last executing test programs:

2m8.766701065s ago: executing program 2 (id=3):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="01000000080010000400000007"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001940), 0x2000cc0, r0}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x1b, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240), 0x0, 0x2, r0}, 0x38)

2m8.673057667s ago: executing program 0 (id=1):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a30000000000800410072786500140033006970766c616e3100"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)

2m6.783057903s ago: executing program 2 (id=9):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff038}, {0xb1, 0x0, 0x0, 0xfffff024}, {0x6}]}, 0x10)
sendmmsg(r3, &(0x7f0000001c00), 0x400000000000159, 0x40840)

2m4.65558369s ago: executing program 2 (id=10):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x9d}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2m2.408075674s ago: executing program 2 (id=12):
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000f40)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x78}, 0x0)
sendmsg$NFC_CMD_DEV_UP(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40089}, 0x8004)

2m0.675295045s ago: executing program 2 (id=15):
rseq(&(0x7f00000006c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
pread64(r0, 0x0, 0x0, 0xce2)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
futex(&(0x7f0000000000)=0x2, 0xb, 0x2, 0x0, &(0x7f00000000c0)=0x2, 0x2)
futex(&(0x7f000000cffc), 0x5, 0x4, 0x0, 0x0, 0x4ffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x80a02, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket$kcm(0x29, 0x5, 0x0)
userfaultfd(0x801)
syz_io_uring_setup(0x81f, 0x0, &(0x7f00000002c0), 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x4e681, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000180)={<r4=>0xffffffffffffffff}, 0x106, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r3, &(0x7f0000000200)={0x7, 0x8, 0xfa00, {r4, 0x8}}, 0x10)
write$RDMA_USER_CM_CMD_LISTEN(r3, &(0x7f0000000140)={0x7, 0x8, 0xfa00, {r4, 0xdf}}, 0x10)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000140)={0xe, 0x18, 0xfa00, @id_tos={&(0x7f0000000100)=0x5, r4, 0x0, 0x0, 0x1}}, 0x20)
socket$unix(0x1, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000004, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x8, 0xffffffffffffffff, 0x9, 0x1000000000003, 0xf, 0x80000006}, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
r5 = syz_io_uring_setup(0x2f6f, &(0x7f0000000880)={0x0, 0x0, 0x100, 0x0, 0x104a}, &(0x7f0000000180), &(0x7f0000000240))
io_uring_register$IORING_REGISTER_MEM_REGION(r5, 0x22, 0x0, 0x1)

1m57.89850074s ago: executing program 2 (id=21):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x10e, &(0x7f00000004c0)={0x0, 0x310, 0x4000, 0xffffffff, 0x10b}, &(0x7f0000000340), 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_triestat\x00')
preadv(r4, 0x0, 0x0, 0x0, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x7, 0xf, &(0x7f0000000100)=@ringbuf={{}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x8}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x8}}, {{0x6, 0x0, 0xb, 0xa}, {0xf}}, [], {{0x7, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2(&(0x7f0000000480)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r5, 0x407, 0x7ffffffe)
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000300)='source', &(0x7f00000000c0)='%(,:', 0x0)

1m52.43714129s ago: executing program 32 (id=1):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a30000000000800410072786500140033006970766c616e3100"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)

1m42.706420389s ago: executing program 33 (id=21):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x10e, &(0x7f00000004c0)={0x0, 0x310, 0x4000, 0xffffffff, 0x10b}, &(0x7f0000000340), 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_triestat\x00')
preadv(r4, 0x0, 0x0, 0x0, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x7, 0xf, &(0x7f0000000100)=@ringbuf={{}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x8}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x8}}, {{0x6, 0x0, 0xb, 0xa}, {0xf}}, [], {{0x7, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe2(&(0x7f0000000480)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r5, 0x407, 0x7ffffffe)
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000300)='source', &(0x7f00000000c0)='%(,:', 0x0)

54.389268702s ago: executing program 1 (id=98):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f00000000c0)='.\x00', 0x800, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f00000005c0)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1}, @echo_reply={0x0, 0x0, 0x0, 0x65, 0x4}}}}}, 0x0)

53.508332178s ago: executing program 1 (id=100):
r0 = syz_open_dev$vim2m(0x0, 0x100000000000081, 0x2)
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0xc0205647, &(0x7f0000000040)=0x1)

53.314791098s ago: executing program 1 (id=101):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x3)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0xc0843, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000340), 0x10)
listen(r2, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000000)={0x5, 0x0, 0x11ffffffffff, 0x2, 0x500, 0x0, 0x1800000000000000, 0x49}, 0x0, &(0x7f0000000180)={0x3fe, 0x53bf, 0x0, 0x200000004, 0x4000000000000086, 0x804, 0x3, 0x1}, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, 0x0, 0x0)
mq_open(0x0, 0x840, 0x0, 0x0)
r4 = syz_io_uring_setup(0x9e, 0x0, &(0x7f0000000280), &(0x7f00000001c0))
io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

52.004784051s ago: executing program 1 (id=103):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079104800000000006104000000000000950000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
close(r0)
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r2, 0x4)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
recvfrom$inet_nvme(r1, 0x0, 0x0, 0x40000002, 0x0, 0x0)
recvfrom$unix(r1, 0x0, 0x0, 0x241, 0x0, 0x0)

51.805800532s ago: executing program 1 (id=104):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8100, 0x0)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r2, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1)

49.038878081s ago: executing program 1 (id=108):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f00000000c0)='.\x00', 0x800, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f00000005c0)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1}, @echo_reply={0x0, 0x0, 0x0, 0x65, 0x4}}}}}, 0x0)

33.755056506s ago: executing program 34 (id=108):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f00000000c0)='.\x00', 0x800, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f00000005c0)={@broadcast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1}, @echo_reply={0x0, 0x0, 0x0, 0x65, 0x4}}}}}, 0x0)

9.76335062s ago: executing program 3 (id=152):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETA(r0, 0x5406, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
unlink(&(0x7f0000000280)='./file1\x00')
r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x59, 0x0, 'syz1\x00', 0x0})

9.718863757s ago: executing program 4 (id=153):
mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f0000001740)={'syz1\x00', {0x0, 0xffff}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800008, 0x0, 0x0, 0x2], [0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7fffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0xfaea], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x400000]}, 0x45c)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="1b000000000000000000000000200000000000005b1935c1d6cdf7a105e6c1194b413f29b00afad78d52ed6f9b48b979639f7b91a91f1811069847cbb0a9f64791cbfc45ed408cc3a9df706252a2e83cf0cf00bbf449e5459f795da145dd32f2744747ad8d234d63ef", @ANYRES32, @ANYBLOB, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getitimer(0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce)
setxattr$trusted_overlay_upper(0x0, 0x0, &(0x7f0000000300)=ANY=[], 0x55, 0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat(0xffffffffffffff9c, 0x0, 0x143042, 0xb5)
msgsnd(0x0, &(0x7f0000000200)=ANY=[@ANYRESHEX], 0x8, 0x800)
msgrcv(0x0, 0x0, 0x0, 0xffffff7f00000000, 0x3800)

8.502694532s ago: executing program 3 (id=154):
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
timerfd_create(0x8, 0x800)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_netdev_private(r0, 0x8947, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x6000, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r2 = fsopen(0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20000000)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
capset(0x0, &(0x7f0000000080)={0x0, 0x4004, 0x894, 0x0, 0x2})
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, 0x0, 0x40041)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f0000000000)={0x80, 0xa, 0xf, 0xd, 0x0, 0xb021, 0x0})

