last executing test programs:

26m55.836530412s ago: executing program 2 (id=465):
recvmmsg(0xffffffffffffffff, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f0000004940)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000003740)=""/4096, 0x1000}], 0x5}, 0x2}], 0x1, 0x2, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_group_source_req(r0, 0x0, 0x60, &(0x7f0000004940)={0x2400000, {{0x2, 0x4e23, @broadcast}}, {{0x2, 0x4e20, @broadcast}}}, 0x108)
execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300)={[], 0x1f}, 0x0)

26m54.155089406s ago: executing program 2 (id=467):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f00000003c0)=""/4096)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @broadcast}, {0x0, @link_local}, 0x4a, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'veth0_to_team\x00'})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_DEL(r6, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000880)=ANY=[@ANYBLOB="380000000209010200000000000000007c00000024000200140001800800010064010101080002aa0c000280050001"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x80)

26m50.763437531s ago: executing program 2 (id=473):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="05000000044c00000400000009"], 0x48)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140)=0xffffffffffffffff, 0x4)
r2 = epoll_create1(0x0)
epoll_wait(r2, &(0x7f0000002a80)=[{}], 0x1, 0xfffeffff)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
epoll_pwait(r2, &(0x7f0000000040)=[{}], 0x1, 0xea1, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000080)={0x9d32f4b220c65367})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x16, 0x8, &(0x7f0000000dc0)=ANY=[@ANYRESOCT=r0], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, r1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x2000, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000021c0)={0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x10800ff, r0}, 0x38)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000000)='\xc6o\n/\xc2\xaeG\x1cP\'\xac\x1fGC\x15\x99\xa4\x1d9+\xac\x9a\x1f\'\x8c\"\xab\xb4wA`Oa\x17\x8f\xf7X\xabx\xcd\xf1\xf3T\xae\xd2QZu\xea\x15\xb09w\xe6\xc8K\f\xb2\xf0\x83\xe5\xb1)\xbb\xa8\xf9\xae\xb5\xa8t\xc3\x84\xb0[+\xa2\xad\xb0\x06\x8f\xb9hd\xcbv&x\b%\x86L\xf9Od\r s\xf8f\xb0\xe2N\xa9\x87\xfd\xb5\xc9E\xeb\xbe\xe6t\xdf\xe4\x0eH\xe8\\\x91\x15\xbd\xd6\x7fse\vYV\x85\xc6\xf6\x95\xa8q')
unshare(0x26020480)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x41, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1b, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="3800000000000032b15276121eebb901a1e6db909b100000faa3280e67957126595e61cbde10d2316b33c730abb68413679c1fae8570dda934b518b8c8730737f0ae64470e98b4f023073f5d8f7c68d0"], &(0x7f0000000340)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41000, 0x17, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x2, 0x0, "00629a7d82000000000000000000f7ffffff00"})
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x1, 0x800001, 0x0, 0x0, 0x0)
ioctl$TIOCCBRK(r5, 0x5428)
r6 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xfffffffffffffffd)
sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc008}, 0x4008010)
r7 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r8, &(0x7f0000000440)={0xa0000010})
ioctl$TCXONC(r6, 0x540a, 0x0)
socket(0x400000000010, 0x3, 0x0)

26m50.483906663s ago: executing program 2 (id=476):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000300)={0x5})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @broadcast}, {0x0, @link_local}, 0x4a, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'veth0_to_team\x00'})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@newtaction={0x48, 0x1e, 0x109, 0x100, 0x0, {}, [{0x34, 0x1, [@m_mirred={0x30, 0x8, 0x0, 0x0, {{0xb, 0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0x48}, 0x1, 0x2b1e}, 0x0)

26m48.436044466s ago: executing program 2 (id=481):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0xffffffffffffffbb, &(0x7f00000000c0)=[{&(0x7f0000000040)="e03f03003d000b08d25a80648c7494f90224fc60580002400c000400030082c137153e3719ac018000f01700d1bd", 0x33fe0}]}, 0x4000)
ppoll(&(0x7f00000005c0)=[{r1, 0x2743}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000005300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$9p_unix(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x802ca2, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xe8c}, 0x2a, 0xfffffffffffffff9)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), 0x0, 0x0, 0xfffffffffffffffe)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_update={'update ', 'default', 0x20, 'trusted:', 'trusted:'}, 0x20, 0xfffffffffffffffd)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x80)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

26m46.788778459s ago: executing program 2 (id=485):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f00000007c0)={&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@zcopy_cookie={0x18}, @rdma_map={0x30, 0x114, 0x3, {{0x0}, 0x0, 0x10}}], 0x48, 0x400d0}, 0x0)
r2 = dup(r0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000002080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
ioctl$GIO_CMAP(r2, 0x4b70, &(0x7f0000000000))

26m31.719782683s ago: executing program 32 (id=485):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f00000007c0)={&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@zcopy_cookie={0x18}, @rdma_map={0x30, 0x114, 0x3, {{0x0}, 0x0, 0x10}}], 0x48, 0x400d0}, 0x0)
r2 = dup(r0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000002080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
ioctl$GIO_CMAP(r2, 0x4b70, &(0x7f0000000000))

22m51.118692628s ago: executing program 3 (id=1142):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r0)
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000012c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd700000000000100000001800018014000200776c616e3100400000000000000000000800090000000000080008"], 0x3c}}, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r3 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x73, 0x86, 0x40, 0x20, 0xc72, 0x14, 0x39ac, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0xa, [{{0x9, 0x4, 0x1d, 0xf3, 0x0, 0x71, 0x6c, 0x75}}]}}]}}, 0x0)
syz_usb_control_io$hid(r3, 0x0, &(0x7f0000000540)={0x2c, &(0x7f0000000300)={0x0, 0x9, 0xa, "266f8ab77b7e84f0262b"}, 0x0, 0x0, 0x0, 0x0})
r4 = gettid()
timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = syz_open_dev$cec(&(0x7f0000000240), 0x0, 0x80)
ioctl$CEC_RECEIVE(r5, 0xc0386106, &(0x7f0000000000)={0x10, 0x7, 0x3df, 0xffffffff, 0x0, 0x9, "26000000007f5400bfd6907a2800", 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0xe})
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000400)=ANY=[@ANYRESHEX=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r7, &(0x7f00000003c0)={0x2})
mkdir(&(0x7f0000000340)='./file0\x00', 0x80)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="d800000019008111e0020f060d8107040a60000000000000001455a12a00090008000699e3ffffff14000500fe80817806000567b8b7b94002000009080016060000000000000000d67f6f9400f7d1d9bbe94fa27100a007a2f7457f01896034277ce06bbace8017cb39b62ee5a7cef4090000001fb791643a5e83d42365f003724a237ee4b61602b2a10000000014d6d930dfe1d9c322fe040000005025acca262f3d40fad95667e006dcdf634c1f215ce3bb9ad809d50b694138c9f1ac76efb42a9ecbee5de6ccd44242f4d643f6fd0f26187b51980dd6", 0xd8}], 0x1}, 0x0)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
unshare(0x20060400)
pread64(r9, 0x0, 0x0, 0x0)
ioctl$sock_ifreq(r8, 0x894a, &(0x7f00000001c0)={'lo\x00', @ifru_settings={0x8, 0x8, @fr_pvc_info=&(0x7f0000000140)={0xc, 'veth1_to_hsr\x00'}}})
r10 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r7, r6, 0x2, 0x0, @void}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000380)=r10, 0x4)
close_range(r2, 0xffffffffffffffff, 0x0)
setitimer(0x1, &(0x7f00000001c0)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0)

