'.
[ 1144.645984][    T9] usb 2-1: USB disconnect, device number 102
[ 1144.658445][T17937] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1144.674510][T17937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1144.700951][T17937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1144.708936][ T5926] usb 5-1: USB disconnect, device number 103
[ 1144.715899][T17937] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1144.728063][T17937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1144.728190][ T5900] usb 3-1: device descriptor read/64, error -71
[ 1144.766560][T17937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1144.844593][   T24] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[ 1145.039403][   T24] usb 1-1: device descriptor read/8, error -71
[ 1145.048078][ T4428] bond1 (unregistering): (slave ip6gretap1): Removing an active aggregator
[ 1145.064553][ T5900] usb 3-1: new high-speed USB device number 98 using dummy_hcd
[ 1145.067958][ T4428] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[ 1145.181403][   T24] usb usb1-port1: unable to enumerate USB device
[ 1145.207686][ T5900] usb 3-1: device descriptor read/64, error -71
[ 1145.427403][ T5900] usb usb3-port1: attempt power cycle
[ 1146.014613][T11060] Bluetooth: hci2: command tx timeout
[ 1146.077299][ T4428] bond0 (unregistering): Released all slaves
[ 1146.174540][ T5900] usb 3-1: new high-speed USB device number 99 using dummy_hcd
[ 1146.195625][ T5900] usb 3-1: device descriptor read/8, error -71
[ 1146.305769][ T4428] bond1 (unregistering): Released all slaves
[ 1146.474615][ T5930] usb 5-1: new high-speed USB device number 104 using dummy_hcd
[ 1146.513782][T17937] hsr_slave_0: entered promiscuous mode
[ 1146.795209][ T4428] IPVS: stopping backup sync thread 16090 ...
[ 1146.808124][T17937] hsr_slave_1: entered promiscuous mode
[ 1146.906730][ T5900] usb 3-1: new high-speed USB device number 100 using dummy_hcd
[ 1146.916833][ T5930] usb 5-1: config 0 has no interfaces?
[ 1146.931027][ T5930] usb 5-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[ 1146.963687][ T5900] usb 3-1: device descriptor read/8, error -71
[ 1146.966175][ T5930] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1146.987425][ T5930] usb 5-1: config 0 descriptor??
[ 1147.248614][ T5900] usb usb3-port1: unable to enumerate USB device
[ 1147.304509][T17993] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1147.317355][T17993] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1147.331043][T17993] binder: 17992:17993 unknown command 0
[ 1147.339458][T17993] binder: 17992:17993 ioctl c0306201 200000000080 returned -22
[ 1147.842035][ T5926] usb 5-1: USB disconnect, device number 104
[ 1147.957154][ T4428] hsr_slave_0: left promiscuous mode
[ 1147.972692][ T4428] hsr_slave_1: left promiscuous mode
[ 1147.978903][ T4428] batman_adv: batadv0: Interface deactivated: dummy0
[ 1147.995439][ T4428] batman_adv: batadv0: Removing interface: dummy0
[ 1148.037948][ T4428] veth1_macvtap: left promiscuous mode
[ 1148.043620][ T4428] veth0_macvtap: left promiscuous mode
[ 1148.062540][ T4428] veth1_vlan: left promiscuous mode
[ 1148.103930][T11060] Bluetooth: hci2: command tx timeout
[ 1148.109927][ T4428] veth0_vlan: left promiscuous mode
[ 1148.154720][ T5900] usb 1-1: new high-speed USB device number 97 using dummy_hcd
[ 1148.324607][ T5900] usb 1-1: Using ep0 maxpacket: 8
[ 1148.338143][ T5900] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 120, changing to 10
[ 1148.376743][ T5900] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[ 1148.396773][ T5900] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1148.451886][ T5900] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1148.463397][ T5900] usb 1-1: config 0 descriptor??
[ 1148.536526][ T4428] pimreg (unregistering): left allmulticast mode
[ 1148.613499][ T4428] pim6reg9 (unregistering): left allmulticast mode
[ 1148.686969][ T5900] iowarrior 1-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1148.898984][ T5900] usb 1-1: USB disconnect, device number 97
[ 1149.064603][ T5930] usb 5-1: new high-speed USB device number 105 using dummy_hcd
[ 1149.214558][ T5930] usb 5-1: device descriptor read/64, error -71
[ 1149.264610][ T5903] usb 3-1: new high-speed USB device number 101 using dummy_hcd
[ 1149.434604][ T5903] usb 3-1: Using ep0 maxpacket: 16
[ 1149.455228][ T5930] usb 5-1: new high-speed USB device number 106 using dummy_hcd
[ 1149.481897][ T5903] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1149.502327][ T5903] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[ 1149.537665][ T5903] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1149.555264][ T5903] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1149.565695][ T5903] usb 3-1: config 0 descriptor??
[ 1149.575222][ T5903] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1149.614630][ T5930] usb 5-1: device descriptor read/64, error -71
[ 1149.649395][T18035] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1149.735203][ T5930] usb usb5-port1: attempt power cycle
[ 1149.798694][T18030] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2945'.
[ 1149.820669][ T5903] usb 3-1: USB disconnect, device number 101
[ 1150.022192][T17937] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1150.042803][T17937] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1150.062499][T17937] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1150.074518][ T5930] usb 5-1: new high-speed USB device number 107 using dummy_hcd
[ 1150.085089][T17937] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1150.096256][ T5930] usb 5-1: device descriptor read/8, error -71
[ 1150.112105][T18040] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2947'.
[ 1150.160240][ T4428] IPVS: stop unused estimator thread 0...
[ 1150.187998][T18049] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2947'.
[ 1150.279234][T17937] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1150.342762][T17937] 8021q: adding VLAN 0 to HW filter on device team0
[ 1150.351289][ T5930] usb 5-1: new high-speed USB device number 108 using dummy_hcd
[ 1150.397229][ T5930] usb 5-1: device descriptor read/8, error -71
[ 1150.432193][T12455] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1150.439427][T12455] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1150.563508][ T5930] usb usb5-port1: unable to enumerate USB device
[ 1151.082654][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1151.089816][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1152.555542][ T5821] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[ 1152.565444][ T5821] CPU: 0 UID: 0 PID: 5821 Comm: kworker/u9:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1152.565478][ T5821] Tainted: [L]=SOFTLOCKUP
[ 1152.565486][ T5821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1152.565500][ T5821] Workqueue: hci0 hci_rx_work
[ 1152.565527][ T5821] Call Trace:
[ 1152.565534][ T5821]  <TASK>
[ 1152.565543][ T5821]  dump_stack_lvl+0x16c/0x1f0
[ 1152.565571][ T5821]  sysfs_warn_dup+0x7f/0xa0
[ 1152.565595][ T5821]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1152.565619][ T5821]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1152.565645][ T5821]  ? preempt_schedule_thunk+0x16/0x30
[ 1152.565679][ T5821]  kobject_add_internal+0x2c4/0x9d0
[ 1152.565714][ T5821]  kobject_add+0x16e/0x240
[ 1152.565743][ T5821]  ? __pfx_kobject_add+0x10/0x10
[ 1152.565775][ T5821]  ? kobject_put+0xaf/0x6f0
[ 1152.565799][ T5821]  ? _raw_spin_unlock+0x3e/0x50
[ 1152.565831][ T5821]  device_add+0x288/0x1980
[ 1152.565853][ T5821]  ? __pfx_dev_set_name+0x10/0x10
[ 1152.565878][ T5821]  ? __pfx_device_add+0x10/0x10
[ 1152.565913][ T5821]  hci_conn_add_sysfs+0x1a8/0x260
[ 1152.565938][ T5821]  ? le_conn_complete_evt+0x10ac/0x1fa0
[ 1152.565960][ T5821]  le_conn_complete_evt+0x11ed/0x1fa0
[ 1152.565993][ T5821]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1152.566016][ T5821]  ? rcu_is_watching+0x12/0xc0
[ 1152.566044][ T5821]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[ 1152.566068][ T5821]  ? skb_pull_data+0x166/0x210
[ 1152.566090][ T5821]  hci_le_meta_evt+0x357/0x610
[ 1152.566112][ T5821]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[ 1152.566138][ T5821]  hci_event_packet+0x685/0x1210
[ 1152.566161][ T5821]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1152.566185][ T5821]  ? __pfx_hci_event_packet+0x10/0x10
[ 1152.566213][ T5821]  ? kcov_remote_start+0x3a9/0x680
[ 1152.566241][ T5821]  hci_rx_work+0x2c9/0x1020
[ 1152.566268][ T5821]  process_one_work+0x9ba/0x1b20
[ 1152.566302][ T5821]  ? __pfx_rxrpc_peer_keepalive_worker+0x10/0x10
[ 1152.566325][ T5821]  ? __pfx_process_one_work+0x10/0x10
[ 1152.566358][ T5821]  ? assign_work+0x1a0/0x250
[ 1152.566385][ T5821]  worker_thread+0x6c8/0xf10
[ 1152.566422][ T5821]  ? __pfx_worker_thread+0x10/0x10
[ 1152.566446][ T5821]  kthread+0x3c5/0x780
[ 1152.566470][ T5821]  ? __pfx_kthread+0x10/0x10
[ 1152.566495][ T5821]  ? rcu_is_watching+0x12/0xc0
[ 1152.566513][ T5821]  ? __pfx_kthread+0x10/0x10
[ 1152.566537][ T5821]  ret_from_fork+0x983/0xb10
[ 1152.566560][ T5821]  ? __pfx_ret_from_fork+0x10/0x10
[ 1152.566584][ T5821]  ? __switch_to+0x7af/0x10d0
[ 1152.566609][ T5821]  ? __pfx_kthread+0x10/0x10
[ 1152.566633][ T5821]  ret_from_fork_asm+0x1a/0x30
[ 1152.566685][ T5821]  </TASK>
[ 1152.835972][ T5821] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1152.850036][ T5821] Bluetooth: hci0: failed to register connection device
[ 1152.870598][T17937] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1153.069371][T17937] veth0_vlan: entered promiscuous mode
[ 1153.104497][ T5930] usb 2-1: new full-speed USB device number 103 using dummy_hcd
[ 1153.157246][T17937] veth1_vlan: entered promiscuous mode
[ 1153.203495][T17937] veth0_macvtap: entered promiscuous mode
[ 1153.216098][T17937] veth1_macvtap: entered promiscuous mode
[ 1153.238520][T17937] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1153.256254][ T5930] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1153.260686][T17937] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1153.276438][ T5930] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1153.291418][ T5930] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1153.301323][T12455] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1153.305118][ T5930] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1153.314272][T12455] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1153.327007][ T5930] usb 2-1: Product: syz
[ 1153.331266][ T5930] usb 2-1: Manufacturer: syz
[ 1153.336094][ T5930] usb 2-1: SerialNumber: syz
[ 1153.435689][  T892] usb 1-1: new high-speed USB device number 98 using dummy_hcd
[ 1153.518581][T12455] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1153.528002][T12455] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1153.584655][  T892] usb 1-1: Using ep0 maxpacket: 16
[ 1153.611805][  T892] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1153.623943][ T3936] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1153.639641][  T892] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[ 1153.654298][ T3936] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1153.662013][  T892] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1153.671765][  T892] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1153.683150][  T892] usb 1-1: config 0 descriptor??
[ 1153.694003][  T892] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1153.697246][T18099] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1153.711565][T12455] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1153.721267][T12455] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1153.774646][ T5821] Bluetooth: hci0: command 0x0406 tx timeout
[ 1153.780425][ T5930] usb 2-1: 0:2 : does not exist
[ 1153.954298][T18088] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2957'.
[ 1153.973981][  T892] usb 1-1: USB disconnect, device number 98
[ 1154.618070][ T5930] usb 2-1: USB disconnect, device number 103
[ 1155.914616][ T5821] Bluetooth: hci0: command 0x0406 tx timeout
[ 1156.149704][T18138] fuse: blksize only supported for fuseblk
[ 1156.156705][T18138] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2970'.
[ 1157.552859][   T52] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1157.564144][   T52] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1157.574285][   T52] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1157.584848][   T52] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1157.593650][   T52] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1157.860079][T18152] chnl_net:caif_netlink_parms(): no params data found
[ 1157.936410][ T5821] Bluetooth: hci0: command 0x0406 tx timeout
[ 1158.156537][T18152] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1158.167614][T18152] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1158.184070][T18152] bridge_slave_0: entered allmulticast mode
[ 1158.209214][T18152] bridge_slave_0: entered promiscuous mode
[ 1158.229465][T18152] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1158.246055][T18152] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1158.262575][T18152] bridge_slave_1: entered allmulticast mode
[ 1158.265949][T18152] bridge_slave_1: entered promiscuous mode
[ 1158.460332][T18152] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1158.475336][T18152] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1159.016820][   T30] audit: type=1804 audit(1767930821.644:790): pid=18171 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.2973" name="bus" dev="ramfs" ino=66585 res=1 errno=0
[ 1159.176391][T18152] team0: Port device team_slave_0 added
[ 1159.247343][T18152] team0: Port device team_slave_1 added
[ 1159.340204][T18152] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1159.364485][T18152] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1159.454074][T18152] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1159.467114][T18152] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1159.474148][T18152] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1159.584707][ T5900] usb 2-1: new high-speed USB device number 104 using dummy_hcd
[ 1159.603486][T18152] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1159.625999][T11060] Bluetooth: hci1: command tx timeout
[ 1159.754523][ T5900] usb 2-1: Using ep0 maxpacket: 16
[ 1159.764622][ T5900] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1159.838315][ T5900] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[ 1159.963696][ T5900] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1160.023715][ T5900] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1160.064979][ T5900] usb 2-1: config 0 descriptor??
[ 1160.077401][T18152] hsr_slave_0: entered promiscuous mode
[ 1160.083158][ T5900] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1160.083791][T18152] hsr_slave_1: entered promiscuous mode
[ 1160.127772][T18152] debugfs: 'hsr0' already exists in 'hsr'
[ 1160.147893][T18152] Cannot create hsr debugfs directory
[ 1160.841489][ T5900] usb 2-1: USB disconnect, device number 104
[ 1161.370699][T18152] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1161.876605][ T5821] Bluetooth: hci1: command tx timeout
[ 1162.032923][T18152] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1162.250658][T18152] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1163.021077][T18152] netdevsim netdevsim0 ªªªªª» (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1163.314564][  T892] usb 4-1: new full-speed USB device number 88 using dummy_hcd
[ 1163.379270][T18152] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1163.504515][    T9] usb 2-1: new full-speed USB device number 105 using dummy_hcd
[ 1163.535575][T18152] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1163.934723][   T52] Bluetooth: hci1: command tx timeout
[ 1164.025971][  T892] usb 4-1: config 0 has an invalid interface number: 251 but max is 0
[ 1164.034340][  T892] usb 4-1: config 0 has no interface number 0
[ 1164.044004][T18152] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1164.060404][  T892] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1164.082192][T18152] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1164.090633][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1164.107099][  T892] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1164.119446][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1164.136832][  T892] usb 4-1: Product: syz
[ 1164.149790][  T892] usb 4-1: Manufacturer: syz
[ 1164.160661][    T9] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1164.180390][  T892] usb 4-1: SerialNumber: syz
[ 1164.195554][  T892] usb 4-1: config 0 descriptor??