8.411005715s ago: executing program 4 (id=155):
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000001800), 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
capset(&(0x7f0000000340)={0x19980330}, 0x0)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00'}, 0x90)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000140)={0x13, 0x65, 0xffff, 0x4, 0x6, '9P2000'}, 0x13)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r0, 0xffffffffffffffff, 0x6, 0x0, @val=@tracing}, 0x40)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={0x0}}, 0x0)

7.139743013s ago: executing program 4 (id=156):
r0 = syz_io_uring_setup(0x88f, &(0x7f00000010c0)={0x0, 0xc941, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x73, &(0x7f00000000c0)=@can, 0x0, 0x0, 0x2})
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8, 0x2], [0x1000000, 0x1], [0x7f, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xfffffffd]], '\x00', [{0xfffffffc, 0xf8}, {}, {0xffffffff}, {0x0, 0x1, 0x0, 0x1}, {0xf2, 0xffffffff}, {0x1}, {}, {0x0, 0x4}, {}, {0x2}, {}, {0xfffffff8}], '\x00', 0x1, 0x0, 0x0, 0xf8})
io_uring_enter(r0, 0x47f6, 0x0, 0x4, 0x0, 0x0)

6.338652848s ago: executing program 4 (id=157):
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x541b, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x14, 0x4, 0x4, 0x20002, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x50)

4.82860291s ago: executing program 3 (id=158):
r0 = syz_io_uring_setup(0x507d, &(0x7f0000000480)={0x0, 0x0, 0x10100, 0x0, 0xffffffff}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
sendmsg$TIPC_NL_MON_PEER_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40040d4}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='net_prio.prioidx\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='6'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, 0x0)
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

4.400952595s ago: executing program 3 (id=159):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x13, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="050000000600000008000000"], 0x50)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg(0xffffffffffffffff, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000040)="24000000180003041dfffd946f610500020100000005fe060c10880008000f00fff3c00e140000001a00ffffba16a0aa1c091dbfa1090000", 0x38}], 0x1}, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'team_slave_1\x00', &(0x7f0000000040)=@ethtool_wolinfo={0x5, 0x8001, 0x7, "c77a96de93e8"}})

4.249221973s ago: executing program 4 (id=160):
mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f0000001740)={'syz1\x00', {0x0, 0xffff}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800008, 0x0, 0x0, 0x2], [0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7fffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0xfaea], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x400000]}, 0x45c)
write$uinput_user_dev(r0, &(0x7f0000000080)={'syz1\x00', {0x1, 0x4, 0x2, 0xb}, 0x6, [0x80, 0xfef, 0x81, 0x401, 0x4, 0x81, 0x57e, 0xfffffff7, 0x3, 0x0, 0x1, 0x1, 0x42a, 0x81, 0x0, 0x7, 0x3, 0x2, 0x4, 0x2, 0xa, 0x5, 0x5, 0x8, 0x9eb7, 0x1, 0x3, 0x5, 0x0, 0x7, 0x8, 0x0, 0x5, 0xfffffffc, 0x1, 0x8, 0x8, 0xea0, 0x9731, 0x200, 0xf27, 0x7, 0x8, 0x0, 0x7fff, 0x9, 0xfffffffc, 0x0, 0x9, 0xf8, 0x2, 0x6, 0xe74, 0x7, 0x8000, 0x80000000, 0x4, 0x8, 0xc, 0xa, 0x8, 0x8, 0x400, 0xd], [0x0, 0x7, 0x7, 0x81, 0xf5, 0xe, 0x1, 0x9, 0x0, 0x4, 0x2, 0x2, 0x80, 0x8, 0x2, 0xfffffff7, 0x1, 0x9, 0x1000, 0xb, 0x2414d572, 0x3ff, 0x2, 0x8, 0x610eac07, 0xdfa, 0x7, 0xffff53f5, 0x7, 0x200, 0x4, 0x8001, 0xfffffffd, 0x829d, 0x7, 0x2, 0x2, 0x9, 0xffffff00, 0x7c, 0x9, 0xfffffffc, 0x9, 0x0, 0x2, 0x26f7af1a, 0x2487bd2e, 0x9, 0xfffffffb, 0x5, 0x7fffffff, 0x400, 0x1, 0x400, 0x81c0, 0x6, 0x8000, 0x1, 0x7, 0x8000, 0x8, 0x3, 0x40, 0x2], [0x4, 0x0, 0x6, 0x1, 0xb277, 0xe83, 0xe5a, 0x80000000, 0x2, 0xe52, 0x3, 0xdaa, 0x7, 0x2, 0x8, 0x2, 0x8, 0xa3, 0x1, 0x2, 0x2, 0x10000, 0x200, 0xfffffff9, 0x0, 0x400, 0x3, 0x1, 0x8000800, 0xb24, 0xfffffff7, 0x1, 0x5, 0x3, 0x8000000, 0x1, 0x3, 0x0, 0x8, 0x3, 0x100, 0x2, 0x4, 0x10000, 0xfffff891, 0x7, 0x5, 0xf, 0x9, 0x0, 0xacf2, 0x1, 0xb154, 0x9, 0x9, 0x8, 0x5, 0x7fff, 0x9, 0x40, 0x8, 0x6, 0x2, 0x9], [0x4, 0x8000, 0x1ff, 0x40, 0x0, 0x3, 0x8, 0x4, 0x0, 0x2, 0x6, 0x19, 0x8, 0x1, 0x3, 0x6, 0x450a, 0x8, 0x7, 0x2, 0x40, 0x0, 0x200, 0x2, 0x5, 0x1, 0x2, 0x7, 0x1, 0x6, 0x7, 0x1, 0x3aa, 0x80000001, 0x5d0, 0xffffff00, 0x5, 0xff, 0x8, 0x81, 0x6, 0x6, 0x2, 0x40, 0xffffff0f, 0x2, 0x3, 0x5, 0x5, 0xfffffffa, 0x6, 0x3, 0x8, 0x401, 0x0, 0x5, 0x6, 0xa6, 0x6dd, 0x0, 0x40, 0xfffffff7, 0x3e, 0x2]}, 0x45c)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="1b000000000000000000000000200000000000005b1935c1d6cdf7a105e6c1194b413f29b00afad78d52ed6f9b48b979639f7b91a91f1811069847cbb0a9f64791cbfc45ed408cc3a9df706252a2e83cf0cf00bbf449e5459f795da145dd32f2744747ad8d234d63ef", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getitimer(0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce)
setxattr$trusted_overlay_upper(0x0, 0x0, &(0x7f0000000300)=ANY=[], 0x55, 0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
msgsnd(0x0, &(0x7f0000000200)=ANY=[@ANYRESHEX], 0x8, 0x800)
msgrcv(0x0, &(0x7f0000000040)={0x0, ""/44}, 0x34, 0x2, 0x3000)

1.424418043s ago: executing program 3 (id=161):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETA(r0, 0x5406, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
unlink(&(0x7f0000000280)='./file1\x00')
r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x59, 0x0, 'syz1\x00', 0x0})

