last executing test programs:

13m8.635234944s ago: executing program 1 (id=459):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_sctp(0x2, 0x1, 0x84)
r1 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000440)=@mangle={'mangle\x00', 0x44, 0x6, 0x3c8, 0x98, 0x0, 0x298, 0x0, 0x0, 0x330, 0x330, 0x330, 0x330, 0x330, 0x6, 0x0, {[{{@ip={@multicast1, @dev={0xac, 0x14, 0x14, 0x13}, 0xff, 0xff000000, 'pim6reg1\x00', 'bridge_slave_0\x00', {}, {0xff}, 0x88, 0x3}, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x1, 0x9}}}, {{@ip={@private=0xa010100, @local, 0x0, 0x0, 'vcan0\x00', 'veth0_virt_wifi\x00', {}, {0xff}, 0x6}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x11, 0x6, 0x3, 0x1100, 0x4]}, {0x0, [0x5, 0x0, 0x0, 0x2, 0x4]}}}}, {{@uncond, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x1}}}, {{@ip={@private=0xa010102, @multicast1, 0x0, 0xffffff00, 'syzkaller0\x00', 'bond0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x0, 0xfc}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x1, @dev={0xfe, 0x80, '\x00', 0x39}, 0x3e}, 0x1c)

13m7.823249801s ago: executing program 1 (id=460):
r0 = socket(0x1d, 0x2, 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000140)={'vxcan1\x00', <r2=>0x0})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
bind$can_j1939(r0, &(0x7f0000000000)={0x1d, r2, 0x6}, 0x18)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r0)
close(0x3)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)

13m4.728504633s ago: executing program 1 (id=469):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000008c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r2, @ANYBLOB="0d010000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_MASTER={0x8, 0xa, r7}, @IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x8, 0x2}}}}}}]}, 0x50}}, 0x0)

13m3.040109049s ago: executing program 1 (id=475):
r0 = socket(0x10, 0x2, 0x0)
syz_mount_image$udf(&(0x7f0000000080), &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f00000015c0)=ANY=[], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
write(r0, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r0, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
creat(&(0x7f0000000100)='./bus\x00', 0x44)
shmat(0x0, &(0x7f0000001000/0x1000)=nil, 0x4000)
lstat(&(0x7f00000001c0)='.\x00', &(0x7f00000003c0))
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x301400, 0x0)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x49)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3)
mkdir(&(0x7f0000000e40)='./control\x00', 0x0)
rmdir(&(0x7f0000000040)='./control\x00')