22m47.014811928s ago: executing program 3 (id=1153):
creat(&(0x7f0000000040)='./file0\x00', 0x51)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x8400, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="d56cea33946c0eae3241d3604bfce89adddb2eb96960338db7572fa254eb7c69dc0cb526989630e26224c258c8d70ccacc5564d67723f4756c0399174c5460c4995942d24092c36dc820e97344798b5bb45423f853bf50e374323abacf0388cd091016b7a3d7843f4d3ae1658bd34d967e3323a64908442788dbc99c1f4248da53fb5be2c8001236b994ca594e3b3c588beaf3cb1c32c072d768b9e665e7d87044fdfc1fd6452593e6793963153f3850bf85042a5c139799ba8f6cb8d877fc436c4f1601270d6e29d60a4c80d6315e46f4219494ce897127d0b76f5d681e90f4e9282468ef7993cd92076aed266c1db8b81b93adc4969c9b89b32b8768c9f39f2d148e933dbb651746a9364f49986ef73b4c29f647b82b83216bb8179fe5346fdacdc5fda4bd48875cd2f1cf57a0c9a91e059446bac310a6d68948675c35a8e442168fd84d78d9800e5b05bdbce3a6eac65bee7279a3628f2a08931d3d52ce490652c20f8ae529eaf24bf421dad976c68b234ee6f6210c9f9aac3a55c6939d6aa3805b95619546264ff3ff82d0dc690e8ead61b6ed528c3c117cd771a3b7feb214ce8d720640d97f14b399b7f46dc4aad83117e8e642ccb117d13f345536fc3801c124cfaf8aa7aafff6c8df3fdd4469c077eccbd8ddacad80d9113dfde26ae67b226185743b2d53667fb3016fe114f87484ab614ddf0887c4b2c85351ab21a0ece6c066a154b38b4d7c1792d2db2cc5f8ceb42078187949d354b7a08d1529f3d10814757179c860db031dad4a3dc13ca01d1013238ed5f7a9674fcc77f0d34e2118fb851c970d86ecf9de1cfdb8d3ab197480e263c3207c3d7ebe17f9547c7c56b08e83de875294d0fd68df1926ecac24350b2c70bd73e14122ed480c564353d34049e67c26036fc35d04022cd35d6ac00756d3b8550bb22ae80a4bd630a00268d07fa249b0bf545dfbf01bea2f12b30738c6e13156244eb24e6d69ba7c3acdbbefe8bbc06b821aebf836ca07a3cc7b6b24686ed8f3b23085c893e72188b797651c5ab5cceb1465414a325f793a3af6d06eed7eb734ad05bc1f6619e8485259f570a482a67273ee01fe15dd938afce026f1111c7a38ed6d1aba34f009ce1e99140fd0db2de74150541fd48dd2ec5b1d15669de2ffe3a198184b6186ccda31aa64c585ff8cb65b67fe1455753895a88b6ab4c6bf1bb8329739178147e6f15801bfa707bd9ec9da662573ce07af684bb7c880a7d63b0a0a7300881408c44e95c679ea32b0eab845d0b333f245e8d6006258678704aa8cccdaf80cc46138d5b7a0804fdfa34c91d61a0d2fa6c62e7d1a675e5743f845ab40ea5df0182d6eb9781905c94751c75a411699a76f48433142c5f109d5dfddcc0b1dc6254efd5ea50d6ffbc7b9ca031e1a0123844b63c48b964645c6d24707582825e219bcd61677ed4fc45ee1f4be91b4c1b856d65a86acf22b8b0d588bc473248ac040326b1490c2fea24bc0c0a721e2ed63e39973cd4d38df1001dba9b9d995c229655dd26f3cd3d64077ec111e2c370717cb4cd068e0d3a52f1027d3df953e1f1ac768a7215a3695722b1b6714ce43801451a9532212b651d073c780d61712aebadd145c1cd95c1dc0dcf51850046ae5771e365f45858a36e48afe563ec0afee3803ff6a35bc25217b53eda39bb813b8d3d728c21a0b80d014003143666c0d1398cc46a01aaaf97117edda217f984010e7c5cf32535a669d4f11f6b70e3a3b823987ef7c9f878415063bf05205e13bcf7acb287bd0bb0fce77529a711f0ed145ea2ecf2194658dff17c5681cf8c7ad8521d235a705292af4878b3f124be2df661026c091d6c07aae1a74c919f7478d1083f70b3a0fe00c2e220ab998b4595268b6f7cabbfc85e59dfb6ab7a794cd3fd70d5cc4d70ca933a4452df5a345cb31f3267de53519ba39c915d492cd4652843f1d30a5fb311e3b5d868347969f013c5e3b4841b22240abcb61a14ff567186766ce8f6ae64877f672835dbff4fcf19c8230d8a402397630effb698a8b0c9a28ae028d7938ffde488fd64113085bce504cd0551e0eb3730c3f781cbecf0c41d2338766d3f6096661c1f1bec3162b8a0c4099fccd9480e821df8782c2e070530befb62bccd8539fe9dc7d8d3f9bded1bb34db3f2d6050885c8f1d57f5e603f629de7491f5fd9fafcceb565abeaec838b10a763a00a4607d4330bdcedc066d8cf9790d806e03c219866bb8f053a6e602645436d1f469df1d5008f5dcd4bdb7ce5b76ec015a8f4693cb2a63ceb2be00bcf221f0ca32db4efaf8f7022622b335fa8dea4afdd86be10be6c4d66e5f57416add4480509cb98cf31cdda84644eeb782eea041d4bc0e005a20bccc3c4a08cefcdb91cc2c61d9231c4e36e96f6edd2133f9b34e7da90ce20d1c60ff223c6a204bb942766a359b923573bbbaf2a827d79e4f649e79a840216ac4ddb3409c94e71ff08d109bc3f0cf6583219de7d7131a956f835ecf5c131a0b1e056a86d800a0204243f3b695029578c064306a31db53f28a8f0c0302486cd05970904e9b5c53100ac1aabb3110a89820e4d8307c3d46084999d0456c53fec61a9242b486eb41a90f3300fdfd0d8a472e8da7a842588721d1df1f5e4cc425efebc75a904ef4cc881346a4bc23eef4d492e3efccebab86ae4213f42671370579ee7f8341396e9515619e100a8fae2c5cba0139a088579ece7a603c8b8bab9998223fe862dff8480aeaa5970c90b894e5f71c2784e4dfd50ed3e9ed91036e8356c09464de13b4a95227203133b2c2c71cd6323492f083bda58ad7721b6666b9cd93f93f0288482813fd8aade02cca81cd35257e023504ac4f86be1c7a810b67c6d7077f5cdbd305b618a05c03d196894bfb1a6ff511e59ac8ce45d16cee95e1de0797a543728caaa43e5ae42a12b6bb7910d18d4e1ea89d264491287eb23a76095a12a39c46a7c85349e2969edaed3c1fa6a2150494f63f4c98c65fcdd650ac7424ac1ae64421294356ac1e4dbf9d4c817f081f4f7751ebf56788d799bac29dc0bfe83ead7ab3e338b8b84df4cad2b549aaac4e6048a6fa8f8f6f1f7e0e51c8b3c872f18c466e590222b03230f46bc8e9a0171bbd2096c7a480d6a6f29bd74b60105bebda42e59cc830c4b31f6c52687b4ec2ba869149ae363d711d099f94ceade1ada193e931ed9aea0a280ed5f25ad5ab3b4083f140ca17b43e5f6aef2c24a28a0262c80a040187e052ea7d54a528b6fcc176ed3afc07fe6a661d050fb4a3a6abfa3dac5f3230540b45af060781cb5499c2894d6a4a2bf908ddd48d6b34207f56c31229e206c88db3552ceb6e82a0fa2bf7f97baf603d37d6a8b1f2b1f5f95b251129ed05351681908b7cf5cf6cc86dd854174cc19713b4d262b021952b6da5f20f57bbacca62f5b7124409aa625bbea59819baebc1bc2dd188feba48c998d0dbed60d44b8a4f0ac28f6c1c8c9998f7406f1a34e4ce902be2420f7ff51a5ab3b1faa86ab2ec1edbea2493cae090abde43ff27d685c993dedb24eb255772cc56fbd104f4f5275f10d54d7cacb8cbf188ae1a4d29ea880068fb2696b3ba6e8a7c15939e1f7c394ab4bd4c4bef2383121cbeb18646a8e013d570cee3eeecd7fbe84a619f8aa2e34f2e1e9b99d0c7d7d179d9df8d2e2f1cd7ba2c7e60166dc14e5e4ed9c41195935e2884b5bd0057ed0155a5d4c6482e8f554e4cd0d0aef7d6487801ab54d54eb41755d833ab83883b40f47595063ad2a0fee5c661f86b8ab04ad0047d988ad86b3c520eb78dc3d750a57e777f5d766349f1a687e090f744206cb5d048346061b414060f6826d8a884e93f73f1f1f4cb8bd6e8d1215d436d390dbda35b555f550e11e6d8008fce1c429bd9bbd04a1fbb9de28663c1be4d8d7e506bc681ada28a69014b972919b5f70cbb770349324c9af0b7ee7ff4cc8bfe807fb9faa0a69498448b22192d578a1e82582b943051beb543ddca8b643ee6c76ee32278aa8bc92b44a8439a24ed5040545349ab05e831d4511a8da03ca539659585b2267a73775f1cb7c2c5548d3508c896f99a8e5cb55160ab1267e320ac2d7c8f8b57079dd14d301636a1374e24541f8d453978998ed256b381bcf638bb372ce1ebefb341656c02f4092a7667ffec5505e4938dcb03d404654430e244f9f7f7d0fb4189a93f7c2bd7a4fcb3ccff79e41a98adcac3e4c19eebebaec15bd8cea1df0e509cdef62ae10c66734d162caf35a6e511baa717f769c2e449892224fa8ae78de9138cf6ea1d939998a8cb68b0e83cf604e03b99634796d3d495e4617f8fdd9764631e7ed6eafa797deb1159259777bf2915d48b63286f6d6528ad4ca5783609263d9a03aad41ec8ef1e2e1e77734d27229f801192be238468854945c20dab4e1baff9dd593361efda1de95e04561d33cd73a45dff5f85b2e85b0747a49345ac8d38add8ef9c14685eb3d3432f3f994e3ddd4e45b16005870485253afc4f08d8a6d8023b722284d11d56c6ff9209a5bacb7ce1708244bd21878b8cd5c13ab453bd589f6196322de9faede39ce6f94c75d008d2d7ced27a2375cc62c3d5c15c1c4301a01299d8f4c41e5a44e4130e9555a356d6b19728c7d3c86cb9a1ddf906ab63a9447f8233bcd09bd74cf9749f085f0c4689ef40dbc41a7a299f0f891d9d0d3e39409d4d774da53bfb6e8ce668ce50885558e909add2cb9bda2f7e9232541b1a7f742a99740f486ef4f7c98e4052f2da705c56a18d5a8289ae6cbb9dc7de13a8cf420b7a930abaae813b40517d84ae984dfc94cd1021e0e4a7a9e7de841018d474083ca28a829ee03fe625cafcbedadcdef6621ccd679fcd9c9a9ab2136211f8c9a679895aa39facf2d6668e5098b3dd8e0ad78d8caf250dc38f2c9518bccb353ef3418d3906827514c1959d58344ee11a0ef1c1424495cc1a9910187685a47d6dd91f07e5081c5ac3f1b6e363069694dd9072684c5ab0ba56157c10f5fa8409e5bc43b38b31f24a306ca5f7e3de9a392eac1984e877ecb3dfd044f1449b4ae9b586051b1780c0ce462919f4a4b54ad8011d013c3962fc6697d33c2dc6771fec664c82cb16144619b207deb4391866d6c1976b945c5959d19018f15376ce3b05666747743527f22b54171da4dabee2f4e469a5521067de4f92e2bad02e15e812b6cbd27ec88a9eccf600ce7f5643392da9ff6b6412f8e7c68d8c8b9e0006e41777e2a1363a9556befbbb110dff3a84b179da3838acde0b25f53798733a9fb463d76b630aef7c8a43f6219482b34b893fd99cf3a013ecefde7c5c6528e304c1868ff3fd8dd5aba348a05dc950b1c4c281cbb28b800d6d0da180fdee06ec3bad6f97180295ed1d77078156a885b5b0c501ea563e8871adb97dd6052de0ab369bf2d98f434bb2d172d9967bb73d3eba6b52bb8d55d8963bf58d310afedb51c0f94c7814b6da30fd8056ab7be74ac31b1b75c217e3ab93eadcb2d253e5d8bbe47c0f1a411a9e502cf4301d898d905cd5db828e56a722394fa11cca64a03a42e7fc1b3481b71ca0b6a3d9bd1fc8229f7f9d3e6aa0d48051942579fb759201d4715db9a2d399e0745a66dbbd571accf1f2e15573ce832e91bd1f042ab758d9ec13e354f38454cc42668c8d60358916f7e937015f6c38732bcf6131ecde001892cb20fe47153e7e23b1cd2fc4a22662e7bde09f7df10fcbf475783fe23a0fdcb2c3bd8b28453ce523ac19ff77e68c3e9fa0193b796ea68f44132b3a96adebc04181e503f52be4778ef422ce3e6ca38514fa18b500ca518590479e8c73a7942dc2e237d82cda953ae1b296b97ee8ed62e2e755d6ddea7c0334e1b8d76c278bdc454724003106cb6fdc85340d1e784ac8b6551eaabc33c502163ce0d401627bd22ba6be90089372bfa3f91ee745e45844ef8dc0fe3936bef07f9c1d3aadfa4c8e99be6b038bed6beb9597add881da2acc1a3a471f500d68f639cd2bf6f4afab919a2cf747bcbb42b95684e8741b485c3297cf07c7bd98d6653421b61f701a06b82be0fbeecd32eb00feca9c5732bb5e565bccf8c9feb27a50760a785bbb50402768cbd458811e284a604b3374faf3480e1736743665617de9c32fd10e37105ac6dd5303f1a6dc78950bce56215c2a2f9e0ccbc0bf9fe8ccf7647ed29e2aa4948689d681a7a9fe582631338f3eea3df846f28564038ab75aa2a8ee5416b66ceeda9d8f56ecefe07f6a21ace83a2e15ad408d0a480f56708e3d1c96020b124c58f6ff5247f73aff7f77d389167650b8a0b98c97f87a1e5d6c08fa99874ff144bfa905e9da3812f010eeee00f3c9b594450faab5342e1b6e98fed5714a802b67b3e5b1964a62606aacb8222efd4980823f076675ae859e64de7b08f7a0b3d8bc829e1a93eb3b4975b4761cd7fa743e393da537c91f658ea2b23c94244498cdc4bc32c8b9859b9d9792eeabdce635b2d61c311949204826054dba0880505e2b53cc3521fa8b68bbba2ec05050bd3244c02752af1555625ddf50a3656c0043005c43c26a2dc907d5dd67efa831ad974151067b436a75fe99b8c94c9ca9737279fa1aaa09b0108c48c79c7e4ec1eeccfd43aa8e7ab6cacf5a956fc47d4ce77fe719d6eec1730d3e3b3be71d313f644177b6d16df0180848c28b850fbf71168a1ee4e5639bc46f2555b3984dbb91520538dfa6a1905abfb7238ff344d0a7d760f040718a57cfb56634e7de7584097f69f87630693bcf410796266cc3f50302feacfb556bad2506b7191023817527dfe5973101712bda922472076633133a11a76e8bc7d763a2cdaa53fa8d47d442fcc572f791d66d10d8d6a9058ecbbcd6d3dbe45d67b75e1091dd0368bea33ef0f56ba68885630429c24800922062e1066f2d4c4b795332ab03239548df4e6e01c432fe5eb29e8e63f6c7ba4f2edefa208c69e781786e4717c2f71dc2032a98cf1e6d66c10831e17ee776edc6b060ae20d025dc570a88e17da771acd32b7b93d46e43a917b8e2ba8232ad2707324b9b04dd8ee50c3c5a4372c0b1461ab2b7424faf00c7162bd8e8ffc7fadcb055403b0fa7087226ba4330e746af97a3f915f0b9e105759e81fe94a0df0cd6c324fb0b871491b5516c2fbc82c77b07159e3f4c0b7952b74cb4e203a69f241485191e1afc76d12a56db065b0513a41582f655340603c73cb39b728c97d1e919ecf963b91ec2282d25dc426db873394055beb0f9ba20545e2465ce2d0d962f42e1e4c79bdea4cd2829269ff7ef650bbeb5083d39dc7aad668af0b01c521192c548857473b29991f7bb917b5814fe945f4c3ed9bbe0563f4004b391b76860e9fd6b7c0baae82e4ac033f62a2c6ce6a2311b8700b06b5215e604a9b99d37e00450fc7790e893176e9fecda220f838a078a8ef7da7d499b1fe0eb8780c4b9705a6a10674e61b5c228fae1c13488f98c10c1792fa40229dba44b1cb534f9fab6a14407687761d738c91f4b8d4371a1de1a47bde0563a6fc88c4886be5d48c4cb89078c255eb1639598379daf50a672cbf4d8add2d4af6c02aeb1d0f86b611abd363409c7c7fc0b66f307ad3df24241fe06d0f7617d6c3987bb9e5d8f1712aebf095fad19b3b4fcb9cc4fb39012f333c4b040666259ee7bc43cff299a527a8914d71324e91c774b84e9392e615453e9fc648c539059b66f780c888892fe8b30eba799ed18fab08ebc3b9da8bc12a249456351bc0ebafc9f54d5d24697fb53eeb5e734527d690620989f605f57dc65a15a754d304be592acc616cd528b6986064b4457b96cf1fb0ab383a0585acf9887b18e1d6d3aff1e7f2328ea0313a2b36f6f79d671d9ddc4d34fb8fb55a596b2a16c63757083fb4bd01be2e1d82e47c5a44e052279097c5a18feae9884e102cf087611a3b94467ad61635dae6275974f6e6ca7a42ded0ee4577574d56b142853a8c955d92d1eb780de11dc9289acd193214ed4c9f5f26d0481cb3c0c0b8d4c9ad929c61ffeed66bf2e4f7018049593b99358d93559847d55654cee93da30f6578d2e295909791d227a12c09cd4a0edec25d3155086b64a787997a53265cbffb7fe6a2bfd589e12b4d0e21a600276e920397888443584aa99a06d7cfef8e68eeab8fa739c3d8fb74581ceff295110742e763320bed3a4be982b3ebed15ecde37e849aaa91959327d25149f38854ea1137f870aff99979e5e74cc9e45be12e3f0f9912a0955e718a4917e835bca50f43ce92a6bc60ed006b8f623fbacebbfb3dcb4fabd9941a5487c6f637de9a2005a6bc4062e1210a08a51d6f8a5e3f6f97fe90dc7e2e21d4d2f038c0fbc1918aa00e230a4a0e5c41a4808fb9a731271fcc1e73713c9592aa4b2ddccd0d13c3cb68d51166623153445c9ec955c6870dc8543c0684883186082e34ea5714febf8b46921015c3623220d17529896e1a6edac6e32fea2ba30db203238300353602c17dddad7608cad8170b520f6d9d32cdf0156a1de4e9b9eea78f73255ddc6da6994a6018ff900d9886590602ca6a072d8aa5645e2adac0744e2d5b2e1038c746635d5814692c3498aa9043b68f8ce79c44678c5a7d5bc26c085475853b229b2af3dc822ec58047f313c778aae2b64995148174e42908f3ecacd3921855790c0c5a25814416930293010b4f917979d837f4ef9d2d6dce804f5c0926244097746252124a6e0055559ffab197c38778f717362152af8f6dbf7ee03df050ab9b8909556691c2c2775f0f9c26a545db7ba698a4ce37de877705ea97ac0a002db274ea8360a4aa732c2d5e7417138c60cbea69d3b4993ada6a9d8f51d851543a6500a31bac5a057dbef498001f08a44e3c4141900e18b6d73c28c8c67dca805edeb5376384cefe75be1f127225e4d9724b7047d68fa2ed4629e91711a37c80158a07dbce78918931402b472a98a5d5c6b66a2d116314577e94298c37bc441499a9ecea132d87c5d305a0f8f0b3ed16f3b820941082c73b28391d8482ca0cfa78e1e09aa588b0eb1849c6c7916a6bbe56134a6bd93ea306dec125982628dea1db6d022d210627959e1dc819c841f173ed25f356909222e481a1ebb31185fbaeacbd359d2779efe4554ccdac7f4bcc528f656a45049331e16e9c0c796423ec9c7cba15c69d4a8a7741699910f33cc9798a8bf1e48182f08029a14d0131654fd388225d7509e1d7a484e9c7df34d1680bfc6b8d1f6f3920cc4113509fe42dfbd6b261000da9651f7e18088f6c2564472046e5eb7e8c9f8b5286a7452741a7103ced710bfb8e699fb8b1a85c0ae887cc06ef2ff9e2a2b1a77bb4d44ddd4a4e1ba60afcb92baaef108b60486d409889cbb2b1cc77ddff7e4b6caf8cf3488764d84bf3605eb9df709ac6cb36d1a3de89cdd6657f0e6b4009e6dac5d9be14f4ed997cf61e5aaec932520c321359cf286adf6e2dc3094794ae61a4f16089d06e3dc62c958950e73213c1e865c894fe7b8a30de65f5534a1e9c5d19ed49397980126322cb9c72c46a86d7487571300d85b3b5661555f20ab63a78f846c1b8f51a19610a11ffee44f7ccf0f1d67f4148b2c828d74c7f3993965c9067114467a71d242113a68574e28601fce343a023ecc68a72d75259f9a5dce144a7f61ef327192f6474d2bbd06fde3049fe7fb306ba3f54337008d7dbdeaf28a37a224e38ade23adb076cefd3148efcb62539a96d4dfc53f369e34c3d493ac3a5e8c8881133be630a2a906703da62ce7cc02ace9f666d6c3d4b9763a83548825ee1efb54ee3475b09e2616c5bdde3d193181bf020e8ac9ac25f32604b6c11de8ad1a15b9f908c6d7e79181aad1d741b7434aa92597a835c53b9e4b61d6069fa4ee921824d17c98784a8c04590f8d2cf877662b410cae4ebd1ba3616074c020d8cb6099a095735635490d318821310ddd016150edb80370b8d4e2f05557fd619b17192c13353cdae76d495821c610c8641e5b3dff1e7f2ea77b17810ca7975b8e36b7f501a8710b326ef92672096ef66598510902fe663e2a9ef00c3a052f1cfb1739fccb4371f8f28bb92654de5bf87cc2863e92e6d7e4b45d773f90f434eafc8f8398a48527af829a6cae359e7af5941bef158f53798058351107ce58f79ed21036770f6e10e7da92bbca25f369ee83a0f894bbf366a1361f8125b4ffd8e8b4d47ec68cd6b37c840cc5beb8cf65b2269ea1a0e9c371a571f30458ff8ad9bbf8723c19ddae1de5ca7461a436ffcd103c01a20f3252ba0965ee928cfb0d002b9aa4d4f20c805b77e67c8d991c4d07e5419bec9626a32c115d28253dd5f16c17182c1779edf49bdfe3823d87fec88929801163a27bfaeddfd8cdccae8cc3bfd6a9f2e2fec5971fa560c434debd434ff4d0058dcb05d9f3ac5193c458472d6d1685f9f46c8864900c5edbaeeee08971ee1c087f2e11467ff4766743bccf9e3414feedd6dcb904b92a05eec5de8db95444b920c995c770edcedcf7bffc48836c8f30037dde47f0e66fd79550de0ebc3c0c3eba0b66e2a353542eeb20397800e5f41635c5ec2f9a271461bcee8e570ddf945b186f15ab5cabe2a3123189935c6b9010b31732c425a9b2582b097486a5a7b1880b2f16104484e1ca83fa9c278b87e30e4b0cf6ed66c87a979c05683ac94a295d1c53e6f0975a079dd9a2825fdd6ae0926ba1a69f3f69f408eea9d00fbd43235a52c53d11963a611b81dd9f5e05582e1822398873e883662a64c225be19e0b85e102e23fb73d5dcb11435a5437d7418b0409f2e60793038f55ed54c79882b3a17e74ae2148bd558d131dbf446edeb0d05353492534e216761cfcf6582d066a8235a2bd5eb383350a52d7fc2761514e27b6125cb3e387c103dd62e31f5b789c217811c80ccbe3f10fec7a19ad32dc9271368b6d6ba549c45dfd8018507c40962b6ac6468c3078edb71d8ec7f728be8cc23dea1139ac30c2e8d0fc077280e420fbbffc896863db5f1e76922d7dd8e4479c1be822e74212c6f74765e108f916a1b83f6efc8ea54080e9a28b1ba5813a1fefddbe2d0cda413ee1463985b51b59f818f440c9b6a10e4ebf71d37995ae9694ba5867ca2eb2f7bf4e58d26149f2b25943fba216beb3de1f954bcf1bd32ce358b5d23023ab456ebbc493ead41e25b62b5b4ace6c5c18c9a8d512a9cbb4dd59f33663f6138d6b06bc8eb1ec9caccc0077b2e68e7a09d412dfa352e7e5c3942b710ab1648e16d0adda424d9fc2d15c619f4e8093c2b9521e4cdb3f22e655f52ce0fcc1bfd94e56cba8decadb68214451be53f9286c82d2a4912bd2394d1133be908409d791d6d8c2194ca37a76a38d6d0a1fced6478848891d9264cfc08fa849d720339ce00977cad8d9738372184098a7333dd1564d1d7754b4aa4afd6217585804159d31f53017869cb78b718c837b7fd176ce19e3d6996b6f055ed3ba7cd55b0349676c0c113c33d070081ce4ef29af156c4ac8ce760013688d0295d90271e23ef3ca10ec2b3b889855a153c867ce79297a10a02d21e5e8995fbc10d2f4d4bf521565376053b80937bfafaac688108f9962b7c72cf0111874ac8ae27d024ee2f9d57f15b9910a7486ef7542c6629fb0520c93a445542d", 0x2000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0xe0d81, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000700)=[&(0x7f0000000440)={0x0, 0x20000000, 0x4, 0x1, 0x0, r2, &(0x7f00000003c0)='j', 0x1, 0x1}])
syz_fuse_handle_req(r0, &(0x7f00000041c0)="0a44566bd8cd7422e078875d6a98d0a2dcc0a0c7881e44e46c6bf84253a3ba4cba8183c2236313cd49babfb721c547a5caed646bac2f2ea43e134e2a05d84cd813c9e2a96e68352f95c458f6ba48078f1d10fce44d869b4a00c68ca338ff3b877cb434f502cedfe83cbfb33d5233d081ec8ee2ac10e08194f6257183be922fc7203071a2aaf87478d1420237a1516e749623929f0d60f15e536376ba41fbbce034588b60680572f0d1d76ed122dc46252cc143f0e665e3f4e3f56bc454957265bd9a029cf8c7397ca01f95bc0e6601673bb31804c34307725385260df48c32527d74e51e5f26728aaedf9f379f5960f5e6e7146eff3254aaf54eb42834e1f57595a2b0333f5ca1474e07c2447c33dbe8f62f24cd788ac18475493edb813450e917837b125ad6f850e6af93e16828a6741c6ac00a4e25cfcd498f1b857e74a4eb8dce5ffcb3999031f1da13e9e6a973134ec04795a3fe91388fb6b349e668f49bd4c4ffa71a8662916219b4a2075bbfe4892cd1080f662005c1c2030d35999c9637f4836ae5745acae8ff0d745184e58241510d780f8a9aeeccb17b9213527a1b747dd23df6b4ac2ca4bd07fb7de6bb4bf8811e5c2f99f4bbcb3cba79fc483182bb981815a1b1ba5afad464631e6eb940a5da4e73787e9e0103bc7ea59cc8d63f740131a14c3cd034e91e885bd730521ba80c1071f25e0073a44bf8e36cc23a5f433378a13d2e2be7fbb8ca204976651924ae8637b339e883f4d388e239424031e20616341a5d51cd5d574382d518e4824dcdadba86143b4de3ff8126f0be226d1e6526a2af981d11092c428bc699ea208d4d38d63ef525b8da551207397fdb7d57a52c2062182072b017141de1b70bd15c758c88c65f6acffd5b5b0846c2a779660ceef46b22336abf817a24d27c3f66839b5f2f99131898dd372a124d9e5df84b24fa7be045b92fb225a735da1be1972c706120c391ffadf231603ffbb86d38ff2c76202a0f81317a7f790dadcdca1d109e4428f52246b17f6b5822f64d36da71167df86cedf76f4405f320f70a3d6d6307a13e023d9a23985fd9c95793118674346d7977654ed14a121c1bc0b3e8672087245e0721230edc667c1fb6bcdb22b3264b7fffedb589a2899096493ba97ce5fb0ad97821d0a4528465380e086b61f632eb0ce1f89eea2d8336217f51b4085433d426d404431360be55776cbb0f80c33e807732df3d73bf9d9a8e3b1468d2ac7c73a4aa239c96bbeef3965132a02254d887e65fbeaf517e913cc331ed36c3e326163d1a3aef7df9db06f8997668cc35e39813c82a440a73f12011bcc0b2abb993b99e79727d49e6656e8d9ecfb7b65c2c187ca6262361c6a7d3679aba9df764d13485874b1443f47d8caea64963011294082a9d50ed2fb08cdfaaa7dbcf782b7e8f8d8206dbc421bf9807727126b1ea364498f3ae693fe19f5b56af13df090892919c136c201a0d058c1863f136a3ff389cc510c17b1de341ca9a8d6ffd80fd019ac3fd9eeeb845202f2c5f207b1e7e169d57164855b9c3dbdf3c696124136d07a4de6be16b43352567a3e3bab0f73ccdd41255ffeb3ecb2bdf9eedd1d4332f4a7534b01b6331474880d4d07b464bd8c3b18d02fbf1faeeff70c8ae35b4eef002930dfa9a0c9350ffb72c82535a55280ac9c6d5384cf9aa3c66cc918497f51a6dbad608eee21f6085f85990983d0a51e5b41cb69ae52d60fa835045aaa0132be8b4dfdb10f521bc22b0192a4133040453c5a0a8bbb5d4c46ea25f2be5b0e79d71c4a13db6e9cb66db9f2c4804d41b9c26f96fd23c358ee9c8f57322540953224b56072af25b5c7041de560f1d4bde367eb3bbac949d9a9a86123ae62d0f4741446192e85772fb893b64c0e7c44a6e967af906b0f50e32be384027379c8dde251f549f94b16cee199da537d07ae89848da801b43bab3b65651402756cb22d17e602cdc33790ec8a5484a955bc8f487597ac9752166a405bbd7dfc9107af72b46e39d29afd2a0447e53377fd11997ab21db0f740699843a168720377e365caf88fd319dca184cadb8ffb4d288a0045b349be5ecb64561a2bdfa13336ef96aea86c48a5e405330a01c5390d482e6ccf4ebb2cf149d8b6274b2f9e6e1066004172a1a90e0db9838afafcb663bd693b2e5ca35858dcb82c05cbc87ec5cedfbb08daf55c472e250861bf357569342d90a667f3ac7fc2d4e54220444a97810ac14b0af6b043a07c1d791182635b983492f21db4a6ffee2d686238869e50b9bb73d75ec26087c0c8cb92ff25740b3995e4d771469b8474efef04d8d75f3544aaf84f02ad977948764d4c1bce36aa4198d6f22091b263d9eae96f1096fe3d8045949f189f33ec713101fea26ea043fe98b987542e33ab372058c64205e90a0e1f52d04b2c5ba7a5572ddb95f7d2b04f22e2e987c5d0f879db65718d8979da2a45cd333a5aacf96081977a9eb3dcee4afb44443ad37528c5a314d1ea08d1c3f0a36d4bdf77fc0caaeaa1eb2746a26683561b62d22f4e166192892e2ec1597f8bf6e89cd53840c8d7baea220e1b5e17df52a05017363727b0cc77ee61577a79b3de2ed364f3419a30d23701044b45ed3ba44b01804750bacf5bc959cffba86619f3331cc939fecadb5cba1edfe28952e0f70d2d99ce696dab9411aa2f7e7ca6207a3b16fc36a70e339aa5a618f6bcb0272968eba6edd95242825fe6e47cf1d50d229d4b1676aad0e9410aa1f2d6d2fcb9c4ec8e06c83faefbc2143de2367123bdb7669bd959782cf64def3a601c596611ac98d76df33e1fe340829340ba0a582d014ffacf9a9394300ab7efd60222cf96a99e42dae6e1ff1fcad1e3280ca07de5ea7e08b264a60015ffb76cc72d70ded58a1e2f59906f3c76433e4353a94a2a49f91103e2b5491ac7f66d54ae2a0e82099c4c9bd683971c2d3dd51601bf5e94f7660158bc6fdc1b2ce3d689a3aa64c29810ad7d9e91e49b72e6f97230a2a966434bf5cdb339556e6452e6b446766f55df45219fc02192cb73076285e74eb848229bffd812f6058782b3f5d0efa4d7b0d3c120931aa8b679e318ecc5ea539e3dcaf87473e2573189ce500b616957d88a09a014baffbd66990e41a3432891279cb82d9c4b50675ff067b76503535631aab9a29ee7e274eded1cd542c801bf519e1119fbab84f57c7686209c9e5177545bf0f403609c81fe6d8f2979d886c43fa3053b38b6e21ec3632011c97451d8409f169f71d226e61fdd206ec5f962b0277eee286a694ba5381493941ed44b3659994d3cd2a8c9c3bdb2f63d77eaee180428d7d6df86f6738cf7adb4b863c9ee9da9904bba4c2c3188a1ce31c5b082857e5566055c8cf58a9e9f7624d220b8d3093cbc6eaed7fcf15fc700ed711575aff5fb5cb7e206c810ea7a766d2960a1356687aad2ec171e4a1db6540a9257385a1e8b9f029485866c32e74c1a19e1113040c9d215f9f4bb4311f0d587b9cb6d11cdf28d4cbcdde4ee7831e5c8608335a1e41883b55b3609b9c4fb8489619481dffc6224e4c98b1e89831187b28b6bcebe7f78c779f5a2896e47bef8e607811b435c517e8e3f19d74752d7ae99cb7caf69c0f977f1b94f8f11bdbf35444fabaac2fc0e568d3b5b3b9f13162b1fa92615bc16492b870fc85c79c51b6516276f8e559e769a8d37a2335d67edbdbe2d4ded10e79ad26629ba6de862acb27fa7d0607a5c83840e446ca0d231ae9175ae9cddf35443ef8434a61d54b704d2b46835ca030d4325dd62918d361c27bd6e422f3f8431ff979953c88a5f3d07a84b733b2fffda5dedbc2ba876ea653aaa2a8446019d2cb69c4c7023177af7b5de358c4a93ba969415c7e3bd3e10a17653cc4c0031dc779d47bedc8d0f77b9fb39484e47d1edfa16a4839d7e3c1f4147bf7a5a41395980d0234577d433c4f3663a648865cf5cfc4a713bfde809cae8161f044770d8f3dd65f183392ed73dd0512951dce40dd6f68927144d09a6df1225769a47a2f1dc7da5a0e5651dc0198c2feb7de7aae5675a3753272294cdc8f05b4bf1b478d6e2a18f6a9dfdc42421bae7072786a4122cb3fcc61b2d0bc9314b92be8be3f9b8b109631305e06b52c0bf621d577f014d0572327c49fd705b45794aa8f198b37c139c4a8008763c654af912552549203733ad09c667104a3c1756dacc50af3d19bd996a99a7f857d9ff8c337c6feb16cb7fe282cbf8c975bdb60a7ddaa056352d9cf752f2b49fd0ae9dd7a263c4e1c1a027c7d45529b5a49de9f2306862b8ef8d386594f9909aabc849c5955241d192ab57d52fd2c7db0e4066bc3f70445599a60016de606b30a92b1bcbcd9dc8cfb492a6e66aa2be612e1d5f7fc61989d51285f1ef8a4e724a46c36bdaa6bed82ec972fe3e929a7a708397432b13e266d9a66954e011a158c9bc031587f9315382dfcc2334100d99b7d50b87096970d294261dd3263bee8f5aac2d86f070d70e278ecca4cf6ff05e511c0a65d6da81b68d94cd635e9dc98c1259fa2060de60d05117090a9a36d7b7aab999cd28a6c0727336312ede8f7fe0118e22aeb4094a64311fa766412d68ee04a93a1b9e2da91afcc91a1fc3c216f0aed6da74baed3242e620482ae01d3055562d16cab58500a5f41145d2275f6da8e24003cae19a7bdb9de8ef57965341253901962d846fcfd687e32fc81e716c42fae279382c8a750c9ef9543c942ca644287ec9cc921f99e9c901810a342e198f3b60a5c75aa91e67c1a6f08008841ddbe0766604b38a211929682303ce61e8024ea4589aa955886adc98f365af515daf30c376eb2b96fd78d46bc3999935a336c89f02ebe822bb5db6a1fd145c4d403b88f17b3fac670b2eb1296b3a5a7055556c21259695c248696162fc179aa1b4ec10e022ea7bacd0255937f9aa89f4d4c58bdedb54b43fde47268552f51b949a9cfbdabf6e3172853e6de9d0b0d9643349595769e98dab85282c49ce8c52301c04710a2c43cf63decaf65243d4756015b681bb680fdd1aba59d63b54e2ebedc68df32e575a95adfb2b18a79688b23ffb498d03012250f0dfaaed5353025aea7a35c8a89873b5f73adb41cc864b9f86e14624d70c917f05e47bab793958de9957cf23c94a9807b30bd7574edf66250224b887a8c02baa05cc02abd4c008339129b3109f1b04da29a9edf472991a440fcc8e586bef32b8c95fcd3d6702b9f43bf41454d5fe72a1f1ac80604c93dc9e9abf9a824c6d45e65b4f39f8341799dce4eac5e9036450ba7829221fdac7ec394c0a8e9813f5aad3ad0052f5156b3dca979e9c9a8755d4be2502727d346889210a13e5391951afef1880bcbd2a9ea020c9b2946563cd40c40f6202bce9bd1d2a1bbc3e5e6b2a9d2220343fd1ff5cde1b4d27c0601b8890b6ad8d3d80075a23725bddd81c15cd1b63e0123c4ac01de7b62b1e0fe2b72eaf400a1bcc63f76316d471eb191c931d5350e83a110b89e77668cfdc47734b91c2268fbbd89ce15b50b84c423a1f27943c32739e99b046a665c966275dba2dd6449b69ec53e5cb9cde89afe4149589c7378f5f3648d748bf3d46fa53f50d1228714252a328cebe7146d81dbb2f850aad492bc0697e2760dc9c60bc76a010e85110c0076478a21b47e5fbc4f7397a319e1db642e305bb1330674d96eb4b421f0f2131d125d4cec8aef4637dce572bad633e076972c9147a48b4c67135ace6a4490