1.36510342s ago: executing program 4 (id=162):
mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f0000001740)={'syz1\x00', {0x0, 0xffff}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800008, 0x0, 0x0, 0x2], [0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7fffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0xfaea], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x400000]}, 0x45c)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="1b000000000000000000000000200000000000005b1935c1d6cdf7a105e6c1194b413f29b00afad78d52ed6f9b48b979639f7b91a91f1811069847cbb0a9f64791cbfc45ed408cc3a9df706252a2e83cf0cf00bbf449e5459f795da145dd32f2744747ad8d234d63ef", @ANYRES32, @ANYBLOB, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getitimer(0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce)
setxattr$trusted_overlay_upper(0x0, 0x0, &(0x7f0000000300)=ANY=[], 0x55, 0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat(0xffffffffffffff9c, 0x0, 0x143042, 0xb5)
msgsnd(0x0, &(0x7f0000000200)=ANY=[@ANYRESHEX], 0x8, 0x800)
msgrcv(0x0, 0x0, 0x0, 0xffffff7f00000000, 0x3800)

0s ago: executing program 3 (id=163):
r0 = syz_open_procfs(0x0, &(0x7f0000001080)='net/icmp6\x00')
socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2)
r3 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2)
ftruncate(r3, 0xffff)
fcntl$addseals(r3, 0x409, 0x7)
r4 = ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000140)={r3, 0x1, 0x0, 0x4000})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000007, 0x11, r4, 0x0)
read(r0, &(0x7f0000000280)=""/200, 0xc8)

kernel console output (not intermixed with test programs):