13m1.18423661s ago: executing program 1 (id=484):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x3000046, &(0x7f00000000c0), 0x1, 0x55c, &(0x7f00000003c0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9uzKVr648JPsxH0eFA32do78pouowmHWsduD24F19kCCIOxHd993H4D/hXDHQwZBR98CVy05suW5M2a7OlWz4fuOWce2967jf3fk/OzUlIAANrLPtTiHg1Ir5NIg5GRJJvG45849jqfisPrk1nSxL1+md/J439snrzfzUftz+vvBIRv38dcaKwvt3q0vJcqVxOF/L6eG3+8nh1afnkxfnSbDqbXpqcmjr9ztTk+++927NYj5/794dP73x0+pujK9//eu/QrSTOxIF8W2sc23C9tTIWY/lzMhJnHttxogeN7SRJvw+ALRnK83wksj7gYAzlWQ+8+L6KiDowoBL5DwOqOQ5o3tv36D74uXH/w9UboPXxD6++NxJ7GvdG+1aSR+6Msvvd0R60n7Xx21+3b2VL9O59CIBNXb8REaeGh9f3f0ne/23dqS72ebwN/R88O3ey8c9b7cY/hbXxT7QZ/+xvk7tb0Sn/j7/cXFO414NmOsrGfx+0Hf+uTVqNDuW1lxpjvpHkwsVymvVt2SEei5HdWX2j+ZzTK3frnba1jv+yJWu/ORbMj+Pe8O5HHzNTqpW2E3Or+zciXms7/k3Wzn/S5vxnz8e5Lts4kt5+o9O2zeN/uuo/R7zZ9vw/nNFKNp6fHG9cD+PNq2K9f24e+aNT+/2OPzv/+zaOfzRpna+tPnkbP+35L+207ZH4o/vrf1fyeaO8K193tVSrLUxE7Eo+Wb9+8uFjm/Xm/ln8x45u3P+1u/73RsQXXcZ/8/Avr3cVf5/O/8wTnf8nL9z9+MsfO7XfXf/3dqN0LF/TTf/X7QFu57kDAAAAAACAnaYQEQciKRTXyoVCsbj6+Y7Dsa9QrlRrJy5UFi/NROO7sqMxUmjOdB9s+TzERP552GZ98rH6VEQciojvhvY26sXpSnmm38EDAAAAAAAAAAAAAAAAAADADrG/w/f/M38O9fvogKfOT37D4No0/3vxS0/AjuT1HwaX/IfB1TH/vQEILzyv/zC45D8MLvkPg0v+w+CS/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT586ezZb6yoNr01l95srS4lzlysmZtDpXnF+cLk5XFi4XZyuV2XJanK7Mb/b/ypXK5YnJWLw6XkurtfHq0vL5+cripdr5i/Ol2fR8OvJMogIAAAAAAAAAAAAAAAAAAIDnS3Vpea5ULqcLCgpbKgzvjMNQ6HGh3z0TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADz0fwAAAP//s6436w==")
mount(0x0, 0x0, 0x0, 0x63d014, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast2}, 0x10)
getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, 0x0, 0x0)
connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r1, 0xb66f)
sendmsg$inet(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000000c0)="c962", 0x2}], 0x1}, 0x4004045)
sendfile(r0, r1, 0x0, 0x7ffff006)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000fe6000/0x14000)=nil, 0x14000, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/169, 0xa9, 0x0, 0x0}, &(0x7f0000000400)=0x40)

12m58.112787222s ago: executing program 1 (id=495):
socket(0xa, 0x5, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x2000c000)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f00000000c0)={0x1d, r2}, 0x18)
connect$can_j1939(r1, &(0x7f0000000140)={0x1d, r2}, 0x18)
sendmmsg(r1, &(0x7f0000003e40)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000180)="b8750f656242a1431a90c7f7c037145767dacabe54b5d9e76d4558e6593ddb285e93b9afbb35663cc7ab887864f0bbab94db23f31326dce4f03550370666f57d09865e8a1b872d519e7ac8b7728086ed9fb5aa7f8a8d62f5817f91c3fa8db0995a00"/107, 0x6b}], 0x1}}], 0x1, 0x4)
recvmmsg(r1, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f0000000040), 0x10, &(0x7f0000000480)=""/230}}], 0x2, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000400)={'vcan0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=@newtfilter={0x24, 0x11, 0x111, 0x70bd27, 0x100000, {0x0, 0x0, 0x74, r4, {0x6, 0xfff2}, {0x5, 0xfff3}, {0xd, 0xffe0}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4010}, 0xc4)

12m57.25703986s ago: executing program 32 (id=495):
socket(0xa, 0x5, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x2000c000)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f00000000c0)={0x1d, r2}, 0x18)
connect$can_j1939(r1, &(0x7f0000000140)={0x1d, r2}, 0x18)
sendmmsg(r1, &(0x7f0000003e40)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000180)="b8750f656242a1431a90c7f7c037145767dacabe54b5d9e76d4558e6593ddb285e93b9afbb35663cc7ab887864f0bbab94db23f31326dce4f03550370666f57d09865e8a1b872d519e7ac8b7728086ed9fb5aa7f8a8d62f5817f91c3fa8db0995a00"/107, 0x6b}], 0x1}}], 0x1, 0x4)
recvmmsg(r1, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f0000000040), 0x10, &(0x7f0000000480)=""/230}}], 0x2, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000400)={'vcan0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=@newtfilter={0x24, 0x11, 0x111, 0x70bd27, 0x100000, {0x0, 0x0, 0x74, r4, {0x6, 0xfff2}, {0x5, 0xfff3}, {0xd, 0xffe0}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4010}, 0xc4)