e16fa4731d62864e910762f1eb58afa63031c78c375a90147ceef07cd1e8155a649f2558d67dba9d6d2e012a3af4b603cd094e4a3b2e30c65c80cf8d9b2cb840e9df91e70162b80e74be96467574ca0ac5ad52238163283c556f0865c2338d6dcc73fa330634f6e5ce68e766df2db5b7edce0d98203e1d4374e7eda3558667229ea2daeb74156cf5895c4afb460cb4037456b14d9b748ddf7b8f3d5accd3e0d8d2eca2a78056d945eb4383078cc09a3a77736ce4e91f8174fe03fdceef8df92a50c2797b0cd06c6f1ae95650e48d103fb269c0a004d62237b77257807c8954678476030d788543d84770a1533a72141c7ea919e533bc182a3306782233d1a20153fa3e9e315a856e75f760bb7f943ea2f5956243f75fdb241ddfb4c081219ebb4eb3c3e989e3d953a93d96dafe1142c29434a554a92d319747e618cbd3af5202e51d30761e81b6c2d6febf221e3147b63171ea5dbaab4cba1b0fe7dc9cb249d74bbbcd7ef11c35fade1132ee4b74dc6090cfb6f852fb01d79aa0e5ee6897b7c021c6a1e69995e0546932c56e65b2581d619fc59f9775f3e8573b3c4926b8f6a9041512788d11a6fb279941ce24fea916e6568db25f1fcd3fd1e907fb3c45ddbca37230f5b3ffd48cf9c2269ec068d0bc528aac14807636c9067c5e32f2c2f259f6502ffffdbea40ad1b6b4a1d819fccc5c77da908204781747ecb0f2245dfa2941a9dba5d11ad186ab0eb87173dda634bd5a9221143e244c793d6262c904a64ba36cdced65abdd3be06d534b649b03791f7ce41e9abdea4d2c17f14bfbee0455dfa791f241341c78ce24cb8b86a9e332787d4ac1bdc20d022ae9588e8d63c22925d5e507bf41faddc17e01d3354c597908124705d88131b2e8ce8d04d660ce4100b5288d750d996e069bca1fe21f9b84c97011dd14c95c3cd538bf619b1df241fcf286c7014f8467a7ee81b2bef1c3bc56573894dbb54efb6a2fff0302b26c7589e08993e755059ba8b94fe728f1fdcb8ab10a5133d0434973e6667c25288b6e5e2d75202aec6bc0255177a53ea7c666afa79dca738a9d20990f118075b9f1cfb8ff1e5be75b49635bcbf43cb3bf97719dae8ec5c5528fcf89a9dda8fe6c08f7f737d69ef181ad3e35cf8e46efd94358b4640de1c387e295ae38edd0d5b80287f022895ca4dd9532bece6b2bbe100a83fef98dc5af595f4f7e4747ff5d28ab372db71b7c1c423183fa8ba4d823cc05b7be8819dd669b6517bd753e83f4d407a72dcbfcd0e9b2d5daef7fa88c1618236375a50ad2baa6a5e0551e679dce352181a1f9e72f5fca8c323b945bdd92e2d424b3e75041734d099f778fcb1e6407c80e7724d52ab110b02c0c9d1d4b78df12fc443fd8dc8fe82d9f3c8da7b87fdfb11e912c97a4e61425ac7b3954cb2e7e46ed0e24cc0c961dd5c2fc619a9e5e3550ca7bc21f2adc1a85c5b9dade357f1ecfd72646b27e7ab59b1b4d63c63082907b3be4cda341c49ade8992af489d11cf285b81a34c5614284ab4bb94018009e2333aa8e4630a9f6792b44b62d9c6e9d1855ffecab30c611cf5dc1e6ec09088b83a4c2cda9e5ee080df0b5e36b9badc035d6991bfd82fbb408faac15ced6ddcc917a9249b767f8844d6458411c1a31ff84e272311ea968ed3ff02f2e0caa47b1a6e030b07984c07d71e740420a9ed47b26799feecbba4f26dcdb61c9422e940550bfafa99ef0f826d2bcb1d7862016abe81d021be29adabe2c399fb9aa2f3ac472012b26ccd4eea2957343b06ac8ad71a637b8fa209ab6d4351fae53a9af0e920c043df94eccd5c1a847cb17d13589021f1a621b457fbe02a16f0f4b9dee0e7eb9358b8afd999d47f5143d49d4aef227f5b06ecef1ed71207e3526ff82b6ec69d3e8788f6c476437fe96f0533394027cf48e3e146aed7943d872bc35de34f7fdba13e5e1c259a68aa8050a813aa734f202ad7faba9f64b16f5068b43bdfb726e5fa54a1675dcab0697fc47a4fa3dd472022cc0d317d39076ad9847e72e1965b227f3e49ad6e8e742305bdd05d0c88b5859d6cfc98cc47a566269dbc4c200615f3e995511a69d8e724f0c842c06c46b5460dca83137656aae785e8415cfb57d57265af9c1d8f126081bcb218a427b80ccfaa95b8bd3f87f58f09ac52a2a47bbff99b057576d26876fa758c8e41172dd2bd45742a30d55f1b65bafc0c7c9c785f583069caf6de080c9057238e110456c0f9e8d898918b6981011f8dd17c55caced49eed32839305ec37b45e8cc4c35aec0c8a4cac54035a941842e5d19fd298757799c4a501718bf21a024106a292626d4eb3c784119b9f5003c6cdb36e442c04ca5b0ea59efb63fe90f9e218fdd9f0864f407cf8edbe71f3fb1d3a587ccfadbf7a5acbb0713b1ca1991e25e75738ca68e1817d08fdbacfab6900242b91ed9541efd2ca469bf7acc7857185d47506fd0a735d7b542949241976cfb1252f2e490fcdef3166f993ff9a812d0af902001a4f239989c087b41de65f83af93e349a2d37ad3b59c5009465e14030ecdfc8fec2d27939af2311bc5d544b19220b12a5782deb83f0e193f57cc4631d8746e7d0736e1295128f3a48aeacf2952be3005b09de00c9a4565e07692d8355a947d072de4324f2e8f3b2f01483d31999826b4ac7bad4f6ae099225f751995f463e5f762b9671ebb79fdfc51b5080af6fae4837a4e00a76b775eaa6f1fa1479b6afe5d66ac5fd148fdc4750d6ae1e268da446ba08dc4d7c872bd6401f1dd6b226e91bcf77c085e3c115f49d05a29c4e282caa7b8a60a1fe09a2e98227a2cbaa838d6053cb56bc7cc84e6ffa81c18ee26c1b32c2ce205c8fee3b2f4fa8d983b4901c80d766a3299fd62e3339a697305ab7cda995b3cce61e3372f152841ec1d540c9f6cfe2871e7cf4e6997afac85b1c05bed03a5e017bce4b45b0903e9c60cf3538df7df9d8fa93b53856fe93f522f723470c553799c90c56fb705040ba78141f7e5e9117f4876c45884edd5059c8588fc39f9c6268038c4a462a4a5fbbecac0daaf54876ac0217a9ab6f83ec52f15a170005e57baead0e8b1570508e10d2c9808ff3a437436d93ffd02c72c703e2e1917c0c82c3a4b4c03cb91c961451e3f6e2d9d9e58ac1810831d7618f81a34c23cc14029326f16cd043e82ea3bea5c6bcb84152d140659d1a4f135cee82640f96e177c030907117a6c6a8049fd3815fa06249ba4b37c2381c0eca124e7f5abd393c6d175ccf0c5fd4a6e9e00d5338899ed03b5a5023dbe4c6ae1f1ffc192411049e6fa34adeefa3b2e6b45165f341e0b853561ea0d183d93100efe80237ab878312281d607ac8dc10f34e6840a6b6d5c2975348a15761326504c24d5ec648f5714254087bd8c53fe131461ca4cea09ab52848b2526edb91a2bf6c0287aeaac51eb720507d66522ff2f94d90ec584f6088910ee079538e43cf8db55e2f0d70a60eac90eafd82480d11ea5dd795a05a698c2961eedad5f8a79dc3ffa92129f76b8d795e24a1905fc82f11c40d68d11af282621b9a2e39a8dd146013bd3a044f55366af078f7c15adc548029ba4ed896ddb646d74e3af69d8597831e08eb4df1b7ed54b8f3b327753ebf47d50a215c461cd422483c8f2d54f010fa9b76e5afef86b1bb8aa6d4b0c5c9ee798791379ed4dea481feb37ea18b5c7c0146aed32772245cc39628ecc13e03b76c302f80ebcb50279fa2ff74139468a23f36881ee7e7119d8040f90c7e3d8f75d80624d17d881e363b4913eb02e73224c7dac1077d19cc9063f8831053eaa9ecf87ffc31140f6a0a47869e5a5660e5d53b404c34e17b4693df9d5418131c8aaabb0e15aee98594c57cfb2202f209a4529a293b37ef68a2e95fb8fe5142e974f1d3fe3a08ed169379387e96ab5d927771ca7157e9bbd2650992680105dcd6a75829e0643b5ad708e5c65ea4b04b3eeedc24bcac8152cb887f32436a11efab6dc2509fa42d3d31e8aac73e9e8e84a88d7096b9549bc4a879d8f824eb63809a253409294f359b76ac3f031e6bf74a4de018f1c666239bae7bb01c523f53efc922232415d68264872296967dd150af095a12717e7eaeeb98f48c84a70fce8063790f9c2f43db477175e1c8da911ce853042d84e7f24df59e8caca5ee93e2daa6aa18e92930b4495dc22ff6729964942d1baaccd07233dcab828c2254f719132271e9239390e2ebb74ddde7284ebb8955719f7d086cdbe7eef6d7298576fac821eae5a8b6ddf9d88a1dcb32121b6d3ce49c245dd675e8a3b2254a9998ec0d0d7d9570bf6b6db0392c5b060872e154841096351d880f71bc00e5a576b14c26f85840c93a0c424cdbbc57b1d1212e300a874921c1f9c0de14a8cf61f8ebd03eee5cc79f34a41235b6c72aebf48243250c6dae8547b6634374e0bd073f7c162d4226a26032bc154eba7964b2975a8d35f17560a5312cf124741c74774f9a30f8d5ddc891e78bafdaf4f86d16d4c1363d23708463ab1314e3bade23316c7fbf51d2a2417da5162f9112c4331eab695d457e3712bb5f880c68367dba95b61f6f6a9297e477eaec615dff2cd3222f21d90abd8bd4b12fabb278c9fd44ce1ed024ccf908cb4995a1d9da53f62532203d7079e20a46b2b069be4b13a52a81c3b5227f57d6c184945a1799e80dbc7cd137e3427df352c0c0fba04f3b7fb02aa36c9af4611ebb51333326f8f750d662a0a8b43e30acaaeaf2653431b57e95a77adf8261298f791d200c02bdf4b821f7d09f972dd165ce92109c8dce081bd0bd53f598200bb3c5d875bbf1be2a7dc68355e42c515c20f2d72cef3d680a42e8a705f17c6ce15f47b144e55a3e566cb73ba5ee18c5a1535e5f4b4c1774736ed1654bc024b6c748b48d9cea48a06a571d264fc876f9afb2bb43441b39bb3f9e844f70dabd4d0ea06a46c1361a60ef5914411397600e63ecaa65f6598b4ce6f3a967c93ef0697e268b70d0637709ea3fef1da8afed0d2ffd36503197efcf68e0a2cb10b4104b209c133fdbe11e07a8d5c511045d19b69c63818e55168de4357a99eed1d8410664efdc866451de9bf6794d9742e2182449e2ae3869a01f1ed7ee37ffe817a38c502b8243a1c05f1ccbd349c7b9864cbf45b5a3c6f395e4a6602a02bb80ccac94ab66d67dfd8e5cc6fa6321e930354a2c40a1e8d360752dbdcf00134d34a21b24b9acfa2cd37f3c191461f4c9d8243176f42a8109bb05c37ee715ceb027861cf71268f283035d71ce4bae4ac5f79ee5211475ddfc33f02dcd91276e5ca265e5b9104222fdff5969f434a4412ba9fe00aec27f559b63c25a9e8d53c063db549035ec2c8e91e1a6247045541a7e28ff6c13e9f29a3683e55731d80d714b9d5801cfbf617aeb6651290293ac0f4e246df99e72434772b7d8494485537b7b2063c7bc5e80eb6c7ab6647d01189cc910aae2fe8249a0fc3226caa8994b476c6777bf113d153c43da337a6304fd10582d58919596a6de42ad500b62c1e6550d8cdc059496073a48110b2fccb42c96e3e3640f1a87fe379779adcd8836aa8dc545db39bb3afc032c16977e150e9572c3e5f8e04bc15497ec8217a0e187ba097fa95a855af66d47a105bdc3c837091daf5fbeb3ee5ce10b132f912b89ea1c6b9ecb8fbee0e4ea4e43b835ae583b67aab430dec741ea03195fed3cc164472d4b571d166ae20e0a309a80ce00b0fb349f7641f41a31993a8bd9ee092aa7ef16c9563e4db6236c9e702710dc95b198f533b1140441a1827aa4bef6a01c689127eb7028d1bb083edc8a08b8d239389d99948f1290623ba908e6e1c606035b70ba7065f8011451151dca715fb920b4d87858f01c5484df0e63656", 0x2000, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0x18}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f000000a3c0)="f1737118458723aa6fad9674b336ce0f0e4f9a590af9cbc892ffaeebd2c1911812584b169f9691cb3843c1544afa9da08dc0efe3e6714bb529f3285f9633156f21460f0b19504f21e4202650e68b3cd97a3824ce159744f16e07623a38f6077b995bb70ca4e6ee313fbd9937f0a8cd1043a853b5ec18a6add5500124870643635a47134d5f346d2ce498528b289030d689ee4f1933955547d7a1a02c16d1323328f83c6e39efa19b3a4e8e2acb7d446ec70955b9c122a881df65114e309ed9605225a19a07f6df3a52599aa974975a7598fd5d8977a4083422a83d795e95efd11e78201892c1a667576f54faa2b090f363c5c6c58d64e62332e935aeeebdf0a580617d12f4dd957d13d21eafc3987ae43c0bdb0571c290227757115432768af7581cfa8bd90a2f0c85aa43e6e7496a6a1d16636eb153961195e194707bfcced6b31cda93d1d82824bdcba11ce636211e6a2d8fd8b49abcf68e35d4b5b2be9e08570d89896359bbe3fd3fd8df8d37d6f34009635b6f14922e0e13938f591e5dfd3ee64a13d1010109afaba564256699f40d4af9acb29f57cafe956852787e5b1dc0c6dc61314cb51346926eb41a252a2a44066fb7c38772c55f0caff0da346821b1efe13669272b084972ca5eaa678896bbbd2194429e310ce954cf3de048ecf8843b82acb61bf7d1760cda8f0f8d781f207c0b81c655b52c41e8b2070a7ef45a8e1ac0070709f837b2b78ecb7c50332f1ed5c1f9a369548629b0f10457a7ea478168fed1f0c261921e19ac478eb8e9f703fb6096925b3bfa6d3d60bf712220ea5f5a6e9c33ecf653f40849eb4610ed32c7d3ee443aaa6aed33dc590d8133e71391dc45d560d7442ba325aa88eb81cdad58f16794832f214de3ac2aaba11e4fe94b8c2002f101e0ca72cf67de89f6beeabe2eca30841cb62bfcd70b3c973bd6bb3b1d5612fd02c03bea24e54edeb558d656e494f2f9753e241ba8cca7ab22a0c386fb13139db2b8b182f9449f98a745abca05a5ce4f0fd500584a975264eecae3decf0b81c9b0cb16a53be0f7cd101e75e6d355b6410c62ce731739f06141c1a0185dea457167f1f07acf137d854eedbb63e3d4812aaf8bd89dc405be6a55b08555bf6fc8f082a3a6dfc359669bb11c8245def27675f9f7843b5b930bdc7e8a086f2313f35739c29369c1380370021583af2620fc001a0f283d2ab738a936b56d9444e5e321d0277ec0528c1ca6fc17241f6de1b797f0f9bc83b47addff767926ca527d409eb23ba7f8269212f40b886d00affad255871275ac0640e2db57cd710798c29b09ac4074f69df4f172b95941e8caf60aacb9f84f71bfd9980c7dbdb0e3e06ef74bb4593b63f38859de8215e1cdea56832830e1c6c416889dbdf5a58492151876cf501884abfdafbdb8fde2d82dd77cbd20207ac9ab0d8e5976292ede3bc3358703f720a960e1cc53158b6c05a68815aecce32d51fc2abfedb2ed709eaa45193da955b7d44b6722af26f3ec6c437653b267218f8cfbaf013aae88a9a0bec88aa9916cca6e9115eaa299549eaa847ba5d9490c65037c1cc94281645ca39d6f2d2706f952c1e0cbf53389dc66d442553e894c7656512eb157e3c39144988c1e3ed27af98318d630fc0896e96d7d212ae80f9bdaaca8e558e6033414f5e8c86e4b2ebe4cdb077ef6f286f3c98a9545f5dcfd46739a745150ab762459cceb1d2e9f56e2f1e59c741c47c519da2a15a14b75f1266d023ce78e9e29782e6b616deeec488408fa53962bf412937bdf63b25c469c92867b145cb73a46f88fb81df683e979bfe15b65ed905b6c0eceff85c3d0b52efd411b3b512d897775b64ff301ba9cb2618595af4a40c95795f8993aa34f13684d7e56101fe2b9869df1d6ca3c4ef81c62323734c8dba6cf4bccfd9074147ecbb5f43b3e85cb064ce45af5b6086fc016413afce0d38f9a4e916e1fc08772f158d791d1ef86e58a60893962bb93b21e2e0cf01c35158718f395df1489767e94b4cb717dbe73693cd98620f1dda1351e40495e6d166a1d5b56054a97a40ee86b4b48cd751831352e9bbda8361eda2bd9fecd6df15ac7dd6c51723c7eeb58ffe63746dcae6851eef9473b9200f4681f8b14a36215fb6279a19335009c6b1068c042d0977ea75ad60ed06961ede6fc74f84f49d3fb72b251a8acff52d0a1e8ec8e9632b831cd24c62867eacb7ee36532c801e3567d7f2fda8768f98b981ddd583dc4e3424c59c6d2de874d3a7c2b4fbcc6e3b96503020ecea0728480ca04a2b90b183ddcfbe34156341df97aab3953aa9b81c3d69d9b20511e1cd850609b3f1d1e8dfa6e8bf90a927d4d3b010dca06a1b09aad8f661c56a895b15375a6a532e76486509b7c17e516c2c67b3f80d3510127252096df0fd45e0cd62d24cb7658460f674dae61e932335fddba62ee35143c1071459a8f55e42768b777237d797418b5267423bf1f0c1fc130e2b7d40a0997d26030c9f485994df68f30a910221f502f26ee500bfa54487dd6a82ae964da5b967e8eab9ffc9d4d5d0199f4f633dcd9713ec2e4484cc25dc7cd06cc3eeecf874270871854a5e96c8b424214e1202edb23ef6fe692640ece04ff9665ec050bcaa0c1ccdd96e285bae472032d9e2f889559596a357a5fb9481599013d9dc0888c33cbfa9941e9739cc342ecf9ff6f0a08d898c2df11eec9a9c994d227436156dbd07f128f1ed53ad4ea1245d43cb1191a0afd18049f86ff0f2f33a22a40e3f32a04c7b888d044f38be60e9379cff5e7cfcddd195cd465dadaaaf03123dbd3e6195d50a24a8e3479cc82f14cd92375a80594e7031789153a6f88f1f1d9df102c9247c1169159d4a724125710f6404b899e4b9dd1ad8867eed6267db02186b1583d9178845c667617b09f82203fcef74d45a7de4c04c4d131cce81aaacf12d05eb6d83facb43e102a2fae3a0985b896edb6be894c3681a594e3b3c7d543094a3fbaefc75184e1f5deb061390033d0fd6dcb0c70594b85f0b9948a4ed3f1139ba381e5a22c65a72cb061f515ebd2df85ac162266832b6665af9c04ad0e6add65a1d209bcef3f5e41c95011c31f6a4421ba939fb3c15ee9e4a8195b374dc1008c6de0fec3631b06ad559f82b4b36c2fe39cff4341a3b46b119b27a9df883eb3229f835190b3b6f7f4b7f9f7824191bf1af104a658bf2d4499c7f619bdf25aa42917599f42776933dfbdcf20db67987f11f89019985d93a93eeb6aeb8e9690c9924db1c36c34b1bd5cc6fbac54a17b98def767a5de26e64698a9778d59e50e75e3345eb7ec79db59a8f99a84603d274986e913dc4d626bd44b2fec6090f1de8fc22ebf16ef5340bb1af38b72e370e565289a6ee1de185d7f353e5b860963e998aa58044a9b1bf847233e16952342ca24f07415c0a88675b26a89782efbe22ac0af0def87aa7ed8d14fd23bdf46c2f08b0c40c4c179a282a46c0fcd50a8280c7050eb5a546c9158416e9f8c8b5e64ecf18922c73968f8dd7bbff56a3983f2502cb76fd0cb3ddbe59ddfae5e6a95d887adbd2b781b136fc5a5c19e808dc9aa84f315f5c184b9e7dd037e6db1085f922f0bbd442156b84616f033efed03c206a87c733cfc57d1202dd89dcad1787e076686b1621a8fdcc80816973771ebde777c4f7ff755b84728b51bbf652c69da3308841ee8c946ba0302f09318818c763a1d38751930d5f2debc407c7041437087322a1960795de89ddba8aaf11a082305f696be662be7653a7ed397e5dddea74932e1e6f000e2969fdfc979ef263040f3559a83a64c546c5cc585dd9a38b238819ac1ae65cc78d3e0ff7e66328503b489cb3acbc6308c13fd8477831d700650dcf909de1cf8caadb71649fb022adb5e4f7887940a076966cea00a2c21ea802455d1d6d9ce91364f69414b4d7bb30c78ffb5ed4e8f35340b53ce066e11af44ad34efa6ada894754617d0c2ab97c9e9562193bb799e42e4bad44dc445d371a1b62f358b19727f3efb868c3f73c473b000bdba882634b3ab4393c0fdcd902ef42c6f369740839dad77756c4fe2b67ee95c34d7329b77880cbd2437e2ae63385df40eb92e300632c8338688fb2be65bcfd90150c577ca23e591995a386fa59e6faa9e9dd58e250c0a0d4c81177d0e7337c3b6be151644a8ec5c71f888c21373876e673ddb8397839ab7d83111b4c9fac9a416105cef6d7bbbcc149c1a72f1a568739aeff4d43aa70ea4707cbab6dfa37a693a74a462e26693e6a6fe398711984e1d287469fcaacbaff0db800b94a450e6624f1680e3c8553bb4273b901d895aface688bc12e1350aed78df83b153c61586dbaa53f9108fd00069e593f613823284d42121cde40d7aadd98500cbab00cf593075cedfae93ebd19e0246beed22f0988886a77b49e50c71b0838819b4e1ef89eb1634b8c020856955578ebbc94bfde7c8b409576bdce4153d4146bd29b66fb639c8a2c6b2d5d04e9605e25c6fc5edad73f870128915a00ae9ab0f170e0917ce627ee1ccce3de5332c368417ca9784d6acb3adcfddf8b62f05f628ca044a0e9c18ba0b2f5b46c76787418ad81f60c6a50d7402abc68cb6458a8bd460b8cfac86d6a31ad5a00210d49234313a093bd4ac39c1c5a9562c4fc33c66f7729ae41d84273c3f71049fe380cb6615ea5cc578867fc10c4e5b041291cb3a6a1c3a28c0f839aa356875ea064ab5c057c588642b23466c4835b89d3aab81de754428b138278c5caa627e5aa3e797ea27c2da530314b65dd35bb8c1f8d265a2b71e6a1dfa7093d75b907e9d35b1be90fa7934b93cc2d8e5811f421774e6e66182483867d15ff0f47b933b8a18815a099593f443d1d2a9827a49fea6b598b76a0d1ea3aac5e9791c8ad36db3d9d936e977e819fd4beeb1dbe2ea06a9156c99f124bf7fb93d48142fdd65486ec4987284210f0d9a194f87bbad0b8277da0fc016f4393ddc6e66ba19cb8f5df4e5dfeb2e12ceba9fba5670b3fbfd3670b2f59ca3ac02214cb800082b1329f3d4f216e2c4f328b9d35b0407f4e478f93e3b6103dc71527a095fc9f7858ff32616b0e3eb8cd1893690a00a9738e78902e6c44d42816bb5bfb00aceda90b2665c21dba51b6576e66dbda31abec2fc651f2959b1afa8a36217d8c928061e6c1fe11c8d3b561eb48fb419bad1094fea3cd5897abe8142425e3f4a40086d2cee919f1227eecc8a67a5ca6aeca58112c25fa0b637f2066ac53094b3ad1248686228ddda88539afe18ea4194335e601097c4c86a358a6ccf033cca09873704f694b31a8c126ac428acfdfb7d90f5fc1d8749322c73f1d9b9314ab57d4043083a825fe162c66015a273640f1b79d26f3a3c4494fdffdf7aea4510d7d25e2cd55280ca3b2bb3df2c20cb6699a61364c3b5faf122a9f4080d0b9f0772b86f73be13244fbfc095c2a29ea490b340ae6d3dfa31468fdc5c4b6fcffd9a58e32786ada21e978b23bb568173cb74f1846c4480903a0892abf5080c12e811da8b41ca46ee43f0f4f2aa1527b582f037906f48f9025cc71403be4875b03afea87501f48b3eb86016dbc4307ed907dac26a7d8674a552a73ec9cda9cd41de8057028269022b8540ba54adcfec3e3daf83a7d853602bc41aeac6bcee06421c82f83c14c725cbb10661fe1bf41b574837f5f6cc502c8605d6ca8f7308dc4660e565dccd81fa77b0c2c35aadddfb6f5d259e874ff9d5827480f6a70b7dca12c1170ec504e2fefa0d9a087ec736c8f2c26f1e23b11008b84c976350884dd050d03b2fd6ee3784a12b336fe742768c2e0a9c918c07f73f5b2eb6b789c055d9a6d7d27d11b76876f9798f4b65ac4769729eb82a0339a84aa9af45083e19580a2d85ecb1a994747fa3ca3ddd84b2d7cd0f3ba1e5258f59bf3b573d2f3063bdf1a9080d09875a56ce890572ddd4e799d54749619f587f992d72b7bb56eb2906b1ea8eb78add294817271baec90a6ed91f34283c3e0a1d313c0e90947a04164d688fa045884ccfee71cc3ba53767f2030ccad1c09cb31d1e071008869fdcacad466db57782360f398d0b17a4f8e27e3f8333ec3b4042824ea4ccc76178fb5cb438c0aff1e93ba9986237ab426b7efa966be2fd02ab3213750396cec5f44df923f5cc3f9c68955ab606ad7b572375bb4c668d4edba8c0ccea550bea5d5fd3e92c2fcd78c019e1df0021c1bb00198df9d6084d0ad6fde6f426a2b34e1e7d4b352721be93668a88300f0acb63da70bc1d3588c5942f92d50e583a6a94ece7d18cbfe35c06ae6a54a94d6cd37b16fdc4f3065c9639cb5db7f498510fcf855f3a104769c2d19244b6ef2d4b3c0a42ef0241aa8a8d6f804bf711a9d8512fae4abe127aec074602b78fc4642f7fff959714293df2fb8fd7e5e785c8f0de835fa8e5a067b347c98a359ea7985cbf802f62540d2b764e3877e1ffcc73dedfa2567eb68c3b8151b4434dd2bb947a2a0d71c626cb38e266702399c19f09b426528609186d00e87865f53ebff94930c49d20c41032148b3df4259324f5773c1c8435e6968e9792d762a4a87642c75215cebdb80da1d48b8cf3075769dbb482a642b1a714fbc3e8c96419abf2d9e310a04d468d4471fe19f41da18a3b9838c74762d72af909fd965900b3f6811c830955ae04d42a4808edfdf8983a624be8988b8a32a0ce2adcbd2478a6ed05207b91da8f1afb0b7189c9f87b0ba58e5f29d6ea811280f86a4bc8106a2129d07b915da29f0d230d95df7a27a93b2836d973af86bd2ec5fad21ad70af8896f404e5441f6416124908f85befca958e2b537d50b047ad70a8b5acf160505c3450b37e3aafa8e6b50dd8fab7fb98df24d6b13e7930abe7785dc6433c882bbf87069a000d5ffcb99ee0b1b79cbba4902b85bde0069394b2cfd70bd887230b5866ba25e728253b17d2854d601cb7f12b2f72ac4f784298747b904b1eaa52b7edc42f0f23dec2de8ae3091bb57b6e5dc1f4bbf67ed79ef764184867877ca49907646e4f1aee642ae865ce645707ae524b974c36b719ef3b30dd8bd4677d656be027a09727daa538ba3b0aa942329b80b769de13bc32edff90c562022a3385d5ef583d59d59f53ac4f1deae3de3016c300cf62838a60bf29f76debfcd893b80c6138fd17436471a9dbae3b8f12ea110d6464153d89f54117ba0ab44d7f948909efe0fc1e28301155759e94c35e54c758551ca66b51044ca98d92963586ba2c5bc358201cf33578290459baf1a672f486aa1eff62290df694f747f9e72ceb185448ea16fe43acfe958bd810a9c33d6baa8977628163d5224aa2023b49057638fc25095a2cf3f1191ab5d6e744da451255f08add20aa6544eb3f1b69d92a3d02ceb1adf4508a8a217004a51c69af3b5ce7f33ab3c6c2dbb6a78952cdb8dd857dd99dd2fc78acd876da17b1b8a91d1f4c96e156c55bdf513ed0522c8bc7e8cfc8dd1a76977c45c636c168650d82e3ca7560ee9312c1e54a15811fffad89bc44c0210368e12bb320ba9f763a116c8ab7724190075cbba1cc1d15d4e790e95be4329c7c35b61cf6a69e32c66ac2cdea1e1c39c347c5efbb96d9237d85243880df5b696bf2235f802c2d3d7cbd6cf42d2834bf0d47c5b856eca14a166306db9e17217d1c9e22e5a748720da74050f1421cb6ade2733d934ff3f4ac06348ebd9b248dc8dfda2be1bb137d09ffb0da3500000e1820fcba98a5249c0192129d2a806371d2dcf624dd2e0962fd8920cd2176e5e292fa366ad5571d1fd440dbb0f4f1d246b44dad609aeee816cd7a0e9f2dd49476a908107f4bf1ee71ea55a8fcd75470d63a5a1066e83aa230c9b35c484142572c89d2d66d1554e3be9adab0cc94ff88637dc45de22caf4974fee6ee6305906a970bb94f9f9845a25ceb7c020e78e9f0235369309e84954604d751de90d31bf764e9065a48724ee3a62ef8296ced0170f40c9201a09b8e0f4329416868036996a35b39ce75aebf3f5525aa68b94487e53596f70b5e091dc8957cf952f319c6b02485e132dbacdae8602c185c8ecf86cc26a58dde9265c46149694a9bf7ec12627ce2e485457de508bc0b9b96e560ef2d5cd2704118aece1e4ea15b4c04449c75e91bf0dc594eeb249e5a458307fa0d8e3a2a7c1035ad8155b3aaac508574325d7dd02bb02ec4701132b8cfb558a5a30c919cb2633c733c0b0826c13cecd71c66c6c7c43831104e7f8e70e51d36727e4426dd36c726f7a07653c240f71a7bcf5b6f56b77824a50765f1fd50b3a6408a0e4334deb5c84b71bb7c739c35ac2c98358604aa2f8c7ed6d4165704dca679a2e3d47f609dd78d3885a50e9305ac50b776d0e29fa4c286e6a4906328eef1244729b8a6c41afa29ce7adecc5fbcd443fcfa27c59d54c6ffd53ade6a63893b4efdf94ca0bb974ed253781b2697da2979eea306e9ed53ce4efc9d85c7ee6ed378cc6ecce8d508e5c6a9134539c8088a138924ec6a1935f96f9a6f6864056128a35bbef306b913c100965e32459b96754a16c33c1c9eb9a385a17601badf3a0e2098bf255cab5791ead7ee1a3268aaeb59a6b225b1986dfbe297d90d9b395f676d3a8e38a2bde9165f1ab17c1890b23eac5760d62014a19c7e15bf4b939ef1ec0b4e160fbc031813138d1d336c0cefe17bd501b84b455d01ba3ae2a6d21b990c009c6e6fe1151017c721079dcab44c1de8d0cf6ca655cdb32c70f72080be5f99abd81af3954082d072d05aa277528cf4828ede3572f663b23fcc2a655bce6e35bd341f4d91f63cd95c46da122f49f45c564562e252fb03099db6f9a7134f03c82ae9e2af98ea8def5d5d40c7c62f56723d0f6fca05b64bb6a406fe38f0a1824c12f8bebae475773f163830eb61b6f97bee538044d53895bf9ce8f68b4aa12a66fb163d68cafa301f67e6ebdf4c55d627208315a20ae2f0d477f394f9b6c94e0adb86028595f3b11cca00e57b68e73da304e324a9297f17370184b80bc29b98ac4b3b918b5330494e1ed3c96af7e423651e69cce63b6c32dd8324c0d6022165958588669d6aae81d03ec64308680e087029676235341947216646af7783e7eabe9c2df6ada36d7cc453a2c3b96078d9db69064771ab0d6428d8d8c258f32bf9cc7e90d1131328bfae23fa499d02907b9acdf2bb24f8c083baaf305c31160cef6eff3a1ae243f0d29142235b073a19fc547fa0bac54f3dad14d501eea3f0b5207bb966c7168e1fb175841fe4ca98ad75c6480d208458383b771450179a4febf14779e7a021ff6d87681215041d2225caa3549f1c26551ec97e1b056bb2cebb294ff48f4ffd7812c7b77d8a38cec1be54629400736c9ecbec21b639694980ca10e1ffc2d72b633c4117ce5fb7fea75810e2c30f78ae290cd4cef094d5834932f244fdde8e299192fe1db4713ff23ead0cbe3b38ad1836d8aa646818d3de42c77676abb79f05f31d2fa63c17c3c70835269716fd0417c1440afada13ed57575165e42a7f160475c32177b6f50b2e65e20c74a27f481d5871297ae805a11bb99b9c7b373c629c3a08d84adbb6ce26e66329d83ecfa6c03710a3ff013a43dcc69ab3a72c99944f05d20e20e530a465f57ca9a309989c3a0df1d1f041af84409906e333fa685ab17b941297bdef6346e34448478ddbcaf31c0376251e0cbd186d26edf58c364eb511e30d26dc5ccd32e1252d665e645954b4c3c96cbd7cc3296f440b665a53bb57e1160a025ae725ca007945fe347f06ac64f9fcdd00c5eb01a0d1bf0cf9007742a9592c3cb5db7421d9205a13c71281990b82667510496af5bc8db8e7453ebd430be8f474644e943cc6806b7a59d060c8840a54312bf5238562a1e272d3a88857480a9328cea37de53b7bb7844ef6655171a8a1a49c76cb0e50cb7892fc081db3cbda4268402b0e092ac10cc5e39a7297b6812a3e918a2e510ed021c605357c4a2eb3d5f7a1c5f3a4559f761cae740b3f5d6afae6f9a7899791ef492733dbabaf62cca0f4eb8b4d87d015a1b126b58d5371fe4fc1c81a217a53d3b24881a7bd0de3ef94b9487a14f831697a6c9547fc9df2bff8e228caffbde702a0e7cd267be77365394e8ba2475bd6e50a54737bd713901d8d1f53718275b6f1c1bee6d5a00519ec610ff305e20d276b7413ab1527cd6072d84842218d43dd026f4ea31610faacd33ae4ff49172cb410ef4ce8b8ab5b0ef70aabaecd981506d6616b3c30fcc405c5222291e2f3cbde7383a6814b56b1641cd983bda427c6182ebfb462dd20f7e46fc55516db690abc5c8ab4caaa21548c763eaa80140a51d1a037b87c829f65b4e628665655513787346837c3094d3d8e38aeaf0a8f1d4bf6ba84a09bc47980037ee2b0dc05d6ef7a9d63eba77cf803218b4689fa8ca706236d91d8ed8852c75c4a492a77964107dd7cabf1172868f51e87ee96f38c56da92e511a7062997026f01e0dd13cc30f53a90a5aa7f696088d945557afd10e3e062ba1804bcce2c52a8a2b54b0eb7b865b9fe394f9ab0c8bd0890117f1bb01d4f331560014afaca39b16d98b4a40f536f690a69ceb2fc6bc4bd7540f760c3738770c0764a9fa3108c7119fa6492d498988e4bd496eb42dd60bd01a323e77ce4949c9d7f7da7f98dff0b90598e5e32c600e7724287c6e4762b7a4be4d69f80d125987444cff287ed2c3c80eba2f91450d0d13d1b9189dd4b24700917545c7adbb4d86aa63be04c61954821617c53877458c7ad3ed2970116ea28a4237e27a81426baf32f60f4c430c4dd63f387b50996d1c7303374725f2008498688dbb5a6e84fd8fe42b027937296a9f37e8f5be730ac7a0902bf1b1169f56c6ae7d9849c64c1e483b7d9852a19c255793a41064a97b4f5036b3eba49219e51f7647d652f310b386c47bbf758beacac9d4a5afa2fa84fb9ae82f6484698bdf8a950c07fa4cd3a720af136f52de4df29f7c3cb9aa71f4a6c7b14eac577b6a0aaff394ed5144a4f89500abb6b8b48f64c1f119628ca8a0cff11b12b92cec6ed71e3d99bafec75a30357c1e59ed6de22ffb42fe420b6ad863587c02d889de3fc24462c9a70912956a633a857c185a151e9922ca9365045ba275c10278736fdc5b221a41f207a4e8c878761a1afb7f9fa59eefa395a91b2d08344a7fa0a1518bc3a1b0d749bbf5a6772ffe8b0f612c5d4ee72eddf3007dd6f83403606ba74d101cf57a3881f78332666fea99e8394926c734f1bc3de5a8bdf5f486e5e557d2e3a4e9c0334cdad51ba2186dc58c70c117ee99a22dc14a7370e88e45d5ee35f4ddc349b333de6510a3b34ca558920e04808bed886638db09a07ca17b4709f56b6bd247f71c1dc7d888104857fd1b9f2c95f43604b48058e7a044dc3a0a46c344951865e9f2c47451abe215f12fb255d08775b0a977dab035cdfad6c2574e10a9b9c983fac90a7933d1e46acd260d0982a54151faabe6e0829b8a27bc9939a9fe65f538db514261be4e257a7d9b820143608560bb00351e67b35ffc90f288526e373453ec499ba2cb64b44c8149a81f742553d25be0689eb8f2ca48d90728e423636de06c64a5a0bbbb5da2a7c17521c09192230d3f61093d1fbd3a4d1", 0x2000, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x18, 0x0, 0xfffffffffffffffd, {0x4}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