[   87.095343][  T979] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.185' (ED25519) to the list of known hosts.
[   90.645990][ T5821] cgroup: Unknown subsys name 'net'
[   90.876784][ T5821] cgroup: Unknown subsys name 'cpuset'
[   90.961933][ T5821] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   92.947471][ T5821] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   95.944340][ T5835] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   95.950726][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   95.962686][ T5838] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   95.963772][ T5838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   95.966137][ T5838] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   95.967998][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   95.968739][ T5838] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   95.969479][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   95.981537][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   95.993678][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   96.011532][   T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   96.024807][   T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   96.041917][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   96.042781][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   96.071193][ T5835] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   96.131018][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   96.140737][ T5842] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   96.149042][ T5842] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   96.150706][ T5842] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   96.170842][ T5842] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   96.204636][ T5152] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   96.210981][ T5152] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   96.222624][ T5152] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   96.233210][ T5152] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   96.234366][ T5152] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   97.146914][ T5837] chnl_net:caif_netlink_parms(): no params data found
[   97.210505][ T5833] chnl_net:caif_netlink_parms(): no params data found
[   97.287512][ T5836] chnl_net:caif_netlink_parms(): no params data found
[   97.684958][ T5846] chnl_net:caif_netlink_parms(): no params data found
[   97.693826][ T5843] chnl_net:caif_netlink_parms(): no params data found
[   98.052828][ T5842] Bluetooth: hci2: command tx timeout
[   98.131562][ T5842] Bluetooth: hci1: command tx timeout
[   98.131748][ T5842] Bluetooth: hci0: command tx timeout
[   98.205839][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.206868][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.207440][ T5837] bridge_slave_0: entered allmulticast mode
[   98.211131][ T5837] bridge_slave_0: entered promiscuous mode
[   98.211548][ T5152] Bluetooth: hci3: command tx timeout
[   98.292478][ T5152] Bluetooth: hci4: command tx timeout
[   98.407088][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.407257][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.407914][ T5837] bridge_slave_1: entered allmulticast mode
[   98.411218][ T5837] bridge_slave_1: entered promiscuous mode
[   98.415067][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.415206][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.415768][ T5833] bridge_slave_0: entered allmulticast mode
[   98.418522][ T5833] bridge_slave_0: entered promiscuous mode
[   98.602852][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.603031][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.603230][ T5833] bridge_slave_1: entered allmulticast mode
[   98.606545][ T5833] bridge_slave_1: entered promiscuous mode
[   98.608971][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.609082][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.609195][ T5836] bridge_slave_0: entered allmulticast mode
[   98.610903][ T5836] bridge_slave_0: entered promiscuous mode
[   98.825225][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.825397][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.825513][ T5836] bridge_slave_1: entered allmulticast mode
[   98.827182][ T5836] bridge_slave_1: entered promiscuous mode
[   98.998253][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   99.298695][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   99.309877][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   99.384420][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.384654][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.385256][ T5846] bridge_slave_0: entered allmulticast mode
[   99.388489][ T5846] bridge_slave_0: entered promiscuous mode
[   99.492800][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.492888][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.493021][ T5843] bridge_slave_0: entered allmulticast mode
[   99.494726][ T5843] bridge_slave_0: entered promiscuous mode
[   99.607489][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   99.610955][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   99.619662][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.619807][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.620345][ T5846] bridge_slave_1: entered allmulticast mode
[   99.628971][ T5846] bridge_slave_1: entered promiscuous mode
[   99.639702][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.639915][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.640124][ T5843] bridge_slave_1: entered allmulticast mode
[   99.652188][ T5843] bridge_slave_1: entered promiscuous mode
[   99.957462][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.025211][ T5837] team0: Port device team_slave_0 added
[  100.132582][ T5152] Bluetooth: hci2: command tx timeout
[  100.211878][ T5152] Bluetooth: hci0: command tx timeout
[  100.211914][ T5152] Bluetooth: hci1: command tx timeout
[  100.286407][ T5837] team0: Port device team_slave_1 added
[  100.288629][ T5833] team0: Port device team_slave_0 added
[  100.291526][ T5842] Bluetooth: hci3: command tx timeout
[  100.313003][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.371486][ T5842] Bluetooth: hci4: command tx timeout
[  100.398005][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.477249][ T5833] team0: Port device team_slave_1 added
[  100.482496][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.485209][ T5836] team0: Port device team_slave_0 added
[  100.490240][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.965045][ T5836] team0: Port device team_slave_1 added
[  101.044299][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.044317][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.044344][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.370604][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1
[  101.370621][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.370648][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  101.372077][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.372089][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.372110][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.376570][ T5846] team0: Port device team_slave_0 added
[  101.468894][ T5843] team0: Port device team_slave_0 added
[  101.485614][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[  101.485632][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.485659][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  101.489392][ T5846] team0: Port device team_slave_1 added
[  101.490757][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.490769][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.490794][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.497165][ T5843] team0: Port device team_slave_1 added
[  101.663800][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1
[  101.663818][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.663845][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.156926][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.156943][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.156978][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.159958][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.159970][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.159984][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.223271][ T5842] Bluetooth: hci2: command tx timeout
[  102.291735][ T5842] Bluetooth: hci1: command tx timeout
[  102.291766][ T5842] Bluetooth: hci0: command tx timeout
[  102.371353][ T5152] Bluetooth: hci3: command tx timeout
[  102.388361][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.388372][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.388387][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.390134][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.390143][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.390157][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.429866][ T5837] hsr_slave_0: entered promiscuous mode
[  102.431032][ T5837] hsr_slave_1: entered promiscuous mode
[  102.452159][ T5152] Bluetooth: hci4: command tx timeout
[  102.642574][ T5833] hsr_slave_0: entered promiscuous mode
[  102.643514][ T5833] hsr_slave_1: entered promiscuous mode
[  102.644197][ T5833] debugfs: 'hsr0' already exists in 'hsr'
[  102.644270][ T5833] Cannot create hsr debugfs directory
[  102.814072][ T5836] hsr_slave_0: entered promiscuous mode
[  102.815774][ T5836] hsr_slave_1: entered promiscuous mode
[  102.816898][ T5836] debugfs: 'hsr0' already exists in 'hsr'
[  102.816924][ T5836] Cannot create hsr debugfs directory
[  103.319947][ T5846] hsr_slave_0: entered promiscuous mode
[  103.326340][ T5846] hsr_slave_1: entered promiscuous mode
[  103.327400][ T5846] debugfs: 'hsr0' already exists in 'hsr'
[  103.327423][ T5846] Cannot create hsr debugfs directory
[  103.449020][ T5843] hsr_slave_0: entered promiscuous mode
[  103.449906][ T5843] hsr_slave_1: entered promiscuous mode
[  103.450522][ T5843] debugfs: 'hsr0' already exists in 'hsr'
[  103.450541][ T5843] Cannot create hsr debugfs directory
[  104.291481][ T5152] Bluetooth: hci2: command tx timeout
[  104.372416][ T5152] Bluetooth: hci0: command tx timeout
[  104.372456][ T5152] Bluetooth: hci1: command tx timeout
[  104.452737][ T5842] Bluetooth: hci3: command tx timeout
[  104.533739][ T5842] Bluetooth: hci4: command tx timeout