11m31.965159697s ago: executing program 2 (id=735):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'wp384-generic\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000047c0)=[{{0x0, 0x0, &(0x7f0000002ac0)=[{&(0x7f0000000340)=""/1, 0x1}], 0x1}, 0xe75}], 0x3aa0, 0x60002000, 0x0)

11m29.563761836s ago: executing program 2 (id=740):
r0 = socket$unix(0x1, 0x2, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
close(r0)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000003000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r3 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)

11m29.329835594s ago: executing program 2 (id=743):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x1000, 0x0, 0xa, 0x20, 0x0, 0x87}, {0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0x0, 0x0, 0x200000000000000, 0x4}, 0x0, 0x40000000}}, 0xb8}}, 0x2c000010)
sendmsg$nl_xfrm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="b8000000140001000000000004000000e000000200000000000000000000000000000000000000000000000000000000000000000fff00000a00200000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00@\x00'], 0xb8}, 0x1, 0x0, 0x0, 0x404c830}, 0x987a3a9f32358a4c)

11m26.950965153s ago: executing program 2 (id=747):
r0 = socket(0x10, 0x2, 0x0)
syz_mount_image$udf(&(0x7f0000000080), &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f00000015c0)=ANY=[], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
write(r0, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r0, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
creat(&(0x7f0000000100)='./bus\x00', 0x44)
shmat(0x0, &(0x7f0000001000/0x1000)=nil, 0x4000)
lstat(&(0x7f00000001c0)='.\x00', &(0x7f00000003c0))
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x301400, 0x0)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x49)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3)
mkdir(&(0x7f0000000e40)='./control\x00', 0x0)
rmdir(&(0x7f0000000040)='./control\x00')

11m25.701148583s ago: executing program 2 (id=752):
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40242, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="1400000016000b63d25a80648c25940121", 0x11}, {&(0x7f0000000280)="e26248", 0x3}], 0x2}, 0x40050)

11m23.566461434s ago: executing program 2 (id=755):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e24, 0x202, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x4ac2d78a}}, 0x0, 0x0, 0x34, 0x0, "ee8b0e650926a96ecc136e7fb980e989db9e8bf9b93129488f651a8de213eb94cd46e19d9c65a018444a131f4da58ae36556dd38ea6c029607462029add09240005c6776267517308a3d40aa1c788df6"}, 0xd8)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000880)=0x3, 0x4)
writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)
socket$unix(0x1, 0x1, 0x0)
listen(0xffffffffffffffff, 0x1)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
r1 = epoll_create1(0x0)
epoll_pwait(r1, &(0x7f0000000600)=[{}], 0x1, 0x1ff, 0x0, 0x0)
shutdown(r0, 0x1)

11m21.815293622s ago: executing program 33 (id=755):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e24, 0x202, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x4ac2d78a}}, 0x0, 0x0, 0x34, 0x0, "ee8b0e650926a96ecc136e7fb980e989db9e8bf9b93129488f651a8de213eb94cd46e19d9c65a018444a131f4da58ae36556dd38ea6c029607462029add09240005c6776267517308a3d40aa1c788df6"}, 0xd8)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000880)=0x3, 0x4)
writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)
socket$unix(0x1, 0x1, 0x0)
listen(0xffffffffffffffff, 0x1)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
r1 = epoll_create1(0x0)
epoll_pwait(r1, &(0x7f0000000600)=[{}], 0x1, 0x1ff, 0x0, 0x0)
shutdown(r0, 0x1)

4m58.900017635s ago: executing program 3 (id=1535):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f00000006c0)='\b\f', 0x2}, {&(0x7f0000000780)="4274aa814c8f6ea8d8db", 0xa}], 0x2, &(0x7f00000008c0)=ANY=[@ANYBLOB="ac1414bb0000000000000000140000000000000000000000020000000600000000000000d8000000000000000000000007000000072b52000000000a0101020a010100ac14141b640101020a010102ac1414bbac14143ee000000200000000071731ac14143cac"], 0x1a0}, 0x41)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