[ 1164.201620][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1164.220957][    T9] usb 2-1: Product: syz
[ 1164.236053][    T9] usb 2-1: Manufacturer: syz
[ 1164.249097][    T9] usb 2-1: SerialNumber: syz
[ 1164.401541][T18152] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1164.470786][T18152] 8021q: adding VLAN 0 to HW filter on device team0
[ 1164.530524][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1164.537710][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1164.582157][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1164.589340][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1164.657216][T11060] Bluetooth: hci3: command 0x0406 tx timeout
[ 1164.698864][    T9] usb 2-1: 0:2 : does not exist
[ 1164.887948][T18224] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2986'.
[ 1164.985909][  T892] asix 4-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[ 1164.985942][  T892] asix 4-1:0.251 (unnamed net_device) (uninitialized): Failed to read software interface selection register: -61
[ 1165.014126][  T892] asix 4-1:0.251: probe with driver asix failed with error -61
[ 1165.198686][  T892] usb 4-1: USB disconnect, device number 88
[ 1165.337420][ T5900] usb 2-1: USB disconnect, device number 105
[ 1165.400979][T18230] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2987'.
[ 1165.412339][T18230] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2987'.
[ 1165.452125][T18152] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1170.450809][ T5821] Bluetooth: hci3: command 0x0406 tx timeout
[ 1170.457404][   T52] Bluetooth: hci1: command tx timeout
[ 1170.459830][T18152] veth0_vlan: entered promiscuous mode
[ 1170.540628][   T30] audit: type=1804 audit(1767930828.304:791): pid=18232 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.4.2988" name="bus" dev="ramfs" ino=66856 res=1 errno=0
[ 1170.634878][T18152] veth1_vlan: entered promiscuous mode
[ 1170.737962][T18152] veth0_macvtap: entered promiscuous mode
[ 1170.738768][T18238] fuse: blksize only supported for fuseblk
[ 1170.752692][T18238] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2990'.
[ 1170.768950][T18152] veth1_macvtap: entered promiscuous mode
[ 1170.822919][T18152] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1170.870556][T18152] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1170.912920][ T2205] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1170.935489][  T892] usb 4-1: new high-speed USB device number 89 using dummy_hcd
[ 1170.954815][ T2205] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1170.979338][ T2205] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1171.035485][ T2205] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1171.095579][  T892] usb 4-1: Using ep0 maxpacket: 32
[ 1171.160490][  T892] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1171.618885][  T892] usb 4-1: New USB device found, idVendor=0525, idProduct=2888, bcdDevice=d0.43
[ 1171.644516][  T892] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1171.673825][T15684] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1171.683117][  T892] usb 4-1: config 0 descriptor??
[ 1171.685971][T15684] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1171.756941][T15684] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1171.795669][T15684] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1171.939243][  T892] cdc_subset 4-1:0.0: probe with driver cdc_subset failed with error -22
[ 1171.963247][T18253] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2994'.
[ 1171.992925][T18253] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2994'.
[ 1172.053993][T18249] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2994'.
[ 1172.155594][T18236] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2991'.
[ 1172.587411][  T892] usb 4-1: USB disconnect, device number 89
[ 1172.637078][    T9] usb 3-1: new high-speed USB device number 102 using dummy_hcd
[ 1172.671497][T18265] net_ratelimit: 10 callbacks suppressed
[ 1172.671510][T18265] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[ 1172.843360][    T9] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1172.852665][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1172.860831][    T9] usb 3-1: Product: syz
[ 1172.868095][    T9] usb 3-1: Manufacturer: syz
[ 1172.872784][    T9] usb 3-1: SerialNumber: syz
[ 1173.003065][    T9] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1173.018792][  T892] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1173.210568][ T5926] usb 2-1: new high-speed USB device number 106 using dummy_hcd
[ 1173.393621][T18240] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1173.415587][ T5926] usb 2-1: Using ep0 maxpacket: 8
[ 1173.432479][T18240] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1173.451579][ T5926] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 120, changing to 10
[ 1173.481069][ T5926] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[ 1173.501363][ T5926] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1173.515656][ T5926] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1173.631723][T18277] overlayfs: failed to resolve './file0': -2
[ 1175.005484][  T892] usb 3-1: Service connection timeout for: 256
[ 1175.011680][  T892] ath9k_htc 3-1:1.0: ath9k_htc: Unable to initialize HTC services
[ 1175.030503][T17909] usb 3-1: USB disconnect, device number 102
[ 1175.088849][  T892] ath9k_htc: Failed to initialize the device
[ 1175.104818][T17909] usb 3-1: ath9k_htc: USB layer deinitialized
[ 1175.180663][ T5926] usb 2-1: config 0 descriptor??
[ 1177.822450][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.840862][   T30] audit: type=1804 audit(1767930838.324:792): pid=18288 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.0.3000" name="bus" dev="ramfs" ino=67196 res=1 errno=0
[ 1178.930545][ T5926] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1178.987336][ T5926] usb 2-1: USB disconnect, device number 106
[ 1181.412037][T18315] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3008'.
[ 1181.442484][T18315] netlink: 256 bytes leftover after parsing attributes in process `syz.4.3008'.
[ 1181.465550][T18315] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3008'.
[ 1183.001990][T18332] IPVS: sync thread started: state = BACKUP, mcast_ifn = ip6_vti0, syncid = 1, id = 0
[ 1183.019847][T18335] netlink: 248 bytes leftover after parsing attributes in process `syz.1.3013'.
[ 1188.429432][ T5821] Bluetooth: hci2: command 0x2016 tx timeout
[ 1188.444423][   T30] audit: type=1804 audit(1767930846.204:793): pid=18339 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.3.3014" name="bus" dev="ramfs" ino=67281 res=1 errno=0
[ 1189.887869][T18355] fuse: blksize only supported for fuseblk
[ 1189.896848][T18355] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3017'.
[ 1190.290053][  T892] usb 1-1: new full-speed USB device number 99 using dummy_hcd
[ 1190.500879][   T52] Bluetooth: hci2: command 0x2016 tx timeout
[ 1190.508818][  T892] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1190.522000][  T892] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1190.534124][  T892] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1190.543777][  T892] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1190.551851][  T892] usb 1-1: Product: syz
[ 1190.556204][  T892] usb 1-1: Manufacturer: syz
[ 1190.560798][  T892] usb 1-1: SerialNumber: syz
[ 1191.144560][T11060] Bluetooth: hci3: command 0x0406 tx timeout
[ 1191.170548][  T892] usb 1-1: 0:2 : does not exist
[ 1191.213749][T18372] netlink: 248 bytes leftover after parsing attributes in process `syz.2.3020'.
[ 1192.036471][  T892] usb 1-1: USB disconnect, device number 99
[ 1193.467002][ T5821] Bluetooth: hci3: command 0x0406 tx timeout
[ 1194.484839][T18402] 9p: Bad value for 'rfdno'
[ 1195.476210][T18085] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1195.485817][T18085] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1195.502875][T18085] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1195.535684][T18085] Bluetooth: hci4: command 0x0406 tx timeout
[ 1195.565571][ T5821] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1195.610634][ T5821] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1196.299379][T18426] Invalid source name
[ 1196.399975][ T2205] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1197.160953][ T2205] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1197.227764][T18414] chnl_net:caif_netlink_parms(): no params data found
[ 1197.458474][ T2205] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1197.684557][ T5821] Bluetooth: hci4: command 0x0406 tx timeout
[ 1197.711235][ T5821] Bluetooth: hci0: command tx timeout
[ 1198.037341][ T2205] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1198.399430][T18414] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1198.408650][T18414] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1198.420380][T18414] bridge_slave_0: entered allmulticast mode
[ 1198.434876][T18414] bridge_slave_0: entered promiscuous mode
[ 1198.459119][T18414] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1198.469405][T18414] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1199.194575][T18414] bridge_slave_1: entered allmulticast mode
[ 1199.209622][T18414] bridge_slave_1: entered promiscuous mode
[ 1199.795242][T18392] Bluetooth: hci0: command tx timeout
[ 1199.940689][T18414] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1199.984700][   T30] audit: type=1804 audit(1767930862.594:794): pid=18449 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.3.3035" name="bus" dev="ramfs" ino=67496 res=1 errno=0
[ 1200.027785][T18414] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1200.503612][T18469] netlink: 256 bytes leftover after parsing attributes in process `syz.4.3043'.
[ 1200.515199][T18469] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3043'.
[ 1200.591706][ T2205] bridge_slave_1: left allmulticast mode
[ 1200.597560][ T2205] bridge_slave_1: left promiscuous mode
[ 1200.605536][ T2205] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1200.633379][ T2205] bridge_slave_0: left allmulticast mode
[ 1200.648755][ T2205] bridge_slave_0: left promiscuous mode
[ 1200.664620][ T2205] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1200.704455][T18341] usb 2-1: new high-speed USB device number 107 using dummy_hcd
[ 1200.964555][T18341] usb 2-1: Using ep0 maxpacket: 16
[ 1200.971858][T18341] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1200.982388][T18341] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[ 1201.473741][T18341] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1201.482913][T18341] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1201.520445][T18341] usb 2-1: config 0 descriptor??
[ 1201.529522][T18341] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1201.557717][T18484] Invalid source name
[ 1201.772593][T18341] usb 2-1: USB disconnect, device number 107
[ 1201.854532][T18392] Bluetooth: hci0: command tx timeout
[ 1201.990103][ T2205] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1202.009287][ T2205] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1202.036451][ T2205] bond0 (unregistering): Released all slaves
[ 1202.156122][T18414] team0: Port device team_slave_0 added
[ 1202.206629][T18414] team0: Port device team_slave_1 added
[ 1203.225975][ T6592] usb 5-1: new high-speed USB device number 109 using dummy_hcd
[ 1203.340585][T18414] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1203.375579][ T6592] usb 5-1: device descriptor read/64, error -71
[ 1203.410697][T18414] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1203.692855][T18414] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1203.734518][ T6592] usb 5-1: new high-speed USB device number 110 using dummy_hcd
[ 1203.780886][ T2205] hsr_slave_0: left promiscuous mode
[ 1203.954283][ T5821] Bluetooth: hci0: command tx timeout
[ 1203.959770][ T6592] usb 5-1: device descriptor read/64, error -71
[ 1204.016080][ T2205] hsr_slave_1: left promiscuous mode
[ 1204.028717][ T2205] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1204.040541][ T2205] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1204.074065][ T2205] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1204.085494][ T6592] usb usb5-port1: attempt power cycle
[ 1204.099695][ T2205] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1204.234311][ T2205] veth1_macvtap: left promiscuous mode
[ 1204.240051][ T2205] veth0_macvtap: left promiscuous mode
[ 1204.248016][ T2205] veth1_vlan: left promiscuous mode
[ 1204.796549][ T2205] veth0_vlan: left promiscuous mode
[ 1204.810284][ T6592] usb 5-1: new high-speed USB device number 111 using dummy_hcd
[ 1205.152427][ T5821] Bluetooth: hci4: command 0x0406 tx timeout
[ 1205.275750][ T6592] usb 5-1: device descriptor read/8, error -71
[ 1205.731272][T18521] netlink: 256 bytes leftover after parsing attributes in process `syz.4.3055'.
[ 1206.193670][T18523] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3055'.
[ 1206.903406][T18541] Invalid source name
[ 1206.915511][ T2205] team0 (unregistering): Port device team_slave_1 removed
[ 1206.957179][ T2205] team0 (unregistering): Port device team_slave_0 removed
[ 1207.177908][ T6592] usb 4-1: new high-speed USB device number 90 using dummy_hcd
[ 1207.225691][T18392] Bluetooth: hci4: command 0x0406 tx timeout
[ 1207.301961][T18414] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1207.309203][T18414] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1207.337852][T18414] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1207.364495][ T6592] usb 4-1: Using ep0 maxpacket: 16
[ 1207.384908][ T6592] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1207.406648][ T6592] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[ 1207.419848][ T6592] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1207.446066][ T6592] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1207.466554][ T6592] usb 4-1: config 0 descriptor??
[ 1207.492931][ T6592] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1207.843688][T18414] hsr_slave_0: entered promiscuous mode
[ 1207.851477][T18414] hsr_slave_1: entered promiscuous mode
[ 1207.857883][T18414] debugfs: 'hsr0' already exists in 'hsr'
[ 1207.863780][T18414] Cannot create hsr debugfs directory
[ 1207.954684][ T6592] usb 4-1: USB disconnect, device number 90
[ 1208.180084][T18554] fuse: blksize only supported for fuseblk
[ 1208.217281][T18554] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3061'.
[ 1209.022414][T18414] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1209.133299][T18414] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1209.156229][T18414] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1209.169129][T18414] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1210.136855][ T5821] Bluetooth: hci5: command 0x2016 tx timeout
[ 1210.489584][T18414] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1210.519437][T18414] 8021q: adding VLAN 0 to HW filter on device team0
[ 1210.540243][ T4404] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1210.547384][ T4404] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1210.793873][ T4404] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1210.801015][ T4404] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1210.810693][T18589] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[ 1211.614633][T14547] usb 2-1: new high-speed USB device number 108 using dummy_hcd
[ 1211.775638][T14547] usb 2-1: Using ep0 maxpacket: 8
[ 1211.782121][T14547] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 120, changing to 10
[ 1211.923717][T14547] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[ 1211.948259][ T6592] usb 3-1: new full-speed USB device number 103 using dummy_hcd
[ 1212.001886][T14547] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1212.446460][T18392] Bluetooth: hci5: command 0x2016 tx timeout
[ 1212.461130][T14547] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1212.579944][T14547] usb 2-1: config 0 descriptor??