22m45.568189669s ago: executing program 3 (id=1161):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$sndpcmc(0x0, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, 0x0, 0x0)
ioperm(0x2, 0x7, 0x13)
mount$9p_rdma(0x0, 0x0, 0x0, 0x2004000, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, 0x0)
r5 = mq_open(&(0x7f0000000580)='!\x7f\x00\xca\x00\x00\x00\f\x00vt\x00\x01E!\x05\x99\xb7|`', 0x6e93ebbbcc0884f2, 0x61, 0x0)
r6 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e24, 0x59, @private2, 0xb6}, 0x2)
mq_timedreceive(r5, &(0x7f0000000700)=""/200, 0xc8, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680))
cachestat(r0, 0x0, &(0x7f0000000500), 0x0)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000084ffffffff000000000300000000000000000000000200000000000000000000000000000a030000000000000000000002"], 0x0, 0x56}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1a00000004000000000000000100000000800000", @ANYRES32=r2, @ANYRES16=r1, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000400"/20, @ANYRES32=r7, @ANYBLOB="8000000086a3ccf75434c8d66f595fedf63fd07f10ba37d27981e8820e000ddde504210236feffa4c2e9bb97391620d62bd156cadbfaf551b72386685592656d00310da5a92c58ab22b1784794cf4f6cf87a0a58be4379eac4e73b60e1cc5e8a02979711998cddccd70a644be7b8e062503fc3b170431d363a2222e3af807c50e476d552123a7cf14c66e891b2"], 0x50)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)

22m44.788373473s ago: executing program 3 (id=1163):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r0)
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000012c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd700000000000100000001800018014000200776c616e3100400000000000000000000800090000000000080008"], 0x3c}}, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r3 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x73, 0x86, 0x40, 0x20, 0xc72, 0x14, 0x39ac, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0xa, [{{0x9, 0x4, 0x1d, 0xf3, 0x0, 0x71, 0x6c, 0x75}}]}}]}}, 0x0)
syz_usb_control_io$hid(r3, 0x0, &(0x7f0000000540)={0x2c, &(0x7f0000000300)={0x0, 0x9, 0xa, "266f8ab77b7e84f0262b"}, 0x0, 0x0, 0x0, 0x0})
r4 = gettid()
timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = syz_open_dev$cec(&(0x7f0000000240), 0x0, 0x80)
ioctl$CEC_RECEIVE(r5, 0xc0386106, &(0x7f0000000000)={0x10, 0x7, 0x3df, 0xffffffff, 0x0, 0x9, "26000000007f5400bfd6907a2800", 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0xe})
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000400)=ANY=[@ANYRESHEX=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r7, &(0x7f00000003c0)={0x2})
mkdir(&(0x7f0000000340)='./file0\x00', 0x80)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="d800000019008111e0020f060d8107040a60000000000000001455a12a00090008000699e3ffffff14000500fe80817806000567b8b7b94002000009080016060000000000000000d67f6f9400f7d1d9bbe94fa27100a007a2f7457f01896034277ce06bbace8017cb39b62ee5a7cef4090000001fb791643a5e83d42365f003724a237ee4b61602b2a10000000014d6d930dfe1d9c322fe040000005025acca262f3d40fad95667e006dcdf634c1f215ce3bb9ad809d50b694138c9f1ac76efb42a9ecbee5de6ccd44242f4d643f6fd0f26187b51980dd6", 0xd8}], 0x1}, 0x0)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
unshare(0x20060400)
pread64(r9, 0x0, 0x0, 0x0)
ioctl$sock_ifreq(r8, 0x894a, &(0x7f00000001c0)={'lo\x00', @ifru_settings={0x8, 0x8, @fr_pvc_info=&(0x7f0000000140)={0xc, 'veth1_to_hsr\x00'}}})
r10 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r7, r6, 0x2, 0x0, @void}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000380)=r10, 0x4)
close_range(r2, 0xffffffffffffffff, 0x0)
setitimer(0x1, &(0x7f00000001c0)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0)

22m40.304141737s ago: executing program 3 (id=1176):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfffffffffffffff8, 0x19, 0x1, 0x0, 0x25dfdbfc, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@empty, 0x2, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x3)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0)
lsetxattr$smack_xattr_label(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='security.SMACK64\x00', &(0x7f0000000180)={'/)+,-!#(\'%\x00'}, 0xc, 0x3)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="9747f1ec19d709022f7720c52cccaaaaaaaaaaaa0180afa7bba0d15efac20000e3080045000028000600000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c10000090780000"], 0x0)

22m40.064124154s ago: executing program 3 (id=1179):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x300, 0x14}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x3c, 0x36, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, {{0x2200, 0x22eb, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"4adcda08f6e83e2aa00e133f86dd"}}}}, 0x44)

22m24.914832483s ago: executing program 33 (id=1179):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x300, 0x14}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x3c, 0x36, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, {{0x2200, 0x22eb, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"4adcda08f6e83e2aa00e133f86dd"}}}}, 0x44)

9m57.573673696s ago: executing program 0 (id=3372):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000001540), 0xfffffffe, r4, 0x0, 0x1500}, 0x38)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080))

9m56.51039586s ago: executing program 0 (id=3377):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getdents(0xffffffffffffffff, &(0x7f0000000500)=""/217, 0xd9)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x34, r1, 0x1, 0x70bd2d, 0x0, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8}, @GTPA_O_TEI={0x8}, @GTPA_VERSION={0x8, 0x2, 0x1}]}, 0x34}}, 0x0)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a000000000000200100002020782500000000002020207b1af8fb00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x94)
syz_usb_connect(0x0, 0x38, &(0x7f00000002c0)={{0x12, 0x1, 0x0, 0x81, 0x21, 0xe9, 0x40, 0x4e6, 0x5591, 0xb539, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0xe5, 0x15, 0xbb, 0x0, [], [{{0x9, 0x5, 0x4, 0x2}}, {{0x9, 0x5, 0x88, 0x2, 0x0, 0x0, 0x0, 0x0, [@generic={0x2}]}}]}}]}}]}}, 0x0)
getsockopt$bt_hci(r2, 0x84, 0x81, &(0x7f0000001280)=""/4107, &(0x7f00000000c0)=0x100b)

9m53.624198403s ago: executing program 0 (id=3386):
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaa"], 0x0)
r0 = add_key$user(&(0x7f00000001c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000080)="bc5d", 0x2, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x500000000000000)

9m52.228127212s ago: executing program 0 (id=3391):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x80800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000380)="ebe3a0e961837b796cfd1647e2080000000000000080b3720022205e81f4a7f71c197baae1efd7e8004a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x50}, {&(0x7f00000006c0)="e8710e444d50a969ff678371e3214aeee71dee3819271482a4975a52c18b9b8b4db3945d1032005eabe97b4dc33a47d3a158da98255ccdd4c15eb6c9857345444d8456d30026b433a2efdd5b00186f35cdcdb93a4722bf356a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e8927d2a8103ef2f4b93766b756b66f74f46cf801704d27a8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511ce678c0bb8e26d7b48241847bf9e343ef4e55d45e2a0000000000000000000", 0xd6}, {&(0x7f0000000400)="04c6a9c756754e10ed8d88c06d7a674db97cd0e21437530a3945ac896fa7f8e368f87de990e40a896805e49ce1e13103d82fffe82237f587e63d95e01ef451eaba2dd01c56e7f23c1fcccbea54dae8e295f2e533e4a34175026a9964eebc1aaae05e44a19a27bee2f591abe2f456448754670a7c3e2e4b47a71bc7", 0x7b}, {&(0x7f0000000300)}], 0x5}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10)
r6 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002380)="1b0000001a007f029e741683c28f7b331d00"/27, 0x1b}], 0x1}, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r7 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file1/file4\x00', &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r7, 0x40049366, &(0x7f0000000180))

9m50.204143178s ago: executing program 0 (id=3400):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000001540), 0xfffffffe, r4, 0x0, 0x1500}, 0x38)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080))

9m49.17843686s ago: executing program 0 (id=3403):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, &(0x7f0000000040)={0x0, 0x200}, 0x8)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/ipc\x00')
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
socket(0x400000000010, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
r1 = syz_open_dev$dri(0x0, 0xd21, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x4c, &(0x7f0000000680)=[{&(0x7f00000000c0)="5c00000014006b05c84e21000ab16d6e230675f811000000440002005817d30461bc24eeb556a705251e6182149a36c23d3b48dfd8cdbf9367b098fa51f60a64c9f408000000e786a6d0bdd70000b6c0504bb9189d9193e9bd1c1b78", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x54)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000180)={0x0, 0x80000})

9m47.961045065s ago: executing program 34 (id=3403):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, &(0x7f0000000040)={0x0, 0x200}, 0x8)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/ipc\x00')
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
socket(0x400000000010, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
r1 = syz_open_dev$dri(0x0, 0xd21, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x4c, &(0x7f0000000680)=[{&(0x7f00000000c0)="5c00000014006b05c84e21000ab16d6e230675f811000000440002005817d30461bc24eeb556a705251e6182149a36c23d3b48dfd8cdbf9367b098fa51f60a64c9f408000000e786a6d0bdd70000b6c0504bb9189d9193e9bd1c1b78", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x54)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000180)={0x0, 0x80000})

4m58.463697846s ago: executing program 4 (id=4162):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}, 0xfe}, {{0x0, 0x0, 0x0}, 0xbc}, {{0x0, 0x0, 0x0}, 0xc3}, {{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000740)=""/184, 0xb8}, {&(0x7f0000000440)=""/84, 0x54}, {&(0x7f0000002900)=""/4113, 0x1011}, {&(0x7f00000005c0)=""/64, 0x40}, {&(0x7f0000000880)=""/231, 0xe7}, {&(0x7f0000000980)=""/230, 0xe6}], 0x6}}], 0x4, 0x4022, 0x0)

4m57.679877467s ago: executing program 4 (id=4166):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000003c0)='./binderfs/binder0\x00', 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
close(0x3)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x7d68c906)
r0 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000000540)=""/102400, 0x19000)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, 0x0, 0x0)
mkdir(0x0, 0x0)
mount(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x80000, 0x0)
syz_open_procfs(0x0, 0x0)
sendmmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0, 0x2200000c)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
quotactl_fd$Q_GETQUOTA(0xffffffffffffffff, 0xffffffff80000702, 0xee00, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
memfd_secret(0x80000)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$nfc_llcp(r3, &(0x7f0000000380)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "d9298498abdba7f061bd1ca44c226af5160e961711a03760760beeab91e8ff0055e5c0d48bd63ffdb93bd43a847a1597c8ef03da5be42200", 0x37}, 0x60)

4m55.260003158s ago: executing program 4 (id=4171):
r0 = socket$nl_route(0x10, 0x3, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000003fc0)=ANY=[@ANYBLOB="040427aaaaaaaaaa10be"], 0xd)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x4000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x8000, &(0x7f0000000200)={0x7}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
set_mempolicy(0x8001, &(0x7f0000000340)=0x3, 0xfffffffffffffffe)
ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000200)={0x0, 0x40002, 0x2, {0xd, @pix={0x4, 0x100, 0x30323953, 0x6, 0x46, 0x2, 0xe, 0x2, 0x1, 0x6, 0x2, 0x5}}, 0x6})
iopl(0x3)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r4 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000000)='rxrpc\x00', 0x0, &(0x7f00000002c0)="0000000000000002ff6900000000000100000018009b3900000200861f4104bfeacdd5a9007d16dcdc2850", 0x2b, 0x0)
keyctl$clear(0x7, r4)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5], 0x1c}}, 0x4000054)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newlink={0x48, 0x10, 0x44b, 0x70bd28, 0x0, {0x7a, 0x0, 0x0, 0x0, 0x0, 0x54880}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8, 0x8, 0xa888}]}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x48}}, 0x4)

4m53.970938419s ago: executing program 4 (id=4175):
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
keyctl$restrict_keyring(0x3, 0xfffffffffffffffb, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x20000, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
ioctl$sock_SIOCINQ(r1, 0x541b, &(0x7f0000000100))
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000003a80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x3}]}], {0x14}}, 0x7c}}, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x89901)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xcb, &(0x7f0000000400)=""/203, 0x41100, 0x6a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x40, &(0x7f00000001c0)=0xc)
recvmmsg(r0, &(0x7f0000000180)=[{{&(0x7f0000000500)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000580)=""/185, 0xb9}], 0x1, &(0x7f00000007c0)=""/121, 0x79}, 0x2}], 0x59, 0x2, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$setsig(r5, 0xa, 0x1d)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000", @ANYRES16], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(r6, &(0x7f00000000c0), 0x0, 0x1)

4m51.562592002s ago: executing program 4 (id=4183):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000001340)) (async)
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f) (async)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000400), 0x20000, 0x0)
ioctl$TIOCMGET(r1, 0x5415, &(0x7f0000000040)) (async)
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$dsp(r2, &(0x7f00000002c0)=""/4096, 0x1000) (async)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c0928", 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 64)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0) (async, rerun: 64)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (async)
epoll_create1(0x0) (async, rerun: 64)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) (rerun: 64)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) (async, rerun: 64)
io_uring_enter(0xffffffffffffffff, 0x47f9, 0x0, 0x0, 0x0, 0x0) (rerun: 64)
socket$vsock_stream(0x28, 0x1, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x1, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x4, 0x200000400000000, 0x4, 0x344}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x4, &(0x7f0000000b80)=ANY=[@ANYBLOB="85000000a00000007b00000000000000270000000a0000009500000000000000ed5f0be3755142ae31484cd0115bab2d0589e8ab9f429b60317312f13bd708a35c0670c61fc97c4551f58ae3bbfb9f1d97582f15f3922a3c39716ebdd3c864aec6bc39f3bf389d21e614314b44d3a320471dc33ceec91a1512761160808845c885e7e75118ae8702a167ce7d0ca850e435f105f4c7702c8505fc4669acef909579390b1a6795fae716b04fba77244be06160107ab2a3a30645bbec6570170c1d362e6d6209fa0809ffbcc48bfa0175374dc3"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x1d, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8}, 0x23) (async)
socket$nl_route(0x10, 0x3, 0x0)

4m49.051984276s ago: executing program 4 (id=4190):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
setrlimit(0x5, 0x0)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg(r1, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003f40)=[{0x10, 0x111}, {0x10, 0x1, 0x7}], 0x20}}], 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f0000000040)=0x7, 0x4)
r4 = openat$fb0(0xffffffffffffff9c, 0x0, 0x402, 0x0)
r5 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
socket$unix(0x1, 0x5, 0x0)
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r5, &(0x7f0000000580)={&(0x7f0000000240), 0xc, &(0x7f0000000340)={&(0x7f0000000500)={0x58, 0x0, 0x400, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x594, 0x26}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x2d}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x71}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x56}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x66}]}, 0x58}}, 0x40000)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r4, 0x0)
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x9, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000200)={0x1}, 0x1)
sendto$inet6(r0, 0x0, 0x0, 0x890, &(0x7f00000001c0)={0xa, 0x4e22, 0x7ff, @private2={0xfc, 0x2, '\x00', 0x1}, 0x1}, 0x1c)
r7 = socket$inet(0x2b, 0x801, 0x0)
ioctl$sock_SIOCGIFBR(r7, 0x8940, &(0x7f0000000280)=@get={0x1, 0x0, 0x1})
getsockname$inet6(r6, &(0x7f0000000480)={0xa, 0x0, 0x0, @empty}, &(0x7f00000005c0)=0x1c)

4m48.314700336s ago: executing program 35 (id=4190):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
setrlimit(0x5, 0x0)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg(r1, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003f40)=[{0x10, 0x111}, {0x10, 0x1, 0x7}], 0x20}}], 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f0000000040)=0x7, 0x4)
r4 = openat$fb0(0xffffffffffffff9c, 0x0, 0x402, 0x0)
r5 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
execveat(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
socket$unix(0x1, 0x5, 0x0)
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r5, &(0x7f0000000580)={&(0x7f0000000240), 0xc, &(0x7f0000000340)={&(0x7f0000000500)={0x58, 0x0, 0x400, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x594, 0x26}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x2d}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x71}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x56}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x66}]}, 0x58}}, 0x40000)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r4, 0x0)
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x9, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000200)={0x1}, 0x1)
sendto$inet6(r0, 0x0, 0x0, 0x890, &(0x7f00000001c0)={0xa, 0x4e22, 0x7ff, @private2={0xfc, 0x2, '\x00', 0x1}, 0x1}, 0x1c)
r7 = socket$inet(0x2b, 0x801, 0x0)
ioctl$sock_SIOCGIFBR(r7, 0x8940, &(0x7f0000000280)=@get={0x1, 0x0, 0x1})
getsockname$inet6(r6, &(0x7f0000000480)={0xa, 0x0, 0x0, @empty}, &(0x7f00000005c0)=0x1c)

2m15.602977932s ago: executing program 1 (id=3938):
unshare(0x22020400)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmmsg$inet(r0, &(0x7f0000001e40)=[{{&(0x7f0000000000)={0x2, 0x4e24, @remote}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000200)="0b12", 0x2}], 0x1, &(0x7f0000000180)=ANY=[], 0x30}}, {{&(0x7f00000003c0)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000980)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7fffffff}}], 0x18}}], 0x2, 0xc004)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000380)=0x2)
syz_io_uring_setup(0x836, 0x0, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
accept4(r2, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000000, 0x110, r3, 0x92432000)
r4 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001780), 0x301000, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
fsetxattr$trusted_overlay_upper(r5, &(0x7f0000001d40), 0x0, 0x0, 0x0)

1m31.104386543s ago: executing program 1 (id=3938):
unshare(0x22020400)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmmsg$inet(r0, &(0x7f0000001e40)=[{{&(0x7f0000000000)={0x2, 0x4e24, @remote}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000200)="0b12", 0x2}], 0x1, &(0x7f0000000180)=ANY=[], 0x30}}, {{&(0x7f00000003c0)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000980)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7fffffff}}], 0x18}}], 0x2, 0xc004)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000380)=0x2)
syz_io_uring_setup(0x836, 0x0, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
accept4(r2, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000000, 0x110, r3, 0x92432000)
r4 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001780), 0x301000, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
fsetxattr$trusted_overlay_upper(r5, &(0x7f0000001d40), 0x0, 0x0, 0x0)