4m57.235758217s ago: executing program 3 (id=1538):
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000640), 0x1, 0x5b9, &(0x7f0000000680)="$eJzs3W2IHHcdB/Df7N6mebiaNLZqa2xOQ20gdPdyuYREfGGJD7UmtaL4IhTCkdvuhezdnrkN9LaCLb4pCiL4RgShYl9YEQ3kTaXU9kWLbxSU+kClxoAKIhStFERQV2YfrmszaYr3MHjz+cDc/ec/c/v/7y3fndmd/8wEUFgT6Y8kYjwiLkXEzv7sf68w0f/VOXRxLp2S6HY//Zekt97soYtzw1WHf7cj/TEWsTUidh9PYl/l6naXljvnZprN+vnBfK09v1hbWu7cdXZ+plFv1BcOH50+NnVk+uj02j3XyZ9uv+WPd9x35Ynn//7Pb/76yPfT/o4Plo0+j7UyEROD/0klbhqpH0si7l3rxnJS7r/UccdIXTKWY4d4y7rd3d9LX7+3R8S+Xv53Rjn6L95LTz/wt53xy3vy7iOwfrpD2Ytf7QKbVqm3D5yUqhHRL5dK1Wp/H/7m2F5qtpbaBx5sXViY7e8r74pK6cGzzfrk4LPCrqgk6fzBXvn1+ak3zB+K6O0DP1be1puvnmk1Zzf6zQ7oGY+4fOlzZ7bseEP+/1Tu5x/YvNL8/+KFp55Ny6+V8+4NsJHS/H/3tflPhPxD4cg/FJf8Q3HJPxSX/ENxyT8Ul/xDcck/FJf8Q3HJPxTXMP/3nzwZ95882e0Mzn9faDXOnptbPDY1WZ2/cKZ6pnV+sdpotRq9M3bmr/+4zVZr8eBUXHio1q4vtWtLy53T860LC+3TvfP6T9czLgUA5ODUla333rT3uZeSiHjkA9t6U2rLYLmswubW7SaR9znIQD589Ificqk2KC6f8YHkOsu3XmtBc+37AmyMUt4dAHJz562O/0FR+f4fisv3/1Bc9vEB3/9D8fj+H4pr/Br3/7px5N5dkxHxtoj4Sblyw/BeX8D/r/GIy5e//dnayn24FRQUFFYKeb9DAevt9dDn3RMgL7OHLs4Np41q85nGRrUEZHnl7v4goDT3ncHUXzK2cmygsk7jhF5+LGIifvjbx/fPldMpBu9D69AUkOGRRyPiXVnb/6R3bGDXYL3d/dXi5oi4JSLeERHvXGXbX/9Umv8X6qN18g8b563m/9aIuD0ibouId0fEnoh4zyrb/vmlNP+/2jZaJ/9QDJ9/Pu8eAHn5+FN59wDIyyljDKCwvvNw3j0A8vL0D/LuAZCXr7yYdw+g2J67OyIms47/lXrH+4cqg+sC3jC4FsC2iNgeETsG5xDeODhHcOfIMcPrOf3JiIm4/UejdY7/wcYZjv/rXDX+r7Qy/q8cEXtX0cYzHxz/clb9zJ40/088PBz/l05p+8OxgMD6euXRiNsy85+sjPlNIs1pxHv/xzYmvnDlyaz6F+9LH7fyM/mHfHS/FfH+yM7/UFqqtecXa0vLnbt69/Fu1BcOH50+NnVk+uh0rXeJkNrwQiEZTvz11QNZ9S9Ppfn/xmH5h3yk2//t18j/6P7/+1bRxvGvfelUVv3479P873n2zfNf+vOW5DO9+eF9CR6aabfPH4zYkpy4un5qFR2FTW6YkWGG0vzv35f9+X/34G/S7f/xiPhwur8QEf+KiH9HxEci4qMR8bGIuOdN2vzqnY0rWfW/ezLN/+PnbP8hH2n+Z6+z/U9//2MVbRzY/+MvZtV/aG+a/+pv/nDigbF0kn8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAtbe03Dk302zWz69jIe/nCAAAAAAAAEXxnwAAAP//xOQ08g==")
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newlink={0x20, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x2, 0x11323}}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000a80)=0x1, 0x4)
r2 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000980)={{{@in=@loopback, @in6=@remote, 0x4e20, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x1}, {0x50000, 0x200000004, 0x61528385, 0x6811221d, 0x100000000, 0x4, 0x200000003, 0x9}, {0x5, 0xfffffffffffffffd, 0x7}, 0x1, 0x0, 0x1, 0x0, 0x1}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x6c}, 0xa, @in=@dev={0xac, 0x14, 0x14, 0x14}, 0x3505, 0x1, 0x0, 0x0, 0x9, 0x3}}, 0xe8)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0xe9)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, &(0x7f0000000200)='\x00\x00')
setreuid(0xee01, 0x0)