[ 1212.615872][ T6592] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1212.634216][ T6592] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1212.649089][ T6592] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1212.725154][ T6592] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1212.733200][ T6592] usb 3-1: Product: syz
[ 1212.737943][ T6592] usb 3-1: Manufacturer: syz
[ 1212.743282][ T6592] usb 3-1: SerialNumber: syz
[ 1212.855833][T18414] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1212.879494][T14547] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1213.363224][ T6592] usb 3-1: 0:2 : does not exist
[ 1213.369053][T17909] usb 2-1: USB disconnect, device number 108
[ 1213.607459][ T6592] usb 3-1: USB disconnect, device number 103
[ 1213.905835][T18414] veth0_vlan: entered promiscuous mode
[ 1213.923601][T18414] veth1_vlan: entered promiscuous mode
[ 1213.979412][T18414] veth0_macvtap: entered promiscuous mode
[ 1213.992065][T18414] veth1_macvtap: entered promiscuous mode
[ 1214.540672][T18414] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1214.580640][T18414] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1214.616483][ T1326] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1214.625593][ T1326] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1214.636412][T10835] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1214.727607][T10837] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1216.024727][ T1033] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1216.027801][T10837] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1216.041214][T10837] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1216.071080][ T1033] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1217.784619][T11060] Bluetooth: hci3: command 0x0406 tx timeout
[ 1218.288053][T18085] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1218.291563][T18085] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1218.305739][T18085] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1218.313525][T18085] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1218.323026][T18085] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1218.937344][T18672] chnl_net:caif_netlink_parms(): no params data found
[ 1219.176872][T18672] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1219.184116][T18672] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1219.212489][T18672] bridge_slave_0: entered allmulticast mode
[ 1219.213786][T18684] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[ 1219.265408][T18672] bridge_slave_0: entered promiscuous mode
[ 1219.282876][T18672] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1219.326600][T18672] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1219.364649][T18672] bridge_slave_1: entered allmulticast mode
[ 1219.376490][T11060] Bluetooth: hci5: command 0x2016 tx timeout
[ 1219.404749][T18672] bridge_slave_1: entered promiscuous mode
[ 1219.551359][T18672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1219.654596][ T5874] usb 5-1: new high-speed USB device number 113 using dummy_hcd
[ 1219.764893][ T6592] usb 4-1: new high-speed USB device number 91 using dummy_hcd
[ 1219.860105][ T5821] Bluetooth: hci3: command 0x0406 tx timeout
[ 1219.924912][ T5874] usb 5-1: Using ep0 maxpacket: 8
[ 1219.943231][T18672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1220.059049][ T5874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 120, changing to 10
[ 1220.073807][ T5874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[ 1220.085010][ T5874] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1220.094115][ T5874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1220.104575][ T5874] usb 5-1: config 0 descriptor??
[ 1220.134912][ T6592] usb 4-1: Using ep0 maxpacket: 32
[ 1220.220444][ T6592] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1220.525765][T18392] Bluetooth: hci1: command tx timeout
[ 1220.540850][ T6592] usb 4-1: New USB device found, idVendor=0525, idProduct=2888, bcdDevice=d0.43
[ 1220.580164][ T5874] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1220.600940][ T6592] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1220.620534][T18672] team0: Port device team_slave_0 added
[ 1220.687545][ T6592] usb 4-1: config 0 descriptor??
[ 1220.709837][T18672] team0: Port device team_slave_1 added
[ 1220.899734][ T6592] cdc_subset 4-1:0.0: probe with driver cdc_subset failed with error -22
[ 1221.301456][ T6600] usb 5-1: USB disconnect, device number 113
[ 1221.344324][T10837] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1221.352324][T18688] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3087'.
[ 1221.358456][T10837] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1221.393815][T18672] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1221.398709][ T6592] usb 4-1: USB disconnect, device number 91
[ 1221.401458][T18672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1221.435573][T18672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1221.457513][T18392] Bluetooth: hci5: command 0x2016 tx timeout
[ 1221.472381][T10837] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1221.484883][T10837] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1221.500250][T18672] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1221.507581][T18672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1221.533747][T18672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1221.556211][T10837] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1221.568085][T10837] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1221.640787][T10837] bridge0: port 3(netdevsim0) entered disabled state
[ 1221.679765][T10837] netdevsim netdevsim2 netdevsim0 (unregistering): left allmulticast mode
[ 1221.688836][T10837] netdevsim netdevsim2 netdevsim0 (unregistering): left promiscuous mode
[ 1221.699858][T10837] bridge0: port 3(netdevsim0) entered disabled state
[ 1221.805718][T10837] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1221.816299][T10837] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1221.843664][T18672] hsr_slave_0: entered promiscuous mode
[ 1221.850561][T18672] hsr_slave_1: entered promiscuous mode
[ 1222.282757][T18672] debugfs: 'hsr0' already exists in 'hsr'
[ 1222.289374][T18672] Cannot create hsr debugfs directory
[ 1223.388438][ T5821] Bluetooth: hci1: command tx timeout
[ 1223.393902][ T5821] Bluetooth: hci0: command 0x2016 tx timeout
[ 1223.601226][T10837] v: left allmulticast mode
[ 1223.607970][T10837] bridge0: port 6(v) entered disabled state
[ 1223.619154][T10837] gretap0: left allmulticast mode
[ 1223.624300][T10837] gretap0: left promiscuous mode
[ 1223.630519][T10837] bridge0: port 5(gretap0) entered disabled state
[ 1223.643776][T10837] team0: left allmulticast mode
[ 1224.510140][T10837] team_slave_0: left allmulticast mode
[ 1224.510164][T10837] team_slave_1: left allmulticast mode
[ 1224.510216][T10837] team0: left promiscuous mode
[ 1224.510228][T10837] team_slave_0: left promiscuous mode
[ 1224.510396][T10837] team_slave_1: left promiscuous mode
[ 1224.510751][T10837] bridge0: port 4(team0) entered disabled state
[ 1224.527305][T10837] bridge_slave_1: left allmulticast mode
[ 1224.527328][T10837] bridge_slave_1: left promiscuous mode
[ 1224.527470][T10837] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1224.529365][T10837] bridge_slave_0: left allmulticast mode
[ 1224.529382][T10837] bridge_slave_0: left promiscuous mode
[ 1224.529516][T10837] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1225.464513][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1225.470659][T18392] Bluetooth: hci1: command tx timeout
[ 1227.535781][T11060] Bluetooth: hci1: command tx timeout
[ 1227.926766][T10837] bond2 (unregistering): (slave erspan1): Releasing active interface
[ 1227.937133][T10837] erspan1 (unregistering): left promiscuous mode
[ 1227.985487][T18290] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1228.174736][T10837] team0: Port device bridge1 removed
[ 1228.600984][T18290] usb 6-1: Using ep0 maxpacket: 8
[ 1229.536092][T10837] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1229.596637][T10837] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1229.607543][T10837] bond0 (unregistering): Released all slaves
[ 1229.682721][T10837] bond1 (unregistering): Released all slaves
[ 1229.891437][T10837] bond2 (unregistering): Released all slaves
[ 1229.911784][T10837] bond3 (unregistering): Released all slaves
[ 1229.941347][T18730] batman_adv: batadv0: Adding interface: dummy0
[ 1229.948030][T18730] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1229.976303][T18730] batman_adv: batadv0: Interface activated: dummy0
[ 1230.017227][T18735] batadv0: mtu less than device minimum
[ 1230.037321][T10837] IPVS: stopping backup sync thread 17057 ...
[ 1230.044200][T18735] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1230.055316][T18735] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1230.066579][T18735] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1230.077621][T18735] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1230.088656][T18735] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1230.099685][T18735] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1230.110678][T18735] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1230.121724][T18735] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1230.132762][T18735] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1230.214851][ T6600] syz0: Port: 1 Link DOWN
[ 1230.341301][T18290] usb 6-1: device descriptor read/all, error -71
[ 1231.865717][T10837] hsr_slave_0: left promiscuous mode
[ 1231.882324][T10837] hsr_slave_1: left promiscuous mode
[ 1231.895677][T10837] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1231.987417][T10837] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1232.377581][T10837] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1232.385197][T10837] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1232.416263][T10837] veth1_macvtap: left promiscuous mode
[ 1232.423167][T10837] veth0_macvtap: left promiscuous mode
[ 1232.429188][T10837] veth1_vlan: left promiscuous mode
[ 1232.435276][T10837] veth0_vlan: left promiscuous mode
[ 1234.136417][T10837] team0 (unregistering): Port device team_slave_1 removed
[ 1234.220015][T10837] team0 (unregistering): Port device team_slave_0 removed
[ 1235.909177][T18833] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3117'.
[ 1236.008409][T18833] netlink: 256 bytes leftover after parsing attributes in process `syz.5.3117'.
[ 1236.127512][T18833] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3117'.
[ 1237.121373][T18846] net_ratelimit: 10 callbacks suppressed
[ 1237.121402][T18846] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[ 1237.446115][T18672] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1237.514891][T18672] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1237.568894][T18672] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1237.585792][T18672] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1237.728481][T10837] IPVS: stop unused estimator thread 0...
[ 1237.804521][   T89] usb 5-1: new high-speed USB device number 114 using dummy_hcd
[ 1238.145460][   T89] usb 5-1: Using ep0 maxpacket: 32
[ 1238.180900][   T89] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1238.193131][T18862] batman_adv: batadv0: Adding interface: dummy0
[ 1238.200167][   T89] usb 5-1: New USB device found, idVendor=0525, idProduct=2888, bcdDevice=d0.43
[ 1238.205687][T18862] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1238.209405][   T89] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1238.246394][T18862] batman_adv: batadv0: Interface activated: dummy0
[ 1238.253883][   T89] usb 5-1: config 0 descriptor??
[ 1238.261083][T18863] batadv0: mtu less than device minimum
[ 1238.271612][T18863] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1238.271881][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1238.282833][T18863] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1238.299366][T18863] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1238.304535][ T6600] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1238.310575][T18863] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1238.328283][T18863] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1238.339313][T18863] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1238.350328][T18863] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1238.361624][T18863] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1238.396242][T18672] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1238.414145][T18672] 8021q: adding VLAN 0 to HW filter on device team0
[ 1238.427951][T16268] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1238.435145][T16268] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1238.448351][T16268] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1238.455503][T16268] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1238.464467][ T6600] usb 6-1: Using ep0 maxpacket: 8
[ 1238.471220][ T6600] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 120, changing to 10
[ 1238.482923][   T89] cdc_subset 5-1:0.0: probe with driver cdc_subset failed with error -22
[ 1238.505819][ T6600] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[ 1238.520008][ T6600] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1238.532089][ T6600] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1238.545943][ T6600] usb 6-1: config 0 descriptor??
[ 1238.624629][ T6592] usb 4-1: new high-speed USB device number 92 using dummy_hcd
[ 1238.659405][T18672] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1238.711716][T18672] veth0_vlan: entered promiscuous mode
[ 1238.730445][T18672] veth1_vlan: entered promiscuous mode
[ 1238.739480][T18851] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3123'.
[ 1238.762243][   T89] usb 5-1: USB disconnect, device number 114
[ 1238.774707][ T6592] usb 4-1: Using ep0 maxpacket: 8
[ 1238.775335][T18672] veth0_macvtap: entered promiscuous mode
[ 1238.782154][ T6592] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 120, changing to 10
[ 1238.791207][ T6600] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1238.807512][ T6592] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[ 1238.807560][ T6592] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1238.807582][ T6592] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1238.837901][ T6592] usb 4-1: config 0 descriptor??
[ 1238.844242][T18672] veth1_macvtap: entered promiscuous mode
[ 1238.859572][T18672] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1238.876157][T18672] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1238.891222][T10837] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1238.901545][T10837] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1238.911241][T10837] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1238.921203][T10837] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1238.993300][ T3936] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1239.009718][ T3936] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1239.038256][ T6600] usb 6-1: USB disconnect, device number 4
[ 1239.051109][ T6592] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[ 1239.062849][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1239.079164][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1239.295044][T18873] IPVS: sync thread started: state = BACKUP, mcast_ifn = ip6_vti0, syncid = 1, id = 0
[ 1239.307906][ T6592] usb 4-1: USB disconnect, device number 92
[ 1241.094864][T18899] IPVS: sync thread started: state = BACKUP, mcast_ifn = ip6_vti0, syncid = 1, id = 0
[ 1242.020531][T18392] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1242.031191][T18392] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1242.041584][T18392] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1242.050931][T18392] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1242.058393][T18392] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1242.195507][T18290] usb 5-1: new full-speed USB device number 115 using dummy_hcd
[ 1242.816628][T18290] usb 5-1: config 0 has an invalid interface number: 251 but max is 0
[ 1242.822661][   T34] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1242.839244][   T34] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1242.931399][T18290] usb 5-1: config 0 has no interface number 0
[ 1242.986671][T18290] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1242.998910][T18290] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1243.024453][T18290] usb 5-1: Product: syz
[ 1243.028616][T18290] usb 5-1: Manufacturer: syz
[ 1243.033177][T18290] usb 5-1: SerialNumber: syz
[ 1243.216720][T18290] usb 5-1: config 0 descriptor??
[ 1243.476317][   T34] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1243.492501][   T34] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1244.046966][T18906] chnl_net:caif_netlink_parms(): no params data found
[ 1244.101196][T18392] Bluetooth: hci3: command tx timeout
[ 1244.156429][   T34] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1244.168352][   T34] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1244.248009][   T34] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1244.273142][   T34] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1244.440096][T18906] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1244.457554][T18906] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1244.469081][T18906] bridge_slave_0: entered allmulticast mode
[ 1244.469730][T18290] asix 5-1:0.251 (unnamed net_device) (uninitialized): Interface mode not supported by driver
[ 1244.487122][T18290] asix 5-1:0.251: probe with driver asix failed with error -524
[ 1244.488185][T18906] bridge_slave_0: entered promiscuous mode
[ 1244.553127][T18906] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1244.563556][T18906] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1244.574738][T18906] bridge_slave_1: entered allmulticast mode
[ 1244.582391][T18906] bridge_slave_1: entered promiscuous mode
[ 1245.027424][T18290] usb 5-1: USB disconnect, device number 115
[ 1245.470833][T18392] Bluetooth: hci5: command 0x2016 tx timeout
[ 1246.385004][T11060] Bluetooth: hci3: command tx timeout
[ 1248.223533][   T34] bond0 (unregistering): Released all slaves
[ 1248.424098][T18392] Bluetooth: hci3: command tx timeout
[ 1248.850040][   T34] bond1 (unregistering): Released all slaves
[ 1248.895446][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1248.901132][T18906] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1248.939742][T18906] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1249.090733][   T34] : left promiscuous mode
[ 1249.770539][T18906] team0: Port device team_slave_0 added
[ 1249.780482][   T34] tipc: Left network mode
[ 1249.799989][T18969] Invalid source name
[ 1249.806492][T18906] team0: Port device team_slave_1 added
[ 1249.816238][   T34] IPVS: stopping backup sync thread 17631 ...
[ 1250.509674][T11060] Bluetooth: hci3: command tx timeout
[ 1250.954118][T18906] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1250.974451][T11060] Bluetooth: hci0: command 0x2016 tx timeout
[ 1250.981060][T18906] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1251.471885][T18906] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1251.506303][T18906] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1251.517965][T18906] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1251.710786][T18906] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1252.050424][T18906] hsr_slave_0: entered promiscuous mode
[ 1252.088523][T18906] hsr_slave_1: entered promiscuous mode
[ 1252.104953][T18906] debugfs: 'hsr0' already exists in 'hsr'
[ 1252.116978][T18906] Cannot create hsr debugfs directory
[ 1252.426648][   T34] hsr_slave_0: left promiscuous mode
[ 1252.441792][   T34] hsr_slave_1: left promiscuous mode
[ 1252.455077][   T34] batman_adv: batadv0: Interface deactivated: dummy0
[ 1252.476688][   T34] batman_adv: batadv0: Removing interface: dummy0
[ 1252.565915][   T34] veth1_macvtap: left promiscuous mode
[ 1252.588069][   T34] veth0_macvtap: left promiscuous mode
[ 1252.602321][   T34] veth1_vlan: left promiscuous mode
[ 1252.860172][   T34] veth0_vlan: left promiscuous mode
[ 1253.043907][   T34] pim6reg9 (unregistering): left allmulticast mode
[ 1253.326635][T19012] 9p: Bad value for 'rfdno'
[ 1256.344856][T19032] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input34
[ 1259.036824][T19054] 9p: Bad value for 'rfdno'
[ 1259.041782][T19056] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3163'.