1m16.377449999s ago: executing program 1 (id=3938):
unshare(0x22020400)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmmsg$inet(r0, &(0x7f0000001e40)=[{{&(0x7f0000000000)={0x2, 0x4e24, @remote}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000200)="0b12", 0x2}], 0x1, &(0x7f0000000180)=ANY=[], 0x30}}, {{&(0x7f00000003c0)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000980)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7fffffff}}], 0x18}}], 0x2, 0xc004)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000380)=0x2)
syz_io_uring_setup(0x836, 0x0, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
accept4(r2, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000000, 0x110, r3, 0x92432000)
r4 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001780), 0x301000, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
fsetxattr$trusted_overlay_upper(r5, &(0x7f0000001d40), 0x0, 0x0, 0x0)

54.422460241s ago: executing program 1 (id=3938):
unshare(0x22020400)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmmsg$inet(r0, &(0x7f0000001e40)=[{{&(0x7f0000000000)={0x2, 0x4e24, @remote}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000200)="0b12", 0x2}], 0x1, &(0x7f0000000180)=ANY=[], 0x30}}, {{&(0x7f00000003c0)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000980)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7fffffff}}], 0x18}}], 0x2, 0xc004)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000380)=0x2)
syz_io_uring_setup(0x836, 0x0, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
accept4(r2, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000000, 0x110, r3, 0x92432000)
r4 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001780), 0x301000, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
fsetxattr$trusted_overlay_upper(r5, &(0x7f0000001d40), 0x0, 0x0, 0x0)

29.412839312s ago: executing program 1 (id=3938):
unshare(0x22020400)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmmsg$inet(r0, &(0x7f0000001e40)=[{{&(0x7f0000000000)={0x2, 0x4e24, @remote}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000200)="0b12", 0x2}], 0x1, &(0x7f0000000180)=ANY=[], 0x30}}, {{&(0x7f00000003c0)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000980)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7fffffff}}], 0x18}}], 0x2, 0xc004)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000380)=0x2)
syz_io_uring_setup(0x836, 0x0, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
accept4(r2, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000000, 0x110, r3, 0x92432000)
r4 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001780), 0x301000, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
fsetxattr$trusted_overlay_upper(r5, &(0x7f0000001d40), 0x0, 0x0, 0x0)

12.538912202s ago: executing program 5 (id=4808):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000f80)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000001080)=0x8)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x66, &(0x7f0000000ac0)={r5, 0xd0}, &(0x7f0000000b00)=0x8)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f00000008c0)={r5, @in={{0x2, 0x4e23, @empty}}, 0x873, 0x0, 0xffff, 0x2, 0x71, 0xd, 0x7}, &(0x7f0000001400)=0x9c)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003dc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20040800)
capget(0x0, &(0x7f00000001c0)={0x7, 0x1, 0x2e7, 0x8, 0x1, 0x86d7})
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x14, r1, 0x301, 0x70bd29, 0x25dfdbfc, {0x24}}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

11.86807752s ago: executing program 7 (id=4810):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = dup3(r2, r1, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r3, 0xc018620c, &(0x7f0000000640)={0x3, 0x0, 0x0, 0x0, 0x0, 0x2000000})
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-blowfish-asm\x00'}, 0x58)
accept$alg(r4, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000080)="ad060000", 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0), 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102400, 0x19000)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f00000190c0)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000019080)='./file0\x00', 0x0, 0x23010, 0x0)
execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000300), 0x0)
execve(0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x64, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000cb8be6406d05000000390102030109025200010000000009044000000e0100390a2405", @ANYRESDEC], 0x0)

11.296232399s ago: executing program 5 (id=4811):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000180)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000280)={r1, <r2=>0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f00000001c0)={0x0, 0x0, r2, r3, 0x8, 0x2, 0x3, 0x9, {0x26, 0xa6, 0xa9b5, 0xa00, 0x0, 0x4, 0x100, 0x8, 0x6, 0x0, 0x8, 0x9, 0x4, 0x0, "4b303d47a4ff20e1adc5145d972e6b13c2c93f2f7b10a41c971bf63780e6cc37"}})
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x401)
r4 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0x92e1, 0x8, 0x1, 0x40000333}, &(0x7f00000006c0)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0)

10.032038382s ago: executing program 5 (id=4812):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0x2284, &(0x7f00000000c0)={0x0, 0x2083, 0x0, 0x0})
ioctl$VIDIOC_SUBDEV_S_FMT(0xffffffffffffffff, 0xc0585605, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="0800b685f75b000200fc00ff05ffdf00da8075392313db00", 0x18)
r5 = socket(0x1e, 0x5, 0x0)
listen(r5, 0x0)
r6 = socket(0x1e, 0x805, 0x0)
sendmsg$tipc(r6, &(0x7f0000000400)={&(0x7f0000000100)=@nameseq={0x1e, 0x1, 0x1, {0x0, 0x4, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x24000000}, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000, 0x0, 0x2}, 0x1c)
sendmsg$tipc(r6, &(0x7f0000000240)={&(0x7f0000000300), 0x10, &(0x7f0000000500)=[{&(0x7f0000000340)='Z', 0x1}], 0x1}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

8.845408972s ago: executing program 7 (id=4814):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'ipvlan0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="680000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e00300002800800010010000000100005800a000400aaaaaaaaaabb000008000300030000000a000400aaaaaaaab1aa000008000500", @ANYRES32=r2], 0x68}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$KVM_SET_GUEST_DEBUG(0xffffffffffffffff, 0x4048ae9b, &(0x7f0000019180)={0x130003, 0x0, [0x7, 0x2, 0x8, 0x6, 0xfffffffffffffffd, 0x0, 0x3, 0x7fffffff]})
r3 = socket(0x15, 0x80005, 0x0)
getsockopt(r3, 0x200000000114, 0x5, &(0x7f0000019b00)=""/102385, &(0x7f0000000000)=0x18ff1)
r4 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_STATX={0x15, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f00000000c0)='./file0\x00', 0x200})
r7 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r7, 0x400, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x2000000)
fcntl$setlease(r7, 0x400, 0x2)
prlimit64(0x0, 0x6, &(0x7f0000000040), 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r8=>0x0}, 0x0)
setresuid(r8, r8, 0x0)
io_uring_enter(r4, 0x627, 0x4c1, 0x43, 0x0, 0x0)

7.699648455s ago: executing program 8 (id=4816):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x44997e9625d2448d})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7, 0x0, 0xe3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00'}, 0x90)

7.607440193s ago: executing program 1 (id=3938):
unshare(0x22020400)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmmsg$inet(r0, &(0x7f0000001e40)=[{{&(0x7f0000000000)={0x2, 0x4e24, @remote}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000200)="0b12", 0x2}], 0x1, &(0x7f0000000180)=ANY=[], 0x30}}, {{&(0x7f00000003c0)={0x2, 0x4e24, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000980)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7fffffff}}], 0x18}}], 0x2, 0xc004)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000380)=0x2)
syz_io_uring_setup(0x836, 0x0, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
accept4(r2, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000000, 0x110, r3, 0x92432000)
r4 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001780), 0x301000, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
fsetxattr$trusted_overlay_upper(r5, &(0x7f0000001d40), 0x0, 0x0, 0x0)

7.600771634s ago: executing program 7 (id=4818):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
r4 = fspick(0xffffffffffffff9c, &(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1)
setgid(0x0)
lstat(&(0x7f00000032c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000300))
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
sendmsg$tipc(r3, &(0x7f0000000540)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4100, 0x4}}, 0x10, 0x0}, 0x10)

5.047742246s ago: executing program 7 (id=4819):
prlimit64(0xffffffffffffffff, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000580)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r3)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r4 = gettid()
socket$nl_rdma(0x10, 0x3, 0x14)
r5 = syz_open_procfs(r4, &(0x7f0000000040)='timerslack_ns\x00')
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000280)=ANY=[@ANYRES64=r2], 0x60}}, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x0, 0x0, 0xf19}}, 0x30)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0xc)
pipe2(0x0, 0x4880)
socket$unix(0x1, 0x1, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000100)={0x44, 0x0, &(0x7f0000000400)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000480)={@fda={0x66646185, 0x1, 0x2, 0xa}, @ptr={0x70742a85, 0x0, &(0x7f00000001c0)=""/36, 0x24, 0x0, 0x1d}, @fda={0x66646185, 0x8, 0xffffffffffffffff, 0x1}}, &(0x7f00000003c0)={0x0, 0x20, 0x48}}}], 0x0, 0x0, 0x0})
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000000)=""/48, &(0x7f0000000040)=0x30)

5.046959341s ago: executing program 5 (id=4820):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x96) (async)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x96)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_netdev_private(r4, 0x8911, &(0x7f0000000000))
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xdd860000, &(0x7f0000000040)={&(0x7f0000000500)=@newlink={0xec, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_AF_SPEC={0xcc, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET={0xb0, 0x2, 0x0, 0x1, {0x2c, 0x1, 0x0, 0x1, [{0x28, 0x16}, {0x8}, {0x1b}, {0x8}, {0x8}]}}, @AF_INET={0x18, 0x2, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x8}, {0x8}]}}, @AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}]}, @AF_INET={0x28, 0x2, 0x0, 0x1, {0x24, 0x1, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}]}}, @AF_MPLS={0x4}, @AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE]}, @AF_MPLS={0x4}]}]}, 0xec}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='\t\x00\x00\x00'], 0x48)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)

5.044963713s ago: executing program 8 (id=4822):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x19}, 0xd}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
r2 = getuid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000600)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000540)="c6", 0xffffff39}], 0x1}, 0x0)
r5 = socket$kcm(0x10, 0x100000000002, 0x4)
sendmsg$kcm(r5, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0100d41f215c0000883795c04a31ba377a1b2cc32b38d3440c6942cb76cab3000000", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000240)=<r6=>0x0)
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
read$FUSE(r7, &(0x7f0000000580)={0x2020, 0x0, <r8=>0x0, <r9=>0x0, <r10=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(r7, &(0x7f0000003040)=ANY=[@ANYBLOB="5806000000000000", @ANYRES64=r8, @ANYBLOB="0000000000000000020000000000000001800000000000004600000000000000ff000000020000000600000000000000a90f000000000000f9ffffffffffffffff0f00000000000002000000000000000300000000000000040000000000000007ed000000a0000008000000", @ANYRES32=r9, @ANYRES32=0x0, @ANYBLOB="fd55000001000080000000000000000000000000030000000000000006000000050000007663616e30000000060000000000000000000000000000000500000000000000c0ffffffffffffff030000000002000003000000000000000200000000000000050000000000000001ffffffffffffff0f000000000000000700000000000000ffff00000200000001feffff00300000", @ANYRES32=r9, @ANYRES32=r10, @ANYBLOB="05000000184c00000000000000000000000000000100010000000000080000000b000000257042202020200001000000000000000000000000000000ffffffff00000000070000000000000025f40000020000000600000000000000070000000000000002000000000000000f00000000000000ffffffffffffffff010000000000000002000000080000006194000000e0000007000000", @ANYRES32=r9, @ANYRES32=r10, @ANYBLOB="008000000080ff01000000000100000000000000a9d00000000000000a0000005e9a00002f6465762f6375736500000000000000060000000000000002000000000000005f0000000000000004000000000000000400000001000000000000000000000007000000000000000010000000000000f9ffffff", @ANYRES32=r9, @ANYRES32=r10, @ANYBLOB="8a020000070000000000000005000000000000000400000000000000010000000a000000000000000000000005000000000000000200000000000000080000000000000001800000000000000d00000006000000060000000000000084010000000000008705000000000000008000000000000008000000000000000000000000000000ffffffff0600000010000000002000000b000000", @ANYRES32=r9, @ANYRES32=r10, @ANYBLOB="000000800b000000000000000200000000000000080000000000000001000000a200000028000000000000000200000000000000010000000000000009000000000000000600000000000000f8ffffffff7f000005000000000000000100000000002cab5e0a0ae6ffa27583c992e996c83f00000c000000000000000a0000000000000006000000000000000006000000070000000080000008000000000000000000", @ANYRES32=r9, @ANYRES32=r10, @ANYBLOB="0500000003000000000000000300000000000000020000000000000001000000090000002c0000000000000006000000000000000000000000000000d55d00000000000003000000000000000500000081000000030000000000000001000000010000000500000000000000020000000000000001000000000000000200000000000000060000009e4f5069000000800020000006000000", @ANYRES32=r9, @ANYRES32=r10, @ANYBLOB="0600000005000000000000000000000000000000fcffffffffffffff060000000400000026272e3a262800000200000000000000010000000000000001040000000000000500000000000000800000000400000005000000000000000404000000000000050000000000000004000000000000000108000000000000ff0000000000000006000000a2d70000ff7f0000004000007f000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffff7fc60000000000000004000000000000000100000001000000040000004f0f00005c2d2d2c0000000005000000000000000100000000000000ff0700000000000004000000000000003d0000007f0000000600000000000000070000000000000005000000000000000300000000000000ec590000000000000500000000000000040000006c0f0000000000800040000080000000", @ANYRES32=r9, @ANYRES32=r10, @ANYBLOB="060000004a6a00000000000002000000000000004f0500000000000008000000ff0300006e6c3830323131000500000000000000020000000000000002000000000000009f04000000000000ff7f00006500000005000000000000004abe0000000000000707000000000000b304000000000000000000000000000003000000000000000100010000f8ffff06000000004000003eca4c4b", @ANYRES32=0xee00, @ANYRES32=r10, @ANYBLOB="01000000e262000000000000020000000000000001010000000000000100000003000000ad00000000000000"], 0x658)
sendmsg$unix(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="59913245a49c81d319ae19c2cab302687f1ddb2c23887ef4cc6d6bc594a1ad06779ca9d80a30d6687679bdada84fa0417c99613f0d2ba63e97bcbbe73801e1a671632b82c5f010c492", 0x49}, {&(0x7f00000000c0)="4f328338f298e2d8167e5a8d56fa0ee6f46a4614f3c9acca3996254bc1a9c092ad5b2182403aa7c9f1fb550547ddfbc37405a978032542289756d6d710642ec2fbbedc5f3bbc0eedb693083a989500e30a24aa048d35daa09ff7826ff49323296c33b94cbf04842b91adb63e07fbeaf688d5af50e2b37bac03b56b1aeb4a29889fe3112a0de1c96cddc1c50ca0aefca891bf5c2c8bac26b7ee19d5a035f0c58bdf27d356a06598bfe67b81050377e231ce4469bd4fe449bda64541567119cebe54492a443a05d9bdc54f06d37a09bc8c6bf01f7b9f39481d6b8f9bf07a15ab29e7a4c4", 0xe3}], 0x2, &(0x7f0000000280)=[@rights={{0x20, 0x1, 0x1, [r4, r5, r4, r4]}}, @cred={{0x1c, 0x1, 0x2, {r6, 0xffffffffffffffff, r10}}}], 0x40, 0x24040005}, 0x48800)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003000)=[{{&(0x7f00000000c0)=@file={0x1, './file0/file0\x00'}, 0x6e, &(0x7f0000000040)=[{&(0x7f00000004c0)="51e5372d4d19d77ebbf28dfbd52d6f01e3ec5b74f236c4f739d698f4985ec284d8a3cca9b0e96663fe08a5139248201fa7be0b320470726c4d5e9b8e1376e6b1b39b4dd61dcda99bd3db4bff872ebe4cbda8436efe88ddc0b7fbf17472f883b332c153f76f47288c770a3fa0b848c710d37cf1c5430d3e723b8575fd42f3161112940bf216acee75e93474b8b5102b0b50be0094802bdecb1f09451c892cdca544144e56755e6e3bb74c2315cb4d7c84f7f00757d2a4c2cc6d5f7ccb0bfcada905522ba76028b59edef3347475457964789cc4ebaedbb170d64337768e37ef40c60e15bc3a068288c26e9c646a80b4d5f299bba375bcbf45993c86723403e57699e58d444744565cc83fac91d0522424c89aae698043a39bac8cd4be19011010e43e48b2f7e6ea0a0420a6c1e0d9ab476657518b41b93d033a7266d60c1b87e6589d4c14e0ba48885e5051f308f58dfa590ab3f58a657a12b9984e5804716f0154d1356625926a5d9f58b9d04c96a897e32cb75bc1ceb2ec9211e27ce5deb59cab6a0ed66d341982d10dd468e0348e0918543a00c6413129993d3dcf4d513b4cdd4aa65f9db0946592429516c3a24362e0617cd73b239582a90da2ddfe76fb7538a75f57b62cc6e45ed8467bdf8952875b2c90eed39bcdffe07d2bca5993f32a463722c65a787520042969e78b9a6407fb6277870da0ba4a34b5016924ef5d5763abbabdcc6724725d95a627f9dfe19d36b91e7d6e7b721f58adbe8466f883ea77be3754b5f1899c70ea78ad295ce48788429d61f189465b61f064469c4415eab25eaec73dadb1f6b11835ae915b721dbc913c68993ab153cc06c7b8ef65badedf9037010f62e3360446932386737352edaf45279dea8aa333374c522f0f1a803bafd667442832b0f4372474c406fd5c5bb79c1247dfa167e16c9be8dfc7e541a5652b57ce6fdc0404e53cc5fd0c9ef9f420b8a4e87b714c6083b7080f465576233458eb1e64b00c8ce9ae5a26c586cff12a6ca264f49f016ad4d6896ff69a651b661ea79bc110b6335535e0db849e44e946cba2f1394395294a46f3136840a91c49b8ece67bdc719657cbccb7a07354476a038c628e3491d2d961b224a689e6f061617ea5231950138c2134c9df5dfc863ba9e53067625fdfa86007e5189dab969effd768731108c9fd54cec6501907836e022383fdf24a33388a69b177d10b034ad683adf0977a927998980a148a83798efab844b2fd90c2d905ad249683579136623d0d87f48ec4daf92d2cda5681d78d3a1821822b6d235b0e31904bed56f9a7cb7ccc8f67ffb8325fa3de6cc13e4c585bb6bc4882959d523e40366d0df2ca2987dd3752d910a51a54049eb7de38a3da8f1abad050421d6f659339db623239ff01d9d67e76710e3f3cb6bdfdffb3b95567e5e8cceaaaf47125833216d17b8e8fa66953869ed5d8be600a9557ca200a9820f4107bfd867f3934c943b216acfca7c1b9b92873926a1855403b762ee512814f341a7323face3f577bc8bd0aa333a802045ea6876689488feca24a20980d0d260c7822bd46bdcb6779bd23a87cb33d2bce8ba76f50e0d9608449931507c522c744ff200fef2751fdff918efe0141b0e2b0a9cd4e6e7a3b872f09081e0c9a2f9853c653e3557e2820957141c409e0855478c6d279dc855809a08c0269a9e7361065b77ee234067fea4f09984ba1cf84596a199f7e87dc3175c4b4aabffba2105124c8c1f60c48f26c8413b93719e87a42d442ed81447942e4299a3637bdead61248b977e557ddaa281c7da23fa518e5ac3655c4d1ef8f31362290d00fc69c47348fe5c4d3ff598fc77050eacded5462843e58c0878a6f2d935b8fc98107d6694926ae5829de6740a1c537d6db494c3128ebf62a2a574f032032006601f4eaff4bf33da13bb1b1d03ba254e2f33ce1c6fa0c875594549d88971e1a3178f0e6b6ca8e5dbf38412a418c842bd379066827a16d681870237c4986c7deee8a853dea9613170c2d2d16db436c48a6b4b5ab990700c7d85cad53d3f7e7e68a484877e2a9d875b91cac1410c2ba175e0e6cf3bdb9be554ef875ae9e18f564941bc42fc93c9e1d17304160e2de9a5b38015132044d5eabbc50bae7421f985e6a3a0fa6229263566e5aa4a088737475878c3164b652dfd720779d893d4e06883fe08bfd739c697ed7596f42cd716d8f9ec3daf023256ce1bed4781aae9465272e2371c8e37d3f0fa802a5fad4c1cd36f1fcbb07d74320a425ca381da3f65ec33789959eb31610b7e0d41fc874875249d1e2908491699e7adc77146f12dad1fa1e03fed502ba0a8785db148dd252dad130dd7597a87083b6d152a25a7f82c8fa59b88c87b85bbbe18b123e62d3c54e85e992be2e3feff4b99f73b676a6c7e5b7683fc1c2d1a57f23841e1a78ba4cb50b8f06fc86a3b1347fe509fd8674940c4e2c65d48ebb01b8de653d20c7ac9daa8462955d741279e66b6c85aa7ce811e8a37a459c80ca5814b28f11cfe307d890da23731b95fb9b5935d04adffda9280077de317467741b0a5dba557d1d748d579fd3e0b01057deb509fd5e36a0b89226174f9965ea4147ed2dd8cb1d6a8632a71f5e480beb0bb8bf2c90ed7ce7defe5c036eaee6911a1ffc978a7da8e245c0740002dca17b4be96bd589d06450ff97172359977ed7b8204e624edbd1a437822abcc80b57605a4113cb0f104a42212de1a45338b4dee0cf1fdce0afb9e3fb45b99ed6a205bdafa351e50ce361428206c5b587dd7cbd79332c96f5502486b2491bc8aaa52188bddd2dd4b7d9bca30fd966e7837fedb250310ef4b827333e13f9c0e0c733cefb30296ad14f88ba6a4d737c990fe8d2470b2590f2999a9c85bf55598e572ff03587cb1fed0f3c65a2daeebe1b236cebfd3ed31112527d5ff0c0643f5e864a253121327158562f031b366af1ebbb970f794cf5fbcc393ebf187e52ed5e19a0cc6a37a0f3a97d92b25f8a1f9112596def2e7e6f0f2d87358d055b5373e4909f129ce4f9f71d0f2707e5314c48b3e18eda1517b568432ff81231c26d27b5e73388a2fc24020d36c7f57f389ca959df39d43bde9950bbceb40a1f03ee64d2a10e408b21007344a619cc5dda5a08f0286c41b9d4c05b32ba2bacd6c9d54f979717610d2717ad080d09c03661834339cba87b2343c765b3afcb678ef5eaaa96c5f9179523d4e8df465b81b3c1dbf31a9954ba8657eb0af5e38deb8d2f9cf9662bcd171237ffdf30655010424ca50cc2ce19f1c1db07eea40b29b420ef90fa4e211ff28eaf7353f61b4f03d485cdb26cc35ad9e033da11d69677f6afb9e0ee5481180c21f333616752e3bba72967f667a4b52096c24c5382bb4c75ba371afab5857403eac9d7a4df786732362d5bca5215040787b8ee57b1738c457c7388eb1c94919e31f3ccbe66a26598cac4e885764f4d1dc9e9ea52dad853317cb2dfbb07a1eb25e0f49ec6e1a84b9ce81e60f2d38087a05aab1e98fec14efc121d4f5a0acccae78da24095e4031e7bac6de1f9a82f16ee1a2e7579fce4dfadf7b88b400b452309d565569374c3fa0d88bcd68efdcf79d7f86442b1c98e003e7df87a7acabc9e126a2aa9d116d945d06d93f5518044a78b91456396d4808ad7c38b686db768efa2ae9f09dba57dc8ccc4f955777ecd0fd243c0be680b1e4f8e17cd45ad7aa09255090a9dab605f50e144233679fd3d546018478426fb01ee697bfd83f54e9794eba861e13962bf21ef50a8f6351d21717242bedaeaf75cd857f29a6db9519d3b3628ba2947ade076a87be66574a7b4a30beb27ef99f7a4617d171db2479e171bb7556add93d06c8bb3bc9c44f115759019a34f03cc4e163650f73b9144837392248453a23ca726c9342d5e66023c99a6dfff420b83c4dd15503d199597e1dcb7b9eb3f3082b0c3da5fe59462e51f441a5fe86fb5126129cd19117721a82f0c0f05f9f8d88757e25b5d19d7016ba336fe57e62a85dc8b41851c9a43e38ce997a6b5b2a8f36ca4de40c03846cfa1395fe313e67604bc8b71e457c1aea4ec3c77e5a4f618a89daf669f034ff2c15f46ce5a19acf514938fed4ade11e01c9ca4cb5466971826b48c4b1230b5210945c4688856c7af5085458b7341dee0a344573d14ff21b511d1054660acdcc04dda7dab771b6a02cb00dd25d726625cd5b9f6bfc1c5fe1e8956ebdb6009a67e131aeb5437b279a1bd5f4f1de245ead696fa778a787be37bf3e244b5496c7e5306e459887a1add73ab53af346b45a8b64a8297ce37d8d3cc0071252976e014269e0be62ef980a2d5920b5b04f55611c54f6a860b69fa53863696bbadc5b538726af428b7ac69b01791d648a6de6e7b68320b386d1e8bfa26bf6adfa9bd328a7c3d8cbb0086c0e32722ef50838b3779c487dae65c69b9783c0a797f867f6d13983da2bbb54edd0938c9712cafa51cfcca6d8b1ce4e1c44356c62b6dd4beb87206319de04c56e5abfbaefa341622d5bc1d8ec0aeb40a37f5d08af6030d58383b34582111660f58bfdf1e1cef55d57779226dc77a0f01812608ae2b5f2e061c4a98d5d3f74a20d90d82458558d944dc062a7462b18040df145bda201e700c33eee00cb41ce8fcba39bd65eb3f1d0d3c07eb0c578194bea3d407ba593425dce62c0d2bf2363ada2300c265f81687a68dfdc66d3d2202e64feb7f696277e6b7b1f356b765df17240d49565284adf1fdbdf1cab6ed68bbdc31bd525439fc12db0ccde16a6ea5df4d1dce05aa8447f5fafa4b1f131e6872b9710014aad3b22ae271cbdba9a61f01bb51282e4f6ba24ca091e535406dafcbba48d6e1bf2154880dbef4fd3510c21b3bc7efc932516cf2f059fc55921b348602098e9f6752d974d75b1c8bbfc72091c8f0aefa8c1667e8641ae6df209498f70b0570687dcd838f58246a3b81b396d529ae763a9c3d19aa0c18fc67347a9f4cb0b7f13336d1d06a0afafd0f6f39ca39d6078f64e11fab92b1eb14912463f131e81e704b8f6b329fc9eafc55c68a03f8b029a69f07977e0c4c3f4302c721b1f700d8428a1951d377904d0c11e159925ab560f0a8dfb87f5a2ba28789502fef589307883d39973af65d7b10f7ae0f75e2d5b9a469a6036d685883c31863023ddcb821eace77cfadbdd50f21ea2afa4c61f35c47921f06d7a781f4371b4530b189fb0ed85fc50a186801d8034f2969255b346b6067b808c833f7882626096d7de0a635eeae3411fb2a257ad539e14d1bbb47e531b18eb7d564ac511fa366a6238a4b412db8740b9ce75578b22482dc4ae7d4143e3ad9aa7c28ac54eed7c69e9778996c043c650911d7627e1e2e0415c7f5325cb29f2e6be7f33fc7178bd01dedd571ccd7195ae52d04caed1f6cb236ca0189a7fe8e677ec00717430c691c409a0479d63254cb67c5852896d718d5be6bd1d00d5b870f712b18539778817392d9d23ac9bbcbc8fe298c8e1a82943d6c18ec13cdc5ee2878b4473265671d4f2fa43485a9c05ec2db294a4f8491ee0a9a3c1700b8e34fc78e56544bd3d68e274dfc32b1dedcb1f497ed8f59744aef802547d69644642ae372fb1626f2a2b93c9124028cf2bdb4a0b51aa33fc46a9194ae4dcbfe753b98337c06f6257099e8584ac0d42d47fadb8441e2b8d6772cc84a85a7dfdc746f7d2417573c783badf39231a7042faaf6fd5b2d3389e7a05224e888b9d33f8836368ed2fc02315fd3b149399cc9fec0fb1af107dfbf4e5b52d753f1afb5c520c76430c2cd911eb1cd40004b2dd506fa", 0x1000}, {&(0x7f0000000240)="eb0e192b817e8e1cb315c3b3ef11ce91e411d29d25fd0c93750a1b89c1419258e0dc361250a7e7bb3dcbb0d9c92e9deb7491da78a2aba7f82f9d000b841855595a187e312eba2da85227555d2c49c8f640e775899286580fbb913d", 0x5b}], 0x2, &(0x7f00000001c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20, 0x20000001}}, {{&(0x7f0000000300)=@file={0x1, './file0/file0\x00'}, 0x6e, &(0x7f0000001740)=[{&(0x7f0000000380)="3dff6fa1699f476e2a83253c9962a5cf8e75dc3086d2c2a0f75c07d34021f3add3dbcae82747d0b2544ddfd1b75262d7e6ff8dff69d7e3e558c9b1eda4f5128f46d217c596d18bd4950695982301ec0c13a946cd1269660018ff89be7460a64a8e10971b58f7e29bdb43b5eff1f8ce4f5001af827eedde274f516aa7ff8ac2b9dc93d8e998755cee764cf375d79d0e0c19b621b66f9e0c661c2b1ce73ca4f20d5a8ec7bc2f8f379a5ab067c46ece354bfd0111c34918a3d2d77ec5268ab8ffbf546167fcf81a7ff593", 0xc9}, {&(0x7f00000014c0)="fc22105cd55563b313ed068b634e3a81b840a09c53ec1ff75f5552e31d26a9724b6f9d0d09cd7885503d92e17d64f777461bdf5b342e46ef836c18e37382f3c8c1696c6851179f81e6edf14efd4cc45e97a7576346d8f365e422c7ae", 0x5c}, {&(0x7f0000001540)="0d99be1053bffd3900c010c4901d7912f12a875eb9527e0756e93bd1a24f84", 0x1f}, {&(0x7f0000001580)="77083868d658e7172214f6ae3d0932430a315b1f8435424a78f603519b9c7e3c0c32321776f55957889819bac0dead84bd5430a91f1b5850e155aacbf533810ce4bb3cb9c18c55d505d75193bbe9f18ef8a059ae83a099869f3f4b6bf8c9f5a8f51f69febf85f35ffaf27f78c239b66a55472ff1498e93a0b07fe8963fbac85cc9f69f15a1de49c50b14a0d681501b978b3f893496f6e7971b0b7b4915b1b3d5caaad984f5bc1e13f39daea5c377f3e24575eed233ba81380c56eb1a16d9b494a7277be9c2361b6ae4964efd556f1b4a3a7448", 0xd3}, {&(0x7f0000001680)}, {&(0x7f00000016c0)="9eb5d24555afdb227bce8786e059ed2c772975a66b418d7e69c288053900dad3a216a7172c5560a98c9e6fa3fec48f19eb0722f2426d0626414638d778c1875f913e79d479a3", 0x46}], 0x6, 0x0, 0x0, 0x8000}}, {{&(0x7f00000017c0)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f0000001940)=[{&(0x7f0000001840)="5e1ca1283aed66999195ffe6953a2f361e843033c7ae747ce2d8771f74010fd087222661da6c5828530cf37a05b402f451b202ec9f574bf4b63d554e3fae7a95daddeb4195cec22eb22bae39a59831a0cb0d807ed7ce3a00e6ba531e83d333ed8a77be22fa8aecc9f627b9a6975840564c6586a48127a665fdee58c7d804674bb1ecae4a8df85e0c87e6c1189072f0e4f6039adbde2e6ae03d636c94667bdc50be2e35ead9291cc4b26b3e5b974a9d244213476ed101040dc70ef07bbecfbaa67d40af400f94501e19b6b12a8b728f018b8a3e6db51f7a9e8f73714005c1ccb692", 0xe1}], 0x1, &(0x7f0000001e40)=[@cred={{0x1c, 0x1, 0x2, {r1}}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @rights={{0x1c, 0x1, 0x1, [r0, r0, r0]}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x34, 0x1, 0x1, [r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @rights={{0x24, 0x1, 0x1, [r0, r0, r0, r0, r0]}}], 0xf8, 0x80}}, {{&(0x7f0000001f40)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f00000024c0)=[{&(0x7f0000001fc0)="86ce176fd6e4859600d31e4a2be183248be3a66b0637129470ba35467051deff1316c957d443cbe669e03c171bd4890b907295f6a4dca5d6b2fb4b7c73faa1301bb4e98bf6c4a0b2", 0x48}, {&(0x7f0000002040)="accc53279b04b1f5944ec9ca9230336cf48f5e00d05f9b728c2dee5d4ee860092073ebda546f0f96ff495507530c3b4c044f656510df45e0c7b59acf79778d5e19d865770fd4e08af9f681e8932fe0ae1f3867048165d7e87d2d0defbb8daeeb1db4fc43588d3875face15ce698a702250af0dd38c429344c4e7c38abf35974d9bcdc2dbf9087d660bedde3f7b6d3395fccdbdb57d9bc04b15a4fc346248171414a68178dfe5e6760263cfa200d75dd3edebd4b85d6d8f1d7d43ae3ddd2a0170d26679f1", 0xc4}, {&(0x7f0000002140)="54bee65b9b02147a7cd3368cb4cab4c3f7821da6ec0ac246fdd59e6904291bd6731ec7fc38daec4ee75a01e2714728c4c977e54056ee32b93df51197351b9dd94776e75e2234dd857568fa46f0efe9724534ff47118c7d9156a38eece3fa0c462e98fee7f1", 0x65}, {&(0x7f00000021c0)="9123b8f48b011bd34600a94e15fedde7f776f7f2d57e9202a3597d2542966ad5", 0x20}, {&(0x7f0000002200)="be04ce3828f456ac0f52dfea720c2145baddb8deb91b6f04cb869bae57dfc86dc22db6c2e10dccf22fc71b55a3819b69ee936694bce0aacabc6cc7873f58a2fc6c9c89b120f0043c24d5096554d62d77aa9d92a14a53f1dacefd6b936aee974b29d663f19ac3d14e9031", 0x6a}, {&(0x7f0000002280)="853e93b560b111ff7a9b45c3981d735f1213c50a4a2d338bb7d7a8b0264e70719616fead8d2a1074ddbfa948d660a2a5960a024cce00d1f7d415b57b8b0fcca2c3ca1d0946610e2a130239c4259c4797e88279c4dfbbeab4481d5a6cf42207fcd0a1497e6b7cd290dd4b6c12db8146b2d8c6f56cebf711d59d03dbcacd5a3ec437acf741001b74b1caeadd4f24c8fa29636b719823f0337b8e9a1d1ed7f33d2f826977915a", 0xa5}, {&(0x7f0000002340)="bc431f76a2821257679c7f458b3c535146495e62196ffcb77753b348169dc659e15621fa82d457a2a7d101ceff", 0x2d}, {&(0x7f0000002380)="8496459a35e455e5593008737b71693c1ae78625b805ea13730e957c2b026a8ac781feca898a1a7f87a2938f81639b669492e71cfabc9244f6344c6642a34555c4625fcf83ceb5c0fae0d5a10352ab9a96a4b5e72b9382066d63d3b42b28ea5b8981bbddaa1f77b6ba3d8c7b2bb4e747f937e558", 0x74}, {&(0x7f0000002400)="9f8fae9fd666b3f12ba757b176a2509db8694efb6b400c213e722f78f66f099c83cf062dfe481f3fca13fbf2581c9ec844887630fa9507cd84f465ff14a5baa8251e398e688929e03d28af2a333e5682371e7502a6b3c0c97af175f84052b579b3987db06781437bc562bb8a", 0x6c}, {&(0x7f0000002480)="1369fbf5886340978382e944314fbfa18f8dda2f473e4931700c5a8ba437f960", 0x20}], 0xa, &(0x7f0000002580)=[@rights={{0x14, 0x1, 0x1, [r0]}}, @cred={{0x1c, 0x1, 0x2, {r1}}}], 0x38, 0x1}}, {{&(0x7f00000025c0)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f0000002740)=[{&(0x7f0000002640)="4fa76715133627707b3993bff979eb408db462e64b5f97cc83d63a9bb0bcd6b76741c0c4078d847eb2f9d01cf2813d86a4405e257ce4258f490b3930b3ee84df3f2c829240a2daa56eb5b3526106e48fef577b833142da26163e80ec79c0c21e0fc580a43435ca044d0a9cff00203b9a072956bbcfdaa7433b3009482a9d3bbc29ee1abb0d455d55dff1fd76835c9f5c40f4ebd6f921aef03d27d0032a5665e5c86b4908b21c8b949dcbadfbd4f5ea8836bd777d61ee27e546574d9c99191fef5470e8", 0xc3}], 0x1, &(0x7f0000002a00)=[@rights={{0x24, 0x1, 0x1, [r0, r0, r0, r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @rights={{0x20, 0x1, 0x1, [r0, 0xffffffffffffffff, r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {r1, 0x0, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r2, r10}}}, @rights={{0x18, 0x1, 0x1, [r0, r0]}}], 0xc0, 0x28044000}}, {{&(0x7f0000002ac0)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000002f80)=[{&(0x7f0000002b40)="d72fe65fe2454d689bacc13a40a06ff89e29d95578827f8e9f386c4ae173a8a7d0437b0a3f9f9da40e", 0x29}, {&(0x7f0000002b80)="3d08b3420b3e52d694059d533541673a0aff6cdb915946d379c87bca1d7dddecf83245b9afa129b45b25e8e588b21fdb5ce265c5799ff9269b2c22b6610f52c4fa65299d950d24ad396b09e5b659a3bbc2cd997290f4ee9c58d17ef98a48ffbec1673cbf8190699538b6e28b60da0cb9decd", 0x72}, {&(0x7f0000002c00)="dea019d5bf453fbc8b8be0741a3a80da08bc7a7aa7e753a6b3028ff326fc2d526546bbeb71c60c75dfbb213e7b8a1f58f4c1444892ce50affce5e5ede064ae06a920866a57c40a175a694200e04c49cb68f9408ec9afb6add5ae", 0x5a}, {&(0x7f0000002c80)="7d9ad3ade949734595aec508f8752c0da42adcc2f11ecaded76bbf66c5e54a8193f826876063aa8952c61bf26278239088ca097bf5fc902b1e22200e47bd6a49bb6d0d03f88128dcc511df74422ca2adb8d5e71a76", 0x55}, {&(0x7f0000002d00)="232749a1a8ac51176d3684fac44c8927a7ef6482bcec20e7f9c316a118af24a557829cfa12b1d1c032321a451e0b517b13a3a13d556d8837f705d021d0e271b1a1e348365333b670d4a27f8c0e5a3176c5eabcf724ee8d615db7b920a4ec23f59d1bc784c4ab1a028b457be4599966482a97de7fef327bb1bd4eee7acedb6e069ea40d0322b108dc443fa5eecc2a0c6cf2f7722fc09c27e2946da5abcc415d9ec0482dfc45a78f151f7be1b3fe2100adfd44138f3c1d46544d68fb3a1a1e675816725302bab55673242c3d63836e850161ca0bd3e67e9a8b831710587a00dbf3975ee423d45095aeb775f5cfec03dc68dcca81334ff798cbffbffaccccf0", 0xfe}, {&(0x7f0000002e00)="0ab269f98e80cdd79004ce7959d78967bfd30bdce84dc1100c5f5d503cce08b64628d1cd9d5fc88ec90791ac574fc24a6511db6d4fb985033d706c1cb3", 0x3d}, {&(0x7f0000002e40)="48e408775f6df513885e17f549aaed7cbf6026224c66fc2a8343a9406a7f1a5b4d9ddcd380d1f326d757b3463f1946acfe2a1a49bf10449f21539f919205702ee1f0813ab1ff14234e43dc1626acecff29ed0dc1e319459bc5cf0f8404e1eef753d17fe89f69b25eee4c45c5a200a2dd7cd3b8ddbac1c996fa849e2d78c8e800a3f8161e304443819fce41f5058f2d648c510e24f930e0927c21fea8cb01545210c7f1b8d35fff3989c031dfe457a0fdafb94d65d430e1f882deee107acc8c1e8a9f2f4dec4c1666d36ce4163f35fb", 0xcf}, {&(0x7f0000002f40)="aadf269c24f7b352f6ec4338aff4262599f127", 0x13}], 0x8, 0x0, 0x0, 0x11}}], 0x6, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
connect$unix(r11, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r12, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r11, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
poll(0x0, 0x0, 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r13, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, 0x0, 0x714, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)