[  105.073276][ T5837] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  105.126265][ T5837] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  105.157321][ T5837] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  105.219115][ T5837] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  105.375934][ T5833] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  105.418825][ T5833] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  105.460398][ T5833] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  105.526710][ T5833] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  105.677014][ T5836] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  105.731388][ T5836] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  105.778652][ T5836] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  105.838438][ T5836] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  106.043699][ T5846] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  106.108798][ T5846] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  106.151860][ T5846] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  106.219697][ T5846] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  106.364053][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.425742][ T5843] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  106.480509][ T5843] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  106.516458][ T5843] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  106.570134][ T5843] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  106.640050][ T5837] 8021q: adding VLAN 0 to HW filter on device team0
[  106.708333][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.708796][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.770191][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.789429][ T1338] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.789601][ T1338] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.919984][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[  106.987883][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.997332][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.997864][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.067004][  T815] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.067177][  T815] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.175077][ T5836] 8021q: adding VLAN 0 to HW filter on device team0
[  107.209872][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.241139][ T1338] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.242249][ T1338] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.378147][ T1338] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.378312][ T1338] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.459888][ T5846] 8021q: adding VLAN 0 to HW filter on device team0
[  107.487291][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.545042][ T1338] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.545214][ T1338] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.627213][ T1338] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.628825][ T1338] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.724856][ T5843] 8021q: adding VLAN 0 to HW filter on device team0
[  107.807922][  T815] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.808064][  T815] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.887368][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.888071][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.917464][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.226040][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.358118][ T5837] veth0_vlan: entered promiscuous mode
[  108.438034][ T5837] veth1_vlan: entered promiscuous mode
[  108.626113][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.692737][ T5833] veth0_vlan: entered promiscuous mode
[  108.786460][ T5833] veth1_vlan: entered promiscuous mode
[  108.796799][ T5837] veth0_macvtap: entered promiscuous mode
[  108.831966][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.839473][ T5837] veth1_macvtap: entered promiscuous mode
[  108.967889][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.016474][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.020418][ T5836] veth0_vlan: entered promiscuous mode
[  109.054289][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.069824][ T5833] veth0_macvtap: entered promiscuous mode
[  109.116240][  T159] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.136640][  T159] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.140586][ T5833] veth1_macvtap: entered promiscuous mode
[  109.147637][  T159] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.202695][ T5836] veth1_vlan: entered promiscuous mode
[  109.212997][  T159] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.349630][ T5846] veth0_vlan: entered promiscuous mode
[  109.448144][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.528565][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.547403][ T5846] veth1_vlan: entered promiscuous mode
[  109.626310][  T159] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.647216][  T159] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.663963][  T159] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.696384][  T159] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.745397][   T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.745418][   T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.749951][ T5836] veth0_macvtap: entered promiscuous mode
[  109.844622][ T5836] veth1_macvtap: entered promiscuous mode
[  109.995956][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.995978][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.114295][ T5846] veth0_macvtap: entered promiscuous mode
[  110.140678][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.225313][ T5846] veth1_macvtap: entered promiscuous mode
[  110.230307][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.230734][  T815] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.230752][  T815] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.363216][ T5843] veth0_vlan: entered promiscuous mode
[  110.363739][  T159] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.401030][   T57] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.413446][   T57] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.420564][   T67] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.443168][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.567020][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.567043][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.584207][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.587051][ T5843] veth1_vlan: entered promiscuous mode
[  110.726982][   T67] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.731560][   T67] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.734153][   T67] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.736846][   T67] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.151427][  T159] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.151451][  T159] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.190318][ T5843] veth0_macvtap: entered promiscuous mode
[  111.284567][ T5843] veth1_macvtap: entered promiscuous mode
[  111.323436][ T1338] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.323458][ T1338] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.578671][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.650945][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.663912][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.663935][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.748990][   T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.749014][   T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.797085][  T815] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.799467][  T815] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.800748][  T815] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.800791][  T815] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.851564][ T5913] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  112.049745][ T5913] usb 4-1: Using ep0 maxpacket: 32
[  112.064739][ T5913] usb 4-1: config 0 has no interfaces?
[  112.166751][ T5913] usb 4-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  112.166790][ T5913] usb 4-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  112.166810][ T5913] usb 4-1: Product: syz
[  112.166824][ T5913] usb 4-1: Manufacturer: syz
[  112.204817][ T5913] usb 4-1: config 0 descriptor??
[  112.221442][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  112.221744][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  112.221902][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  112.222102][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  112.222270][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  112.222430][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  112.224026][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  112.224182][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  112.224378][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  112.224570][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  112.712305][    T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  112.871581][    T9] usb 2-1: Using ep0 maxpacket: 16
[  114.093090][   T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.093184][   T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.861909][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.861970][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  117.412208][   T37] audit: type=1326 audit(1756399081.712:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5983 comm="syz.2.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc5ea7ebe9 code=0x7ffc0000
[  117.412248][   T37] audit: type=1326 audit(1756399081.712:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5983 comm="syz.2.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc5ea7ebe9 code=0x7ffc0000
[  117.530124][   T37] audit: type=1326 audit(1756399081.842:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5983 comm="syz.2.10" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7efc5ea7ebe9 code=0x7ffc0000
[  117.530184][   T37] audit: type=1326 audit(1756399081.842:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5983 comm="syz.2.10" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efc5ea7ebe9 code=0x0
[  117.973141][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  117.976790][    T9] usb 2-1: unable to read config index 0 descriptor/start: -32
[  117.976819][    T9] usb 2-1: chopping to 0 config(s)
[  117.976849][    T9] usb 2-1: can't read configurations, error -32
[  118.845604][    T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  118.999036][ T5977] infiniband syz0: set down
[  119.022069][    T9] usb 2-1: device descriptor read/64, error -32
[  119.044448][ T5977] infiniband syz0: added ipvlan1
[  119.047465][ T5977] syz0: rxe_create_cq: returned err = -12
[  119.047635][ T5977] infiniband syz0: Couldn't create ib_mad CQ