[ 1259.083065][T19051] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3163'.
[ 1259.100584][T19051] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3163'.
[ 1259.140500][   T34] IPVS: stop unused estimator thread 0...
[ 1261.444971][T19084] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input35
[ 1262.179035][T18906] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1262.696905][T18906] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1262.826574][T18906] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1262.949636][T18906] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1263.920158][T18906] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1263.991602][T18906] 8021q: adding VLAN 0 to HW filter on device team0
[ 1264.017849][ T6798] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1264.025033][ T6798] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1264.042726][ T6798] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1264.049938][ T6798] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1264.321510][T18906] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1264.640313][T18906] veth0_vlan: entered promiscuous mode
[ 1264.659795][T18906] veth1_vlan: entered promiscuous mode
[ 1264.698260][T18906] veth0_macvtap: entered promiscuous mode
[ 1264.712152][T18906] veth1_macvtap: entered promiscuous mode
[ 1264.737775][T18906] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1264.754084][T18906] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1265.640104][T12452] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1265.677067][T12452] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1265.724344][T12452] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1265.875543][T12452] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1266.015136][T11060] Bluetooth: hci2: command 0x2016 tx timeout
[ 1266.389521][T10837] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1266.426946][T10837] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1266.919802][ T1158] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1266.939270][ T1158] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1267.284497][ T6592] usb 2-1: new high-speed USB device number 109 using dummy_hcd
[ 1268.141430][ T5821] Bluetooth: hci2: command 0x2016 tx timeout
[ 1268.216105][T19160] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input36
[ 1268.352772][ T6592] usb 2-1: Using ep0 maxpacket: 32
[ 1268.377637][ T6592] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1268.444434][ T6592] usb 2-1: New USB device found, idVendor=0525, idProduct=2888, bcdDevice=d0.43
[ 1268.470581][ T6592] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1268.495169][ T6592] usb 2-1: config 0 descriptor??
[ 1268.713532][ T6592] cdc_subset 2-1:0.0: probe with driver cdc_subset failed with error -22
[ 1268.859515][T19177] 9p: Bad value for 'rfdno'
[ 1269.049563][T19155] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3130'.
[ 1269.060964][ T5926] usb 2-1: USB disconnect, device number 109
[ 1270.398458][T18392] Bluetooth: hci2: command 0x2016 tx timeout
[ 1272.921284][T19214] 9p: Bad value for 'rfdno'
[ 1274.862754][T19239] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input37
[ 1274.952309][   T30] audit: type=1804 audit(1767930937.574:795): pid=19244 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.3204" name="/newroot/57/file0" dev="tmpfs" ino=349 res=1 errno=0
[ 1275.041317][   T30] audit: type=1804 audit(1767930937.574:796): pid=19244 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.3.3204" name="/newroot/57/file0" dev="tmpfs" ino=349 res=1 errno=0
[ 1275.975706][T19251] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1276.024617][ T6903] usb 3-1: new high-speed USB device number 104 using dummy_hcd
[ 1276.278636][ T6903] usb 3-1: config 0 has no interfaces?
[ 1276.284252][ T6903] usb 3-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[ 1276.296045][ T6903] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1276.313963][ T6903] usb 3-1: config 0 descriptor??
[ 1276.949814][T19237] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1276.964778][T19237] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1277.130825][T19237] binder: 19236:19237 unknown command 0
[ 1277.169188][T19237] binder: 19236:19237 ioctl c0306201 200000000080 returned -22
[ 1277.204717][    T9] usb 3-1: USB disconnect, device number 104
[ 1277.263842][T19268] netlink: 504 bytes leftover after parsing attributes in process `syz.4.3210'.
[ 1277.417129][T19272] netlink: 504 bytes leftover after parsing attributes in process `syz.3.3211'.
[ 1277.427075][T19268] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3210'.
[ 1277.463778][T19272] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3211'.
[ 1277.485467][T19272] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1277.492799][T19272] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1277.684118][T19278] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[ 1277.694628][T11060] Bluetooth: hci2: command 0x2016 tx timeout
[ 1277.702934][T19280] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[ 1277.732004][T19278] 9p: Bad value for 'rfdno'
[ 1278.288002][T19287] FAULT_INJECTION: forcing a failure.
[ 1278.288002][T19287] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1278.302303][T19287] CPU: 1 UID: 0 PID: 19287 Comm: syz.5.3216 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1278.302337][T19287] Tainted: [L]=SOFTLOCKUP
[ 1278.302344][T19287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1278.302356][T19287] Call Trace:
[ 1278.302363][T19287]  <TASK>
[ 1278.302371][T19287]  dump_stack_lvl+0x16c/0x1f0
[ 1278.302402][T19287]  should_fail_ex+0x512/0x640
[ 1278.302437][T19287]  _copy_from_user+0x2e/0xd0
[ 1278.302465][T19287]  copy_msghdr_from_user+0x98/0x160
[ 1278.302486][T19287]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1278.302518][T19287]  ___sys_sendmsg+0xfe/0x1d0
[ 1278.302539][T19287]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1278.302590][T19287]  __sys_sendmsg+0x16d/0x220
[ 1278.302616][T19287]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1278.302653][T19287]  do_syscall_64+0xcd/0xf80
[ 1278.302680][T19287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1278.302699][T19287] RIP: 0033:0x7f02f038f749
[ 1278.302715][T19287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1278.302733][T19287] RSP: 002b:00007f02ee5f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1278.302752][T19287] RAX: ffffffffffffffda RBX: 00007f02f05e5fa0 RCX: 00007f02f038f749
[ 1278.302764][T19287] RDX: 0000000000040040 RSI: 0000200000000300 RDI: 0000000000000004
[ 1278.302776][T19287] RBP: 00007f02ee5f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1278.302786][T19287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1278.302798][T19287] R13: 00007f02f05e6038 R14: 00007f02f05e5fa0 R15: 00007ffdc10fdd48
[ 1278.302824][T19287]  </TASK>
[ 1279.220247][T11060] Bluetooth: hci0: command 0x2016 tx timeout
[ 1279.789286][ T5821] Bluetooth: hci2: command 0x2016 tx timeout
[ 1281.091263][T19318] netlink: 512 bytes leftover after parsing attributes in process `syz.5.3224'.
[ 1281.117781][T19318] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3224'.
[ 1281.294477][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1281.554529][ T5827] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[ 1281.786953][ T5827] usb 3-1: Using ep0 maxpacket: 32
[ 1281.794394][    C0] hrtimer: interrupt took 31070 ns
[ 1281.834656][    T9] usb 5-1: new high-speed USB device number 116 using dummy_hcd
[ 1281.861895][ T5827] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1281.872559][ T5827] usb 3-1: New USB device found, idVendor=0525, idProduct=2888, bcdDevice=d0.43
[ 1281.883195][ T5827] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1281.893089][ T5827] usb 3-1: config 0 descriptor??
[ 1282.004424][    T9] usb 5-1: Using ep0 maxpacket: 32
[ 1282.011901][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1282.023471][    T9] usb 5-1: New USB device found, idVendor=0525, idProduct=2888, bcdDevice=d0.43
[ 1282.032734][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1282.052490][    T9] usb 5-1: config 0 descriptor??
[ 1282.144947][ T5827] cdc_subset 3-1:0.0: probe with driver cdc_subset failed with error -22
[ 1282.536814][T19331] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3228'.
[ 1282.556267][    T9] cdc_subset 5-1:0.0: probe with driver cdc_subset failed with error -22
[ 1282.579810][    T9] usb 3-1: USB disconnect, device number 105
[ 1282.822502][T19344] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3229'.
[ 1283.267277][ T5930] usb 5-1: USB disconnect, device number 116
[ 1284.459881][ T5900] IPVS: starting estimator thread 0...
[ 1284.616885][T19361] IPVS: using max 41 ests per chain, 98400 per kthread
[ 1285.904064][T19381] netlink: 512 bytes leftover after parsing attributes in process `syz.1.3238'.
[ 1285.947795][T19381] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3238'.
[ 1287.129054][   T30] audit: type=1400 audit(1767930949.754:797): avc:  denied  { write } for  pid=19396 comm="syz.5.3245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1287.129363][T19397] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[ 1288.294518][ T5900] usb 5-1: new high-speed USB device number 117 using dummy_hcd
[ 1288.723983][ T5900] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1288.874632][ T5900] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1288.884649][ T5900] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1288.898580][ T5900] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1288.972245][ T5900] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1289.005392][ T5900] usb 5-1: config 0 descriptor??
[ 1289.127244][T19340] usb 4-1: new high-speed USB device number 93 using dummy_hcd
[ 1290.169414][T19340] usb 4-1: no configurations
[ 1290.174063][T19340] usb 4-1: can't read configurations, error -22
[ 1290.347039][T19340] usb 4-1: new high-speed USB device number 94 using dummy_hcd
[ 1290.376786][T19394] IPVS: set_ctl: invalid protocol: 137 172.20.20.11:21
[ 1290.404769][ T5900] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 1290.497247][T19439] 9p: Bad value for 'rfdno'
[ 1290.554557][   T89] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1291.035548][T19394] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1291.044179][T19394] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1291.106918][ T5900] usb 5-1: USB disconnect, device number 117
[ 1291.174516][   T89] usb 6-1: Using ep0 maxpacket: 8
[ 1291.349843][   T89] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1291.369701][   T89] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1291.396854][   T89] usb 6-1: Product: syz
[ 1291.401212][   T89] usb 6-1: Manufacturer: syz
[ 1291.420593][   T89] usb 6-1: SerialNumber: syz
[ 1291.447377][T19446] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19446 comm=syz.2.3255
[ 1291.539392][T19446] dvmrp0: entered allmulticast mode
[ 1291.774414][   T89] usb 6-1: config 0 descriptor??
[ 1291.784697][T19445] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3257'.
[ 1291.828451][   T89] gspca_main: se401-2.14.0 probing 047d:5003
[ 1293.561024][T19472] netlink: 'syz.3.3262': attribute type 4 has an invalid length.
[ 1293.569343][T19472] netlink: 'syz.3.3262': attribute type 4 has an invalid length.
[ 1293.612349][T19472] netlink: 'syz.3.3262': attribute type 5 has an invalid length.
[ 1293.775746][   T89] gspca_se401: read req failed req 0x06 error -19
[ 1293.792488][   T89] usb 6-1: USB disconnect, device number 5
[ 1295.005918][T19488] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input39
[ 1296.203805][T19504] net_ratelimit: 11 callbacks suppressed
[ 1296.203832][T19504] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[ 1296.826065][T19507] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61456 sclass=netlink_route_socket pid=19507 comm=syz.3.3272
[ 1296.865355][T19507] bridge0: entered allmulticast mode
[ 1296.876581][T19507] netlink: 'syz.3.3272': attribute type 2 has an invalid length.
[ 1296.894846][T19507] bridge_slave_1: left allmulticast mode
[ 1296.900552][T19507] bridge_slave_1: left promiscuous mode
[ 1296.916783][T19507] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1296.954418][ T5900] usb 5-1: new high-speed USB device number 118 using dummy_hcd
[ 1297.125076][ T5900] usb 5-1: Using ep0 maxpacket: 8
[ 1297.204318][ T5900] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 120, changing to 10
[ 1297.233652][T19507] bridge_slave_0: left allmulticast mode
[ 1297.249429][ T5900] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[ 1297.254254][T19519] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1297.264475][T19507] bridge_slave_0: left promiscuous mode
[ 1297.276608][ T5900] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1297.289132][   T30] audit: type=1400 audit(1767930959.904:798): avc:  denied  { bind } for  pid=19520 comm="syz.2.3277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[ 1297.312517][ T5900] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1297.323466][T19507] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1297.334110][ T5900] usb 5-1: config 0 descriptor??
[ 1297.342259][   T30] audit: type=1400 audit(1767930959.934:799): avc:  denied  { connect } for  pid=19520 comm="syz.2.3277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[ 1297.684145][ T5900] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1298.052693][ T5874] usb 5-1: USB disconnect, device number 118
[ 1298.312792][T19539] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1298.506337][T19544] Invalid source name
[ 1298.933601][T19550] /dev/nullb0: Can't open blockdev
[ 1299.253450][   T30] audit: type=1400 audit(1767930961.874:800): avc:  denied  { read } for  pid=19552 comm="syz.1.3285" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[ 1299.858044][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1299.866303][   T30] audit: type=1400 audit(1767930962.164:801): avc:  denied  { getopt } for  pid=19552 comm="syz.1.3285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1304.001498][   T30] audit: type=1400 audit(1767930966.624:802): avc:  denied  { mounton } for  pid=19613 comm="syz.3.3297" path="/file0" dev="ramfs" ino=74911 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[ 1304.001594][T19614] overlayfs: missing 'lowerdir'
[ 1304.434515][ T5821] Bluetooth: hci1: command 0x2016 tx timeout
[ 1304.523770][T19614] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=31232 sclass=netlink_route_socket pid=19614 comm=syz.3.3297
[ 1306.265331][T19373] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1306.674432][ T5821] Bluetooth: hci1: command 0x2016 tx timeout
[ 1306.730217][T19373] usb 6-1: config 0 has no interfaces?
[ 1306.737196][T19373] usb 6-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[ 1306.746347][T19373] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1306.756181][T19373] usb 6-1: config 0 descriptor??
[ 1306.998636][T19592] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1307.007815][T19592] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1307.030536][T19592] binder: 19586:19592 unknown command 0
[ 1307.036376][T19592] binder: 19586:19592 ioctl c0306201 200000000080 returned -22
[ 1307.056142][T19373] usb 6-1: USB disconnect, device number 6
[ 1308.695890][T19664] netlink: 51 bytes leftover after parsing attributes in process `syz.2.3306'.
[ 1309.143428][   T30] audit: type=1400 audit(1767930971.764:803): avc:  denied  { accept } for  pid=19676 comm="syz.5.3311" path="socket:[74989]" dev="sockfs" ino=74989 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1310.551359][ T5821] Bluetooth: hci1: command 0x2016 tx timeout
[ 1310.785942][T19688] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[ 1310.830934][T19688] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3311'.
[ 1311.394137][T19688] netlink: 'syz.5.3311': attribute type 4 has an invalid length.