2.989654227s ago: executing program 8 (id=4824):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x66)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1c, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b70300001b0000008500000083000000bf0900000000000055090100000000009500000000000000bf080000000000007b9af8ff00000000b5090500000000007baaf0ff00000000bda804000000000007080000f8ffffffbfa400000000000007000000f0ffffffb70200000800000018220000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000080000004600000076000000bf91000000000000b6080000000000008500000085000000b700"], &(0x7f0000000980)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.812452615s ago: executing program 8 (id=4825):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
chdir(0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80000001}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="400000002100080429bd7000fcdbdf250a8010060400000000000000140001000000000000000000000000000000000008000f0003000000f800130080000000"], 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x4008040)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000080)={0x980903, 0x5})
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000380)={0x400, 0x30, 0xf0, 0x0, 0x0, 0x1f, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x40, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5})
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000009e000000000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r5}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={r6, 0x6f, &(0x7f0000001040)}, 0x10)
bind$inet6(r4, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r4, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x8, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000000)='veno\x00', 0x5)
writev(r4, &(0x7f0000000880), 0x0)
shutdown(r4, 0x1)

2.730115975s ago: executing program 7 (id=4826):
socket(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x1c, 0x5a, 0x1, 0x0, 0x0, {0x1c}, [@typed={0x8, 0x1, 0x0, 0x0, @binary="1436c99f"}]}, 0x1c}}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x1ffffe, 0x0, 0x7})
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={@ifindex, 0x1e, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, 0x0, 0x5000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000a80)='mm_page_free\x00', r4}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000600)={{r3}, &(0x7f0000000580)=0x20, &(0x7f00000005c0)='%pB    \x00'}, 0x20)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000440)={0xa, 0x4e23, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xf7fffff1}, 0x1c)
connect$inet6(r5, &(0x7f0000000540)={0xa, 0x4e21, 0x1, @local, 0x7ff}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
pread64(r6, &(0x7f0000000000)=""/149, 0x95, 0x0)
ioctl$RTC_PIE_ON(r6, 0x7005)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00'})
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000001c0)=@newsa={0xf0, 0x10, 0x713, 0x0, 0x0, {{@in=@broadcast, @in6=@mcast1, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x20}, {@in=@local, 0x0, 0x33}, @in6=@mcast1, {}, {}, {}, 0x0, 0x3, 0xa, 0x1, 0x1e}}, 0xf0}, 0x1, 0x0, 0x0, 0x8044}, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r1, 0x8140aecc, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xfc})
socket$inet6_mptcp(0xa, 0x1, 0x106)

2.727574647s ago: executing program 6 (id=4827):
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000280))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x12, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000950a2cd6aee9a32645306bd38949db0d51438e021263ee846c9e0002f98873343377239da4075f030a35bd4e4e78f6a36efbc0"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r2, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20)
r4 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(r4, 0x40304580, &(0x7f0000000b40)={0x52, 0x1, 0x1, {0x0, 0x1}, {0x61, 0x800}, @rumble={0x7, 0x5}})
write$char_usb(r4, &(0x7f0000000040)="e2", 0x2250)
bpf$LINK_DETACH(0x22, &(0x7f00000001c0)=r3, 0x4)
close_range(r1, 0xffffffffffffffff, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
prlimit64(0x0, 0x4, &(0x7f0000000140)={0x5, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xa)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x240010, 0x0)
r9 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r9, &(0x7f0000000180)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)

1.732108331s ago: executing program 6 (id=4828):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x2, 0x1, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xb, 0x5}, {0xe, 0xffff}, {0xa, 0xfff1}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_INGRESS={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4048084)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x26, 0x100000005, 0x0, &(0x7f00000001c0))
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

1.731283882s ago: executing program 7 (id=4829):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = memfd_create(&(0x7f0000000580)='\xff\x00l\x1e\xa0</\x00\x8e._\x14zC\x9a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-\xe2\x043\xe6M^\x98\x85x\x14\t\xe9Q1\x1dK\x9a\x045\xd3\x17\xb22\x00D(\xd2\xdd\xa0\xff\x1f\x00\x00\n\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xe36g\xfd\xd2\xd4\xe3\x1f\xa6\xc6\xe2\xa6!\x9aE<2`]<\xf2R?8\xb8\xa3\xbf\xc3\x18s\xf7!~0\xc7y\xe2\xb2VP\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yxm\x96\xbfS\x97\x9c/\x1f5i\xc6\x861\x8a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd26<Z|U6\r\xd7\x18\xad\x1d`\x06\xcfN\a\xf9\xd7 \x1a\xd8\xef\xb6\x9e8Z\t:#r\xa2\xb1h\xc0\xc0a\xa9\xc46A\x01\xac\xe6\xbf !5I\xc9<\x19{)\xa4\xad\v\x923\b\x9d\xbd>,\xc1\x8d\\Rxt\'\xb6\xbf\xc8*\n\xaf\x1b\xec\xfd\xbbY\x99\xb3\x06c\xd6\xf6\xb0\xcd=\xf3\x03`\x93\xd9\xb5\x00\x00$\x00\xeaw\xd9\x10\x0f\x1d\x888\x8cS\x12?R\x99\xda7\xce)\x8f\xcc\x87\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd32J\xd7\x9f\xea:=\xcc\x17(|L\xda\xc3\x1ca\xe8s\xb6\xebw\xc7\xab\x00\xd7pB\xd2\xa1\xcf\xae\x1f2\x9f\x98\xa80\r\x85\xb4\x86\xbc\xd0\xea\xbf\xb1Z\xb7e$\xcf<\ra\x9b\xa5\xdc\v\x1e\xfd\xc7\x91\xf22\xcf\x96\x99\xc1\xbb\xa1j\xe5\xa8\x7f\a\xa9\xa7G\xad\xa3\x8b\xf1\xdb\\]R\x8cf\xac1\xd7V\xaf\xb5\x8e\x10\x95\x9f=2\xd0-\xe1K:\xc3b\x89\x15OS\xa5\x98Ky\x12\xe7Qt#\xeb\x99\a\x10\x1c\xb3N\x85\xeb\x80\x05\x82_\x15\xdc\xbc\xf93\xdd\xf5g\x98\xd4\x8az\xe4`\xa5\x00\x00\x00\x00\xcd\x13\xfc+\xac\xe5\x8bI\f\xd6\x89\xc7HY\xcf\x00O\x88\xe6\x8b\x8bF/\x82u\xffCnG\x02\x82\xfc\xe9Od\x92\x06\xdeg@y\xa6=4\xb1}\xa8Yr\xad9\xb9b)\xec}\x87=\x91:IV\xab\xdf\xa2\xba+6D\x1fuf\xdeJYw$L\xa1\x83NH\xe3\xf2\x91\x8cW\xb7\b\x04\x12\x8b\x8bV\x19\xf1\r\xcb\x94\xa3\xf4\xe4\x97$\x99c\rG\xd7#\xe2\xfd\x80\xadR\x83\xdc\xb8d\x15|\xac\xb8g$\x0f@\xca3\x9f\xb1\xea\xc6vQ\x1b\xdb#\xa3\"\x9f\x9e\xd8\xba\x13d\x9bx\x9a\xbf\xee\xf2kQ\xe0\xc4/~7\xcd\xd1\x06\xe5\x17\x9b\bW|\xbc\x86D\x05\xaf<\xdfy,I2f\xa7G\xe3Qp<\'6 x\n\x94f\xf8\xa2\xea\xf4\xa5\x9eY\xf80C\x91\x7f\x16u\x8c(Xl\x90\xd2\x9f\xa9\xb9kJy[\x93\xfe{\xe5\x1a\xe9\xb7T\x19;\xb9\t\xe7\x0ei\xfaZ\xfbS:\x9b\xc1r\xcbM.\xf8\xb8wR\xb3p~b\xcb\v1-\a-\x8a#\xaa1\xa9\x9a\x88\a\xc5\xb9*\xd3?\xac\n\x9c\xcd\xe2\xc9\xbd\xeb\xb3\xf65\xbdaP\t\xd6\x06\x1c\xeeNg\x92>\x92>\xaf\b3\x05\xfdM\xd2F\v\xbd\xeb\x83 \x9d\x90S\x11w\xefg\\\xca\xe2\xfc~w\xbe\xefh#\x96\xa5h\xec\xbfr\xc8Bi\x90\"(\xf2\xc6\xcc\xfbX\x14{\x9e5\x87\x91\xe2\x9b\xd4\xc6\x00\x00\x00\x00+\x0f\x82\xca\xc1@\xcb~P\xe4\x18\xf9E\'\xab\xc7z\xd7\x05V{\xa1X\xa3\x10\x13.]tlz\x12\xde\xf2\xa43\xee#\x92J~\xda \x9b\xc4\xc0V\xb3\x9dCO\x1fu\x1c4\x1d\v}\x1b\xe5>w\xfbsm\xa3\fI|\x96-p\x86\xd3O\xfa\x9a\x8f\xb2\x8e\x88qGEGG\x97&\xef\x8e!}a\xff\xff\x00\x00\x90\xd7;\x12lE\x0es\xb7\xe9$=\xe0\x98E\xdc\x01\x9f\xb7\x10\xe8\x94\xa8\x9c>\x87\xfd\x864\xfaT!\xdb\x98\xaa\xb1\x8b\x99\x8b\x1e\xd2\xcb\xfduaO\x18\xc6\xc0\xb3hv%\v\x941\xdeL\x92-\xba\x10\x96eA\x11\x1a\x11\xf7q\b]\xe7v\'\xcf\xb9b%\xff\xa8\x99L\xa23N*\x1ag\x99\x8e@\x80-E&\x99\b\xebW\x19WG\xb3\x88\x1e<\\g\x1959\xc9\xfb\x91\xa3\xe0bp', 0x4)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dccc)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket(0x11, 0xa, 0x5)
r2 = socket$packet(0x11, 0x2, 0x300)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000001200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8=r2, @ANYRES64=r2], 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x4c092, r1, 0x0)
fallocate(r1, 0x3, 0x8dc, 0xfffffffb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='sched_switch\x00', r6}, 0x18)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000600)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07006706000020000000170200000ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffbd35010000000000840400000000000014000000100000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b848b00ea6553f304000000815dcf00c3ee7b042d1937ba52037fdedb2150e1918c30b6301f0212feb0cff9fc56357d81b2cc1a9e37d7b75c020b070000003eb22062bafaca036d9cc7db6671573e202e0a92ee4ba12b064981cc32d1ac0b9ecc8f604dcac2563e1c1e7624cc3b88b330ad416c4c1d8c60589b6045a4ffff50df4d34bc5847bebb943a84cb56956931ba9cc39c4a9deea5d77aa843a40000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000000)={r7}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000300)=@framed={{0x62, 0xa, 0x0, 0xffc4, 0xb8000003, 0x71, 0x10, 0xaa, 0x7}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)

1.730783921s ago: executing program 5 (id=4830):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0x2284, &(0x7f00000000c0)={0x0, 0x2083, 0x0, 0x0})
ioctl$VIDIOC_SUBDEV_S_FMT(0xffffffffffffffff, 0xc0585605, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="0800b685f75b000200fc00ff05ffdf00da8075392313db00", 0x18)
r5 = socket(0x1e, 0x5, 0x0)
listen(r5, 0x0)
r6 = socket(0x1e, 0x805, 0x0)
sendmsg$tipc(r6, &(0x7f0000000400)={&(0x7f0000000100)=@nameseq={0x1e, 0x1, 0x1, {0x0, 0x4, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x24000000}, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000, 0x0, 0x2}, 0x1c)
sendmsg$tipc(r6, &(0x7f0000000240)={&(0x7f0000000300), 0x10, &(0x7f0000000500)=[{&(0x7f0000000340)='Z', 0x1}], 0x1}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

1.647874366s ago: executing program 8 (id=4831):
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
syz_open_pts(0xffffffffffffffff, 0x141601)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)

1.354247727s ago: executing program 8 (id=4832):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x44997e9625d2448d})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7, 0x0, 0xe3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00'}, 0x90)

740.036587ms ago: executing program 6 (id=4833):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c00000105a389286c1134231ac330d792b0b889ea9d42068a3b1e68da11b463923243a04b9a1bb03cee306b7eb0353e3a2174a461480a115c087b94c546139b6b10a32dac8d1d9e5b9bda9675d13dbd13de42db37101ebd79acf1857daab3c91fb3bd38766a04db3b684ef21af74f34e1b9a936a42f77383b71a6dedb40a192632530ef96f7", @ANYRES16=r1, @ANYBLOB="010126bd7000000000002b00000008000300", @ANYRES32=r2, @ANYBLOB="0400460005003400c4000000080026006c0900001c00518018000080090001003b9f558ca80000000500020000000000"], 0x4c}, 0x1, 0x0, 0x0, 0xd0}, 0x0)
sendmsg$NL80211_CMD_STOP_NAN(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r1, 0x4, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @void}}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x801)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x66)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmsg$alg(r4, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x48814}, 0x14000012)
recvmmsg$unix(r4, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000680)=""/139, 0x8b}], 0x1}}], 0x1, 0x10000, 0x0)
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000480)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000440)={&(0x7f0000000b40)=ANY=[@ANYBLOB="d4030000", @ANYRES16=r1, @ANYBLOB="200028bd7000fcdbdf252e00000008000300", @ANYRES32=r2, @ANYBLOB="040001010800c9006c0900001000b00008000000fbff04007f22070004004600d4012a00052907f3019c4d3f471f5e37900df155d34cb1dffd6b1b7027b01724590ba204e052c412e883c47180e0ac0105ec92d08b92268a071089a3b8570c7c9b6789af5106e7fdec32e08ec2440989b3040979dce147f76a9417e13889a43a6e78063c5f89047d7697fed2a8c0e46d03783ddb01607d9e5518228c2553f5e8dde4a264d5c33f15e5f80a0b1e000cb859f0984bbd893aa19826f82942a0741b9f279bce6e2cddb6a9d3b46c9c989ea72d5978e8fbae7d4c5ffe279f7d55738285583b8c4db0bd060802110000008408ff104008021100000101000000ffffffffffff080000080211000000040000003b0000080211000000a14e000039004008021100000010000000ffffffffffff250000080211000001fbffffff390000ffffffffffff0000010019004008021100000103000000ffffffffffff040000ffffffffffff0800000034000008021100000100010000400040bb5411000000090000000802110000000400400802110000010000000008021100000011004008021100000108000000ffffffffffff0500400802110000000c00000008021100000119004008021100000004000000ffffffffffff0b004008021100000104000000ffffffffffff0f0000ffffffffffff070000000200b8005180200000800800030001ac0f00110001002640e167917adbf5e89bbfd771000000580000802c000880040001000400010004000100040001000400020004000100040001000400020004000200040002000800030001ac0f00050009000000000004000600040005000800030005ac0f00080007000100000024000080040005000500020002000000050002000200000008000880040001000400040018000080050009000200000009000400e36df014060000000a003400312c695a04d40000f601fa007f296cea6ed9f03f162d914b4e10eee76e56f259c13df939895e7fb8ca623ff72855e7c25f54c65f961392a73bf961cef7f47db04f69366d9be669d13588df7ec23ee0622744d8c6b15df4bc3d49cf62c25eac5b778ce6c0c324fb29296f93bb1d97af77add83e4f0ead5c027b08366b7f84bd41ee4469386605b69d11b03406ef9ede8e511eeceff2bd8fd8a6a5c0f35394a96a48ad2840dd0abfae04ab42622963e9ad9b93797be03961e43adfbfc1a5d4b14f13009303ef100a7a0888fc3348c7a585aea293ec2837addb9bf7e748347ded6b1dcb7ec1c0cd03d7a2644b6980ea0cc42f8e18b37f8ee020f22ff1e25f9700000800c900"], 0x3d4}, 0x1, 0x0, 0x0, 0x4020}, 0x4040080)
setsockopt$PNPIPE_ENCAP(r5, 0x113, 0x1, &(0x7f0000000080)=0x1, 0x4)

514.072823ms ago: executing program 6 (id=4834):
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/timer\x00', 0x0, 0x0)
pread64(r0, &(0x7f0000000000)=""/41, 0x29, 0x352a)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3f}}}, 0x80, &(0x7f0000000380)=[{&(0x7f00000001c0)="dfc349cbbb4a459d22f31a0e416cddeeafb23d1e2bb6196e53c72435a36ef2d0f59728fd1bd0a3ffed73a0277fc5995776", 0x31}, {&(0x7f0000000200)="aab1c7048ea67b2884215b8bed0a3425516a98757f6f5bad17b1c4fbb73843d829d65fedb7e84173429285e54ba7", 0x2e}, {&(0x7f0000000480)="441f08ea412781171c73b0f6329474c7f07b99286b015a8a92931744005d856d36c7f93cae49c64d54b20deacba642579d89cc1a5a7b0d34c8167a799f8d1798340356fdd8c99d1c15a4856006a435363355f3046670f5b2ece91453cbc6e6d45b9d4b63eb5b87b35ce6386188ebc2dd01817209f31116c2b00ee2af3b8bb5a94e8ff31f348ca4017af63abe96c5ac1fa3931052ecf699f6a845a3e4e9219023059de3d1b88518a6c3ab90578095d610ba0b1425253e5a3813fd18e4ae6fce8be38c3c85b7ebfcadca798909efd8fbddde0a1e49505b80962eec39ba7a3c0a9d6ca1f969df802d7e8bfa970a38c02403e5de6cac0204253fb3bd450062bac50b05205066ac84c1c9dd3999b0009ea6163fcd6a0d3f2a8fb13c6683e2494f6ffa51a0293e7f60ddb2d4dc37505d426679eb478a9af74e9efeaf117f540e1f62600cbf2f70fe86ee819d7b5c9212aeedd23d452fef85b6f29d3a6a2ee33fdb52515e6245301ba54f7976f1064ace707313427dbbf6c74fa86411de19526a48a7f3302c76b168e529a57764cd2a666b17ef0ec534ac9e02ee458b6abc8db5b3449c78e073deda5fe2abbe28b466c0621326f138fb07a9c139b7ef801a8b8900c242e04cf7125dd7183d38fca09681d75704803ac1a50e2c48f649b1816fcb9bd9daa028d53c740674eeeaf611d2a0c352c873ad71ef00087d484f2ef9847dd9e7a4c97f36e23bd02bcf5e8f17a99e90985f70f31b0cb0f221e4bcf747db1ddd8c56c87d52592f2ede5b43441fdede77fa21c1562fcfbaa8e4ff0e5fc941858393d01261c6f9f5a46550c2abc8b798e64938bff97718b271c9800782c6048f5cb931f1452f701606ce0f11eb616077b4a243ccf88bb131752fe10c8e3607a854dda9da3cba6a3f8d9dfc161ec8e4f9ac9f447dfd46d12c761af1bcf1dd6db87d044cf364c30c763c1e03e910cbc331ebe977f16be5da4ecf12cf94d27b802da7366fc43d9be6633174969d28e2a3774bdec3c35256ea23749ac94b1bacdb213780a6937359f632b22dc2ed836f173578ba7d6eb17ac1320efd1c338ddbfaf430e65765567f2a7418ae41f4e0867a1954e9a2afdda45b2195083ecd7774c6196c1c7bebac79d3f7ad9feb5d450137b319ba6b60e6c6a2b4afc50c487cfe9a1be91466c2bbbf0e50e72770f9a56a0201aa8679af7e0dc9fd1be3180d08ac2b715df24e591060239c733aa6baa133c6a23673f9fe5c526e9ba5b70a7595cdaab0e7aef4e4f6360b110f2804be44de94490ecec8f064d6b2b9dd8c4d0d9673d6045b0dac03ad6d44581bf7b76d1883ef1ba5504292225348c368d9596e17f30b9e843c48da369c017f9d4989c19a1d4af0a0ba79ed7f3363360b958674b77b4ceb1e3f0ff03a03bfd04d19112d1946124739278e6cc820f7f820f8b82da91024cb7914325ee18f552115b9bc44e8f39b5d0857d88f615e28ecadcf9ec20e6c0f7adc96c9eea7f002323ad3403b6d0df59d71719cb6ad5187ff40a3e99ddeb4cdd28df35b9435233ba8299eb0035a4f9f5d6db1871334aabf16cd30769ff32ae7dbe94e4ff8e561499929eb42a824b14abc0abd6242741d1116be58f79e017c50a42f8c3c7650b5819d7901fb4f9573ac21aa096f4a13c5f1b3f60e366488856417dcdee02ab75ecc571e2e4ef9d64e0bbd4d94cda57ac51fb6219bff39341d134cd5d74187c1936a4f9177eb45cf786bbf40c7084065e7cd76af7f5617f7a2c59ece4994b5a8ea72f1d407aca43c9c74f98b62bd0c360b3035ea3fd6030b86ff904c861af32fd496341724e1c9f86c420fb4f0059e44bbdd2534e44e8fc068214294771b152b48c25961", 0x526}], 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff00)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x488c0)
sendmsg$nl_xfrm(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000009c0)=ANY=[], 0x34c}}, 0x0)

192.452867ms ago: executing program 6 (id=4835):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x66)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1c, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b70300001b0000008500000083000000bf0900000000000055090100000000009500000000000000bf080000000000007b9af8ff00000000b5090500000000007baaf0ff00000000bda804000000000007080000f8ffffffbfa400000000000007000000f0ffffffb70200000800000018220000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000080000004600000076000000bf91000000000000b6080000000000008500000085000000b700"], &(0x7f0000000980)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

129.331749ms ago: executing program 5 (id=4836):
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0xb)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_percpu\x00', 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x18)
fstat(r4, &(0x7f0000009cc0))
r5 = socket(0x25, 0xa, 0x7f)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000ec0)=@raw={'raw\x00', 0xc08, 0x3, 0x440, 0x310, 0x5002004a, 0xb, 0x310, 0xea13, 0x3a8, 0x3c8, 0x3c8, 0x3a8, 0x3c8, 0x3, 0x0, {[{{@ip={@multicast2, @private=0xa010101, 0xff, 0xffffffff, 'bridge0\x00', 'veth0_macvtap\x00', {}, {0xff}, 0x5c, 0x3, 0x2}, 0x0, 0x2c8, 0x310, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x2, 0x0, [{}, {0x16}, {0x4}, {}, {}, {0x0, 0x0, 0x5e}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x6}, {0x0, 0x0, 0x4}, {}, {0x4, 0x8}, {}, {}, {0x1}, {0x0, 0x0, 0x0, 0x7f}, {0x0, 0x4}, {}, {}, {}, {0xfffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {0x0, 0x0, 0x40}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x80}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xfd}]}}, @common=@inet=@socket3={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4a0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, 0x0, 0x4000000)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0xeef, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x3, 0x7, 0x7, 0xfffffffffffff050, 0x0, 0x80000000, 0x2, 0xfffeffffffffffff, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8})
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x4)
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
r8 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_CONTEXT(r8, 0x84, 0x11, &(0x7f0000001dc0)={0x0, 0x8}, &(0x7f0000001e00)=0x8)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

0s ago: executing program 6 (id=4837):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sendmsg$nl_crypto(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
syz_open_dev$sndpcmc(&(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x202, 0x0)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x60102, 0xc)
fcntl$setstatus(r3, 0x4, 0x6800)
write$binfmt_format(r3, &(0x7f0000000040)='0\x00', 0x2)
read$FUSE(r3, &(0x7f0000000300)={0x2020}, 0x2020)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000b40)={0x38, r5, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
sendmsg$TIPC_NL_BEARER_SET(r2, &(0x7f0000000280)={&(0x7f0000000200), 0xc, &(0x7f0000000240)={&(0x7f0000000680)={0x1ec, r5, 0x102, 0x70bd28, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x60, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @private=0xa010100}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x2, @rand_addr=' \x01\x00', 0x6}}}}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x200}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}]}, @TIPC_NLA_MEDIA={0xc0, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x63fb}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x510}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xb06e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xd1}]}, @TIPC_NLA_MEDIA_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x200}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffeff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_MEDIA={0xb8, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}]}, @TIPC_NLA_MEDIA_PROP={0x4}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}]}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5d84c8f6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xaf1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}]}]}, 0x1ec}, 0x1, 0x0, 0x0, 0x80}, 0x200448c4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket(0x1e, 0x80004, 0x0)
r7 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x7, 0x0, 0x1000004}, 0x10)
sendmmsg(r6, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
ppoll(&(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