[  119.047838][ T5977] infiniband syz0: Couldn't open port 1
[  119.355437][    T9] usb usb2-port1: attempt power cycle
[  120.031931][    T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  120.046121][ T5977] RDS/IB: syz0: added
[  120.046681][ T5977] smc: adding ib device syz0 with port count 1
[  120.046854][ T5977] smc:    ib device syz0 port 1 has pnetid 
[  120.063902][    T9] usb 2-1: device descriptor read/8, error -32
[  120.305668][    T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  120.326541][    T9] usb 2-1: device descriptor read/8, error -32
[  120.448332][    T9] usb usb2-port1: unable to enumerate USB device
[  123.410130][   T31] usb 4-1: USB disconnect, device number 2
[  124.626561][    C1] vkms_vblank_simulate: vblank timer overrun
[  128.167003][    C1] vkms_vblank_simulate: vblank timer overrun
[  130.925475][ T6070] process 'syz.1.26' launched './file0' with NULL argv: empty string added
[  133.193637][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  133.193748][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  133.556303][ T5152] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  133.584914][ T5152] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  133.601711][ T5152] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  133.604354][ T5152] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  133.605312][ T5152] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  135.949483][ T5842] Bluetooth: hci5: command tx timeout
[  137.966386][ T6098] netlink: 8 bytes leftover after parsing attributes in process `syz.1.33'.
[  138.026216][ T5842] Bluetooth: hci5: command tx timeout
[  138.790073][ T6103] netlink: 4 bytes leftover after parsing attributes in process `syz.1.34'.
[  139.332349][ T6105] cgroup: No subsys list or none specified
[  140.051419][ T5842] Bluetooth: hci5: command tx timeout
[  140.684158][ T5152] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  140.691560][ T5152] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  140.695917][ T5152] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  140.711731][ T5152] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  140.714200][ T5152] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  142.156640][ T5842] Bluetooth: hci5: command tx timeout
[  142.985794][ T5842] Bluetooth: hci6: command tx timeout
[  148.804810][ T5842] Bluetooth: hci6: command tx timeout
[  149.416769][ T6136] netlink: 8 bytes leftover after parsing attributes in process `syz.4.43'.
[  150.859277][ T5842] Bluetooth: hci6: command tx timeout
[  153.252380][ T5842] Bluetooth: hci6: command tx timeout
[  155.834060][ T1009] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.282867][ T6180] netlink: 8 bytes leftover after parsing attributes in process `syz.3.54'.
[  156.568608][ T1009] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.614294][ T6192] comedi comedi1: adq12b: I/O port conflict (0x51bfec8f,16)
[  159.854583][ T1009] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.564988][ T6217] Zero length message leads to an empty skb
[  163.914179][ T6220] dns_resolver: Unsupported server list version (0)
[  164.787470][ T1009] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.911063][ T6222] netlink: 8 bytes leftover after parsing attributes in process `syz.4.64'.
[  169.264803][ T6080] chnl_net:caif_netlink_parms(): no params data found
[  170.951773][ T1009] bridge_slave_1: left allmulticast mode
[  170.952225][ T1009] bridge_slave_1: left promiscuous mode
[  170.954840][ T1009] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.196830][ T1009] bridge_slave_0: left allmulticast mode
[  171.196867][ T1009] bridge_slave_0: left promiscuous mode
[  171.197155][ T1009] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.601784][ T6275] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  176.686697][ T6309] syz.3.84 uses obsolete (PF_INET,SOCK_PACKET)
[  177.852254][ T1009] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.932180][ T1009] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.978003][ T1009] bond0 (unregistering): Released all slaves
[  178.053881][ T6108] chnl_net:caif_netlink_parms(): no params data found
[  178.811374][    C1] vkms_vblank_simulate: vblank timer overrun
[  178.869301][    C1] vkms_vblank_simulate: vblank timer overrun
[  179.075295][    C1] vkms_vblank_simulate: vblank timer overrun
[  179.785089][    C1] vkms_vblank_simulate: vblank timer overrun
[  180.119277][    C1] vkms_vblank_simulate: vblank timer overrun
[  180.303176][ T6326] netlink: 8 bytes leftover after parsing attributes in process `syz.4.88'.
[  180.871884][    C1] vkms_vblank_simulate: vblank timer overrun
[  180.987083][    C1] vkms_vblank_simulate: vblank timer overrun
[  181.618894][    C1] vkms_vblank_simulate: vblank timer overrun
[  181.811239][    C1] vkms_vblank_simulate: vblank timer overrun
[  182.788723][    C1] vkms_vblank_simulate: vblank timer overrun
[  183.145435][    C1] vkms_vblank_simulate: vblank timer overrun
[  183.985766][   T37] audit: type=1326 audit(1756399148.292:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6350 comm="syz.4.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa385e8ebe9 code=0x7ffc0000
[  183.986647][   T37] audit: type=1326 audit(1756399148.292:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6350 comm="syz.4.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa385e8ebe9 code=0x7ffc0000
[  184.089131][   T37] audit: type=1326 audit(1756399148.292:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6350 comm="syz.4.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa385e8ebe9 code=0x7ffc0000
[  184.089190][   T37] audit: type=1326 audit(1756399148.292:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6350 comm="syz.4.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa385e8ebe9 code=0x7ffc0000
[  184.089236][   T37] audit: type=1326 audit(1756399148.292:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6350 comm="syz.4.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa385e8ebe9 code=0x7ffc0000
[  184.298398][ T6360] mmap: syz.4.95 (6360) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  185.577867][ T6360] pim6reg: entered allmulticast mode
[  186.209070][ T6368] netlink: 8 bytes leftover after parsing attributes in process `syz.1.97'.
[  187.780368][ T6377] netlink: 24 bytes leftover after parsing attributes in process `syz.3.99'.
[  187.981117][ T6383] netlink: 4 bytes leftover after parsing attributes in process `syz.3.99'.
[  188.753334][ T5922] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  189.344524][ T5922] usb 5-1: Using ep0 maxpacket: 8
[  189.348898][ T5922] usb 5-1: config 0 has an invalid interface number: 186 but max is 0
[  189.348929][ T5922] usb 5-1: config 0 has no interface number 0
[  189.348993][ T5922] usb 5-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  189.349019][ T5922] usb 5-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  189.349044][ T5922] usb 5-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  189.349070][ T5922] usb 5-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  189.425677][ T5922] usb 5-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  189.425712][ T5922] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.425733][ T5922] usb 5-1: Product: syz
[  189.425747][ T5922] usb 5-1: Manufacturer: syz
[  189.425761][ T5922] usb 5-1: SerialNumber: syz
[  189.485225][ T5922] usb 5-1: config 0 descriptor??
[  189.745680][ T5922] iowarrior 5-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[  189.992598][ T6080] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.992762][ T6080] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.993030][ T6080] bridge_slave_0: entered allmulticast mode
[  190.000654][ T6080] bridge_slave_0: entered promiscuous mode
[  190.176038][ T5922] usb 5-1: USB disconnect, device number 2
[  190.353466][ T5152] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  190.359482][ T5152] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  190.384228][ T5152] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  190.385651][ T5152] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  190.386590][ T5152] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  190.942512][ T1009] hsr_slave_0: left promiscuous mode
[  191.011718][ T1009] hsr_slave_1: left promiscuous mode
[  191.012560][ T1009] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  191.012629][ T1009] batman_adv: batadv0: Removing interface: batadv_slave_0
[  191.074484][ T1009] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.074508][ T1009] batman_adv: batadv0: Removing interface: batadv_slave_1
[  191.527520][ T1009] veth1_macvtap: left promiscuous mode
[  191.527762][ T1009] veth0_macvtap: left promiscuous mode
[  191.527972][ T1009] veth1_vlan: left promiscuous mode
[  191.528187][ T1009] veth0_vlan: left promiscuous mode
[  192.531379][ T5842] Bluetooth: hci2: command tx timeout
[  194.091370][    C1] vkms_vblank_simulate: vblank timer overrun
[  194.363601][    C1] vkms_vblank_simulate: vblank timer overrun
[  194.431145][    C1] vkms_vblank_simulate: vblank timer overrun
[  195.221044][    C1] vkms_vblank_simulate: vblank timer overrun
[  195.237612][ T5842] Bluetooth: hci2: command tx timeout
[  195.408807][    C1] vkms_vblank_simulate: vblank timer overrun
[  195.419504][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  195.419591][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  195.773202][    C1] vkms_vblank_simulate: vblank timer overrun
[  195.947074][ T6447] Bluetooth: MGMT ver 1.23
[  196.698050][    C1] vkms_vblank_simulate: vblank timer overrun
[  196.987097][    C1] vkms_vblank_simulate: vblank timer overrun
[  197.181458][ T5922] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  197.251965][ T5842] Bluetooth: hci2: command tx timeout
[  197.331534][ T5922] usb 4-1: Using ep0 maxpacket: 32
[  197.337564][ T5922] usb 4-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  197.337605][ T5922] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.337625][ T5922] usb 4-1: Product: syz
[  197.337639][ T5922] usb 4-1: Manufacturer: syz
[  197.337653][ T5922] usb 4-1: SerialNumber: syz
[  197.449507][ T5922] usb 4-1: config 0 descriptor??
[  197.477998][ T5922] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  198.031332][ T5922] gspca_ov534_9: reg_w failed -110
[  198.451410][ T5922] gspca_ov534_9: Unknown sensor 0000
[  198.451487][ T5922] ov534_9 4-1:0.0: probe with driver ov534_9 failed with error -22
[  198.777795][ T6455] =======================================================
[  198.777795][ T6455] WARNING: The mand mount option has been deprecated and