[ 1311.777094][T19700] netlink: 512 bytes leftover after parsing attributes in process `syz.4.3316'.
[ 1311.789735][T19700] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3316'.
[ 1312.586679][ T5821] Bluetooth: hci1: command 0x2016 tx timeout
[ 1314.349854][T19722] sctp: [Deprecated]: syz.4.3321 (pid 19722) Use of int in max_burst socket option deprecated.
[ 1314.349854][T19722] Use struct sctp_assoc_value instead
[ 1314.510303][ T5821] Bluetooth: hci3: command 0x2016 tx timeout
[ 1314.625231][T19727] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1314.661438][T19727] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1314.690374][T19729] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[ 1316.654684][T18392] Bluetooth: hci3: command 0x2016 tx timeout
[ 1318.944511][T18281] usb 2-1: new high-speed USB device number 110 using dummy_hcd
[ 1319.514423][T18281] usb 2-1: device descriptor read/64, error -71
[ 1319.679322][T14547] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[ 1319.775670][T18281] usb 2-1: new high-speed USB device number 111 using dummy_hcd
[ 1319.854505][T18341] usb 4-1: new high-speed USB device number 95 using dummy_hcd
[ 1319.958732][T14547] usb 3-1: config 0 has no interfaces?
[ 1319.964237][T14547] usb 3-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[ 1319.983038][T14547] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1320.454750][T18281] usb 2-1: device descriptor read/64, error -71
[ 1320.470211][T14547] usb 3-1: config 0 descriptor??
[ 1320.546220][T18341] usb 4-1: config 0 has no interfaces?
[ 1320.559096][T18341] usb 4-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[ 1320.570281][T18341] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1320.580532][T18281] usb usb2-port1: attempt power cycle
[ 1320.594451][T18341] usb 4-1: config 0 descriptor??
[ 1320.735386][T19764] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1320.757427][T19764] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1320.777591][T19764] binder: 19762:19764 unknown command 0
[ 1320.791231][T19764] binder: 19762:19764 ioctl c0306201 200000000080 returned -22
[ 1320.810332][T18341] usb 3-1: USB disconnect, device number 106
[ 1320.944718][T18281] usb 2-1: new high-speed USB device number 112 using dummy_hcd
[ 1320.955393][T19768] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1320.974160][T19768] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1320.985762][T18281] usb 2-1: device descriptor read/8, error -71
[ 1321.004947][T19768] binder: 19767:19768 unknown command 0
[ 1321.012667][T19768] binder: 19767:19768 ioctl c0306201 200000000080 returned -22
[ 1321.029762][T18290] usb 4-1: USB disconnect, device number 95
[ 1321.126925][T19798] IPVS: sync thread started: state = BACKUP, mcast_ifn = ip6_vti0, syncid = 1, id = 0
[ 1321.237280][T18281] usb 2-1: new high-speed USB device number 113 using dummy_hcd
[ 1321.275604][T18281] usb 2-1: device descriptor read/8, error -71
[ 1321.385380][T18281] usb usb2-port1: unable to enumerate USB device
[ 1321.647537][T19806] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1321.684930][T19805] openvswitch: netlink: IP tunnel dst address not specified
[ 1321.700592][T19805] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=19805 comm=syz.2.3342
[ 1321.923058][T19805] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3342'.
[ 1322.440244][ T5821] Bluetooth: hci0: command 0x2016 tx timeout
[ 1324.932046][T19835] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[ 1324.943200][T19835] sctp: [Deprecated]: syz.4.3350 (pid 19835) Use of int in maxseg socket option.
[ 1324.943200][T19835] Use struct sctp_assoc_value instead
[ 1326.264383][   T30] audit: type=1326 audit(1767930988.804:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19836 comm="syz.2.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92f298f749 code=0x7fc00000
[ 1327.065377][T19861] xt_bpf: check failed: parse error
[ 1327.502061][   T30] audit: type=1400 audit(1767930990.124:805): avc:  denied  { block_suspend } for  pid=19864 comm="syz.2.3357" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1328.571653][   T30] audit: type=1400 audit(1767930991.194:806): avc:  denied  { read } for  pid=19874 comm="syz.5.3359" dev="nsfs" ino=4026533536 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1328.777339][   T30] audit: type=1400 audit(1767930991.194:807): avc:  denied  { open } for  pid=19874 comm="syz.5.3359" path="net:[4026533536]" dev="nsfs" ino=4026533536 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[ 1330.032721][   T30] audit: type=1400 audit(1767930991.484:808): avc:  denied  { allowed } for  pid=19874 comm="syz.5.3359" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1330.400131][  T892] usb 2-1: new high-speed USB device number 114 using dummy_hcd
[ 1330.727113][  T892] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1330.737179][  T892] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1330.747115][  T892] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1330.764308][  T892] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1330.782726][  T892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1330.798082][  T892] usb 2-1: Product: syz
[ 1330.806456][  T892] usb 2-1: Manufacturer: syz
[ 1330.815247][  T892] usb 2-1: SerialNumber: syz
[ 1330.829683][  T892] hub 2-1:1.0: bad descriptor, ignoring hub
[ 1330.838584][  T892] hub 2-1:1.0: probe with driver hub failed with error -5
[ 1331.071685][T19888] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1331.092092][T19888] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1331.121154][  T892] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 114 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 1331.488222][ T5931] usb 2-1: USB disconnect, device number 114
[ 1331.913843][ T5931] usblp0: removed
[ 1333.451611][  T892] usb 5-1: new high-speed USB device number 119 using dummy_hcd
[ 1333.544429][T19373] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1333.645707][  T892] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1333.654439][  T892] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1333.664839][  T892] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1333.673828][  T892] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[ 1333.684977][  T892] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[ 1333.698537][  T892] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1333.707878][  T892] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1333.716046][  T892] usb 5-1: Product: syz
[ 1333.720294][  T892] usb 5-1: Manufacturer: syz
[ 1333.720606][T19373] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1333.728489][  T892] cdc_wdm 5-1:1.0: skipping garbage
[ 1333.741262][  T892] cdc_wdm 5-1:1.0: skipping garbage
[ 1333.747036][T19373] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1333.748332][  T892] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[ 1333.757794][T19373] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 8.00
[ 1333.763000][  T892] cdc_wdm 5-1:1.0: Unknown control protocol
[ 1333.772775][T19373] usb 6-1: New USB device strings: Mfr=0, Product=16, SerialNumber=0
[ 1333.787056][T19373] usb 6-1: Product: syz
[ 1333.792594][T19373] usb 6-1: config 0 descriptor??
[ 1334.636997][T19935] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1335.494265][T19373] cm6533_jd 0003:0D8C:0022.0014: unknown main item tag 0x0
[ 1335.682370][T19373] cm6533_jd 0003:0D8C:0022.0014: unknown main item tag 0x0
[ 1335.716456][T19373] input: syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0D8C:0022.0014/input/input40
[ 1335.739561][T19373] cm6533_jd 0003:0D8C:0022.0014: input,hiddev1,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0
[ 1335.766852][  T892] usb 5-1: USB disconnect, device number 119
[ 1335.776575][T19373] usb 6-1: USB disconnect, device number 7
[ 1336.034634][   T30] audit: type=1400 audit(1767930998.584:809): avc:  denied  { mount } for  pid=19943 comm="syz.2.3379" name="/" dev="ramfs" ino=74570 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[ 1336.276525][   T30] audit: type=1804 audit(1767930998.594:810): pid=19946 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.3379" name="bus" dev="ramfs" ino=74571 res=1 errno=0
[ 1339.667396][T19969] Invalid source name
[ 1340.854097][T19996] xt_bpf: check failed: parse error
[ 1341.504008][T20002] Invalid source name
[ 1341.735279][T20004] kvm: user requested TSC rate below hardware speed
[ 1341.748820][T20004] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3276962 (6553924 ns) > initial count (3328 ns). Using initial count to start timer.
[ 1342.734619][ T5821] Bluetooth: hci1: command 0x2016 tx timeout
[ 1344.776698][   T30] audit: type=1400 audit(1767931007.404:811): avc:  denied  { sqpoll } for  pid=20016 comm="syz.3.3396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1345.215216][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1345.817079][T20042] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1347.506945][ T5821] Bluetooth: hci0: command 0x2016 tx timeout
[ 1348.572675][T20061] netlink: 512 bytes leftover after parsing attributes in process `syz.5.3407'.
[ 1348.625195][T20061] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3407'.
[ 1349.348864][T20072] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3410'.
[ 1351.104657][    T9] usb 2-1: new high-speed USB device number 115 using dummy_hcd
[ 1351.807178][    T9] usb 2-1: config 0 has no interfaces?
[ 1351.812712][    T9] usb 2-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[ 1351.822954][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1351.841829][    T9] usb 2-1: config 0 descriptor??
[ 1352.353488][T20084] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1352.390984][T20084] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1352.419705][T20084] binder: 20083:20084 unknown command 0
[ 1352.439836][T20084] binder: 20083:20084 ioctl c0306201 200000000080 returned -22
[ 1352.470582][T20084] binder_alloc: 20083: binder_alloc_buf, no vma
[ 1352.483010][    T9] usb 2-1: USB disconnect, device number 115
[ 1353.074440][ T5874] usb 5-1: new full-speed USB device number 120 using dummy_hcd
[ 1353.225966][ T5874] usb 5-1: config 0 has an invalid interface number: 251 but max is 0
[ 1353.234508][ T5874] usb 5-1: config 0 has no interface number 0
[ 1353.242494][ T5874] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1353.252196][ T5874] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1353.262014][ T5874] usb 5-1: Product: syz
[ 1353.266327][ T5874] usb 5-1: Manufacturer: syz
[ 1353.270999][ T5874] usb 5-1: SerialNumber: syz
[ 1353.278386][ T5874] usb 5-1: config 0 descriptor??
[ 1353.409506][T20115] netlink: 512 bytes leftover after parsing attributes in process `syz.5.3421'.
[ 1353.419975][T20115] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3421'.
[ 1353.474857][    T9] usb 2-1: new high-speed USB device number 116 using dummy_hcd
[ 1354.134491][    T9] usb 2-1: Using ep0 maxpacket: 32
[ 1354.141269][ T5874] asix 5-1:0.251 (unnamed net_device) (uninitialized): Interface mode not supported by driver
[ 1354.152420][ T5874] asix 5-1:0.251: probe with driver asix failed with error -524
[ 1354.160321][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1354.172335][    T9] usb 2-1: New USB device found, idVendor=0525, idProduct=2888, bcdDevice=d0.43
[ 1354.229789][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1354.241421][    T9] usb 2-1: config 0 descriptor??
[ 1354.419259][T14547] usb 5-1: USB disconnect, device number 120
[ 1354.450098][    T9] cdc_subset 2-1:0.0: probe with driver cdc_subset failed with error -22
[ 1354.923478][T14547] usb 2-1: USB disconnect, device number 116
[ 1357.484540][T20156] IPVS: sync thread started: state = BACKUP, mcast_ifn = ip6_vti0, syncid = 1, id = 0
[ 1361.141110][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.498308][T20187] 9p: Bad value for 'wfdno'
[ 1361.564665][ T6600] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1362.365160][ T6600] usb 6-1: device descriptor read/all, error -71
[ 1362.620407][T20196] hfs: can't find a HFS filesystem on dev nullb0
[ 1362.631659][T20196] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1362.639665][T20196] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1362.648171][T20196] F2FS-fs (loop4): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1362.655933][T20196] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[ 1362.865151][    T9] usb 3-1: new high-speed USB device number 107 using dummy_hcd
[ 1363.494459][    T9] usb 3-1: Using ep0 maxpacket: 32
[ 1363.501952][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1363.524643][    T9] usb 3-1: New USB device found, idVendor=0525, idProduct=2888, bcdDevice=d0.43
[ 1363.554129][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1363.603432][    T9] usb 3-1: config 0 descriptor??
[ 1368.854575][   T30] audit: type=1804 audit(1767931026.394:812): pid=20202 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.5.3443" name="bus" dev="ramfs" ino=76154 res=1 errno=0
[ 1368.974566][    T9] cdc_subset 3-1:0.0: probe with driver cdc_subset failed with error -71
[ 1369.032631][    T9] usb 3-1: USB disconnect, device number 107
[ 1370.920316][T20230] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[ 1371.294920][ T5931] usb 5-1: new high-speed USB device number 121 using dummy_hcd
[ 1371.451751][T20241] Invalid source name
[ 1371.577412][ T5931] usb 5-1: Using ep0 maxpacket: 8
[ 1371.603920][ T5931] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 120, changing to 10
[ 1371.618108][ T5931] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[ 1371.708252][ T5931] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1371.725657][ T5931] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1371.798351][ T5931] usb 5-1: config 0 descriptor??
[ 1372.021212][ T5931] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1372.379647][ T5874] usb 5-1: USB disconnect, device number 121
[ 1376.118765][T20269] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[ 1376.304526][T19373] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[ 1376.793870][ T6600] usb 4-1: new high-speed USB device number 96 using dummy_hcd
[ 1376.874439][T19373] usb 3-1: Using ep0 maxpacket: 32
[ 1376.883092][T19373] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1376.917622][T19373] usb 3-1: New USB device found, idVendor=0525, idProduct=2888, bcdDevice=d0.43
[ 1376.943473][T19373] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1376.966915][ T6600] usb 4-1: Using ep0 maxpacket: 8
[ 1376.973779][T19373] usb 3-1: config 0 descriptor??
[ 1377.053890][ T6600] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 120, changing to 10
[ 1377.091973][ T6600] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[ 1377.127094][ T6600] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1377.159828][ T6600] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1377.175004][ T6600] usb 4-1: config 0 descriptor??
[ 1377.322692][T19373] cdc_subset 3-1:0.0: probe with driver cdc_subset failed with error -22
[ 1377.392463][ T6600] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1377.528446][ T5827] usb 3-1: USB disconnect, device number 108
[ 1377.601647][ T5874] usb 4-1: USB disconnect, device number 96
[ 1382.262056][T20319] netlink: 512 bytes leftover after parsing attributes in process `syz.2.3470'.
[ 1382.271580][T11060] Bluetooth: hci0: command 0x2016 tx timeout
[ 1382.313355][T20324] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3470'.
[ 1384.184507][ T6600] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[ 1384.264633][T19194] usb 5-1: new high-speed USB device number 122 using dummy_hcd
[ 1384.335800][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1384.366960][ T6600] usb 3-1: config 0 has no interfaces?
[ 1384.372875][ T6600] usb 3-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[ 1384.401227][ T6600] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1384.430068][ T6600] usb 3-1: config 0 descriptor??