e_slave_0) entered disabled state
[ 1646.149531][ T1107] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1646.190207][ T1107] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1646.203151][ T1107] bond0 (unregistering): Released all slaves
[ 1647.609674][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1647.620854][ T5835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1647.629040][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1647.642222][ T5835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1647.677303][ T5835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1647.694491][ T1107] hsr_slave_0: left promiscuous mode
[ 1647.749475][ T1107] hsr_slave_1: left promiscuous mode
[ 1647.777726][ T1107] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1647.785140][ T1107] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1648.239141][ T1107] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1648.254949][ T1107] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1648.362197][ T1107] veth1_macvtap: left promiscuous mode
[ 1648.437773][ T1107] veth0_macvtap: left promiscuous mode
[ 1648.444259][ T1107] veth1_vlan: left promiscuous mode
[ 1648.469293][ T1107] veth0_vlan: left promiscuous mode
[ 1648.917923][T22009] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4374'.
[ 1649.819689][ T5835] Bluetooth: hci3: command tx timeout
[ 1650.438260][T17217] usb 6-1: new high-speed USB device number 62 using dummy_hcd
[ 1650.546142][T11046] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1650.601428][T17217] usb 6-1: Using ep0 maxpacket: 8
[ 1650.612531][T17217] usb 6-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[ 1650.622324][T17217] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1650.630715][T17217] usb 6-1: Product: syz
[ 1650.634936][T17217] usb 6-1: Manufacturer: syz
[ 1650.640006][T17217] usb 6-1: SerialNumber: syz
[ 1650.648946][T17217] usb 6-1: config 0 descriptor??
[ 1650.657424][T17217] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[ 1650.665553][T17217] usb 6-1: setting power ON
[ 1650.671771][T17217] dvb-usb: bulk message failed: -22 (2/0)
[ 1650.681749][ T1107] team0 (unregistering): Port device team_slave_1 removed
[ 1650.682673][T17217] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1650.699452][T17217] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[ 1650.708411][T17217] usb 6-1: media controller created
[ 1650.734476][T17217] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1650.749642][T11046] usb 9-1: Using ep0 maxpacket: 32
[ 1650.763283][T11046] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1650.777886][T11046] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1650.779340][T17217] usb 6-1: selecting invalid altsetting 6
[ 1650.792336][T11046] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1650.794986][T17217] usb 6-1: digital interface selection failed (-22)
[ 1650.805343][T11046] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1650.813919][T17217] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[ 1650.828085][T11046] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1650.848848][T17217] usb 6-1: setting power OFF
[ 1650.857083][T17217] dvb-usb: bulk message failed: -22 (2/0)
[ 1650.863138][T17217] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[ 1650.877167][ T1107] team0 (unregistering): Port device team_slave_0 removed
[ 1650.883001][T11046] usb 9-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1650.893511][T11046] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1650.899004][T17217] (NULL device *): no alternate interface
[ 1650.910139][T11046] usb 9-1: Product: syz
[ 1650.922837][T11046] usb 9-1: Manufacturer: syz
[ 1650.927514][T11046] usb 9-1: SerialNumber: syz
[ 1650.941431][T11046] usb 9-1: config 0 descriptor??
[ 1650.946599][T17217] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[ 1650.950254][T17217] usb 6-1: USB disconnect, device number 62
[ 1650.978499][T22028] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1650.992250][T11046] input: Generic X-Box pad as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/input/input38
[ 1651.204575][T11046] usb 9-1: USB disconnect, device number 4
[ 1651.968359][ T5835] Bluetooth: hci3: command tx timeout
[ 1652.774696][T22038] vivid-000: kernel_thread() failed
[ 1654.014148][T21998] lo speed is unknown, defaulting to 1000
[ 1654.035916][ T5835] Bluetooth: hci3: command tx timeout
[ 1656.117584][ T5835] Bluetooth: hci3: command tx timeout
[ 1656.636075][T17217] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1657.443929][T17217] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1657.457012][T17217] usb 9-1: unable to read config index 0 descriptor/start: -71
[ 1657.500001][T17217] usb 9-1: can't read configurations, error -71
[ 1658.120694][T21998] chnl_net:caif_netlink_parms(): no params data found
[ 1659.288093][T22075] netlink: 152 bytes leftover after parsing attributes in process `syz.5.4390'.
[ 1659.321294][T21998] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1659.336451][T17217] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 1659.341971][T21998] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1659.516179][T21998] bridge_slave_0: entered allmulticast mode
[ 1659.536582][T21998] bridge_slave_0: entered promiscuous mode
[ 1659.548741][T21998] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1659.557311][T21998] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1659.565041][T21998] bridge_slave_1: entered allmulticast mode
[ 1659.578843][T21998] bridge_slave_1: entered promiscuous mode
[ 1659.729506][T17217] usb 9-1: config 0 has an invalid interface number: 84 but max is 0
[ 1661.192045][T17217] usb 9-1: config 0 has an invalid interface number: 66 but max is 0
[ 1661.201037][T17217] usb 9-1: config 0 has 2 interfaces, different from the descriptor's value: 1
[ 1661.211266][T17217] usb 9-1: config 0 has no interface number 0
[ 1661.218598][T17217] usb 9-1: config 0 has no interface number 1
[ 1661.224877][T17217] usb 9-1: config 0 interface 84 altsetting 0 endpoint 0x4 has invalid maxpacket 1560, setting to 64
[ 1661.236005][T17217] usb 9-1: config 0 interface 84 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1661.249179][T17217] usb 9-1: too many endpoints for config 0 interface 66 altsetting 153: 216, using maximum allowed: 30
[ 1661.260352][T17217] usb 9-1: config 0 interface 66 altsetting 153 bulk endpoint 0x5 has invalid maxpacket 32
[ 1661.271290][T17217] usb 9-1: config 0 interface 66 altsetting 153 has an endpoint descriptor with address 0x12, changing to 0x2
[ 1661.283214][T17217] usb 9-1: config 0 interface 66 altsetting 153 has an endpoint descriptor with address 0xE6, changing to 0x86
[ 1661.295559][T17217] usb 9-1: config 0 interface 66 altsetting 153 endpoint 0x86 has invalid maxpacket 34869, setting to 1024
[ 1661.311053][T17217] usb 9-1: config 0 interface 66 altsetting 153 bulk endpoint 0x86 has invalid maxpacket 1024
[ 1661.322256][T17217] usb 9-1: config 0 interface 66 altsetting 153 has 3 endpoint descriptors, different from the interface descriptor's value: 216
[ 1661.336267][T17217] usb 9-1: config 0 interface 66 has no altsetting 0
[ 1661.552810][T17217] usb 9-1: New USB device found, idVendor=8086, idProduct=0b63, bcdDevice=ca.f3
[ 1661.566102][T17217] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1661.840377][T21998] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1661.849716][T17217] usb 9-1: Product: syz
[ 1661.855750][T17217] usb 9-1: Manufacturer: syz
[ 1661.874312][T21998] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1661.884426][T17217] usb 9-1: SerialNumber: syz
[ 1661.892259][T17217] usb 9-1: config 0 descriptor??
[ 1661.904797][T17217] usb 9-1: can't set config #0, error -71
[ 1661.926150][T17217] usb 9-1: USB disconnect, device number 7
[ 1662.940436][T21998] team0: Port device team_slave_0 added
[ 1662.987675][T21998] team0: Port device team_slave_1 added
[ 1665.898769][T21998] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1665.922154][T21998] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1665.951870][T21998] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1665.965326][T21998] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1665.991286][T21998] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1666.028263][T21998] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1667.850807][T21998] hsr_slave_0: entered promiscuous mode
[ 1667.861349][T21998] hsr_slave_1: entered promiscuous mode
[ 1668.113156][T22138] netem: incorrect ge model size
[ 1668.118771][T17217] usb 7-1: new full-speed USB device number 37 using dummy_hcd
[ 1668.130855][T22138] netem: change failed
[ 1668.299584][T17217] usb 7-1: config index 0 descriptor too short (expected 63186, got 210)
[ 1668.308722][T17217] usb 7-1: config 0 has an invalid interface number: 106 but max is 0
[ 1668.317173][T17217] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1668.328056][T17217] usb 7-1: config 0 has no interface number 0
[ 1668.338881][T17217] usb 7-1: config 0 interface 106 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1668.369984][T17217] usb 7-1: config 0 interface 106 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[ 1668.394807][T17217] usb 7-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[ 1668.405405][T17217] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1668.761109][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 1668.816827][T17217] usb 7-1: config 0 descriptor??
[ 1668.871736][T17217] usb 7-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 1669.354025][T22150] sg_write: process 761 (syz.7.4412) changed security contexts after opening file descriptor, this is not allowed.
[ 1669.420621][T22136] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4408'.
[ 1669.456044][T22136] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4408'.
[ 1669.576029][ T1655] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[ 1669.757206][ T1655] usb 9-1: Using ep0 maxpacket: 32
[ 1670.006881][ T9946] usb 7-1: Failed to submit usb control message: -110
[ 1670.046008][ T1655] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1670.069508][ T9946] usb 7-1: unable to send the bmi data to the device: -110
[ 1670.085058][ T9946] usb 7-1: unable to get target info from device
[ 1670.106163][ T1655] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1670.116452][ T9946] usb 7-1: could not get target info (-110)
[ 1670.184489][ T9946] usb 7-1: could not probe fw (-110)
[ 1670.191882][ T1655] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1670.196295][ T5912] usb 7-1: USB disconnect, device number 37
[ 1670.250427][ T1655] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1670.280645][T22156] lo speed is unknown, defaulting to 1000
[ 1670.282510][ T1655] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1670.344097][ T5835] Bluetooth: hci1: connection err: -111
[ 1670.398237][ T1655] usb 9-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1670.424924][ T1655] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1670.502136][ T5831] usb 6-1: new high-speed USB device number 63 using dummy_hcd
[ 1670.543480][ T1655] usb 9-1: Product: syz
[ 1670.549381][ T1655] usb 9-1: Manufacturer: syz
[ 1670.747838][   T30] audit: type=1326 audit(1751291399.275:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22158 comm="syz.7.4415" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe5d078e929 code=0x0
[ 1671.129242][ T1655] usb 9-1: SerialNumber: syz
[ 1671.148566][ T1655] usb 9-1: config 0 descriptor??
[ 1671.164607][T22148] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1671.177935][ T5831] usb 6-1: config 0 has no interfaces?
[ 1671.259796][ T1655] input: Generic X-Box pad as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/input/input39
[ 1671.284500][ T5831] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1671.298736][ T5831] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1671.316039][ T5831] usb 6-1: Product: syz
[ 1671.331380][ T5831] usb 6-1: Manufacturer: syz
[ 1671.345970][ T5831] usb 6-1: SerialNumber: syz
[ 1671.375043][ T5831] usb 6-1: config 0 descriptor??
[ 1671.398486][ T5889] usb 9-1: USB disconnect, device number 8
[ 1672.419704][ T5831] usb 6-1: USB disconnect, device number 63
[ 1673.155454][T21998] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1673.929698][T21998] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1673.999123][T21998] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1674.074673][T22182] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1675.536250][T21998] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1675.761316][ T5835] Bluetooth: hci0: connection err: -111
[ 1676.142066][   T30] audit: type=1326 audit(1751291404.695:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22206 comm="syz.8.4426" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fad2598e929 code=0x0
[ 1677.218651][T21998] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1677.305258][T21998] 8021q: adding VLAN 0 to HW filter on device team0
[ 1677.343840][T17904] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1677.351095][T17904] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1677.387124][ T5831] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[ 1677.412438][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1677.419719][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1677.562140][ T5831] usb 7-1: Using ep0 maxpacket: 32
[ 1677.591300][ T5831] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1677.603305][ T5831] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1677.635934][ T5831] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1677.636390][ T5912] usb 6-1: new high-speed USB device number 64 using dummy_hcd
[ 1677.653543][ T5831] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1677.686952][ T5831] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1677.726579][ T5831] usb 7-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1677.735745][ T5831] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1677.757016][ T5831] usb 7-1: Product: syz
[ 1677.761256][ T5831] usb 7-1: Manufacturer: syz
[ 1677.775907][ T5831] usb 7-1: SerialNumber: syz
[ 1677.788281][ T5831] usb 7-1: config 0 descriptor??
[ 1677.796457][T22219] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1677.820539][ T5831] input: Generic X-Box pad as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input40
[ 1677.830266][ T5912] usb 6-1: Using ep0 maxpacket: 8
[ 1677.855778][ T5912] usb 6-1: config index 0 descriptor too short (expected 26966, got 80)
[ 1677.879240][ T5912] usb 6-1: config 116 has too many interfaces: 114, using maximum allowed: 32
[ 1677.894682][T21998] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1677.898010][ T5912] usb 6-1: config 116 has an invalid descriptor of length 0, skipping remainder of the config
[ 1677.925926][ T5912] usb 6-1: config 116 has 0 interfaces, different from the descriptor's value: 114
[ 1677.948535][ T5912] usb 6-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[ 1677.969597][ T5912] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1677.981709][ T5912] usb 6-1: Product: syz
[ 1677.990139][ T5912] usb 6-1: Manufacturer: syz
[ 1677.994759][ T5912] usb 6-1: SerialNumber: syz
[ 1677.997211][T21998] veth0_vlan: entered promiscuous mode
[ 1678.027178][ T5889] usb 7-1: USB disconnect, device number 38
[ 1678.040384][T21998] veth1_vlan: entered promiscuous mode
[ 1678.107615][T21998] veth0_macvtap: entered promiscuous mode
[ 1678.139420][T21998] veth1_macvtap: entered promiscuous mode
[ 1678.199702][T21998] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1678.230883][T21998] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1678.787089][T21998] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1678.897728][T21998] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1679.007418][T21998] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1679.113560][T21998] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1679.353189][T22235] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1680.507290][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1680.526758][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1681.042769][ T5912] usb 6-1: USB disconnect, device number 64
[ 1681.083290][ T9946] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1681.117360][ T9946] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1681.725374][T22258] overlayfs: failed to resolve './file1': -2
[ 1683.063556][   T30] audit: type=1326 audit(1751291411.165:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22263 comm="syz.6.4440" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f732cb8e929 code=0x0
[ 1683.309273][T22270] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4441'.
[ 1683.881049][ T9945] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1684.102452][ T9945] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1684.238801][ T9945] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1684.288790][T21737] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1684.300556][T21737] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1684.320294][T21737] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1684.323051][ T9945] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1684.334012][T21737] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1684.347621][T21737] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1684.380321][T22274] lo speed is unknown, defaulting to 1000
[ 1684.472629][ T9945] bridge_slave_1: left allmulticast mode
[ 1684.478750][ T9945] bridge_slave_1: left promiscuous mode
[ 1684.485921][ T9945] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1684.494816][ T9945] bridge_slave_0: left allmulticast mode
[ 1684.500916][ T9945] bridge_slave_0: left promiscuous mode
[ 1684.507711][ T9945] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1686.458093][ T5835] Bluetooth: hci2: command tx timeout
[ 1686.635184][T21737] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1686.645743][T21737] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1686.653829][T21737] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1686.666831][T21737] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1686.674531][T21737] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1686.706803][ T9945] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1686.735763][ T9945] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1686.770343][ T9945] bond0 (unregistering): Released all slaves
[ 1687.587154][T22299] lo speed is unknown, defaulting to 1000
[ 1687.670926][T22308] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4451'.
[ 1688.516806][T21737] Bluetooth: hci2: command tx timeout
[ 1688.713645][T22315] vxfs: WRONG superblock magic 00000000 at 1
[ 1688.720486][T22315] vxfs: WRONG superblock magic 00000000 at 8
[ 1688.730297][T22315] vxfs: can't find superblock.
[ 1688.785988][T21737] Bluetooth: hci3: command tx timeout
[ 1688.940366][T22321] netlink: 'syz.7.4454': attribute type 2 has an invalid length.
[ 1689.227172][T22274] chnl_net:caif_netlink_parms(): no params data found
[ 1689.288247][ T9945] hsr_slave_0: left promiscuous mode
[ 1689.294278][ T9945] hsr_slave_1: left promiscuous mode
[ 1689.301735][ T9945] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1689.309222][ T9945] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1689.317296][ T9945] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1689.324702][ T9945] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1689.377171][ T9945] veth1_macvtap: left promiscuous mode
[ 1689.386079][ T9945] veth0_macvtap: left promiscuous mode
[ 1689.391741][ T9945] veth1_vlan: left promiscuous mode
[ 1689.425486][ T9945] veth0_vlan: left promiscuous mode
[ 1690.628875][ T5835] Bluetooth: hci2: command tx timeout
[ 1690.848321][ T5835] Bluetooth: hci3: command tx timeout
[ 1691.456412][ T5835] Bluetooth: hci0: command 0x0401 tx timeout
[ 1691.593980][T22350] vivid-000: kernel_thread() failed
[ 1692.527878][T22367] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[ 1692.537265][T22367] overlayfs: missing 'lowerdir'
[ 1692.620055][ T9945] team0 (unregistering): Port device team_slave_1 removed
[ 1692.683018][T21737] Bluetooth: hci2: command tx timeout
[ 1692.694260][ T9945] team0 (unregistering): Port device team_slave_0 removed
[ 1692.770617][T22367] ieee802154 phy0 wpan0: encryption failed: -22
[ 1692.917127][T21737] Bluetooth: hci3: command tx timeout
[ 1693.037556][ T5831] IPVS: starting estimator thread 0...
[ 1693.128673][T22372] IPVS: using max 31 ests per chain, 74400 per kthread
[ 1694.679797][T22299] chnl_net:caif_netlink_parms(): no params data found
[ 1694.692362][T22274] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1694.700739][T22274] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1694.709254][T22274] bridge_slave_0: entered allmulticast mode
[ 1694.717083][T22274] bridge_slave_0: entered promiscuous mode
[ 1694.769036][T22274] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1694.785917][T22274] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1694.794390][T22274] bridge_slave_1: entered allmulticast mode
[ 1694.804803][T22274] bridge_slave_1: entered promiscuous mode
[ 1694.996018][T21737] Bluetooth: hci3: command tx timeout
[ 1695.335490][T22396] overlayfs: failed to resolve './file0': -2
[ 1695.923196][T22274] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1695.937470][T22274] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1695.957113][T22299] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1695.974600][T22299] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1695.983910][T22299] bridge_slave_0: entered allmulticast mode
[ 1695.991160][T22299] bridge_slave_0: entered promiscuous mode
[ 1696.012542][T22299] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1696.020907][T22299] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1696.028220][T22299] bridge_slave_1: entered allmulticast mode
[ 1696.042447][T22299] bridge_slave_1: entered promiscuous mode
[ 1696.126639][T22274] team0: Port device team_slave_0 added
[ 1696.268196][T22274] team0: Port device team_slave_1 added
[ 1696.278165][T22299] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1696.384466][T22299] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1696.554327][T22274] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1696.600742][T22274] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1696.760189][T22274] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1697.459118][T22274] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1697.474485][T22274] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1697.511137][T22274] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1697.636659][T22299] team0: Port device team_slave_0 added
[ 1697.711305][T22299] team0: Port device team_slave_1 added
[ 1697.843167][T22274] hsr_slave_0: entered promiscuous mode
[ 1697.863896][T22274] hsr_slave_1: entered promiscuous mode
[ 1698.398404][T22426] netlink: 92 bytes leftover after parsing attributes in process `syz.8.4481'.
[ 1698.516168][T22426] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4481'.
[ 1698.534109][T22299] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1698.541507][T22299] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1698.678379][T22299] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1698.691066][T22299] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1698.698438][T22299] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1698.724488][T22299] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1698.745946][T22426] sp0: Synchronizing with TNC
[ 1698.765434][T22423] [U] �`
[ 1700.563603][T22299] hsr_slave_0: entered promiscuous mode
[ 1700.599546][T22299] hsr_slave_1: entered promiscuous mode
[ 1700.606423][T22299] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1700.614593][T22299] Cannot create hsr debugfs directory
[ 1702.394711][T22472] FAULT_INJECTION: forcing a failure.
[ 1702.394711][T22472] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1702.415280][T22472] CPU: 1 UID: 0 PID: 22472 Comm: syz.8.4494 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1702.415306][T22472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1702.415318][T22472] Call Trace:
[ 1702.415326][T22472]  <TASK>
[ 1702.415334][T22472]  dump_stack_lvl+0x189/0x250
[ 1702.415363][T22472]  ? __pfx____ratelimit+0x10/0x10
[ 1702.415387][T22472]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1702.415410][T22472]  ? __pfx__printk+0x10/0x10
[ 1702.415429][T22472]  ? __might_fault+0xb0/0x130
[ 1702.415462][T22472]  should_fail_ex+0x414/0x560
[ 1702.415487][T22472]  _copy_from_user+0x2d/0xb0
[ 1702.415512][T22472]  set_termios+0x1e8/0x6c0
[ 1702.415545][T22472]  ? __pfx_set_termios+0x10/0x10
[ 1702.415573][T22472]  ? tty_ldisc_ref_wait+0x25/0x70
[ 1702.415610][T22472]  tty_mode_ioctl+0x47e/0x740
[ 1702.415635][T22472]  ? __pfx_tty_mode_ioctl+0x10/0x10
[ 1702.415654][T22472]  ? tty_ldisc_ref_wait+0x25/0x70
[ 1702.415676][T22472]  ? __pfx___ldsem_down_read_nested+0x10/0x10
[ 1702.415711][T22472]  ? n_tty_ioctl_helper+0x8e/0x340
[ 1702.415734][T22472]  ? __pfx_n_tty_ioctl+0x10/0x10
[ 1702.415753][T22472]  tty_ioctl+0x9c3/0xde0
[ 1702.415777][T22472]  ? __pfx_tty_ioctl+0x10/0x10
[ 1702.415799][T22472]  __se_sys_ioctl+0xfc/0x170
[ 1702.415824][T22472]  do_syscall_64+0xfa/0x3b0
[ 1702.415845][T22472]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1702.415866][T22472]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1702.415882][T22472]  ? clear_bhb_loop+0x60/0xb0
[ 1702.415903][T22472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1702.415920][T22472] RIP: 0033:0x7fad2598e929
[ 1702.415936][T22472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1702.415950][T22472] RSP: 002b:00007fad2683d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1702.415969][T22472] RAX: ffffffffffffffda RBX: 00007fad25bb6080 RCX: 00007fad2598e929
[ 1702.415982][T22472] RDX: 0000200000000bc0 RSI: 0000000000005403 RDI: 0000000000000005
[ 1702.415993][T22472] RBP: 00007fad2683d090 R08: 0000000000000000 R09: 0000000000000000
[ 1702.416003][T22472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1702.416013][T22472] R13: 0000000000000000 R14: 00007fad25bb6080 R15: 00007ffcaa207d08
[ 1702.416042][T22472]  </TASK>
[ 1702.949373][   T30] audit: type=1326 audit(1751291431.605:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22476 comm="syz.5.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517d18e929 code=0x7ffc0000
[ 1702.974550][   T30] audit: type=1326 audit(1751291431.615:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22476 comm="syz.5.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517d18e929 code=0x7ffc0000
[ 1703.006387][   T30] audit: type=1326 audit(1751291431.635:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22476 comm="syz.5.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f517d18e929 code=0x7ffc0000
[ 1703.042980][   T30] audit: type=1326 audit(1751291431.635:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22476 comm="syz.5.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517d18e929 code=0x7ffc0000
[ 1703.071660][   T30] audit: type=1326 audit(1751291431.635:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22476 comm="syz.5.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517d18e929 code=0x7ffc0000
[ 1703.094864][   T30] audit: type=1326 audit(1751291431.655:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22476 comm="syz.5.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f517d18e929 code=0x7ffc0000
[ 1703.118469][   T30] audit: type=1326 audit(1751291431.655:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22476 comm="syz.5.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517d18e929 code=0x7ffc0000
[ 1703.143348][   T30] audit: type=1326 audit(1751291431.655:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22476 comm="syz.5.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517d18e929 code=0x7ffc0000
[ 1703.212993][   T30] audit: type=1326 audit(1751291431.655:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22476 comm="syz.5.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f517d18e929 code=0x7ffc0000
[ 1703.241976][   T30] audit: type=1326 audit(1751291431.655:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22476 comm="syz.5.4496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f517d18e963 code=0x7ffc0000
[ 1703.957144][T22484] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4498'.
[ 1704.577941][T22489] netlink: 20 bytes leftover after parsing attributes in process `syz.8.4500'.
[ 1704.623762][ T9945] bond1 (unregistering): Released all slaves
[ 1705.653586][ T9945] bond2 (unregistering): Released all slaves
[ 1705.820850][ T9945] tipc: Left network mode
[ 1710.359528][T22512] netem: incorrect ge model size
[ 1710.364503][T22512] netem: change failed
[ 1710.538761][T22531] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4512'.
[ 1710.547799][T22274] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1710.594204][T22274] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1710.748502][T22274] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1711.392922][T22274] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1711.563980][ T9945] IPVS: stop unused estimator thread 0...
[ 1711.579814][T22274] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1711.631151][T22274] 8021q: adding VLAN 0 to HW filter on device team0
[ 1711.673391][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1711.680579][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1711.707132][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1711.714304][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1711.800284][T22299] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1711.813033][T22299] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1711.823449][T22299] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1711.843107][T22299] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1712.060626][T22299] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1712.098814][T22299] 8021q: adding VLAN 0 to HW filter on device team0
[ 1712.121210][ T9945] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1712.128346][ T9945] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1712.146645][  T159] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1712.153731][  T159] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1712.501624][T22274] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1712.715001][T22299] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1712.832262][T22299] veth0_vlan: entered promiscuous mode
[ 1712.853289][T22299] veth1_vlan: entered promiscuous mode
[ 1712.902759][T22299] veth0_macvtap: entered promiscuous mode
[ 1712.928678][T22299] veth1_macvtap: entered promiscuous mode
[ 1712.970448][T22299] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1712.992778][T22299] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1713.011962][T22299] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1713.027507][T22299] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1713.037395][T22299] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1713.046217][T22299] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1713.174590][T22274] veth0_vlan: entered promiscuous mode
[ 1713.207020][T22274] veth1_vlan: entered promiscuous mode
[ 1713.221345][T22566] overlayfs: failed to resolve './file0': -2
[ 1713.586432][T16272] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1713.594292][T16272] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1714.029556][  T159] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1714.620522][  T159] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1714.622369][T22274] veth0_macvtap: entered promiscuous mode
[ 1714.677056][T22274] veth1_macvtap: entered promiscuous mode
[ 1714.721076][T22577] IPVS: set_ctl: invalid protocol: 0 255.255.255.255:20000
[ 1714.830593][T22274] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1714.971699][T22274] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1715.717981][T22274] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1715.760704][T22274] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1715.784353][T22274] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1715.795649][T22274] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1716.086220][ T5912] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[ 1716.916653][ T5912] usb 9-1: Using ep0 maxpacket: 8
[ 1716.961326][ T5912] usb 9-1: config 0 has an invalid interface number: 246 but max is 0
[ 1717.240770][ T5912] usb 9-1: config 0 has no interface number 0
[ 1717.537664][ T5912] usb 9-1: config 0 interface 246 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[ 1717.627398][ T5912] usb 9-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[ 1717.673107][ T5912] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1717.742542][ T5912] usb 9-1: Product: syz
[ 1717.775263][ T5912] usb 9-1: Manufacturer: syz
[ 1718.112909][ T5912] usb 9-1: SerialNumber: syz
[ 1718.474599][ T5912] usb 9-1: config 0 descriptor??
[ 1718.660142][ T2984] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1718.686438][ T5912] msi2500 9-1:0.246: Registered as swradio24
[ 1718.696667][ T5912] msi2500 9-1:0.246: SDR API is still slightly experimental and functionality changes may follow
[ 1719.609430][ T2984] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1719.643220][  T978] usb 9-1: USB disconnect, device number 9
[ 1719.671136][ T3502] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1719.699641][ T3502] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1719.733105][ T2984] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1719.760617][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1719.769012][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1719.812390][ T2984] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1719.936267][ T2984] bridge_slave_1: left allmulticast mode
[ 1719.941951][ T2984] bridge_slave_1: left promiscuous mode
[ 1719.947795][ T2984] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1719.966995][ T2984] bridge_slave_0: left allmulticast mode
[ 1719.972710][ T2984] bridge_slave_0: left promiscuous mode
[ 1719.978560][ T2984] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1720.358498][ T2984] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1720.369393][ T2984] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1720.380492][ T2984] bond0 (unregistering): Released all slaves
[ 1722.032904][T16484] usb 7-1: new high-speed USB device number 39 using dummy_hcd
[ 1722.048588][T22622] FAULT_INJECTION: forcing a failure.
[ 1722.048588][T22622] name failslab, interval 1, probability 0, space 0, times 0
[ 1722.062720][T22622] CPU: 0 UID: 0 PID: 22622 Comm: syz.7.4529 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1722.062745][T22622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1722.062755][T22622] Call Trace:
[ 1722.062763][T22622]  <TASK>
[ 1722.062771][T22622]  dump_stack_lvl+0x189/0x250
[ 1722.062800][T22622]  ? __pfx____ratelimit+0x10/0x10
[ 1722.062823][T22622]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1722.062846][T22622]  ? __pfx__printk+0x10/0x10
[ 1722.062870][T22622]  ? __pfx___might_resched+0x10/0x10
[ 1722.062892][T22622]  ? fs_reclaim_acquire+0x7d/0x100
[ 1722.062919][T22622]  should_fail_ex+0x414/0x560
[ 1722.062943][T22622]  should_failslab+0xa8/0x100
[ 1722.062965][T22622]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1722.062985][T22622]  ? vm_area_dup+0x2b/0x680
[ 1722.063011][T22622]  vm_area_dup+0x2b/0x680
[ 1722.063036][T22622]  __split_vma+0x1a9/0xa00
[ 1722.063055][T22622]  ? mas_next_slot+0xc20/0xcf0
[ 1722.063081][T22622]  ? __pfx___split_vma+0x10/0x10
[ 1722.063122][T22622]  vms_gather_munmap_vmas+0x4ab/0x12b0
[ 1722.063160][T22622]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[ 1722.063206][T22622]  mmap_region+0x678/0x1f30
[ 1722.063223][T22622]  ? __lock_acquire+0xab9/0xd20
[ 1722.063257][T22622]  ? __lock_acquire+0xab9/0xd20
[ 1722.063280][T22622]  ? __pfx_mmap_region+0x10/0x10
[ 1722.063372][T22622]  ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10
[ 1722.063408][T22622]  ? cap_mmap_addr+0xb0/0x100
[ 1722.063429][T22622]  ? bpf_lsm_mmap_addr+0x9/0x20
[ 1722.063449][T22622]  ? security_mmap_addr+0x71/0x270
[ 1722.063471][T22622]  ? shmem_mapping+0xd/0x50
[ 1722.063493][T22622]  ? memfd_check_seals_mmap+0xc5/0x200
[ 1722.063520][T22622]  do_mmap+0xc45/0x10d0
[ 1722.063548][T22622]  ? __pfx_mtree_load+0x10/0x10
[ 1722.063570][T22622]  ? __pfx_do_mmap+0x10/0x10
[ 1722.063590][T22622]  ? __pfx___up_read+0x10/0x10
[ 1722.063616][T22622]  __se_sys_remap_file_pages+0x77c/0x840
[ 1722.063656][T22622]  ? __pfx___se_sys_remap_file_pages+0x10/0x10
[ 1722.063679][T22622]  ? ksys_write+0x22a/0x250
[ 1722.063700][T22622]  ? __pfx_ksys_write+0x10/0x10
[ 1722.063716][T22622]  ? rcu_is_watching+0x15/0xb0
[ 1722.063745][T22622]  ? do_syscall_64+0xbe/0x3b0
[ 1722.063766][T22622]  ? __x64_sys_remap_file_pages+0x20/0xc0
[ 1722.063789][T22622]  do_syscall_64+0xfa/0x3b0
[ 1722.063810][T22622]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1722.063831][T22622]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1722.063848][T22622]  ? clear_bhb_loop+0x60/0xb0
[ 1722.063870][T22622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1722.063887][T22622] RIP: 0033:0x7fe5d078e929
[ 1722.063903][T22622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1722.063918][T22622] RSP: 002b:00007fe5d1557038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[ 1722.063937][T22622] RAX: ffffffffffffffda RBX: 00007fe5d09b6080 RCX: 00007fe5d078e929
[ 1722.063950][T22622] RDX: 0000000000000000 RSI: 0000000000200000 RDI: 00002000002ec000
[ 1722.063962][T22622] RBP: 00007fe5d1557090 R08: 0000000000002000 R09: 0000000000000000
[ 1722.063974][T22622] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 1722.063984][T22622] R13: 0000000000000000 R14: 00007fe5d09b6080 R15: 00007ffd512840a8
[ 1722.064014][T22622]  </TASK>
[ 1722.770782][T13636] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1722.782982][T13636] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1722.792071][T13636] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1722.800825][T13636] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1722.810022][T13636] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1722.879004][T16484] usb 7-1: New USB device found, idVendor=0c45, idProduct=608f, bcdDevice=b5.55
[ 1722.892384][T16484] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1722.915573][T16484] usb 7-1: Product: syz
[ 1722.972160][T16484] usb 7-1: Manufacturer: syz
[ 1722.992194][T16484] usb 7-1: SerialNumber: syz
[ 1723.009842][T16484] usb 7-1: config 0 descriptor??
[ 1723.032368][T16484] gspca_main: sonixb-2.14.0 probing 0c45:608f
[ 1723.791333][T16484] usb 7-1: USB disconnect, device number 39
[ 1723.823535][T22625] lo speed is unknown, defaulting to 1000
[ 1724.170850][ T2984] hsr_slave_0: left promiscuous mode
[ 1724.184463][ T2984] hsr_slave_1: left promiscuous mode
[ 1724.185945][   T30] kauditd_printk_skb: 81 callbacks suppressed
[ 1724.185960][   T30] audit: type=1800 audit(1751291452.835:872): pid=22644 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.8.4535" name="SYSV798dd834" dev="tmpfs" ino=0 res=0 errno=0
[ 1724.193413][ T2984] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1724.198597][T22644] Can't find a SQUASHFS superblock on nullb0
[ 1724.243981][T22646] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4537'.
[ 1724.248870][ T2984] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1724.265347][ T2984] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1724.273164][ T2984] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1724.294782][ T2984] veth1_macvtap: left promiscuous mode
[ 1724.300605][ T2984] veth0_macvtap: left promiscuous mode
[ 1724.306515][ T2984] veth1_vlan: left promiscuous mode
[ 1724.312002][ T2984] veth0_vlan: left promiscuous mode
[ 1724.572035][T22652] trusted_key: encrypted_key: insufficient parameters specified
[ 1724.916212][T21737] Bluetooth: hci3: command tx timeout
[ 1726.010622][T21737] Bluetooth: hci0: connection err: -111
[ 1727.076736][T21737] Bluetooth: hci3: command tx timeout
[ 1727.506338][   T30] audit: type=1326 audit(1751291455.815:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22663 comm="syz.8.4543" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fad2598e929 code=0x0
[ 1728.954647][ T2984] team0 (unregistering): Port device team_slave_1 removed
[ 1729.004097][ T2984] team0 (unregistering): Port device team_slave_0 removed
[ 1729.166541][T21737] Bluetooth: hci3: command tx timeout
[ 1730.128711][T22678] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4546'.
[ 1730.380959][T22691] loop9: detected capacity change from 0 to 7
[ 1730.397403][T22691] buffer_io_error: 9 callbacks suppressed
[ 1730.397491][T22691] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1730.414659][T22691] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1730.424548][T22691] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1730.434799][T22691] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1730.444758][T22691] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1730.456287][T22691] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1730.465977][T22691] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1730.474877][T22691] ldm_validate_partition_table(): Disk read failed.
[ 1730.485429][T22691] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1730.496642][T22691] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1730.511875][T22691] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1730.857929][T22691] Dev loop9: unable to read RDB block 0
[ 1730.874623][T22691]  loop9: unable to read partition table
[ 1730.884759][T22691] loop9: partition table beyond EOD, truncated
[ 1730.891874][T22691] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1730.891874][T22691] 
) failed (rc=-5)
[ 1731.158480][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 1732.167270][T21737] Bluetooth: hci3: command tx timeout
[ 1733.215595][T22688] lo speed is unknown, defaulting to 1000
[ 1734.403481][T22625] chnl_net:caif_netlink_parms(): no params data found
[ 1736.486087][T21737] Bluetooth: hci1: connection err: -111
[ 1737.170239][   T30] audit: type=1326 audit(1751291465.295:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22726 comm="syz.7.4556" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe5d078e929 code=0x0
[ 1737.338137][T22625] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1737.345350][T22625] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1737.366031][T22625] bridge_slave_0: entered allmulticast mode
[ 1737.387630][T22625] bridge_slave_0: entered promiscuous mode
[ 1737.420332][T22625] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1737.433318][T22625] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1737.440977][T22625] bridge_slave_1: entered allmulticast mode
[ 1737.449737][T22625] bridge_slave_1: entered promiscuous mode
[ 1738.686115][T22734] FAULT_INJECTION: forcing a failure.
[ 1738.686115][T22734] name failslab, interval 1, probability 0, space 0, times 0
[ 1738.886316][T22734] CPU: 1 UID: 0 PID: 22734 Comm: syz.7.4557 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1738.886342][T22734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1738.886352][T22734] Call Trace:
[ 1738.886359][T22734]  <TASK>
[ 1738.886367][T22734]  dump_stack_lvl+0x189/0x250
[ 1738.886396][T22734]  ? __pfx____ratelimit+0x10/0x10
[ 1738.886418][T22734]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1738.886441][T22734]  ? __pfx__printk+0x10/0x10
[ 1738.886474][T22734]  should_fail_ex+0x414/0x560
[ 1738.886500][T22734]  should_failslab+0xa8/0x100
[ 1738.886523][T22734]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1738.886542][T22734]  ? skb_clone+0x212/0x3a0
[ 1738.886567][T22734]  skb_clone+0x212/0x3a0
[ 1738.886591][T22734]  __netlink_deliver_tap+0x404/0x850
[ 1738.886623][T22734]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1738.886642][T22734]  netlink_deliver_tap+0x19c/0x1b0
[ 1738.886661][T22734]  netlink_sendskb+0x68/0x140
[ 1738.886687][T22734]  netlink_rcv_skb+0x28c/0x470
[ 1738.886707][T22734]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1738.886729][T22734]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1738.886766][T22734]  ? down_read+0x1ad/0x2e0
[ 1738.886786][T22734]  genl_rcv+0x28/0x40
[ 1738.886806][T22734]  netlink_unicast+0x758/0x8d0
[ 1738.886841][T22734]  netlink_sendmsg+0x805/0xb30
[ 1738.886869][T22734]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1738.886895][T22734]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1738.886914][T22734]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1738.886934][T22734]  __sock_sendmsg+0x219/0x270
[ 1738.886960][T22734]  ____sys_sendmsg+0x505/0x830
[ 1738.886986][T22734]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1738.887016][T22734]  ? import_iovec+0x74/0xa0
[ 1738.887043][T22734]  ___sys_sendmsg+0x21f/0x2a0
[ 1738.887064][T22734]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1738.887129][T22734]  ? __fget_files+0x2a/0x420
[ 1738.887149][T22734]  ? __fget_files+0x3a0/0x420
[ 1738.887181][T22734]  __x64_sys_sendmsg+0x19b/0x260
[ 1738.887204][T22734]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1738.887234][T22734]  ? __pfx_ksys_write+0x10/0x10
[ 1738.887250][T22734]  ? rcu_is_watching+0x15/0xb0
[ 1738.887278][T22734]  ? do_syscall_64+0xbe/0x3b0
[ 1738.887305][T22734]  do_syscall_64+0xfa/0x3b0
[ 1738.887326][T22734]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1738.887346][T22734]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1738.887363][T22734]  ? clear_bhb_loop+0x60/0xb0
[ 1738.887382][T22734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1738.887396][T22734] RIP: 0033:0x7fe5d078e929
[ 1738.887409][T22734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1738.887419][T22734] RSP: 002b:00007fe5d1578038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1738.887435][T22734] RAX: ffffffffffffffda RBX: 00007fe5d09b5fa0 RCX: 00007fe5d078e929
[ 1738.887445][T22734] RDX: 00000000000000c0 RSI: 0000200000000000 RDI: 0000000000000003
[ 1738.887453][T22734] RBP: 00007fe5d1578090 R08: 0000000000000000 R09: 0000000000000000
[ 1738.887462][T22734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1738.887470][T22734] R13: 0000000000000000 R14: 00007fe5d09b5fa0 R15: 00007ffd512840a8
[ 1738.887492][T22734]  </TASK>
[ 1739.553399][T22625] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1739.618671][T22625] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1741.679631][T22625] team0: Port device team_slave_0 added
[ 1741.689605][T22625] team0: Port device team_slave_1 added
[ 1741.696991][T22772] input: syz0 as /devices/virtual/input/input41
[ 1742.302416][T21737] Bluetooth: hci2: connection err: -111
[ 1742.514752][T22625] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1742.523012][T22625] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1742.697895][   T30] audit: type=1326 audit(1751291471.255:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22773 comm="syz.6.4568" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdee718e929 code=0x0
[ 1743.088586][T22625] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1743.199598][T22625] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1743.241427][T22625] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1743.301946][T22625] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1747.184167][T22806] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4573'.
[ 1747.491939][T22625] hsr_slave_0: entered promiscuous mode
[ 1747.504422][T22625] hsr_slave_1: entered promiscuous mode
[ 1747.511136][T22625] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1747.526204][T22625] Cannot create hsr debugfs directory
[ 1747.540900][T22810] netlink: 140 bytes leftover after parsing attributes in process `syz.8.4576'.
[ 1747.597746][T22810] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4576'.
[ 1747.613747][T22805] FAULT_INJECTION: forcing a failure.
[ 1747.613747][T22805] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1747.626862][T22805] CPU: 1 UID: 0 PID: 22805 Comm: syz.5.4574 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1747.626880][T22805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1747.626887][T22805] Call Trace:
[ 1747.626892][T22805]  <TASK>
[ 1747.626897][T22805]  dump_stack_lvl+0x189/0x250
[ 1747.626917][T22805]  ? __pfx____ratelimit+0x10/0x10
[ 1747.626932][T22805]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1747.626946][T22805]  ? __pfx__printk+0x10/0x10
[ 1747.626956][T22805]  ? __might_fault+0xb0/0x130
[ 1747.626974][T22805]  should_fail_ex+0x414/0x560
[ 1747.626988][T22805]  _copy_from_user+0x2d/0xb0
[ 1747.627004][T22805]  core_sys_select+0x4b7/0xa20
[ 1747.627023][T22805]  ? __pfx_core_sys_select+0x10/0x10
[ 1747.627047][T22805]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1747.627067][T22805]  __se_sys_pselect6+0x27a/0x300
[ 1747.627082][T22805]  ? __pfx___se_sys_pselect6+0x10/0x10
[ 1747.627094][T22805]  ? __pfx_ksys_write+0x10/0x10
[ 1747.627109][T22805]  ? __x64_sys_pselect6+0x21/0xf0
[ 1747.627122][T22805]  do_syscall_64+0xfa/0x3b0
[ 1747.627137][T22805]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1747.627146][T22805]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1747.627156][T22805]  ? clear_bhb_loop+0x60/0xb0
[ 1747.627168][T22805]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1747.627177][T22805] RIP: 0033:0x7f517d18e929
[ 1747.627187][T22805] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1747.627195][T22805] RSP: 002b:00007f517df5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1747.627207][T22805] RAX: ffffffffffffffda RBX: 00007f517d3b5fa0 RCX: 00007f517d18e929
[ 1747.627214][T22805] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000097
[ 1747.627221][T22805] RBP: 00007f517df5e090 R08: 0000200000000280 R09: 0000000000000000
[ 1747.627228][T22805] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[ 1747.627234][T22805] R13: 0000000000000000 R14: 00007f517d3b5fa0 R15: 00007ffc285f7d58
[ 1747.627250][T22805]  </TASK>
[ 1747.912550][T22810] netlink: 5 bytes leftover after parsing attributes in process `syz.8.4576'.
[ 1749.626909][T22828] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4581'.
[ 1750.509170][T22834] 9pnet_fd: Insufficient options for proto=fd
[ 1751.824544][T22843] vivid-000: kernel_thread() failed
[ 1753.045690][T22625] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1753.097101][T22625] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1753.137527][T22625] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1753.198192][T22625] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1753.884713][T22625] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1754.374547][T22625] 8021q: adding VLAN 0 to HW filter on device team0
[ 1754.416937][ T1107] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1754.424081][ T1107] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1754.475656][ T1107] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1754.482835][ T1107] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1756.644298][T22890] lo speed is unknown, defaulting to 1000
[ 1757.766043][T22907] vivid-000: kernel_thread() failed
[ 1758.348095][T22625] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1759.371209][T22625] veth0_vlan: entered promiscuous mode
[ 1759.794206][T22625] veth1_vlan: entered promiscuous mode
[ 1759.896550][T22625] veth0_macvtap: entered promiscuous mode
[ 1759.928546][T22625] veth1_macvtap: entered promiscuous mode
[ 1760.028344][T22625] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1760.045304][T22625] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1760.563092][T22625] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1760.573277][T22969] gadgetfs: Unknown parameter '�R����J��'
[ 1760.587066][T22625] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1760.615555][T22625] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1760.631944][T22625] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1761.741010][T17904] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1761.772365][T17904] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1762.027007][T17904] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1762.053010][T17904] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1762.582905][T22980] nbd: must specify a device to reconfigure
[ 1762.797671][T22984] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1763.283367][T22929] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1763.366602][T22929] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1763.470591][T22929] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1763.545690][T22929] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1763.645125][T22929] bridge_slave_1: left allmulticast mode
[ 1763.650947][T22929] bridge_slave_1: left promiscuous mode
[ 1763.656901][T22929] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1763.666601][T22929] bridge_slave_0: left allmulticast mode
[ 1763.672276][T22929] bridge_slave_0: left promiscuous mode
[ 1763.678233][T22929] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1764.072996][T22929] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1764.084189][T22929] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1764.093919][T22929] bond0 (unregistering): Released all slaves
[ 1764.324123][T22929] hsr_slave_0: left promiscuous mode
[ 1764.330261][T22929] hsr_slave_1: left promiscuous mode
[ 1764.336208][T22929] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1764.343603][T22929] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1764.351344][T22929] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1764.376059][T22929] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1764.449993][T22993] netlink: 60 bytes leftover after parsing attributes in process `syz.6.4614'.
[ 1764.468200][T22929] veth1_macvtap: left promiscuous mode
[ 1764.473764][T22929] veth0_macvtap: left promiscuous mode
[ 1764.479466][T22993] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4614'.
[ 1764.590240][T22929] veth1_vlan: left promiscuous mode
[ 1764.596974][T22993] netlink: 60 bytes leftover after parsing attributes in process `syz.6.4614'.
[ 1765.227990][T22929] veth0_vlan: left promiscuous mode
[ 1765.697203][T23002] usb usb8: usbfs: process 23002 (syz.6.4614) did not claim interface 0 before use
[ 1765.751418][T23004] FAULT_INJECTION: forcing a failure.
[ 1765.751418][T23004] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1765.780674][T23004] CPU: 1 UID: 0 PID: 23004 Comm: syz.8.4616 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1765.780698][T23004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1765.780710][T23004] Call Trace:
[ 1765.780718][T23004]  <TASK>
[ 1765.780727][T23004]  dump_stack_lvl+0x189/0x250
[ 1765.780755][T23004]  ? __pfx____ratelimit+0x10/0x10
[ 1765.780785][T23004]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1765.780807][T23004]  ? __pfx__printk+0x10/0x10
[ 1765.780826][T23004]  ? __might_fault+0xb0/0x130
[ 1765.780858][T23004]  should_fail_ex+0x414/0x560
[ 1765.780883][T23004]  _copy_from_user+0x2d/0xb0
[ 1765.780907][T23004]  ___sys_sendmsg+0x158/0x2a0
[ 1765.780931][T23004]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1765.780988][T23004]  ? __fget_files+0x2a/0x420
[ 1765.781007][T23004]  ? __fget_files+0x3a0/0x420
[ 1765.781044][T23004]  __x64_sys_sendmsg+0x19b/0x260
[ 1765.781067][T23004]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1765.781096][T23004]  ? __pfx_ksys_write+0x10/0x10
[ 1765.781114][T23004]  ? rcu_is_watching+0x15/0xb0
[ 1765.781141][T23004]  ? do_syscall_64+0xbe/0x3b0
[ 1765.781168][T23004]  do_syscall_64+0xfa/0x3b0
[ 1765.781188][T23004]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1765.781208][T23004]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1765.781225][T23004]  ? clear_bhb_loop+0x60/0xb0
[ 1765.781243][T23004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1765.781257][T23004] RIP: 0033:0x7fad2598e929
[ 1765.781272][T23004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1765.781285][T23004] RSP: 002b:00007fad2685e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1765.781302][T23004] RAX: ffffffffffffffda RBX: 00007fad25bb5fa0 RCX: 00007fad2598e929
[ 1765.781315][T23004] RDX: 0000000020000000 RSI: 0000200000000100 RDI: 0000000000000006
[ 1765.781326][T23004] RBP: 00007fad2685e090 R08: 0000000000000000 R09: 0000000000000000
[ 1765.781337][T23004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1765.781348][T23004] R13: 0000000000000000 R14: 00007fad25bb5fa0 R15: 00007ffcaa207d08
[ 1765.781377][T23004]  </TASK>
[ 1766.122694][T13636] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1766.136919][T13636] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1766.153536][T13636] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1766.245993][T13636] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1766.272667][T13636] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1767.282035][T22929] team0 (unregistering): Port device team_slave_1 removed
[ 1767.359919][T22929] team0 (unregistering): Port device team_slave_0 removed
[ 1768.364143][T13636] Bluetooth: hci3: command tx timeout
[ 1768.827778][T23005] lo speed is unknown, defaulting to 1000
[ 1769.191195][T23040] bio_check_eod: 2 callbacks suppressed
[ 1769.191208][T23040] syz.6.4625: attempt to access beyond end of device
[ 1769.191208][T23040] nbd6: rw=0, sector=64, nr_sectors = 1 limit=0
[ 1769.226423][T23040] syz.6.4625: attempt to access beyond end of device
[ 1769.226423][T23040] nbd6: rw=0, sector=256, nr_sectors = 1 limit=0
[ 1769.248653][T23040] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256
[ 1769.258586][T23040] syz.6.4625: attempt to access beyond end of device
[ 1769.258586][T23040] nbd6: rw=0, sector=512, nr_sectors = 1 limit=0
[ 1769.280245][T23040] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512
[ 1769.290408][T23040] syz.6.4625: attempt to access beyond end of device
[ 1769.290408][T23040] nbd6: rw=0, sector=64, nr_sectors = 2 limit=0
[ 1769.305166][T23029] lo speed is unknown, defaulting to 1000
[ 1769.337147][T23040] syz.6.4625: attempt to access beyond end of device
[ 1769.337147][T23040] nbd6: rw=0, sector=512, nr_sectors = 2 limit=0
[ 1769.437616][T23040] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256
[ 1769.469810][T23005] chnl_net:caif_netlink_parms(): no params data found
[ 1769.491737][T23040] syz.6.4625: attempt to access beyond end of device
[ 1769.491737][T23040] nbd6: rw=0, sector=1024, nr_sectors = 2 limit=0
[ 1769.508815][T23041] netlink: 14 bytes leftover after parsing attributes in process `syz.6.4625'.
[ 1769.536008][T23040] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512
[ 1769.546292][T23040] syz.6.4625: attempt to access beyond end of device
[ 1769.546292][T23040] nbd6: rw=0, sector=64, nr_sectors = 4 limit=0
[ 1769.559321][T23040] syz.6.4625: attempt to access beyond end of device
[ 1769.559321][T23040] nbd6: rw=0, sector=1024, nr_sectors = 4 limit=0
[ 1769.572431][T23040] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256
[ 1769.582594][T23040] syz.6.4625: attempt to access beyond end of device
[ 1769.582594][T23040] nbd6: rw=0, sector=2048, nr_sectors = 4 limit=0
[ 1769.601057][T23040] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512
[ 1769.613041][T23040] syz.6.4625: attempt to access beyond end of device
[ 1769.613041][T23040] nbd6: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1769.662103][T23040] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=256, location=256
[ 1769.672078][T23040] UDF-fs: error (device nbd6): udf_read_tagged: read failed, block=512, location=512
[ 1769.681734][T23040] UDF-fs: warning (device nbd6): udf_fill_super: No partition found (1)
[ 1769.955351][T23050] Bluetooth: MGMT ver 1.23
[ 1769.995091][T23041] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1770.012182][T23041] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1770.246999][T23041] bond0 (unregistering): Released all slaves
[ 1770.311268][T23048] netem: incorrect ge model size
[ 1770.316350][T23048] netem: change failed
[ 1770.411903][T23005] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1770.423753][T23005] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1770.432572][T23005] bridge_slave_0: entered allmulticast mode
[ 1770.439479][T13636] Bluetooth: hci3: command tx timeout
[ 1770.459380][T23005] bridge_slave_0: entered promiscuous mode
[ 1770.518711][T23005] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1770.536144][T23005] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1770.543329][T23005] bridge_slave_1: entered allmulticast mode
[ 1770.546257][ T5889] usb 6-1: new high-speed USB device number 65 using dummy_hcd
[ 1770.557636][T23005] bridge_slave_1: entered promiscuous mode
[ 1770.639484][T23005] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1770.655438][T23005] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1770.704150][T23005] team0: Port device team_slave_0 added
[ 1770.723561][T23005] team0: Port device team_slave_1 added
[ 1770.766189][ T5889] usb 6-1: Using ep0 maxpacket: 32