[  198.777795][ T6455]          and is ignored by this kernel. Remove the mand
[  198.777795][ T6455]          option from the mount to silence this warning.
[  198.777795][ T6455] =======================================================
[  198.960897][ T1009] team0 (unregistering): Port device team_slave_1 removed
[  199.332838][ T5842] Bluetooth: hci2: command tx timeout
[  199.421982][ T1009] team0 (unregistering): Port device team_slave_0 removed
[  200.801502][ T6464] capability: warning: `syz.4.120' uses 32-bit capabilities (legacy support in use)
[  201.563290][ T6465] netlink: 12 bytes leftover after parsing attributes in process `syz.4.120'.
[  201.563359][ T6465] netlink: 16 bytes leftover after parsing attributes in process `syz.4.120'.
[  202.394760][    T9] usb 4-1: USB disconnect, device number 3
[  202.462408][ T5152] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  202.478592][ T5152] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  202.484828][ T5152] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  202.501941][ T5152] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  202.503287][ T5152] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  204.711503][ T5842] Bluetooth: hci4: command tx timeout
[  206.774809][ T5842] Bluetooth: hci4: command tx timeout
[  207.397821][ T6485] pim6reg: entered allmulticast mode
[  207.411608][    T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  207.499030][ T6108] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.499198][ T6108] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.499448][ T6108] bridge_slave_0: entered allmulticast mode
[  207.528190][ T6108] bridge_slave_0: entered promiscuous mode
[  207.595266][    T9] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  207.595330][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  207.596973][    T9] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  207.596999][    T9] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  207.597018][    T9] usb 5-1: Manufacturer: syz
[  207.654045][    T9] usb 5-1: config 0 descriptor??
[  207.971515][    T9] rc_core: IR keymap rc-hauppauge not found
[  207.971539][    T9] Registered IR keymap rc-empty
[  207.975767][    T9] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  207.981349][ T5913] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  208.015159][    T9] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input5
[  208.157566][ T5913] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.157621][ T5913] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  208.157646][ T5913] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.365289][ T5913] usb 4-1: config 0 descriptor??
[  208.735111][ T5913] usbhid 4-1:0.0: can't add hid device: -71
[  208.735263][ T5913] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  208.792808][ T5913] usb 4-1: USB disconnect, device number 4
[  208.851707][ T5842] Bluetooth: hci4: command tx timeout
[  209.401401][ T5913] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  209.568197][ T5913] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.568234][ T5913] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  209.568280][ T5913] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  209.568303][ T5913] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.631390][ T5913] usb 4-1: config 0 descriptor??
[  210.049796][ T5152] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  210.077150][ T5152] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  210.093700][ T5152] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  210.118896][ T5152] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  210.134962][ T5152] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  210.632127][   T10] usb 5-1: USB disconnect, device number 3
[  210.872330][ T5913] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  210.942404][ T5842] Bluetooth: hci4: command tx timeout
[  212.451914][ T5842] Bluetooth: hci5: command tx timeout
[  212.768535][ T5920] usb 4-1: USB disconnect, device number 5
[  214.539811][ T5842] Bluetooth: hci5: command tx timeout
[  215.195704][ T6539] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  215.934277][ T1009] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  216.622974][ T5842] Bluetooth: hci5: command tx timeout
[  217.463781][   T37] audit: type=1326 audit(1756399181.772:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6551 comm="syz.4.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa385e8ebe9 code=0x7ffc0000
[  217.475168][   T37] audit: type=1326 audit(1756399181.782:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6551 comm="syz.4.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa385e8ebe9 code=0x7ffc0000
[  217.475274][   T37] audit: type=1326 audit(1756399181.782:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6551 comm="syz.4.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa385e8ebe9 code=0x7ffc0000
[  217.476673][   T37] audit: type=1326 audit(1756399181.792:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6551 comm="syz.4.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fa385e8ebe9 code=0x7ffc0000
[  217.476727][   T37] audit: type=1326 audit(1756399181.792:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6551 comm="syz.4.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa385e8ebe9 code=0x7ffc0000
[  218.758106][ T5152] Bluetooth: hci5: command tx timeout
[  218.771376][   T37] audit: type=1326 audit(1756399181.792:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6551 comm="syz.4.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa385e8ebe9 code=0x7ffc0000
[  218.771410][   T37] audit: type=1326 audit(1756399181.792:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6551 comm="syz.4.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa385e8ebe9 code=0x7ffc0000
[  218.771435][   T37] audit: type=1326 audit(1756399181.792:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6551 comm="syz.4.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa385e8ebe9 code=0x7ffc0000
[  219.185363][   T37] audit: type=1326 audit(1756399183.502:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6551 comm="syz.4.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa385e8ebe9 code=0x7ffc0000
[  219.319672][ T1009] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.867650][ T1009] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.287615][ T1009] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.872750][   T59] Bluetooth: hci0: command 0x0406 tx timeout
[  222.872846][   T59] Bluetooth: hci3: command 0x0406 tx timeout
[  222.920904][ T6577] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  223.592823][  T979] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  223.741415][  T979] usb 4-1: Using ep0 maxpacket: 8
[  223.744761][  T979] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  223.744790][  T979] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.827111][  T979] pvrusb2: Hardware description: Terratec Grabster AV400
[  223.827130][  T979] pvrusb2: **********
[  223.827137][  T979] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  223.827149][  T979] pvrusb2: Important functionality might not be entirely working.
[  223.827158][  T979] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  223.827170][  T979] pvrusb2: **********
[  224.054545][ T2366] pvrusb2: Invalid write control endpoint
[  224.206647][ T6583] pvrusb2: Invalid write control endpoint
[  224.386718][ T2366] pvrusb2: Invalid write control endpoint
[  224.386736][ T2366] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  224.386746][ T2366] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  224.386754][ T2366] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  224.386764][ T2366] pvrusb2: Device being rendered inoperable
[  224.403261][ T2366] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  224.403327][ T2366] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  224.464183][ T2366] pvrusb2: Attached sub-driver cx25840
[  224.464201][ T2366] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  224.464211][ T2366] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  224.538028][ T6405] chnl_net:caif_netlink_parms(): no params data found
[  224.556048][ T1009] bridge_slave_0: left allmulticast mode
[  224.556084][ T1009] bridge_slave_0: left promiscuous mode
[  224.557372][ T1009] bridge0: port 1(bridge_slave_0) entered disabled state
[  225.261046][ T1009] bridge_slave_0: left allmulticast mode
[  225.261085][ T1009] bridge_slave_0: left promiscuous mode
[  225.275358][ T1009] bridge0: port 1(bridge_slave_0) entered disabled state
[  225.877699][ T1009] bridge_slave_1: left allmulticast mode
[  225.881755][ T1009] bridge_slave_1: left promiscuous mode
[  225.882042][ T1009] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.944413][    T9] usb 4-1: USB disconnect, device number 6
[  225.974460][ T1009] bridge_slave_0: left allmulticast mode
[  225.974494][ T1009] bridge_slave_0: left promiscuous mode
[  225.974784][ T1009] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.340909][    C1] vkms_vblank_simulate: vblank timer overrun
[  226.851371][   T37] audit: type=1326 audit(1756399191.162:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6610 comm="syz.3.149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc9c1cebe9 code=0x7ffc0000
[  226.855158][   T37] audit: type=1326 audit(1756399191.172:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6610 comm="syz.3.149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbc9c1cebe9 code=0x7ffc0000
[  226.858311][   T37] audit: type=1326 audit(1756399191.172:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6610 comm="syz.3.149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc9c1cebe9 code=0x7ffc0000
[  226.876653][   T37] audit: type=1326 audit(1756399191.192:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6610 comm="syz.3.149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc9c1cebe9 code=0x7ffc0000
[  226.877789][   T37] audit: type=1326 audit(1756399191.192:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6610 comm="syz.3.149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fbc9c1cebe9 code=0x7ffc0000
[  226.879175][   T37] audit: type=1326 audit(1756399191.192:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6610 comm="syz.3.149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc9c1cebe9 code=0x7ffc0000
[  226.880924][   T37] audit: type=1326 audit(1756399191.192:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6610 comm="syz.3.149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc9c1cebe9 code=0x7ffc0000
[  226.883483][   T37] audit: type=1326 audit(1756399191.202:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6610 comm="syz.3.149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fbc9c1cebe9 code=0x7ffc0000