[ 1384.444634][T19194] usb 5-1: Using ep0 maxpacket: 8
[ 1384.480703][T19194] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[ 1384.490114][T19194] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 1384.500659][T19194] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1384.509863][T19194] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1384.742851][T20329] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1384.759792][T20341] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[ 1384.774664][T20329] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1385.015140][T20332] binder: 20328:20332 unknown command 0
[ 1385.360660][T20332] binder: 20328:20332 ioctl c0306201 200000000080 returned -22
[ 1385.390952][ T5827] usb 3-1: USB disconnect, device number 109
[ 1385.487356][ T5874] usb 4-1: new high-speed USB device number 97 using dummy_hcd
[ 1390.740837][   T30] audit: type=1804 audit(1767931049.184:813): pid=20347 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.1.3476" name="bus" dev="ramfs" ino=76855 res=1 errno=0
[ 1390.794006][ T6600] usb 5-1: USB disconnect, device number 122
[ 1395.700241][T20394] 9p: Bad value for 'wfdno'
[ 1397.593851][T20415] team0: Device gtp0 is up. Set it down before adding it as a team port
[ 1398.389697][T20412] Bluetooth: hci0: Opcode 0x0401 failed: -4
[ 1399.534886][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1400.496651][T20351] usb 3-1: new high-speed USB device number 110 using dummy_hcd
[ 1400.675916][T20351] usb 3-1: config 0 has an invalid interface number: 17 but max is 0
[ 1400.694420][T20351] usb 3-1: config 0 has no interface number 0
[ 1400.704502][T20351] usb 3-1: config 0 interface 17 has no altsetting 0
[ 1400.723448][T20351] usb 3-1: New USB device found, idVendor=0ab4, idProduct=0014, bcdDevice=c1.09
[ 1400.809815][T20351] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1400.820566][T20351] usb 3-1: Product: syz
[ 1400.825832][T20351] usb 3-1: Manufacturer: syz
[ 1400.830495][T20351] usb 3-1: SerialNumber: syz
[ 1400.903611][T20351] usb 3-1: config 0 descriptor??
[ 1400.981653][T20351] esd_usb 3-1:0.17: sending version message failed
[ 1401.129161][T20351] esd_usb 3-1:0.17: probe with driver esd_usb failed with error -22
[ 1401.294513][ T5931] usb 3-1: USB disconnect, device number 110
[ 1401.624586][T11060] Bluetooth: hci0: command 0x2016 tx timeout
[ 1402.716107][T20471] netlink: 512 bytes leftover after parsing attributes in process `syz.2.3506'.
[ 1402.731358][T20471] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3506'.
[ 1404.336840][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1405.123022][T20499] bridge_slave_1: invalid flags given to default FDB implementation
[ 1406.388557][T20510] /dev/nullb0: Can't open blockdev
[ 1406.414885][T11060] Bluetooth: hci5: command 0x2016 tx timeout
[ 1407.966660][T18392] Bluetooth: hci3: command 0x2016 tx timeout
[ 1408.494461][T20542] Bluetooth: hci5: command 0x2016 tx timeout
[ 1408.766310][T20534] Bluetooth: hci0: Opcode 0x0401 failed: -4
[ 1408.864415][T19373] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[ 1409.046196][T19373] usb 6-1: config 0 has an invalid interface number: 251 but max is 0
[ 1409.054554][T19373] usb 6-1: config 0 has no interface number 0
[ 1409.063339][T19373] usb 6-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1409.077469][T19373] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1409.215618][T19373] usb 6-1: Product: syz
[ 1409.219843][T19373] usb 6-1: Manufacturer: syz
[ 1409.234423][T19373] usb 6-1: SerialNumber: syz
[ 1409.275577][T19373] usb 6-1: config 0 descriptor??
[ 1409.854406][T11060] Bluetooth: hci0: command 0x2016 tx timeout
[ 1409.897216][T19373] asix 6-1:0.251 (unnamed net_device) (uninitialized): Interface mode not supported by driver
[ 1409.914908][T19373] asix 6-1:0.251: probe with driver asix failed with error -524
[ 1410.015577][T11060] Bluetooth: hci3: command 0x2016 tx timeout
[ 1410.190172][T19373] usb 6-1: USB disconnect, device number 10
[ 1411.934540][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1412.962916][T20578] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3530'.
[ 1413.291054][T18392] Bluetooth: hci1: ACL packet for unknown connection handle 200
[ 1413.649226][T20584] 9p: Bad value for 'rfdno'
[ 1414.359282][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1414.630466][T20595] 9p: Bad value for 'rfdno'
[ 1414.638695][T20599] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3537'.
[ 1415.904479][ T5827] usb 3-1: new full-speed USB device number 111 using dummy_hcd
[ 1417.378263][ T5827] usb 3-1: config 0 has an invalid interface number: 251 but max is 0
[ 1417.415054][ T5827] usb 3-1: config 0 has no interface number 0
[ 1417.440733][ T5827] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1417.494487][ T5827] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1418.037939][ T5827] usb 3-1: Product: syz
[ 1418.042142][ T5827] usb 3-1: Manufacturer: syz
[ 1418.046762][ T5827] usb 3-1: SerialNumber: syz
[ 1418.059540][ T5827] usb 3-1: config 0 descriptor??
[ 1418.753869][ T5827] asix 3-1:0.251 (unnamed net_device) (uninitialized): Interface mode not supported by driver
[ 1418.765399][ T5827] asix 3-1:0.251: probe with driver asix failed with error -524
[ 1418.879707][T20629] 9p: Bad value for 'rfdno'
[ 1418.970104][ T6600] usb 3-1: USB disconnect, device number 111
[ 1421.294624][T20653] 9p: Bad value for 'rfdno'
[ 1422.260138][T20665] Invalid source name
[ 1422.615367][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.866913][T18392] Bluetooth: hci3: command 0x2016 tx timeout
[ 1426.399811][T11060] Bluetooth: hci3: command 0x2016 tx timeout
[ 1426.523577][T20704] netlink: 256 bytes leftover after parsing attributes in process `syz.5.3564'.
[ 1426.556002][T20704] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3564'.
[ 1426.580468][T20706] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3562'.
[ 1426.845403][T20710] 9p: Bad value for 'rfdno'
[ 1427.795690][T20719] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[ 1428.286579][ T6600] usb 5-1: new high-speed USB device number 123 using dummy_hcd
[ 1429.101321][ T6600] usb 5-1: Using ep0 maxpacket: 8
[ 1429.109341][ T6600] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 120, changing to 10
[ 1429.121719][ T6600] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[ 1429.134175][ T6600] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1429.144426][ T6600] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1429.163821][ T6600] usb 5-1: config 0 descriptor??
[ 1429.378785][ T6600] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1429.454482][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1429.677242][ T6600] usb 5-1: USB disconnect, device number 123
[ 1430.227060][T11060] Bluetooth: hci3: command 0x2016 tx timeout
[ 1430.367076][T20757] netlink: 256 bytes leftover after parsing attributes in process `syz.5.3576'.
[ 1430.377193][T20757] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3576'.
[ 1431.291431][T20766] 9p: Bad value for 'rfdno'
[ 1431.534594][T18085] Bluetooth: hci0: command 0x2016 tx timeout
[ 1431.622637][T20775] netlink: 248 bytes leftover after parsing attributes in process `syz.4.3580'.
[ 1438.329454][   T30] audit: type=1804 audit(1767931096.044:814): pid=20785 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.1.3583" name="bus" dev="ramfs" ino=78397 res=1 errno=0
[ 1439.080518][T20790] FAULT_INJECTION: forcing a failure.
[ 1439.080518][T20790] name failslab, interval 1, probability 0, space 0, times 0
[ 1439.093267][T20790] CPU: 0 UID: 0 PID: 20790 Comm: syz.3.3585 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1439.093296][T20790] Tainted: [L]=SOFTLOCKUP
[ 1439.093303][T20790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1439.093314][T20790] Call Trace:
[ 1439.093321][T20790]  <TASK>
[ 1439.093329][T20790]  dump_stack_lvl+0x16c/0x1f0
[ 1439.093358][T20790]  should_fail_ex+0x512/0x640
[ 1439.093385][T20790]  ? __kmalloc_noprof+0xca/0x910
[ 1439.093417][T20790]  should_failslab+0xc2/0x120
[ 1439.093442][T20790]  __kmalloc_noprof+0xeb/0x910
[ 1439.093474][T20790]  ? __pfx_in6_pton+0x10/0x10
[ 1439.093497][T20790]  ? dns_query+0x120/0x8e0
[ 1439.093528][T20790]  ? dns_query+0x120/0x8e0
[ 1439.093557][T20790]  dns_query+0x120/0x8e0
[ 1439.093590][T20790]  ceph_parse_ips+0x660/0xa80
[ 1439.093622][T20790]  ? __pfx_ceph_parse_ips+0x10/0x10
[ 1439.093644][T20790]  ? strcmp+0x50/0xb0
[ 1439.093668][T20790]  ? fs_param_is_string+0xc5/0x200
[ 1439.093687][T20790]  ? __pfx_ceph_parse_param+0x10/0x10
[ 1439.093711][T20790]  ceph_parse_mon_ips+0x65/0xd0
[ 1439.093739][T20790]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1439.093763][T20790]  ceph_parse_mount_param+0x1bda/0x2900
[ 1439.093799][T20790]  ? __pfx_ceph_parse_mount_param+0x10/0x10
[ 1439.093823][T20790]  ? security_fs_context_parse_param+0x6a/0x140
[ 1439.093850][T20790]  ? static_key_count+0x5a/0x70
[ 1439.093872][T20790]  ? __pfx_ceph_parse_mount_param+0x10/0x10
[ 1439.093898][T20790]  vfs_parse_fs_param+0x20b/0x3c0
[ 1439.093919][T20790]  __do_sys_fsconfig+0x930/0xbe0
[ 1439.093943][T20790]  ? __pfx___do_sys_fsconfig+0x10/0x10
[ 1439.093964][T20790]  ? fput+0x70/0xf0
[ 1439.093984][T20790]  ? rcu_is_watching+0x12/0xc0
[ 1439.094012][T20790]  do_syscall_64+0xcd/0xf80
[ 1439.094038][T20790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1439.094058][T20790] RIP: 0033:0x7f5df638f749
[ 1439.094073][T20790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1439.094091][T20790] RSP: 002b:00007f5df71fd038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[ 1439.094109][T20790] RAX: ffffffffffffffda RBX: 00007f5df65e6180 RCX: 00007f5df638f749
[ 1439.094120][T20790] RDX: 0000200000000b40 RSI: 0000000000000001 RDI: 0000000000000006
[ 1439.094131][T20790] RBP: 00007f5df71fd090 R08: 0000000000000000 R09: 0000000000000000
[ 1439.094142][T20790] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[ 1439.094153][T20790] R13: 00007f5df65e6218 R14: 00007f5df65e6180 R15: 00007ffd76144538
[ 1439.094179][T20790]  </TASK>
[ 1439.094201][T20790] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed
[ 1439.505244][T20794] netlink: 'syz.5.3586': attribute type 1 has an invalid length.
[ 1439.776464][ T5931] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1439.840088][T20801] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[ 1440.487552][ T5931] usb 6-1: Using ep0 maxpacket: 8
[ 1440.501041][ T5931] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1440.515988][ T5931] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[ 1440.529058][ T5931] usb 6-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=72.42
[ 1440.548795][ T5931] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1440.573522][ T5931] usb 6-1: Product: syz
[ 1440.582487][ T5931] usb 6-1: Manufacturer: syz
[ 1440.592702][ T5931] usb 6-1: SerialNumber: syz
[ 1440.746353][ T5931] usb 6-1: config 0 descriptor??
[ 1440.760066][ T5931] redrat3 6-1:0.0: Couldn't find all endpoints
[ 1440.970629][ T5931] usb 6-1: USB disconnect, device number 11
[ 1442.334620][ T5827] usb 3-1: new high-speed USB device number 112 using dummy_hcd
[ 1442.515616][ T5827] usb 3-1: Using ep0 maxpacket: 8
[ 1442.531710][ T5827] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 120, changing to 10
[ 1442.550962][ T5827] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[ 1442.562935][ T5827] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1442.573871][ T5827] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1442.605738][ T5827] usb 3-1: config 0 descriptor??
[ 1443.309958][ T5827] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1443.513184][ T5931] usb 3-1: USB disconnect, device number 112
[ 1447.397599][T20894] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1452.815716][   T30] audit: type=1804 audit(1767931110.604:815): pid=20907 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.5.3613" name="bus" dev="ramfs" ino=78618 res=1 errno=0
[ 1454.554458][ T5900] usb 4-1: new high-speed USB device number 98 using dummy_hcd
[ 1454.824553][ T5900] usb 4-1: Using ep0 maxpacket: 32
[ 1455.187112][T20928] libceph: resolve '.½@½Ée2²âOAq§¨­cz' (ret=-3): failed
[ 1455.198079][ T5900] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1455.216475][ T5900] usb 4-1: New USB device found, idVendor=0525, idProduct=2888, bcdDevice=d0.43
[ 1455.226522][ T5900] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1455.254567][ T5900] usb 4-1: config 0 descriptor??
[ 1455.791494][ T5900] cdc_subset 4-1:0.0: probe with driver cdc_subset failed with error -71
[ 1455.807003][ T5900] usb 4-1: USB disconnect, device number 98
[ 1456.501643][T20943] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3624'.
[ 1456.692521][T20945] 9p: Bad value for 'rfdno'
[ 1456.824048][T20943] : entered promiscuous mode
[ 1458.112879][T20952] Bluetooth: hci0: Opcode 0x0401 failed: -4
[ 1458.999391][T20958] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1459.094673][ T6903] usb 3-1: new high-speed USB device number 113 using dummy_hcd
[ 1459.491579][ T6903] usb 3-1: config index 0 descriptor too short (expected 9, got 0)
[ 1459.508879][ T6903] usb 3-1: can't read configurations, error -22
[ 1459.606261][   T30] audit: type=1400 audit(1767931122.234:816): avc:  denied  { write } for  pid=20970 comm="syz.4.3631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1459.654546][ T6903] usb 3-1: new high-speed USB device number 114 using dummy_hcd
[ 1459.741949][   T30] audit: type=1326 audit(1767931122.364:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20972 comm="syz.4.3632" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f47ef38f749 code=0x0
[ 1459.774407][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1459.857854][ T6903] usb 3-1: config index 0 descriptor too short (expected 9, got 0)
[ 1459.866015][ T6903] usb 3-1: can't read configurations, error -22
[ 1459.874555][ T6903] usb usb3-port1: attempt power cycle
[ 1459.880853][T20980] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[ 1460.874430][ T6903] usb 3-1: new high-speed USB device number 115 using dummy_hcd
[ 1461.054352][ T6903] usb 3-1: device descriptor read/8, error -71
[ 1462.890142][T21014] Bluetooth: MGMT ver 1.23
[ 1463.369405][T21010] Bluetooth: hci0: Opcode 0x0401 failed: -4
[ 1463.705023][   T24] usb 5-1: new high-speed USB device number 124 using dummy_hcd
[ 1464.194533][   T24] usb 5-1: Using ep0 maxpacket: 8
[ 1464.202411][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 120, changing to 10
[ 1464.214252][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8265, setting to 1024
[ 1464.270340][   T24] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1464.280692][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1464.292034][   T24] usb 5-1: config 0 descriptor??