[ 1770.777332][ T5889] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1770.788632][ T5889] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1770.803961][ T5889] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1770.816306][ T5889] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1770.828523][ T5889] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1770.842384][ T5889] usb 6-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1770.851874][ T5889] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1770.860582][ T5889] usb 6-1: Product: syz
[ 1770.868939][ T5889] usb 6-1: Manufacturer: syz
[ 1770.878480][ T5889] usb 6-1: SerialNumber: syz
[ 1770.901097][ T5889] usb 6-1: config 0 descriptor??
[ 1770.918248][T23056] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1770.930401][ T5889] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input42
[ 1770.941589][T23064] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4630'.
[ 1771.039276][T23005] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1771.047059][T23005] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1771.080067][T23005] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1771.102397][T23005] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1771.109551][T23005] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1771.143291][T23005] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1771.193163][T20951] usb 6-1: USB disconnect, device number 65
[ 1771.384808][T23005] hsr_slave_0: entered promiscuous mode
[ 1771.402419][T23005] hsr_slave_1: entered promiscuous mode
[ 1771.420305][T23005] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1771.451043][T23005] Cannot create hsr debugfs directory
[ 1772.589402][T13636] Bluetooth: hci3: command tx timeout
[ 1773.248335][T23005] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1773.281537][T23005] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1773.320526][T23005] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1773.350871][T23005] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1773.581274][T23005] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1773.633503][T23005] 8021q: adding VLAN 0 to HW filter on device team0
[ 1773.702073][T22937] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1773.709288][T22937] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1773.801921][T22937] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1773.809076][T22937] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1774.596479][T13636] Bluetooth: hci3: command tx timeout
[ 1774.611023][T23005] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1774.719875][T23005] veth0_vlan: entered promiscuous mode
[ 1774.721749][T23108] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4639'.
[ 1774.734263][T23005] veth1_vlan: entered promiscuous mode
[ 1774.748889][T23115] netem: incorrect ge model size
[ 1774.754164][T23115] netem: change failed
[ 1774.837915][T23005] veth0_macvtap: entered promiscuous mode
[ 1774.885493][T23005] veth1_macvtap: entered promiscuous mode
[ 1774.938956][T23005] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1774.969661][T23005] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1774.982572][T23005] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1775.011155][T23005] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1775.025168][T23005] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1775.035267][T23005] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1775.223923][T17904] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1775.265185][T17904] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1775.855578][T22937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1775.925495][T22937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1776.591789][T23132] IPVS: set_ctl: invalid protocol: 0 255.255.255.255:20000
[ 1778.791854][ T1154] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1778.882313][T23141] lo speed is unknown, defaulting to 1000
[ 1779.221445][ T1154] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1779.354594][ T1154] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1779.483291][ T1154] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1779.590727][ T1154] bridge_slave_1: left allmulticast mode
[ 1779.596583][ T1154] bridge_slave_1: left promiscuous mode
[ 1779.602243][ T1154] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1779.611141][ T1154] bridge_slave_0: left allmulticast mode
[ 1779.617038][ T1154] bridge_slave_0: left promiscuous mode
[ 1779.622705][ T1154] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1779.957568][ T1154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1779.969404][ T1154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1779.979599][ T1154] bond0 (unregistering): Released all slaves
[ 1780.204506][ T1154] hsr_slave_0: left promiscuous mode
[ 1780.210457][ T1154] hsr_slave_1: left promiscuous mode
[ 1780.216711][ T1154] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1780.224123][ T1154] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1780.234208][ T1154] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1780.242458][ T1154] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1780.261228][ T1154] veth1_macvtap: left promiscuous mode
[ 1780.267129][ T1154] veth0_macvtap: left promiscuous mode
[ 1780.272726][ T1154] veth1_vlan: left promiscuous mode
[ 1780.278689][ T1154] veth0_vlan: left promiscuous mode
[ 1781.481051][T21737] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1781.502645][T21737] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1781.516937][T21737] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1781.540465][T21737] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1781.548906][T21737] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1781.708300][ T1154] team0 (unregistering): Port device team_slave_1 removed
[ 1781.759099][ T1154] team0 (unregistering): Port device team_slave_0 removed
[ 1782.251690][T23160] netem: incorrect ge model size
[ 1782.256982][T23160] netem: change failed
[ 1782.341847][T23175] lo speed is unknown, defaulting to 1000
[ 1782.359781][T23178] usb usb8: usbfs: process 23178 (syz.5.4655) did not claim interface 0 before use
[ 1782.438144][T23168] lo speed is unknown, defaulting to 1000
[ 1783.640254][T21737] Bluetooth: hci3: command tx timeout
[ 1783.926473][T23175] chnl_net:caif_netlink_parms(): no params data found
[ 1784.506013][ T1655] usb 7-1: new high-speed USB device number 40 using dummy_hcd
[ 1784.516479][  T978] usb 6-1: new high-speed USB device number 66 using dummy_hcd
[ 1784.583541][T23175] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1784.603026][T23175] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1784.629018][T23175] bridge_slave_0: entered allmulticast mode
[ 1784.648066][T23175] bridge_slave_0: entered promiscuous mode
[ 1784.659585][ T1655] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 226, changing to 11
[ 1784.672949][T23175] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1784.688323][T23175] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1784.692473][ T1655] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34456, setting to 1024
[ 1784.698537][  T978] usb 6-1: Using ep0 maxpacket: 32
[ 1784.727456][T23175] bridge_slave_1: entered allmulticast mode
[ 1784.732772][ T1655] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[ 1784.733515][T23204] IPVS: set_ctl: invalid protocol: 0 255.255.255.255:20000
[ 1784.754131][T23175] bridge_slave_1: entered promiscuous mode
[ 1784.754560][ T1655] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1784.771050][  T978] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1784.796005][  T978] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1784.818170][  T978] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1784.830865][  T978] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1784.848083][  T978] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1784.866995][  T978] usb 6-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1784.879482][  T978] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1784.889738][  T978] usb 6-1: Product: syz
[ 1784.893922][  T978] usb 6-1: Manufacturer: syz
[ 1784.902440][  T978] usb 6-1: SerialNumber: syz
[ 1784.911410][  T978] usb 6-1: config 0 descriptor??
[ 1784.924463][T23194] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1784.940913][  T978] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input43
[ 1784.983786][ T1655] usb 7-1: config 0 descriptor??
[ 1784.995410][T23175] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1785.349209][T23175] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1785.355691][T20951] usb 6-1: USB disconnect, device number 66
[ 1785.380926][T23199] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1785.444507][T23175] team0: Port device team_slave_0 added
[ 1785.465667][T23175] team0: Port device team_slave_1 added
[ 1785.521453][T23175] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1785.531741][T23175] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1785.611359][T23175] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1785.628333][T23175] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1785.635504][T23175] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1785.690485][T23175] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1785.718892][T21737] Bluetooth: hci3: command tx timeout
[ 1785.788182][T23175] hsr_slave_0: entered promiscuous mode
[ 1785.800457][T23175] hsr_slave_1: entered promiscuous mode
[ 1785.809250][T23175] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1785.819599][ T1655] cm6533_jd 0003:0D8C:0022.000D: unknown main item tag 0x0
[ 1785.824116][T23175] Cannot create hsr debugfs directory
[ 1785.875001][ T1655] cm6533_jd 0003:0D8C:0022.000D: item fetching failed at offset 4/5
[ 1785.935189][ T1655] cm6533_jd 0003:0D8C:0022.000D: parse failed
[ 1785.960390][ T1655] cm6533_jd 0003:0D8C:0022.000D: probe with driver cm6533_jd failed with error -22
[ 1786.213197][T23213] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1787.064824][ T1655] usb 7-1: USB disconnect, device number 40
[ 1787.820078][T21737] Bluetooth: hci3: command tx timeout
[ 1789.151232][T23175] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1789.189761][T23175] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1789.193823][T23232] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1789.212626][T23175] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1789.341276][T23175] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1789.657121][T20951] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[ 1789.874805][T20951] usb 9-1: Using ep0 maxpacket: 32
[ 1789.876369][T21737] Bluetooth: hci3: command tx timeout
[ 1790.451185][T20951] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1790.462529][T20951] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1790.472245][T20951] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1790.483756][T20951] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1790.500733][T20951] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1790.514147][T20951] usb 9-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1790.524340][T20951] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1790.535478][T20951] usb 9-1: Product: syz
[ 1790.539742][T20951] usb 9-1: Manufacturer: syz
[ 1790.544351][T20951] usb 9-1: SerialNumber: syz
[ 1790.551628][T20951] usb 9-1: config 0 descriptor??
[ 1790.557705][T23238] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1790.569448][T20951] input: Generic X-Box pad as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/input/input44
[ 1790.594057][T23175] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1790.659973][T23175] 8021q: adding VLAN 0 to HW filter on device team0
[ 1790.684859][T17904] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1790.692087][T17904] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1790.716817][T17904] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1790.724016][T17904] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1790.774739][ T5889] usb 9-1: USB disconnect, device number 10
[ 1791.686924][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 1793.114826][T23266] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1794.201035][T23280] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1794.768787][T23286] tap0: tun_chr_ioctl cmd 1074025677
[ 1794.774218][T23286] tap0: linktype set to 825
[ 1796.021413][T23175] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1796.227057][T23297] netlink: 232 bytes leftover after parsing attributes in process `syz.5.4691'.
[ 1796.321115][T23175] veth0_vlan: entered promiscuous mode
[ 1796.359197][T23175] veth1_vlan: entered promiscuous mode
[ 1796.468552][T23175] veth0_macvtap: entered promiscuous mode
[ 1796.546134][T20951] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[ 1796.829827][T23175] veth1_macvtap: entered promiscuous mode
[ 1796.851115][T23175] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1796.862740][T23175] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1796.946068][T20951] usb 9-1: Using ep0 maxpacket: 32
[ 1797.521865][T20951] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1797.616262][T20951] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1797.637790][T20951] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1797.649572][T20951] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1797.669263][T20951] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1797.912613][T20951] usb 9-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1798.027403][T20951] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1798.046118][T20951] usb 9-1: Product: syz
[ 1798.071154][T20951] usb 9-1: Manufacturer: syz
[ 1798.074603][T23175] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1798.091892][T23175] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1798.092338][T20951] usb 9-1: SerialNumber: syz
[ 1798.101068][T23175] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1798.117929][T23175] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1798.149736][T20951] usb 9-1: config 0 descriptor??
[ 1798.166462][T23300] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1798.202063][T20951] input: Generic X-Box pad as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/input/input45
[ 1798.298800][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1798.331835][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1798.408047][T16629] usb 9-1: USB disconnect, device number 11
[ 1798.427406][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1798.449883][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1800.501139][ T3502] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1801.262113][T23333] syz.7.4702: vmalloc error: size 66846720, failed to allocated page array size 130560, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1801.281791][T23333] CPU: 0 UID: 0 PID: 23333 Comm: syz.7.4702 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1801.281819][T23333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1801.281831][T23333] Call Trace:
[ 1801.281840][T23333]  <TASK>
[ 1801.281849][T23333]  dump_stack_lvl+0x189/0x250
[ 1801.281883][T23333]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1801.281908][T23333]  ? __pfx__printk+0x10/0x10
[ 1801.281928][T23333]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1801.281956][T23333]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1801.281984][T23333]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1801.282013][T23333]  warn_alloc+0x214/0x310
[ 1801.282043][T23333]  ? __pfx_warn_alloc+0x10/0x10
[ 1801.282076][T23333]  ? __get_vm_area_node+0x28f/0x300
[ 1801.282099][T23333]  ? translate_table+0x19b/0x2040
[ 1801.282124][T23333]  __vmalloc_node_range_noprof+0x67e/0x12f0
[ 1801.282177][T23333]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1801.282205][T23333]  ? rcu_is_watching+0x15/0xb0
[ 1801.282238][T23333]  ? translate_table+0x19b/0x2040
[ 1801.282258][T23333]  ? translate_table+0x19b/0x2040
[ 1801.282276][T23333]  __kvmalloc_node_noprof+0x3b8/0x5f0
[ 1801.282299][T23333]  ? translate_table+0x19b/0x2040
[ 1801.282318][T23333]  ? xt_alloc_table_info+0x3b/0xa0
[ 1801.282347][T23333]  translate_table+0x19b/0x2040
[ 1801.282382][T23333]  ? __lock_acquire+0xab9/0xd20
[ 1801.282410][T23333]  ? __pfx_translate_table+0x10/0x10
[ 1801.282433][T23333]  ? __might_fault+0xb0/0x130
[ 1801.282474][T23333]  ? _copy_from_user+0x94/0xb0
[ 1801.282505][T23333]  do_ip6t_set_ctl+0x970/0xce0
[ 1801.282534][T23333]  ? rcu_is_watching+0x15/0xb0
[ 1801.282558][T23333]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[ 1801.282600][T23333]  ? __pfx___mutex_lock+0x10/0x10
[ 1801.282625][T23333]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1801.282665][T23333]  nf_setsockopt+0x26c/0x290
[ 1801.282687][T23333]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1801.282715][T23333]  do_sock_setsockopt+0x25a/0x3e0
[ 1801.282739][T23333]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1801.282764][T23333]  ? __fget_files+0x2a/0x420
[ 1801.282795][T23333]  __x64_sys_setsockopt+0x18b/0x220
[ 1801.282822][T23333]  do_syscall_64+0xfa/0x3b0
[ 1801.282857][T23333]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1801.282879][T23333]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1801.282897][T23333]  ? clear_bhb_loop+0x60/0xb0
[ 1801.282920][T23333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1801.282939][T23333] RIP: 0033:0x7fe5d078e929
[ 1801.282956][T23333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1801.282973][T23333] RSP: 002b:00007fe5d1578038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1801.282992][T23333] RAX: ffffffffffffffda RBX: 00007fe5d09b5fa0 RCX: 00007fe5d078e929
[ 1801.283006][T23333] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[ 1801.283017][T23333] RBP: 00007fe5d0810b39 R08: 0000000000000310 R09: 0000000000000000
[ 1801.283029][T23333] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1801.283041][T23333] R13: 0000000000000000 R14: 00007fe5d09b5fa0 R15: 00007ffd512840a8
[ 1801.283072][T23333]  </TASK>
[ 1801.283079][T23333] Mem-Info:
[ 1801.601470][T23333] active_anon:287 inactive_anon:3266 isolated_anon:0
[ 1801.601470][T23333]  active_file:17387 inactive_file:39075 isolated_file:0
[ 1801.601470][T23333]  unevictable:768 dirty:119 writeback:0
[ 1801.601470][T23333]  slab_reclaimable:8350 slab_unreclaimable:102159
[ 1801.601470][T23333]  mapped:24830 shmem:1414 pagetables:863
[ 1801.601470][T23333]  sec_pagetables:0 bounce:0
[ 1801.601470][T23333]  kernel_misc_reclaimable:0
[ 1801.601470][T23333]  free:1318877 free_pcp:18676 free_cma:0
[ 1801.646878][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1801.668659][T23333] Node 0 active_anon:1148kB inactive_anon:13064kB active_file:69344kB inactive_file:156300kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:99320kB dirty:472kB writeback:0kB shmem:4120kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11328kB pagetables:3216kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1801.680207][ T3502] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1801.702174][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1801.719811][T23333] Node 1 active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1801.751231][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1801.757429][T23333] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1801.786197][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1801.793297][T23333] lowmem_reserve[]: 0 2501 2503 2503 2503
[ 1801.799533][T23333] Node 0 DMA32 free:1374312kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1140kB inactive_anon:13032kB active_file:67580kB inactive_file:156236kB unevictable:1536kB writepending:544kB present:3129332kB managed:2561452kB mlocked:0kB bounce:0kB free_pcp:40772kB local_pcp:24436kB free_cma:0kB
[ 1801.832071][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1801.838463][T23333] lowmem_reserve[]: 0 0 1 1 1
[ 1801.843225][T23333] Node 0 Normal free:20kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:1764kB inactive_file:64kB unevictable:0kB writepending:0kB present:1048580kB managed:1904kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[ 1801.872412][T23333] lowmem_reserve[]: 0 0 0 0 0
[ 1801.877238][T23333] Node 1 Normal free:3888440kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:34248kB local_pcp:14332kB free_cma:0kB
[ 1801.909116][T23333] lowmem_reserve[]: 0 0 0 0 0
[ 1801.913888][T23333] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1801.926658][T23333] Node 0 DMA32: 2376*4kB (UME) 1521*8kB (UME) 712*16kB (UME) 1002*32kB (UME) 346*64kB (UME) 243*128kB (UME) 72*256kB (UME) 59*512kB (UM) 47*1024kB (UME) 10*2048kB (UME) 278*4096kB (UM) = 1374312kB
[ 1801.946257][T23333] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[ 1801.959283][T23333] Node 1 Normal: 20*4kB (UME) 45*8kB (UME) 32*16kB (UME) 206*32kB (UME) 73*64kB (UME) 15*128kB (UME) 8*256kB (UME) 7*512kB (UME) 2*1024kB (ME) 2*2048kB (UE) 943*4096kB (M) = 3888440kB
[ 1801.977741][T23333] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1801.988155][T23333] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1801.997578][T23333] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1802.005116][ T3502] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1802.017564][T23333] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1802.017584][T23333] 57853 total pagecache pages
[ 1802.017593][T23333] 0 pages in swap cache
[ 1802.017601][T23333] Free swap  = 124996kB
[ 1802.017609][T23333] Total swap = 124996kB
[ 1802.017620][T23333] 2097051 pages RAM
[ 1802.017629][T23333] 0 pages HighMem/MovableOnly
[ 1802.017637][T23333] 424581 pages reserved
[ 1802.017645][T23333] 0 pages cma reserved
[ 1802.149173][ T3502] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1802.235555][ T3502] bridge_slave_1: left allmulticast mode
[ 1802.241401][ T3502] bridge_slave_1: left promiscuous mode
[ 1802.247389][ T3502] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1802.258771][ T3502] bridge_slave_0: left allmulticast mode
[ 1802.264422][ T3502] bridge_slave_0: left promiscuous mode
[ 1802.271112][ T3502] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1802.750605][T23368] fuse: Unknown parameter 'F�Xb"_�s�˼�&��tO��i�3�&�&`�R������V���#�QV�8���/���d����Hq�XՎJ`��(��G�h��'
[ 1804.293226][T13636] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1804.307836][T13636] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1804.316930][T13636] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1804.325803][T13636] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1804.342396][T13636] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1804.488418][T23388] trusted_key: encrypted_key: insufficient parameters specified
[ 1804.738909][ T3502] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1804.821769][ T3502] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1804.865003][ T3502] bond0 (unregistering): Released all slaves
[ 1805.098936][T23384] lo speed is unknown, defaulting to 1000
[ 1806.461183][T21737] Bluetooth: hci3: command tx timeout
[ 1806.491020][T23408] FAULT_INJECTION: forcing a failure.
[ 1806.491020][T23408] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1806.523152][T23408] CPU: 1 UID: 0 PID: 23408 Comm: syz.5.4721 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1806.523179][T23408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1806.523191][T23408] Call Trace:
[ 1806.523199][T23408]  <TASK>
[ 1806.523207][T23408]  dump_stack_lvl+0x189/0x250
[ 1806.523235][T23408]  ? __pfx____ratelimit+0x10/0x10
[ 1806.523257][T23408]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1806.523280][T23408]  ? __pfx__printk+0x10/0x10
[ 1806.523311][T23408]  should_fail_ex+0x414/0x560
[ 1806.523343][T23408]  _copy_to_user+0x31/0xb0
[ 1806.523368][T23408]  simple_read_from_buffer+0xe1/0x170
[ 1806.523389][T23408]  proc_fail_nth_read+0x1df/0x250
[ 1806.523415][T23408]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1806.523440][T23408]  ? rw_verify_area+0x258/0x650
[ 1806.523458][T23408]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1806.523481][T23408]  vfs_read+0x1fd/0x980
[ 1806.523505][T23408]  ? __pfx___mutex_lock+0x10/0x10
[ 1806.523529][T23408]  ? __pfx_vfs_read+0x10/0x10
[ 1806.523550][T23408]  ? __fget_files+0x2a/0x420
[ 1806.523573][T23408]  ? __fget_files+0x3a0/0x420
[ 1806.523592][T23408]  ? __fget_files+0x2a/0x420
[ 1806.523625][T23408]  ksys_read+0x145/0x250
[ 1806.523647][T23408]  ? __pfx_ksys_read+0x10/0x10
[ 1806.523663][T23408]  ? rcu_is_watching+0x15/0xb0
[ 1806.523692][T23408]  ? do_syscall_64+0xbe/0x3b0
[ 1806.523719][T23408]  do_syscall_64+0xfa/0x3b0
[ 1806.523739][T23408]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1806.523760][T23408]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1806.523778][T23408]  ? clear_bhb_loop+0x60/0xb0
[ 1806.523799][T23408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1806.523816][T23408] RIP: 0033:0x7f517d18d33c
[ 1806.523832][T23408] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1806.523847][T23408] RSP: 002b:00007f517df5e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1806.523866][T23408] RAX: ffffffffffffffda RBX: 00007f517d3b5fa0 RCX: 00007f517d18d33c
[ 1806.523880][T23408] RDX: 000000000000000f RSI: 00007f517df5e0a0 RDI: 0000000000000003
[ 1806.523892][T23408] RBP: 00007f517df5e090 R08: 0000000000000000 R09: 0000000000000000
[ 1806.523902][T23408] R10: 0000000002204c3b R11: 0000000000000246 R12: 0000000000000001
[ 1806.523914][T23408] R13: 0000000000000000 R14: 00007f517d3b5fa0 R15: 00007ffc285f7d58
[ 1806.523944][T23408]  </TASK>
[ 1808.621023][ T5835] Bluetooth: hci3: command tx timeout
[ 1809.671648][ T5835] Bluetooth: hci2: command 0x0406 tx timeout
[ 1811.447081][T21737] Bluetooth: hci3: command tx timeout
[ 1811.516177][T23437] trusted_key: encrypted_key: insufficient parameters specified
[ 1811.620376][ T3502] hsr_slave_0: left promiscuous mode
[ 1811.757733][ T3502] hsr_slave_1: left promiscuous mode
[ 1811.807006][ T3502] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1811.814487][ T3502] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1812.013067][ T3502] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1812.026265][ T3502] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1812.192350][T23449] NILFS (loop6): device size too small
[ 1812.219825][ T3502] veth1_macvtap: left promiscuous mode
[ 1812.832472][ T3502] veth0_macvtap: left promiscuous mode
[ 1812.926490][ T3502] veth1_vlan: left promiscuous mode
[ 1812.932028][ T3502] veth0_vlan: left promiscuous mode
[ 1813.064498][T23456] Invalid logical block size (64511)
[ 1813.477620][T21737] Bluetooth: hci3: command tx timeout
[ 1813.521658][T23472] tmpfs: Bad value for 'nr_inodes'
[ 1813.566006][ T5889] usb 7-1: new full-speed USB device number 41 using dummy_hcd
[ 1813.730026][ T5889] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1813.750684][ T5889] usb 7-1: New USB device found, idVendor=056a, idProduct=0059, bcdDevice= 0.00
[ 1813.760770][ T5889] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1813.781649][ T5889] usb 7-1: config 0 descriptor??
[ 1813.850481][ T3502] team0 (unregistering): Port device team_slave_1 removed
[ 1813.912942][ T3502] team0 (unregistering): Port device team_slave_0 removed
[ 1814.250711][ T5889] usbhid 7-1:0.0: can't add hid device: -71
[ 1814.272547][ T5889] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1814.283649][ T5889] usb 7-1: USB disconnect, device number 41
[ 1814.615801][T23384] chnl_net:caif_netlink_parms(): no params data found
[ 1814.670754][T23444] lo speed is unknown, defaulting to 1000
[ 1815.095934][T17217] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[ 1815.185233][T23384] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1815.203352][T23384] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1815.236081][T23384] bridge_slave_0: entered allmulticast mode
[ 1815.263449][T23384] bridge_slave_0: entered promiscuous mode
[ 1815.287821][T23384] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1815.317056][T23384] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1815.324288][T23384] bridge_slave_1: entered allmulticast mode
[ 1815.337131][T23384] bridge_slave_1: entered promiscuous mode
[ 1815.342394][T17217] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1815.363763][T17217] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1815.378056][T17217] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1815.533959][T17217] usb 9-1: config 0 descriptor??
[ 1816.119090][T23384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1816.136247][T23384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1816.848634][T17217] keytouch 0003:0926:3333.000E: fixing up Keytouch IEC report descriptor
[ 1816.882121][T23384] team0: Port device team_slave_0 added
[ 1816.904371][T17217] input: HID 0926:3333 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:0926:3333.000E/input/input46
[ 1816.921378][T23384] team0: Port device team_slave_1 added
[ 1817.047948][T17217] keytouch 0003:0926:3333.000E: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.8-1/input0
[ 1817.119431][T23384] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1817.129309][T23384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1817.161057][T23384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1817.206170][T23384] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1817.213445][T23384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1817.246331][T23384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1817.507400][T23517] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1817.520783][ T5889] usb 9-1: USB disconnect, device number 12
[ 1817.710176][T23384] hsr_slave_0: entered promiscuous mode
[ 1817.723763][T23384] hsr_slave_1: entered promiscuous mode
[ 1817.738004][T23384] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1817.773372][T23384] Cannot create hsr debugfs directory
[ 1818.424346][T23529] FAULT_INJECTION: forcing a failure.
[ 1818.424346][T23529] name failslab, interval 1, probability 0, space 0, times 0
[ 1818.448584][T23529] CPU: 1 UID: 0 PID: 23529 Comm: syz.6.4753 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1818.448610][T23529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1818.448620][T23529] Call Trace:
[ 1818.448629][T23529]  <TASK>
[ 1818.448638][T23529]  dump_stack_lvl+0x189/0x250
[ 1818.448665][T23529]  ? __pfx____ratelimit+0x10/0x10
[ 1818.448688][T23529]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1818.448711][T23529]  ? __pfx__printk+0x10/0x10
[ 1818.448735][T23529]  ? __pfx___might_resched+0x10/0x10
[ 1818.448756][T23529]  ? fs_reclaim_acquire+0x7d/0x100
[ 1818.448783][T23529]  should_fail_ex+0x414/0x560
[ 1818.448808][T23529]  should_failslab+0xa8/0x100
[ 1818.448831][T23529]  __kmalloc_noprof+0xcb/0x4f0
[ 1818.448850][T23529]  ? video_usercopy+0x18f/0x14f0
[ 1818.448872][T23529]  video_usercopy+0x18f/0x14f0
[ 1818.448895][T23529]  ? smk_tskacc+0x2fc/0x370
[ 1818.448921][T23529]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1818.448938][T23529]  ? __pfx_video_usercopy+0x10/0x10
[ 1818.448952][T23529]  ? smack_file_ioctl+0x2a9/0x340
[ 1818.448983][T23529]  ? __rcu_read_unlock+0x84/0xe0
[ 1818.449002][T23529]  ? __fget_files+0x2a/0x420
[ 1818.449019][T23529]  ? __fget_files+0x3a0/0x420
[ 1818.449043][T23529]  v4l2_ioctl+0x18d/0x1e0
[ 1818.449067][T23529]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1818.449089][T23529]  __se_sys_ioctl+0xfc/0x170
[ 1818.449105][T23529]  do_syscall_64+0xfa/0x3b0
[ 1818.449127][T23529]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1818.449143][T23529]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1818.449157][T23529]  ? clear_bhb_loop+0x60/0xb0
[ 1818.449172][T23529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1818.449184][T23529] RIP: 0033:0x7fdee718e929
[ 1818.449199][T23529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1818.449213][T23529] RSP: 002b:00007fdee7f9c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1818.449233][T23529] RAX: ffffffffffffffda RBX: 00007fdee73b5fa0 RCX: 00007fdee718e929
[ 1818.449242][T23529] RDX: 00002000000000c0 RSI: 00000000c0d05605 RDI: 0000000000000003
[ 1818.449257][T23529] RBP: 00007fdee7f9c090 R08: 0000000000000000 R09: 0000000000000000
[ 1818.449266][T23529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1818.449274][T23529] R13: 0000000000000000 R14: 00007fdee73b5fa0 R15: 00007fff7241d1e8
[ 1818.449299][T23529]  </TASK>
[ 1818.518693][T23384] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1818.694410][ T5889] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[ 1818.737244][T23384] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1818.749539][T23384] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1818.760337][T23384] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1818.854039][T23384] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1818.865914][ T5889] usb 9-1: Using ep0 maxpacket: 32
[ 1818.891680][ T5889] usb 9-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=93.a8
[ 1818.901087][ T5889] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1818.909530][ T5889] usb 9-1: Product: syz
[ 1818.920976][ T5889] usb 9-1: Manufacturer: syz
[ 1818.932429][ T5889] usb 9-1: SerialNumber: syz
[ 1818.956704][T23384] 8021q: adding VLAN 0 to HW filter on device team0
[ 1818.965001][ T5889] usb 9-1: config 0 descriptor??
[ 1819.006794][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1819.014008][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1819.026670][T23538] xt_NFQUEUE: number of total queues is 0
[ 1819.050955][T17904] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1819.058119][T17904] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1819.207331][T23542] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4755'.
[ 1819.643733][T23384] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1819.740570][T23384] veth0_vlan: entered promiscuous mode
[ 1819.759388][T23384] veth1_vlan: entered promiscuous mode
[ 1819.869278][T23384] veth0_macvtap: entered promiscuous mode
[ 1819.912219][T23384] veth1_macvtap: entered promiscuous mode
[ 1819.970302][T23384] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1820.557363][T23384] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1820.627816][T23384] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1820.652569][T23384] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1820.680574][T23384] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1820.694246][ T5889] ath6kl: Failed to submit usb control message: -110
[ 1820.701077][ T5889] ath6kl: unable to send the bmi data to the device: -110
[ 1820.708605][ T5889] ath6kl: Unable to send get target info: -110
[ 1820.715523][T23384] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1820.724399][ T5889] ath6kl: Failed to init ath6kl core: -110
[ 1820.741747][ T5889] ath6kl_usb 9-1:0.0: probe with driver ath6kl_usb failed with error -110
[ 1820.877386][ T3502] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1820.896633][ T3502] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1821.102764][ T3502] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1821.132733][ T3502] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1821.276722][T22588] usb 9-1: USB disconnect, device number 13
[ 1822.962584][T23576] lo speed is unknown, defaulting to 1000
[ 1824.050988][T23589] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4765'.
[ 1824.126345][T23590] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4765'.
[ 1824.389930][T23592] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4766'.
[ 1825.148295][T23604] bio_check_eod: 2 callbacks suppressed
[ 1825.153916][T23604] syz.6.4769: attempt to access beyond end of device
[ 1825.153916][T23604] nbd6: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1825.167396][T23604] vxfs: unable to read disk superblock at 1
[ 1825.174868][T23604] syz.6.4769: attempt to access beyond end of device
[ 1825.174868][T23604] nbd6: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1825.188264][T23604] vxfs: unable to read disk superblock at 8
[ 1825.194303][T23604] vxfs: can't find superblock.
[ 1826.049016][T22937] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1826.224916][T22937] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1826.341400][T22937] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1826.395763][T22937] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1826.520441][T22937] bridge_slave_1: left allmulticast mode
[ 1826.526354][T22937] bridge_slave_1: left promiscuous mode
[ 1826.532351][T22937] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1826.543388][T22937] bridge_slave_0: left allmulticast mode
[ 1826.549651][T22937] bridge_slave_0: left promiscuous mode
[ 1826.555464][T22937] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1826.977373][T22937] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1826.988716][T22937] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1826.998830][T22937] bond0 (unregistering): Released all slaves
[ 1827.203228][T22937] hsr_slave_0: left promiscuous mode
[ 1827.209448][T22937] hsr_slave_1: left promiscuous mode
[ 1827.215172][T22937] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1827.222572][T22937] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1827.230298][T22937] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1827.237760][T22937] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1827.263377][T22937] veth1_macvtap: left promiscuous mode
[ 1827.269226][T22937] veth0_macvtap: left promiscuous mode
[ 1827.274793][T22937] veth1_vlan: left promiscuous mode
[ 1827.280505][T22937] veth0_vlan: left promiscuous mode
[ 1830.523703][T23630] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4775'.
[ 1830.780666][T23638] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1830.908376][T22588] usb 6-1: new high-speed USB device number 67 using dummy_hcd
[ 1831.157047][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1831.174027][ T5835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1831.186783][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1831.194750][ T5835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1831.203546][ T5835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1831.248020][T22588] usb 6-1: Using ep0 maxpacket: 32
[ 1831.290443][T22588] usb 6-1: config 0 has no interfaces?
[ 1831.346393][T22588] usb 6-1: New USB device found, idVendor=0856, idProduct=bc00, bcdDevice=b2.7f
[ 1831.421635][T22588] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1831.439876][T22588] usb 6-1: Product: syz
[ 1831.453641][T22588] usb 6-1: Manufacturer: syz
[ 1831.461877][T22588] usb 6-1: SerialNumber: syz
[ 1831.498776][T22588] usb 6-1: config 0 descriptor??
[ 1831.628369][T22937] team0 (unregistering): Port device team_slave_1 removed
[ 1831.690908][T22937] team0 (unregistering): Port device team_slave_0 removed
[ 1832.321561][T22588] usb 6-1: USB disconnect, device number 67
[ 1833.237374][ T5835] Bluetooth: hci3: command tx timeout
[ 1833.294686][T23640] lo speed is unknown, defaulting to 1000
[ 1833.835938][T23668] syz.6.4783: attempt to access beyond end of device
[ 1833.835938][T23668] nbd6: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1833.849397][T23668] vxfs: unable to read disk superblock at 1
[ 1833.856010][T23668] syz.6.4783: attempt to access beyond end of device
[ 1833.856010][T23668] nbd6: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1833.869423][T23668] vxfs: unable to read disk superblock at 8
[ 1833.875389][T23668] vxfs: can't find superblock.
[ 1834.936933][T23640] chnl_net:caif_netlink_parms(): no params data found
[ 1835.164518][T23676] Invalid logical block size (1310720)
[ 1835.316047][ T5835] Bluetooth: hci3: command tx timeout
[ 1835.703063][T23680] FAULT_INJECTION: forcing a failure.
[ 1835.703063][T23680] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1835.747942][T23680] CPU: 0 UID: 0 PID: 23680 Comm: syz.8.4788 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1835.747973][T23680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1835.747984][T23680] Call Trace:
[ 1835.747993][T23680]  <TASK>
[ 1835.748001][T23680]  dump_stack_lvl+0x189/0x250
[ 1835.748030][T23680]  ? __pfx____ratelimit+0x10/0x10
[ 1835.748052][T23680]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1835.748076][T23680]  ? __pfx__printk+0x10/0x10
[ 1835.748095][T23680]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1835.748113][T23680]  ? __might_fault+0xb0/0x130
[ 1835.748142][T23680]  should_fail_ex+0x414/0x560
[ 1835.748166][T23680]  _copy_from_user+0x2d/0xb0
[ 1835.748191][T23680]  memdup_user+0x5e/0xd0
[ 1835.748216][T23680]  strndup_user+0x68/0xd0
[ 1835.748239][T23680]  __se_sys_mount+0x9c/0x410
[ 1835.748267][T23680]  ? __pfx___se_sys_mount+0x10/0x10
[ 1835.748293][T23680]  ? rcu_is_watching+0x15/0xb0
[ 1835.748321][T23680]  ? do_syscall_64+0xbe/0x3b0
[ 1835.748342][T23680]  ? __x64_sys_mount+0x20/0xc0
[ 1835.748370][T23680]  do_syscall_64+0xfa/0x3b0
[ 1835.748393][T23680]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1835.748409][T23680]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1835.748431][T23680]  ? clear_bhb_loop+0x60/0xb0
[ 1835.748452][T23680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1835.748469][T23680] RIP: 0033:0x7fad2598e929
[ 1835.748485][T23680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1835.748500][T23680] RSP: 002b:00007fad2685e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1835.748518][T23680] RAX: ffffffffffffffda RBX: 00007fad25bb5fa0 RCX: 00007fad2598e929
[ 1835.748531][T23680] RDX: 0000200000000100 RSI: 0000200000000180 RDI: 0000000000000000
[ 1835.748543][T23680] RBP: 00007fad2685e090 R08: 0000200000000140 R09: 0000000000000000
[ 1835.748555][T23680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1835.748566][T23680] R13: 0000000000000000 R14: 00007fad25bb5fa0 R15: 00007ffcaa207d08
[ 1835.748595][T23680]  </TASK>
[ 1835.956297][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1836.000014][T23683] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4789'.
[ 1836.706678][T23640] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1836.714298][T23640] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1837.186945][T23640] bridge_slave_0: entered allmulticast mode
[ 1837.205322][T23640] bridge_slave_0: entered promiscuous mode
[ 1837.253086][T23640] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1837.276109][T23640] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1837.290635][T23640] bridge_slave_1: entered allmulticast mode
[ 1837.356200][T23640] bridge_slave_1: entered promiscuous mode
[ 1837.395923][ T5835] Bluetooth: hci3: command tx timeout
[ 1837.884171][ T5970] kworker/1:7 (5970) used greatest stack depth: 15208 bytes left
[ 1838.358570][T23640] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1838.441789][T23640] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1838.540375][T23700] IPVS: set_ctl: invalid protocol: 51 127.0.0.1:20001
[ 1838.549397][T23700] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1838.615231][T23640] team0: Port device team_slave_0 added
[ 1838.639061][T23640] team0: Port device team_slave_1 added
[ 1838.928552][T23713] syz.6.4796: attempt to access beyond end of device
[ 1838.928552][T23713] nbd6: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1838.941787][T23713] vxfs: unable to read disk superblock at 1
[ 1838.949888][T23713] syz.6.4796: attempt to access beyond end of device
[ 1838.949888][T23713] nbd6: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1838.963541][T23713] vxfs: unable to read disk superblock at 8
[ 1838.969557][T23713] vxfs: can't find superblock.
[ 1839.637661][ T5835] Bluetooth: hci3: command tx timeout
[ 1840.092719][T23640] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1840.101055][T23640] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1840.101103][T23640] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1840.103073][T23640] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1840.103088][T23640] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1840.103120][T23640] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1840.251275][T23640] hsr_slave_0: entered promiscuous mode
[ 1840.252107][T23640] hsr_slave_1: entered promiscuous mode
[ 1840.252541][T23640] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1840.252627][T23640] Cannot create hsr debugfs directory
[ 1841.414213][T23730] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4805'.
[ 1841.544615][T23640] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1841.556624][T23640] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1841.585631][T23640] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1841.607760][T23640] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1841.969203][T23640] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1842.045187][T23640] 8021q: adding VLAN 0 to HW filter on device team0
[ 1842.059354][T22937] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1842.066535][T22937] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1842.084470][ T9945] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1842.091594][ T9945] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1842.192563][T23640] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1842.244354][T23751] binder: 23750:23751 ioctl c018620c 200000000640 returned -22
[ 1842.549094][ T5889] usb 7-1: new high-speed USB device number 42 using dummy_hcd
[ 1842.796026][ T5889] usb 7-1: Using ep0 maxpacket: 16
[ 1842.809940][ T5889] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1842.833796][ T5889] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1842.879499][ T5889] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1842.890567][ T5889] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1842.899584][ T5889] usb 7-1: Product: syz
[ 1842.903797][ T5889] usb 7-1: Manufacturer: syz
[ 1842.911498][ T5889] usb 7-1: SerialNumber: syz
[ 1842.932222][ T5889] usb 7-1: config 0 descriptor??
[ 1842.948935][ T5889] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1842.972360][ T5889] em28xx 7-1:0.0: Audio interface 0 found (Vendor Class)
[ 1843.044285][T23640] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1843.146819][T23640] veth0_vlan: entered promiscuous mode
[ 1843.185157][T23640] veth1_vlan: entered promiscuous mode
[ 1843.247735][T23640] veth0_macvtap: entered promiscuous mode
[ 1843.265626][T23640] veth1_macvtap: entered promiscuous mode
[ 1843.307833][T23640] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1843.342466][T23640] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1843.367883][T23640] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1843.386637][T23640] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1843.405723][T23640] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1843.649016][ T5889] em28xx 7-1:0.0: unknown em28xx chip ID (0)
[ 1843.659782][ T5889] em28xx 7-1:0.0: Config register raw data: 0xfffffffb
[ 1843.675552][T23640] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1843.946778][T22929] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1843.954629][T22929] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1844.054541][T22929] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1844.076966][T22929] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1844.296721][ T5889] em28xx 7-1:0.0: Unknown AC97 audio processor detected!
[ 1844.900882][T23766] netlink: 'syz.6.4809': attribute type 29 has an invalid length.
[ 1845.069881][ T5889] em28xx 7-1:0.0: couldn't setup AC97 register 2
[ 1845.077502][ T5889] em28xx 7-1:0.0: couldn't setup AC97 register 4
[ 1845.084266][ T5889] em28xx 7-1:0.0: couldn't setup AC97 register 6
[ 1845.096538][ T5889] em28xx 7-1:0.0: couldn't setup AC97 register 54
[ 1845.113540][ T5889] em28xx 7-1:0.0: couldn't setup AC97 register 56
[ 1845.134171][ T5889] usb 7-1: USB disconnect, device number 42
[ 1847.314102][   T49] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1847.588012][   T49] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1847.711983][   T49] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1847.784076][   T49] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1847.928626][   T49] bridge_slave_1: left allmulticast mode
[ 1847.934289][   T49] bridge_slave_1: left promiscuous mode
[ 1847.940579][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1847.950378][   T49] bridge_slave_0: left allmulticast mode
[ 1847.960947][   T49] bridge_slave_0: left promiscuous mode
[ 1847.970357][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1848.308868][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1848.319829][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1848.329919][   T49] bond0 (unregistering): Released all slaves
[ 1848.574790][   T49] hsr_slave_0: left promiscuous mode
[ 1848.582764][   T49] hsr_slave_1: left promiscuous mode
[ 1848.588627][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1848.599334][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1848.607070][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1848.614471][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1848.632923][   T49] veth1_macvtap: left promiscuous mode
[ 1848.638627][   T49] veth0_macvtap: left promiscuous mode
[ 1848.644179][   T49] veth1_vlan: left promiscuous mode
[ 1848.649510][   T49] veth0_vlan: left promiscuous mode
[ 1850.118673][   T49] team0 (unregistering): Port device team_slave_1 removed
[ 1850.446668][   T49] team0 (unregistering): Port device team_slave_0 removed
[ 1851.070416][T21737] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1851.096176][T21737] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1851.104316][T21737] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1851.112229][T21737] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1851.120185][T21737] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1852.238056][T23792] netlink: 80 bytes leftover after parsing attributes in process `syz.5.4820'.
[ 1852.329800][T23806] lo speed is unknown, defaulting to 1000
[ 1852.496194][T23829] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4828'.
[ 1852.514233][T23829] netlink: 'syz.6.4828': attribute type 15 has an invalid length.
[ 1852.668647][T23829] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1852.678177][T23829] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1852.686975][T23829] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1852.695681][T23829] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1852.717149][T23829] vxlan0: entered promiscuous mode
[ 1852.869243][T23806] chnl_net:caif_netlink_parms(): no params data found
[ 1853.094992][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.151895][T23806] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1853.166109][T23806] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1853.166127][T21737] Bluetooth: hci3: command tx timeout
[ 1853.173422][T23806] bridge_slave_0: entered allmulticast mode
[ 1853.198853][T23806] bridge_slave_0: entered promiscuous mode
[ 1853.227678][T23806] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1853.269664][T23806] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1853.284511][T23806] bridge_slave_1: entered allmulticast mode
[ 1853.303212][T23806] bridge_slave_1: entered promiscuous mode
[ 1853.468925][T23806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1853.519319][T23806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1853.667810][T23806] team0: Port device team_slave_0 added
[ 1853.694372][T23845] netlink: 'syz.6.4834': attribute type 29 has an invalid length.
[ 1853.721885][T23806] team0: Port device team_slave_1 added
[ 1853.789450][T23845] netlink: 'syz.6.4834': attribute type 29 has an invalid length.
[ 1853.870533][T23806] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1853.887938][T23806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1853.916154][T23806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1853.931064][T23806] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1853.986076][T23806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1854.012867][T23806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1959.179956][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1959.186949][    C1] rcu: 	0-...!: (1 GPs behind) idle=7714/0/0x1 softirq=148910/148915 fqs=2
[ 1959.197271][    C1] rcu: 	(detected by 1, t=10505 jiffies, g=132149, q=247 ncpus=2)
[ 1959.205094][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1959.205130][    C0] NMI backtrace for cpu 0
[ 1959.205145][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1959.205167][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1959.205177][    C0] RIP: 0010:rb_erase+0x3f1/0xe60
[ 1959.205201][    C0] Code: 03 80 3c 28 00 74 08 4c 89 e7 e8 7a 45 c6 f6 4d 8b 2c 24 41 83 e5 01 49 f7 dd 4d 21 fd eb 75 48 89 d8 48 c1 e8 03 80 3c 28 00 <0f> 84 a5 05 00 00 48 89 df e8 41 46 c6 f6 e9 98 05 00 00 48 b8 00
[ 1959.205215][    C0] RSP: 0018:ffffc90000007ca8 EFLAGS: 00000046
[ 1959.205229][    C0] RAX: 1ffff110170c4fa2 RBX: ffff8880b8627d10 RCX: dffffc0000000000
[ 1959.205241][    C0] RDX: 0000000000010000 RSI: ffff8880b8627d10 RDI: ffff888026a14348
[ 1959.205253][    C0] RBP: dffffc0000000000 R08: ffffffff8f9fdaf7 R09: 1ffffffff1f3fb5e
[ 1959.205264][    C0] R10: dffffc0000000000 R11: fffffbfff1f3fb5f R12: ffff888026a14340
[ 1959.205275][    C0] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
[ 1959.205285][    C0] FS:  0000000000000000(0000) GS:ffff888125c84000(0000) knlGS:0000000000000000
[ 1959.205298][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1959.205309][    C0] CR2: 0000000000000000 CR3: 000000005dd80000 CR4: 00000000003526f0
[ 1959.205322][    C0] Call Trace:
[ 1959.205329][    C0]  <IRQ>
[ 1959.205343][    C0]  timerqueue_del+0xae/0x100
[ 1959.205360][    C0]  __hrtimer_run_queues+0x364/0xc60
[ 1959.205388][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1959.205406][    C0]  ? read_tsc+0x9/0x20
[ 1959.205426][    C0]  hrtimer_interrupt+0x45b/0xaa0
[ 1959.205458][    C0]  __sysvec_apic_timer_interrupt+0x10b/0x410
[ 1959.205478][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[ 1959.205496][    C0]  </IRQ>
[ 1959.205501][    C0]  <TASK>
[ 1959.205507][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1959.205522][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[ 1959.205540][    C0] Code: c3 dd 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 63 55 28 00 f3 0f 1e fa fb f4 <e9> 98 dd 02 00 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[ 1959.205552][    C0] RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2
[ 1959.205564][    C0] RAX: e3e17bfc9bf9d300 RBX: ffffffff81974c88 RCX: e3e17bfc9bf9d300
[ 1959.205576][    C0] RDX: 0000000000000001 RSI: ffffffff8d96e743 RDI: ffffffff8be1b900
[ 1959.205586][    C0] RBP: ffffffff8de07ea8 R08: ffff8880b8632f5b R09: 1ffff110170c65eb
[ 1959.205598][    C0] R10: dffffc0000000000 R11: ffffed10170c65ec R12: ffffffff8f9fdaf0
[ 1959.205609][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a50
[ 1959.205621][    C0]  ? do_idle+0x1e8/0x510
[ 1959.205644][    C0]  default_idle+0x13/0x20
[ 1959.205657][    C0]  default_idle_call+0x74/0xb0
[ 1959.205671][    C0]  do_idle+0x1e8/0x510
[ 1959.205689][    C0]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1959.205703][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1959.205720][    C0]  ? __pfx_do_idle+0x10/0x10
[ 1959.205743][    C0]  ? do_idle+0x5/0x510
[ 1959.205761][    C0]  cpu_startup_entry+0x44/0x60
[ 1959.205779][    C0]  rest_init+0x2de/0x300
[ 1959.205793][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[ 1959.205809][    C0]  start_kernel+0x47d/0x500
[ 1959.205830][    C0]  x86_64_start_reservations+0x24/0x30
[ 1959.205844][    C0]  x86_64_start_kernel+0x143/0x1c0
[ 1959.205859][    C0]  common_startup_64+0x13e/0x147
[ 1959.205881][    C0]  </TASK>
[ 1959.206117][    C1] rcu: rcu_preempt kthread starved for 10495 jiffies! g132149 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[ 1959.539592][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1959.549577][    C1] rcu: RCU grace-period kthread stack dump:
[ 1959.555470][    C1] task:rcu_preempt     state:R  running task     stack:27128 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[ 1959.568972][    C1] Call Trace:
[ 1959.572254][    C1]  <TASK>
[ 1959.575194][    C1]  __schedule+0x16a2/0x4cb0
[ 1959.579730][    C1]  ? schedule+0x165/0x360
[ 1959.584077][    C1]  ? __pfx___schedule+0x10/0x10
[ 1959.588954][    C1]  ? schedule+0x91/0x360
[ 1959.593214][    C1]  schedule+0x165/0x360
[ 1959.597393][    C1]  schedule_timeout+0x12b/0x270
[ 1959.602259][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[ 1959.607636][    C1]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1959.613541][    C1]  ? __pfx_process_timeout+0x10/0x10
[ 1959.618843][    C1]  ? prepare_to_swait_event+0x341/0x380
[ 1959.624399][    C1]  rcu_gp_fqs_loop+0x301/0x1540
[ 1959.629271][    C1]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[ 1959.635434][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1959.640724][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 1959.645934][    C1]  ? finish_swait+0xcd/0x1f0
[ 1959.650532][    C1]  rcu_gp_kthread+0x99/0x390
[ 1959.655129][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1959.660338][    C1]  ? __kthread_parkme+0x7b/0x200
[ 1959.665285][    C1]  ? __kthread_parkme+0x1a1/0x200
[ 1959.670322][    C1]  kthread+0x711/0x8a0
[ 1959.674413][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1959.679623][    C1]  ? __pfx_kthread+0x10/0x10
[ 1959.684222][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1959.689423][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1959.694628][    C1]  ? __pfx_kthread+0x10/0x10
[ 1959.699226][    C1]  ret_from_fork+0x3fc/0x770
[ 1959.703828][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1959.708955][    C1]  ? __switch_to_asm+0x39/0x70
[ 1959.713717][    C1]  ? __switch_to_asm+0x33/0x70
[ 1959.718480][    C1]  ? __pfx_kthread+0x10/0x10
[ 1959.723077][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1959.727863][    C1]  </TASK>
[ 1959.730884][    C1] rcu: Stack dump where RCU GP kthread last ran:
[ 1959.737210][    C1] CPU: 1 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1959.747457][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1959.757515][    C1] Workqueue: events_unbound toggle_allocation_gate
[ 1959.764027][    C1] RIP: 0010:smp_call_function_many_cond+0xf69/0x12d0
[ 1959.770710][    C1] Code: 00 45 8b 2f 44 89 ee 83 e6 01 31 ff e8 b0 79 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 5b 75 0b 00 eb 37 f3 90 <43> 0f b6 04 2c 84 c0 75 10 41 f7 07 01 00 00 00 74 1e e8 40 75 0b
[ 1959.790320][    C1] RSP: 0018:ffffc900001276a0 EFLAGS: 00000293
[ 1959.796391][    C1] RAX: ffffffff81b4d850 RBX: ffff8880b873b040 RCX: ffff88801d280000
[ 1959.804376][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1959.812352][    C1] RBP: ffffc90000127800 R08: ffffffff8f9fdaf7 R09: 1ffffffff1f3fb5e
[ 1959.820325][    C1] R10: dffffc0000000000 R11: fffffbfff1f3fb5f R12: 1ffff110170c835d
[ 1959.828297][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8880b8641ae8
[ 1959.836269][    C1] FS:  0000000000000000(0000) GS:ffff888125d84000(0000) knlGS:0000000000000000
[ 1959.845201][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1959.851784][    C1] CR2: 000000110c3d5a21 CR3: 000000000df38000 CR4: 00000000003526f0
[ 1959.859762][    C1] Call Trace:
[ 1959.863046][    C1]  <TASK>
[ 1959.865996][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1959.872333][    C1]  ? __pfx_text_poke_memcpy+0x10/0x10
[ 1959.877710][    C1]  ? kmem_cache_alloc_bulk_noprof+0x148/0x790
[ 1959.883780][    C1]  ? __pfx___text_poke+0x10/0x10
[ 1959.888715][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1959.893500][    C1]  ? trace_contention_end+0x39/0x120
[ 1959.898794][    C1]  ? __pfx_do_sync_core+0x10/0x10
[ 1959.903824][    C1]  on_each_cpu_cond_mask+0x3f/0x80
[ 1959.908947][    C1]  smp_text_poke_batch_finish+0x5e0/0x1100
[ 1959.914758][    C1]  ? __pfx___mutex_lock+0x10/0x10
[ 1959.919791][    C1]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[ 1959.926046][    C1]  ? arch_jump_label_transform_queue+0x97/0x110
[ 1959.932305][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[ 1959.938376][    C1]  static_key_enable_cpuslocked+0x128/0x250
[ 1959.944281][    C1]  static_key_enable+0x1a/0x20
[ 1959.949046][    C1]  toggle_allocation_gate+0xad/0x240
[ 1959.954335][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[ 1959.960231][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[ 1959.965968][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[ 1959.971691][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[ 1959.977416][    C1]  process_scheduled_works+0xae1/0x17b0
[ 1959.982995][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1959.988997][    C1]  worker_thread+0x8a0/0xda0
[ 1959.993617][    C1]  kthread+0x711/0x8a0
[ 1959.997692][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1960.002808][    C1]  ? __pfx_kthread+0x10/0x10
[ 1960.007405][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1960.012606][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1960.017803][    C1]  ? __pfx_kthread+0x10/0x10
[ 1960.022410][    C1]  ret_from_fork+0x3fc/0x770
[ 1960.027006][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1960.032129][    C1]  ? __switch_to_asm+0x39/0x70
[ 1960.036890][    C1]  ? __switch_to_asm+0x33/0x70
[ 1960.041651][    C1]  ? __pfx_kthread+0x10/0x10
[ 1960.046245][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1960.051024][    C1]  </TASK>