[  226.884850][   T37] audit: type=1326 audit(1756399191.202:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6610 comm="syz.3.149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc9c1cebe9 code=0x7ffc0000
[  226.887454][   T37] audit: type=1326 audit(1756399191.202:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6610 comm="syz.3.149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc9c1cebe9 code=0x7ffc0000
[  226.969148][ T6612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.149'.
[  228.284494][ T1009] bond0 (unregistering): Released all slaves
[  229.504349][ T1009] bond0 (unregistering): Released all slaves
[  231.265191][ T1009] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  231.346382][ T1009] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  231.388508][ T1009] bond0 (unregistering): Released all slaves
[  231.792050][ T6466] chnl_net:caif_netlink_parms(): no params data found
[  232.355062][ T6627] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  234.225397][    C1] vkms_vblank_simulate: vblank timer overrun
[  236.327583][ T6405] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.348955][ T6405] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.349261][ T6405] bridge_slave_0: entered allmulticast mode
[  236.405727][ T6405] bridge_slave_0: entered promiscuous mode
[  236.425620][ T6504] chnl_net:caif_netlink_parms(): no params data found
[  236.558679][ T6405] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.558846][ T6405] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.559109][ T6405] bridge_slave_1: entered allmulticast mode
[  236.605368][ T6405] bridge_slave_1: entered promiscuous mode
[  237.594686][ T6466] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.594786][ T6466] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.594954][ T6466] bridge_slave_0: entered allmulticast mode
[  237.645782][ T6466] bridge_slave_0: entered promiscuous mode
[  237.815581][ T6405] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.925205][ T6466] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.925527][ T6466] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.925799][ T6466] bridge_slave_1: entered allmulticast mode
[  237.999987][ T6466] bridge_slave_1: entered promiscuous mode
[  238.075051][ T6405] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  239.030648][ T6466] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  239.034845][ T6405] team0: Port device team_slave_0 added
[  239.162640][ T6466] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  239.167847][ T6405] team0: Port device team_slave_1 added
[  239.168445][ T6504] bridge0: port 1(bridge_slave_0) entered blocking state
[  239.169528][ T6504] bridge0: port 1(bridge_slave_0) entered disabled state
[  239.169666][ T6504] bridge_slave_0: entered allmulticast mode
[  239.173968][ T6504] bridge_slave_0: entered promiscuous mode
[  239.322730][ T6504] bridge0: port 2(bridge_slave_1) entered blocking state
[  239.322843][ T6504] bridge0: port 2(bridge_slave_1) entered disabled state
[  239.322983][ T6504] bridge_slave_1: entered allmulticast mode
[  239.332286][ T6504] bridge_slave_1: entered promiscuous mode
[  239.501459][ T1009] hsr_slave_0: left promiscuous mode
[  239.545238][ T1009] hsr_slave_1: left promiscuous mode
[  239.558369][ T1009] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  239.558582][ T1009] batman_adv: batadv0: Removing interface: batadv_slave_0
[  239.592015][ T1009] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  239.592037][ T1009] batman_adv: batadv0: Removing interface: batadv_slave_1
[  239.759641][ T1009] veth1_macvtap: left promiscuous mode
[  239.759721][ T1009] veth0_macvtap: left promiscuous mode
[  239.759951][ T1009] veth1_vlan: left promiscuous mode
[  239.760086][ T1009] veth0_vlan: left promiscuous mode
[  241.263187][ T6672] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  241.608722][ T6679] ------------[ cut here ]------------
[  241.608740][ T6679] WARNING: CPU: 1 PID: 6679 at fs/exec.c:119 path_noexec+0x1af/0x200
[  241.608780][ T6679] Modules linked in:
[  241.608800][ T6679] CPU: 1 UID: 0 PID: 6679 Comm: syz.3.163 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  241.608825][ T6679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  241.608837][ T6679] RIP: 0010:path_noexec+0x1af/0x200
[  241.608860][ T6679] Code: 02 31 ff 48 89 de e8 50 cf 92 ff d1 eb eb 07 e8 e7 c9 92 ff b3 01 89 d8 5b 41 5e 41 5f 5d c3 cc cc cc cc cc e8 d2 c9 92 ff 90 <0f> 0b 90 e9 48 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c a6
[  241.608878][ T6679] RSP: 0018:ffffc90003ccfbf8 EFLAGS: 00010283
[  241.608897][ T6679] RAX: ffffffff822b927e RBX: ffff888031c646c0 RCX: 0000000000080000
[  241.608913][ T6679] RDX: ffffc9000e7b5000 RSI: 000000000000006d RDI: 000000000000006e
[  241.608927][ T6679] RBP: 0000000000080000 R08: 0000000000000000 R09: 0000000000000000
[  241.608939][ T6679] R10: 0000000000000100 R11: 0000000000000003 R12: 0000000000000011
[  241.608952][ T6679] R13: 1ffff92000799f90 R14: 0000000000000000 R15: dffffc0000000000
[  241.608967][ T6679] FS:  00007fbc9a4156c0(0000) GS:ffff8881269c2000(0000) knlGS:0000000000000000
[  241.608985][ T6679] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  241.609000][ T6679] CR2: 00007f98679e9286 CR3: 000000003c9b6000 CR4: 00000000003526f0
[  241.609020][ T6679] Call Trace:
[  241.609028][ T6679]  <TASK>
[  241.609040][ T6679]  do_mmap+0xa20/0x10c0
[  241.609109][ T6679]  ? __pfx_do_mmap+0x10/0x10
[  241.609136][ T6679]  ? rwbase_write_lock+0x56f/0x750
[  241.609183][ T6679]  vm_mmap_pgoff+0x2a9/0x4d0
[  241.609221][ T6679]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  241.609254][ T6679]  ? __fget_files+0x2a/0x420
[  241.609275][ T6679]  ? __fget_files+0x3a6/0x420
[  241.609300][ T6679]  ? __fget_files+0x2a/0x420
[  241.609330][ T6679]  ksys_mmap_pgoff+0x4e9/0x720
[  241.609360][ T6679]  ? __x64_sys_mmap+0x7f/0x140
[  241.609392][ T6679]  do_syscall_64+0xfa/0x3b0
[  241.609418][ T6679]  ? lockdep_hardirqs_on+0x9c/0x150
[  241.609441][ T6679]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.609461][ T6679]  ? clear_bhb_loop+0x60/0xb0
[  241.609484][ T6679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.609501][ T6679] RIP: 0033:0x7fbc9c1cebe9
[  241.609516][ T6679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.609530][ T6679] RSP: 002b:00007fbc9a415038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  241.609551][ T6679] RAX: ffffffffffffffda RBX: 00007fbc9c3f6090 RCX: 00007fbc9c1cebe9
[  241.609567][ T6679] RDX: 0000000003000007 RSI: 0000000000003000 RDI: 0000200000000000
[  241.609580][ T6679] RBP: 00007fbc9c251e19 R08: 0000000000000008 R09: 0000000000000000
[  241.609593][ T6679] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000
[  241.609606][ T6679] R13: 00007fbc9c3f6128 R14: 00007fbc9c3f6090 R15: 00007ffdf9579ab8
[  241.609639][ T6679]  </TASK>
[  241.609649][ T6679] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  241.609664][ T6679] CPU: 1 UID: 0 PID: 6679 Comm: syz.3.163 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  241.609685][ T6679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  241.609696][ T6679] Call Trace:
[  241.609704][ T6679]  <TASK>
[  241.609712][ T6679]  dump_stack_lvl+0x99/0x250
[  241.609744][ T6679]  ? __asan_memcpy+0x40/0x70
[  241.609767][ T6679]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.609798][ T6679]  ? __pfx__printk+0x10/0x10
[  241.609836][ T6679]  vpanic+0x281/0x750
[  241.609867][ T6679]  ? __pfx__printk+0x10/0x10
[  241.609889][ T6679]  ? __pfx_vpanic+0x10/0x10
[  241.609917][ T6679]  ? is_bpf_text_address+0x292/0x2b0
[  241.609959][ T6679]  panic+0xb9/0xc0
[  241.609988][ T6679]  ? __pfx_panic+0x10/0x10
[  241.610038][ T6679]  __warn+0x31b/0x4b0
[  241.610078][ T6679]  ? path_noexec+0x1af/0x200
[  241.610104][ T6679]  ? path_noexec+0x1af/0x200
[  241.610126][ T6679]  report_bug+0x2be/0x4f0
[  241.610148][ T6679]  ? path_noexec+0x1af/0x200
[  241.610168][ T6679]  ? path_noexec+0x1af/0x200
[  241.610186][ T6679]  ? path_noexec+0x1b1/0x200
[  241.610208][ T6679]  handle_bug+0x84/0x160
[  241.610238][ T6679]  exc_invalid_op+0x1a/0x50
[  241.610268][ T6679]  asm_exc_invalid_op+0x1a/0x20
[  241.610288][ T6679] RIP: 0010:path_noexec+0x1af/0x200
[  241.610310][ T6679] Code: 02 31 ff 48 89 de e8 50 cf 92 ff d1 eb eb 07 e8 e7 c9 92 ff b3 01 89 d8 5b 41 5e 41 5f 5d c3 cc cc cc cc cc e8 d2 c9 92 ff 90 <0f> 0b 90 e9 48 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c a6
[  241.610325][ T6679] RSP: 0018:ffffc90003ccfbf8 EFLAGS: 00010283
[  241.610344][ T6679] RAX: ffffffff822b927e RBX: ffff888031c646c0 RCX: 0000000000080000
[  241.610358][ T6679] RDX: ffffc9000e7b5000 RSI: 000000000000006d RDI: 000000000000006e
[  241.610372][ T6679] RBP: 0000000000080000 R08: 0000000000000000 R09: 0000000000000000
[  241.610385][ T6679] R10: 0000000000000100 R11: 0000000000000003 R12: 0000000000000011
[  241.610398][ T6679] R13: 1ffff92000799f90 R14: 0000000000000000 R15: dffffc0000000000
[  241.610421][ T6679]  ? path_noexec+0x1ae/0x200
[  241.610450][ T6679]  ? path_noexec+0x1ae/0x200
[  241.610473][ T6679]  do_mmap+0xa20/0x10c0
[  241.610509][ T6679]  ? __pfx_do_mmap+0x10/0x10
[  241.610534][ T6679]  ? rwbase_write_lock+0x56f/0x750
[  241.610579][ T6679]  vm_mmap_pgoff+0x2a9/0x4d0
[  241.610617][ T6679]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  241.610652][ T6679]  ? __fget_files+0x2a/0x420
[  241.610681][ T6679]  ? __fget_files+0x3a6/0x420
[  241.610706][ T6679]  ? __fget_files+0x2a/0x420
[  241.610740][ T6679]  ksys_mmap_pgoff+0x4e9/0x720
[  241.610771][ T6679]  ? __x64_sys_mmap+0x7f/0x140
[  241.610804][ T6679]  do_syscall_64+0xfa/0x3b0
[  241.610832][ T6679]  ? lockdep_hardirqs_on+0x9c/0x150
[  241.610858][ T6679]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.610879][ T6679]  ? clear_bhb_loop+0x60/0xb0
[  241.610910][ T6679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.610931][ T6679] RIP: 0033:0x7fbc9c1cebe9
[  241.610948][ T6679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.610966][ T6679] RSP: 002b:00007fbc9a415038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  241.610986][ T6679] RAX: ffffffffffffffda RBX: 00007fbc9c3f6090 RCX: 00007fbc9c1cebe9
[  241.611001][ T6679] RDX: 0000000003000007 RSI: 0000000000003000 RDI: 0000200000000000
[  241.611016][ T6679] RBP: 00007fbc9c251e19 R08: 0000000000000008 R09: 0000000000000000
[  241.611030][ T6679] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000
[  241.611043][ T6679] R13: 00007fbc9c3f6128 R14: 00007fbc9c3f6090 R15: 00007ffdf9579ab8
[  241.611086][ T6679]  </TASK>
[  241.611442][ T6679] Kernel Offset: disabled