[ 1464.513372][   T24] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1464.654414][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1465.156909][   T24] usb 5-1: USB disconnect, device number 124
[ 1465.298667][T21035] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3647'.
[ 1465.693272][T21044] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=21044 comm=syz.1.3647
[ 1465.726842][T21035] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=123 sclass=netlink_route_socket pid=21035 comm=syz.1.3647
[ 1465.767157][T21049] netlink: 512 bytes leftover after parsing attributes in process `syz.3.3648'.
[ 1465.831498][T21049] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3648'.
[ 1466.865980][T21065] Invalid source name
[ 1469.502688][T21094] hub 9-0:1.0: USB hub found
[ 1469.509165][T21094] hub 9-0:1.0: 1 port detected
[ 1470.279860][T21109] syz_tun: entered allmulticast mode
[ 1470.386405][T21108] syz_tun: left allmulticast mode
[ 1470.484518][   T24] usb 2-1: new high-speed USB device number 117 using dummy_hcd
[ 1471.093391][   T30] audit: type=1804 audit(1767931133.714:818): pid=21104 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.4.3663" name="bus" dev="ramfs" ino=79290 res=1 errno=0
[ 1471.407276][   T24] usb 2-1: Using ep0 maxpacket: 32
[ 1471.463631][   T24] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 1471.473655][   T24] usb 2-1: New USB device strings: Mfr=115, Product=0, SerialNumber=0
[ 1471.791934][   T24] usb 2-1: Manufacturer: syz
[ 1472.072729][   T24] usb 2-1: config 0 descriptor??
[ 1472.363031][T21107] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1472.372054][T21107] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1472.401656][   T24] dvb-usb: found a 'Elgato EyeTV Sat' in cold state, will try to load a firmware
[ 1472.412090][T21107] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1472.435079][T21107] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1472.443951][   T24] usb 2-1: Direct firmware load for dvb-usb-az6027-03.fw failed with error -2
[ 1472.463318][T21125] Bluetooth: hci0: Opcode 0x0401 failed: -4
[ 1472.486157][   T30] audit: type=1400 audit(1767931135.104:819): avc:  denied  { firmware_load } for  pid=24 comm="kworker/1:0" scontext=system_u:system_r:kernel_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[ 1472.488340][   T24] usb 2-1: Falling back to sysfs fallback for: dvb-usb-az6027-03.fw
[ 1474.084397][ T6903] usb 6-1: new low-speed USB device number 12 using dummy_hcd
[ 1474.094193][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1474.253236][ T6903] usb 6-1: config 7 has an invalid interface number: 141 but max is 0
[ 1474.844954][ T6903] usb 6-1: config 7 has no interface number 0
[ 1474.851250][ T6903] usb 6-1: config 7 interface 141 altsetting 5 endpoint 0xB is Bulk; changing to Interrupt
[ 1474.861733][ T6903] usb 6-1: config 7 interface 141 altsetting 5 endpoint 0xF has invalid maxpacket 1023, setting to 0
[ 1474.875513][ T6903] usb 6-1: config 7 interface 141 altsetting 5 endpoint 0x5 has invalid maxpacket 1024, setting to 8
[ 1474.886594][ T6903] usb 6-1: config 7 interface 141 altsetting 5 endpoint 0x3 has invalid maxpacket 512, setting to 8
[ 1474.903825][ T6903] usb 6-1: config 7 interface 141 altsetting 5 endpoint 0x84 has invalid maxpacket 32, setting to 8
[ 1474.941747][ T6903] usb 6-1: config 7 interface 141 altsetting 5 endpoint 0xD has invalid maxpacket 16, setting to 0
[ 1474.984721][ T6903] usb 6-1: config 7 interface 141 altsetting 5 endpoint 0x8 has invalid maxpacket 32, setting to 8
[ 1475.023772][ T6903] usb 6-1: config 7 interface 141 altsetting 5 has a duplicate endpoint with address 0x3, skipping
[ 1475.059574][ T6903] usb 6-1: config 7 interface 141 altsetting 5 has an invalid descriptor for endpoint zero, skipping
[ 1475.088392][ T6903] usb 6-1: config 7 interface 141 has no altsetting 0
[ 1475.112785][   T30] audit: type=1326 audit(1767931137.734:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21140 comm="syz.3.3674" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5df638f749 code=0x7fc00000
[ 1476.779531][T21153] syzkaller1: entered promiscuous mode
[ 1476.785358][T21153] syzkaller1: entered allmulticast mode
[ 1477.194473][ T6903] usb 6-1: string descriptor 0 read error: -71
[ 1477.232786][ T6903] usb 6-1: New USB device found, idVendor=1039, idProduct=2110, bcdDevice=a5.3a
[ 1477.252227][ T6903] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1477.296949][ T6903] usb 6-1: can't set config #7, error -71
[ 1477.314242][ T6903] usb 6-1: USB disconnect, device number 12
[ 1477.788356][T14547] usb 4-1: new full-speed USB device number 99 using dummy_hcd
[ 1477.946778][T14547] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1477.946807][T14547] usb 4-1: can't read configurations, error -61
[ 1478.074440][T14547] usb 4-1: new full-speed USB device number 100 using dummy_hcd
[ 1478.423742][T14547] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1478.431635][T14547] usb 4-1: can't read configurations, error -61
[ 1478.439595][T14547] usb usb4-port1: attempt power cycle
[ 1479.207904][T21175] Bluetooth: hci0: Opcode 0x0401 failed: -4
[ 1479.217782][T14547] usb 4-1: new full-speed USB device number 101 using dummy_hcd
[ 1479.491315][T14547] usb 4-1: device not accepting address 101, error -71
[ 1480.334504][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1480.667250][ T5827] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 1481.174883][ T5827] usb 6-1: Using ep0 maxpacket: 32
[ 1481.181318][ T5827] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[ 1481.190113][ T5827] usb 6-1: config 0 has no interface number 0
[ 1481.196692][ T5827] usb 6-1: config 0 interface 184 has no altsetting 0
[ 1481.518071][ T5827] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1481.622310][ T5827] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1481.630995][ T5827] usb 6-1: Product: syz
[ 1481.635421][ T5827] usb 6-1: Manufacturer: syz
[ 1481.640278][ T5827] usb 6-1: SerialNumber: syz
[ 1481.658231][ T5827] usb 6-1: config 0 descriptor??
[ 1481.669611][ T5827] smsc75xx v1.0.0
[ 1482.156688][ T5827] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[ 1482.167685][ T5827] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32
[ 1482.179090][ T5827] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[ 1482.189900][ T5827] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -32
[ 1482.893914][T21218] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[ 1483.811913][ T5827] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[ 1483.924374][   T30] audit: type=1804 audit(1767931146.544:821): pid=21210 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.4.3689" name="bus" dev="ramfs" ino=79510 res=1 errno=0
[ 1484.066206][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1484.158654][T18290] usb 6-1: USB disconnect, device number 13
[ 1484.261276][ T5827] usb 4-1: Using ep0 maxpacket: 16
[ 1484.429074][ T5827] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1484.444489][ T5827] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1484.453562][ T5827] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1484.464470][ T5827] usb 4-1: config 0 descriptor??
[ 1485.477924][ T5827] mcp2221 0003:04D8:00DD.0015: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[ 1485.580410][T21221] Bluetooth: hci0: Opcode 0x0401 failed: -4
[ 1485.716137][T21228] Bluetooth: hci0: Opcode 0x0401 failed: -4
[ 1486.146385][T18392] Bluetooth: hci0: command 0x2016 tx timeout
[ 1592.014265][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1592.021241][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P21247/1:b..l P21234/1:b..l
[ 1592.031082][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=103593, q=131 ncpus=2)
[ 1592.038892][    C1] task:syz.5.3696      state:R  running task     stack:24136 pid:21234 tgid:21234 ppid:18414  task_flags:0x400640 flags:0x00080000
[ 1592.053893][    C1] Call Trace:
[ 1592.057180][    C1]  <TASK>
[ 1592.060110][    C1]  ? __schedule+0x10b9/0x6150
[ 1592.064789][    C1]  __schedule+0x1139/0x6150
[ 1592.069300][    C1]  ? __pfx___schedule+0x10/0x10
[ 1592.074151][    C1]  preempt_schedule_irq+0x51/0x90
[ 1592.079176][    C1]  irqentry_exit+0x1d8/0x8c0
[ 1592.083768][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1592.088523][    C1]  asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1592.093975][    C1] RIP: 0010:lock_acquire+0x62/0x330
[ 1592.099166][    C1] Code: b4 18 12 83 f8 07 0f 87 a2 02 00 00 89 c0 48 0f a3 05 22 bd ee 0e 0f 82 74 02 00 00 8b 35 ba ed ee 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 39 b4 18 12 0f 85 ad 02 00 00 48 83 c4
[ 1592.118767][    C1] RSP: 0018:ffffc90004be6330 EFLAGS: 00000206
[ 1592.124827][    C1] RAX: 0000000000000046 RBX: ffffffff8e3c96a0 RCX: 00000000e8ca1250
[ 1592.132785][    C1] RDX: 0000000000000000 RSI: ffffffff8daa80f3 RDI: ffffffff8bf2b380
[ 1592.140749][    C1] RBP: 0000000000000002 R08: 00000000fac62354 R09: 000000004fac6235
[ 1592.148710][    C1] R10: 0000000000000002 R11: ffff88802863d4b0 R12: 0000000000000000
[ 1592.156670][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1592.164647][    C1]  ? unwind_next_frame+0x3f4/0x20b0
[ 1592.169856][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1592.176008][    C1]  unwind_next_frame+0xd1/0x20b0
[ 1592.180942][    C1]  ? unwind_next_frame+0xbd/0x20b0
[ 1592.186059][    C1]  ? post_alloc_hook+0x1af/0x220
[ 1592.190999][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1592.197148][    C1]  arch_stack_walk+0x94/0x100
[ 1592.201826][    C1]  ? post_alloc_hook+0x1af/0x220
[ 1592.206766][    C1]  stack_trace_save+0x8e/0xc0
[ 1592.211436][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1592.216800][    C1]  ? __lock_acquire+0x436/0x2890
[ 1592.221732][    C1]  save_stack+0x160/0x1f0
[ 1592.226057][    C1]  ? __pfx_save_stack+0x10/0x10
[ 1592.230900][    C1]  ? post_alloc_hook+0x1af/0x220
[ 1592.235843][    C1]  ? __lock_acquire+0x436/0x2890
[ 1592.240783][    C1]  __set_page_owner+0x91/0x560
[ 1592.245554][    C1]  ? __pfx___set_page_owner+0x10/0x10
[ 1592.250916][    C1]  ? bad_range+0x261/0x4c0
[ 1592.255327][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1592.260534][    C1]  post_alloc_hook+0x1af/0x220
[ 1592.265330][    C1]  get_page_from_freelist+0xd0b/0x31a0
[ 1592.270790][    C1]  ? __pfx___might_resched+0x10/0x10
[ 1592.276067][    C1]  ? __next_zones_zonelist+0x8b/0x150
[ 1592.281448][    C1]  __alloc_frozen_pages_noprof+0x25f/0x2430
[ 1592.287332][    C1]  ? __lock_acquire+0x436/0x2890
[ 1592.292274][    C1]  ? __lock_acquire+0x436/0x2890
[ 1592.297205][    C1]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1592.303528][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1592.308548][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1592.313916][    C1]  ? find_held_lock+0x2b/0x80
[ 1592.318612][    C1]  ? __lock_acquire+0x436/0x2890
[ 1592.323560][    C1]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1592.329474][    C1]  ? policy_nodemask+0xea/0x4e0
[ 1592.334331][    C1]  alloc_pages_mpol+0x1fb/0x550
[ 1592.339193][    C1]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1592.344568][    C1]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1592.349943][    C1]  shmem_alloc_folio+0x135/0x160
[ 1592.354900][    C1]  shmem_alloc_and_add_folio+0x494/0xc20
[ 1592.360542][    C1]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1592.366708][    C1]  ? shmem_allowable_huge_orders+0xd4/0x3f0
[ 1592.372605][    C1]  shmem_get_folio_gfp+0x67f/0x1610
[ 1592.377809][    C1]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1592.383447][    C1]  shmem_write_begin+0x1a4/0x3b0
[ 1592.388376][    C1]  ? __pfx_shmem_write_begin+0x10/0x10
[ 1592.393825][    C1]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[ 1592.400670][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1592.405866][    C1]  generic_perform_write+0x3c4/0x900
[ 1592.411155][    C1]  ? __pfx_generic_perform_write+0x10/0x10
[ 1592.417139][    C1]  ? file_update_time_flags+0x35c/0x520
[ 1592.422679][    C1]  ? __pfx_shmem_file_write_iter+0x10/0x10
[ 1592.428483][    C1]  shmem_file_write_iter+0x10e/0x140
[ 1592.433765][    C1]  __kernel_write_iter+0x31a/0xb10
[ 1592.438876][    C1]  ? __pfx___kernel_write_iter+0x10/0x10
[ 1592.444499][    C1]  ? __up_read+0x2d1/0x700
[ 1592.448919][    C1]  ? dump_user_range+0x756/0xb70
[ 1592.453859][    C1]  dump_user_range+0x413/0xb70
[ 1592.458627][    C1]  ? __pfx_dump_user_range+0x10/0x10
[ 1592.463916][    C1]  ? elf_coredump_extra_notes_write+0xbd/0x500
[ 1592.470069][    C1]  ? __pfx_writenote+0x10/0x10
[ 1592.474830][    C1]  elf_core_dump+0x29c3/0x3c10
[ 1592.479599][    C1]  ? __pfx_elf_core_dump+0x10/0x10
[ 1592.484695][    C1]  ? kasan_save_stack+0x33/0x60
[ 1592.489541][    C1]  ? kasan_save_track+0x14/0x30
[ 1592.494385][    C1]  ? __kasan_kmalloc+0xaa/0xb0
[ 1592.499136][    C1]  ? __kvmalloc_node_noprof+0x3ac/0xa40
[ 1592.504677][    C1]  ? vfs_coredump+0x1dd9/0x55e0
[ 1592.509527][    C1]  ? arch_do_signal_or_restart+0x8f/0x7e0
[ 1592.515243][    C1]  ? irqentry_exit+0x38a/0x8c0
[ 1592.520003][    C1]  ? asm_exc_page_fault+0x26/0x30
[ 1592.525023][    C1]  ? 0xffffffffff600000
[ 1592.529205][    C1]  ? vfs_coredump+0x2b85/0x55e0
[ 1592.534057][    C1]  vfs_coredump+0x2b85/0x55e0
[ 1592.538740][    C1]  ? __pfx_vfs_coredump+0x10/0x10
[ 1592.543764][    C1]  ? __lock_acquire+0x436/0x2890
[ 1592.548700][    C1]  ? __lock_acquire+0x436/0x2890
[ 1592.553631][    C1]  ? lock_acquire+0x179/0x330
[ 1592.558304][    C1]  ? lock_acquire+0x179/0x330
[ 1592.562996][    C1]  ? arch_stack_walk+0xa6/0x100
[ 1592.567853][    C1]  ? stack_trace_save+0x8e/0xc0
[ 1592.572696][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1592.578067][    C1]  ? stack_depot_save_flags+0x29/0x9b0
[ 1592.583526][    C1]  ? __lock_acquire+0x436/0x2890
[ 1592.588548][    C1]  ? kasan_save_stack+0x42/0x60
[ 1592.593432][    C1]  ? proc_coredump_connector+0x2d1/0x4f0
[ 1592.599063][    C1]  ? __pfx_proc_coredump_connector+0x10/0x10
[ 1592.605044][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1592.609800][    C1]  get_signal+0x22e1/0x26d0
[ 1592.614313][    C1]  ? __pfx_get_signal+0x10/0x10
[ 1592.619170][    C1]  arch_do_signal_or_restart+0x8f/0x7e0
[ 1592.624717][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1592.630871][    C1]  ? __bad_area_nosemaphore+0x350/0x690
[ 1592.636428][    C1]  irqentry_exit+0x38a/0x8c0
[ 1592.641018][    C1]  asm_exc_page_fault+0x26/0x30
[ 1592.645859][    C1] RIP: 0033:0x7f02f038f751
[ 1592.650264][    C1] RSP: 002b:fffffffffffffe70 EFLAGS: 00010217
[ 1592.656321][    C1] RAX: 0000000000000000 RBX: 00007f02f05e6090 RCX: 00007f02f038f749
[ 1592.664289][    C1] RDX: 0000000000000000 RSI: fffffffffffffe70 RDI: 0000000000008000
[ 1592.672253][    C1] RBP: 00007f02f0413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1592.680219][    C1] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1592.688192][    C1] R13: 00007f02f05e6128 R14: 00007f02f05e6090 R15: 00007ffdc10fdd48
[ 1592.696165][    C1]  </TASK>
[ 1592.699173][    C1] task:syz.2.3698      state:R  running task     stack:28040 pid:21247 tgid:21242 ppid:18672  task_flags:0x400040 flags:0x00080000
[ 1592.712655][    C1] Call Trace:
[ 1592.715926][    C1]  <TASK>
[ 1592.718847][    C1]  ? __schedule+0x10b9/0x6150
[ 1592.723521][    C1]  __schedule+0x1139/0x6150
[ 1592.728034][    C1]  ? __pfx___schedule+0x10/0x10
[ 1592.732881][    C1]  ? mark_held_locks+0x49/0x80
[ 1592.737648][    C1]  preempt_schedule_irq+0x51/0x90
[ 1592.742671][    C1]  irqentry_exit+0x1d8/0x8c0
[ 1592.747263][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1592.753236][    C1] RIP: 0010:__kasan_check_byte+0x1c/0x50
[ 1592.758867][    C1] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 40 d6 41 54 49 89 f4 55 48 89 fd 53 e8 8d 25 00 00 89 c3 84 c0 74 0b 89 d8 5b <5d> 41 5c e9 cc b0 52 09 4c 89 e1 48 89 ef 31 d2 be 01 00 00 00 e8
[ 1592.778469][    C1] RSP: 0018:ffffc9000420f220 EFLAGS: 00000202
[ 1592.784535][    C1] RAX: 0000000000000001 RBX: ffffffff8e3c96a0 RCX: 0000000000000002
[ 1592.792496][    C1] RDX: 0000000000000000 RSI: ffffffff816cb681 RDI: fffffbfff1c792d4
[ 1592.800459][    C1] RBP: ffffffff8e3c96a0 R08: 0000000000000000 R09: 0000000000000000
[ 1592.808423][    C1] R10: 0000000000000002 R11: 0000000000012887 R12: ffffffff816cb681
[ 1592.816384][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1592.824350][    C1]  ? unwind_next_frame+0xd1/0x20b0
[ 1592.829476][    C1]  ? unwind_next_frame+0xd1/0x20b0
[ 1592.834589][    C1]  lock_acquire+0xfc/0x330
[ 1592.839000][    C1]  ? unwind_next_frame+0x3f4/0x20b0
[ 1592.844195][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1592.850342][    C1]  unwind_next_frame+0xd1/0x20b0
[ 1592.855293][    C1]  ? unwind_next_frame+0xbd/0x20b0
[ 1592.860404][    C1]  ? kasan_save_free_info+0x3b/0x60
[ 1592.865596][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1592.871749][    C1]  arch_stack_walk+0x94/0x100
[ 1592.876434][    C1]  ? kasan_save_free_info+0x3b/0x60
[ 1592.881631][    C1]  stack_trace_save+0x8e/0xc0
[ 1592.886299][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1592.891662][    C1]  ? __lock_acquire+0x436/0x2890
[ 1592.896598][    C1]  ? tomoyo_encode2+0x100/0x3e0
[ 1592.901447][    C1]  ? tomoyo_encode+0x29/0x50
[ 1592.906034][    C1]  kasan_save_stack+0x33/0x60
[ 1592.910703][    C1]  ? kasan_save_stack+0x33/0x60
[ 1592.915542][    C1]  ? kasan_save_track+0x14/0x30
[ 1592.920384][    C1]  ? kasan_save_free_info+0x3b/0x60
[ 1592.925605][    C1]  kasan_save_track+0x14/0x30
[ 1592.930280][    C1]  kasan_save_free_info+0x3b/0x60
[ 1592.935294][    C1]  __kasan_slab_free+0x5f/0x80
[ 1592.940053][    C1]  kfree+0x2f8/0x6e0
[ 1592.943939][    C1]  ? tomoyo_realpath_from_path+0x19f/0x6e0
[ 1592.949745][    C1]  ? tomoyo_realpath_from_path+0x19f/0x6e0
[ 1592.955552][    C1]  ? tomoyo_encode+0x31/0x50
[ 1592.960135][    C1]  tomoyo_realpath_from_path+0x19f/0x6e0
[ 1592.965771][    C1]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 1592.971658][    C1]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1592.978093][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1592.983125][    C1]  tomoyo_file_open+0x6b/0x90
[ 1592.987804][    C1]  security_file_open+0x84/0x1e0
[ 1592.992748][    C1]  do_dentry_open+0x597/0x1590
[ 1592.997510][    C1]  ? security_inode_permission+0xbf/0x260
[ 1593.003230][    C1]  vfs_open+0x82/0x3f0
[ 1593.007295][    C1]  path_openat+0x2078/0x3140
[ 1593.011894][    C1]  ? __pfx_path_openat+0x10/0x10
[ 1593.016837][    C1]  do_filp_open+0x20b/0x470
[ 1593.021340][    C1]  ? __pfx_do_filp_open+0x10/0x10
[ 1593.026383][    C1]  ? alloc_fd+0x471/0x7d0
[ 1593.030718][    C1]  do_sys_openat2+0x121/0x290
[ 1593.035386][    C1]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1593.040571][    C1]  ? __pfx___sched_setscheduler+0x10/0x10
[ 1593.046299][    C1]  __x64_sys_openat+0x174/0x210
[ 1593.051146][    C1]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1593.056519][    C1]  do_syscall_64+0xcd/0xf80
[ 1593.061031][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1593.066915][    C1] RIP: 0033:0x7f92f298df90
[ 1593.071321][    C1] RSP: 002b:00007f92f380cf10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1593.079733][    C1] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f92f298df90
[ 1593.087697][    C1] RDX: 0000000000000002 RSI: 00007f92f380cfa0 RDI: 00000000ffffff9c
[ 1593.095660][    C1] RBP: 00007f92f380cfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1593.103621][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1593.111587][    C1] R13: 00007f92f2be6128 R14: 00007f92f2be6090 R15: 00007ffd08e28a88
[ 1593.119564][    C1]  </TASK>
[ 1593.122573][    C1] rcu: rcu_preempt kthread starved for 10608 jiffies! g103593 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1593.133842][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1593.143798][    C1] rcu: RCU grace-period kthread stack dump:
[ 1593.149672][    C1] task:rcu_preempt     state:R  running task     stack:27688 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[ 1593.163159][    C1] Call Trace:
[ 1593.166425][    C1]  <TASK>
[ 1593.169351][    C1]  ? __schedule+0x10b9/0x6150
[ 1593.174024][    C1]  __schedule+0x1139/0x6150
[ 1593.178538][    C1]  ? __pfx___schedule+0x10/0x10
[ 1593.183389][    C1]  ? find_held_lock+0x2b/0x80
[ 1593.188068][    C1]  ? schedule+0x2d7/0x3a0
[ 1593.192398][    C1]  schedule+0xe7/0x3a0
[ 1593.196457][    C1]  schedule_timeout+0x123/0x290
[ 1593.201305][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[ 1593.206672][    C1]  ? __pfx_process_timeout+0x10/0x10
[ 1593.211951][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1593.217773][    C1]  ? prepare_to_swait_event+0xf5/0x480
[ 1593.223232][    C1]  rcu_gp_fqs_loop+0x1ea/0xaf0
[ 1593.227999][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1593.233283][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1593.238474][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1593.243406][    C1]  ? rcu_gp_cleanup+0x7c1/0xe90
[ 1593.248254][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1593.254058][    C1]  rcu_gp_kthread+0x26d/0x380
[ 1593.258728][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1593.263921][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1593.268678][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1593.273874][    C1]  ? __kthread_parkme+0x19e/0x250
[ 1593.278891][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1593.284086][    C1]  kthread+0x3c5/0x780
[ 1593.288156][    C1]  ? __pfx_kthread+0x10/0x10
[ 1593.292742][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1593.297499][    C1]  ? __pfx_kthread+0x10/0x10
[ 1593.302091][    C1]  ret_from_fork+0x983/0xb10
[ 1593.306676][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1593.311781][    C1]  ? __switch_to+0x7af/0x10d0
[ 1593.316452][    C1]  ? __pfx_kthread+0x10/0x10
[ 1593.321038][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1593.325814][    C1]  </TASK>
[ 1593.328823][    C1] rcu: Stack dump where RCU GP kthread last ran:
[ 1593.335129][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1593.340326][    C0] NMI backtrace for cpu 0
[ 1593.340341][    C0] CPU: 0 UID: 0 PID: 21232 Comm: syz.5.3696 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1593.340361][    C0] Tainted: [L]=SOFTLOCKUP
[ 1593.340366][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1593.340375][    C0] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x0/0x20
[ 1593.340398][    C0] Code: 0c 24 0f b7 d6 0f b7 f7 bf 03 00 00 00 e9 58 fe ff ff 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 48 8b 0c 24 89 f2 89 fe bf 05 00 00 00 e9 2a fe ff ff
[ 1593.340412][    C0] RSP: 0018:ffffc900152ef6b8 EFLAGS: 00000246
[ 1593.340424][    C0] RAX: 0000000000080000 RBX: 0000000000000010 RCX: ffffc90012e6b000
[ 1593.340433][    C0] RDX: 0000000000080000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1593.340442][    C0] RBP: ffff88804f7cd280 R08: 0000000000000005 R09: 0000000000000000
[ 1593.340450][    C0] R10: 0000000000000001 R11: ffff88802f120b30 R12: 0000000000000000
[ 1593.340458][    C0] R13: 0000000000010000 R14: ffff8880237a0b90 R15: 0000000000000000
[ 1593.340467][    C0] FS:  00007f02ee5f66c0(0000) GS:ffff8881248f5000(0000) knlGS:0000000000000000
[ 1593.340482][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1593.340491][    C0] CR2: 0000000000000000 CR3: 000000009cdd6000 CR4: 00000000003526f0
[ 1593.340500][    C0] Call Trace:
[ 1593.340505][    C0]  <TASK>
[ 1593.340510][    C0]  vmx_cache_reg+0x76/0x5e0
[ 1593.340525][    C0]  kvm_register_read_raw+0x1e1/0x240
[ 1593.340545][    C0]  init_emulate_ctxt+0x1a9/0x510
[ 1593.340564][    C0]  ? __pfx_init_emulate_ctxt+0x10/0x10
[ 1593.340585][    C0]  ? __pfx_kvm_mmu_do_page_fault+0x10/0x10
[ 1593.340598][    C0]  ? vmx_set_rflags+0x384/0x4c0
[ 1593.340613][    C0]  x86_emulate_instruction+0x826/0x1c00
[ 1593.340633][    C0]  kvm_mmu_page_fault+0xbfd/0x1c60
[ 1593.340650][    C0]  ? fred_extint+0x30/0x70
[ 1593.340671][    C0]  ? __pfx_kvm_mmu_page_fault+0x10/0x10
[ 1593.340686][    C0]  ? __lock_acquire+0x436/0x2890
[ 1593.340702][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1593.340715][    C0]  ? __vmx_complete_interrupts+0x111/0x4e0
[ 1593.340732][    C0]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1593.340749][    C0]  handle_ept_violation+0x2df/0x710
[ 1593.340767][    C0]  ? __pfx_handle_ept_violation+0x10/0x10
[ 1593.340784][    C0]  vmx_handle_exit+0x129b/0x1a00
[ 1593.340802][    C0]  vcpu_run+0x3468/0x5a80
[ 1593.340822][    C0]  ? __pfx_vcpu_run+0x10/0x10
[ 1593.340842][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1593.340855][    C0]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[ 1593.340871][    C0]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[ 1593.340890][    C0]  kvm_vcpu_ioctl+0x76d/0x16d0
[ 1593.340912][    C0]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1593.340931][    C0]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1593.340946][    C0]  ? do_vfs_ioctl+0x128/0x14f0
[ 1593.340962][    C0]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1593.340977][    C0]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1593.341001][    C0]  ? hook_file_ioctl_common+0x144/0x410
[ 1593.341025][    C0]  ? selinux_file_ioctl+0x180/0x270
[ 1593.341042][    C0]  ? selinux_file_ioctl+0xb4/0x270
[ 1593.341059][    C0]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1593.341079][    C0]  __x64_sys_ioctl+0x18e/0x210
[ 1593.341101][    C0]  do_syscall_64+0xcd/0xf80
[ 1593.341118][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1593.341132][    C0] RIP: 0033:0x7f02f038f749
[ 1593.341143][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1593.341156][    C0] RSP: 002b:00007f02ee5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1593.341169][    C0] RAX: ffffffffffffffda RBX: 00007f02f05e5fa0 RCX: 00007f02f038f749
[ 1593.341178][    C0] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[ 1593.341187][    C0] RBP: 00007f02f0413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1593.341195][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1593.341204][    C0] R13: 00007f02f05e6038 R14: 00007f02f05e5fa0 R15: 00007ffdc10fdd48
[ 1593.341219][    C0]  </TASK>