4m54.624133229s ago: executing program 3 (id=1542):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r1=>0x0})
ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, &(0x7f0000000100))
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r0)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={0x0, 0xf000, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, r2, 0x83625fc5352ba305, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}]}, 0x1c}}, 0x2000040)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000600)=ANY=[@ANYRES32=r3, @ANYBLOB="0c00990000000000000000000800a000ea15000008009f0003000000080026000816"], 0x40}}, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0xc584f9fca7969f65)

4m50.780302041s ago: executing program 3 (id=1548):
syz_usb_connect(0x2, 0x36, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x100, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x2}, 0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x10020, 0x30}, 0xc)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @empty, 0x200}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)='\x00', 0x1, 0x24000010, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000c80)="7cffa9061b2f8b082b6f69ae50430c8a8b6aa3162ba083c4a52e1ab0ac50ed4a19b1a69988000d5bed4433daaa4932dbb1cb3550dee8b23579d76ce37d574b43fca1eed8ebd38d1303240ed0d84517692128dd5aef5c4d60a6659952a1437c6f0ac3ed75806011ccbaa504f41a7e0abcf8823bc4a71ef8c52c2b297b539eaf752c56ebfe9b0542543069257dafcbf76c958d4cbf4eaaa67c5c2bd9e6518be34b56add7613ab83d389724b664e62c154e1a5aac073a53a0e8cadcf51ef495ebbcc77d5e36ff24c3f282289cc077374b714e08fbfecbdc8f14ef3fd409af4caf6fcb7d663beab335f239a1e93b399c93d7c036e1b39a7c477945f82b6dde53b1c21b590a58ba688ac4fb530d2c5b1195a127d2eaec840ab59f090d7047c278611e080cebe7b28588c11a44be99fe6f88c73441bf625b70565669997f4c3cda5afe1d6429908a69a459d35ba8c2f28076d8711f2667de749a783fac94ebd02680f20fb723c35c287a1f45064846385750665ffa74579083fbb1b1d6b7c90168252b1c5313544569203e7adb8e271a94f7413e5cfd6aa3157c4fc29bddba3683fcd032aecb513b2f27530fbefa0000000000000003c058e812d8db87de5e3eceae268b91f7d59daf77646fa4df99877dd5a9540934c7af91b96486eea62897be6acbe1bae8e46b112f1385e7cea9e4daccc6f1b98ce3b4322af8299a45ddcb5be8d3e469fdde9896ca324a2f3c88c616a7dccde331698ce2d39f96220251011b4dfbec953b5c30e94adb5586cec0af234859805bb7df1101ae80318ff127e913178d79cfa918d54585b6184255e872e2dc33a5c7c30a756bbd63c32a3e6a22863781747d185acb64583976c4289394d642b07d18e2932d0a78bd2ccf92b3e94e82f1e9239fa272402f4c9efcf068709a44d6f652a4f23df89f9a15e6bf0c7e65d8f3e32c35e83d30298074d16cb5ff4ded1df81009bbae888fceb9a8109ba319605e1776e52d2069b5cd7de07cf8dc488ba6a9c7559ff49674a490991f323736f302004007d0ccf2e5eaceac6b56f48f2b00592d7a378f118d8b3e5ecd2035c8252374c91bc79cf26ac11ddffe2c09e1aa032da0713732387f950e3f4e301eb1d26e5a2b19318e50d555c832e279894d8c9b03e8940738c0fe391b29907d0d5f9214d6e697a19247f4e8221aca2ac47debd7c45b8344941cbecbaf44af343b24a4f88caf207d72002fb8b7d156997cb7275f535e6a9d6480046246e60bea0cf6f54abc69ff9418b6cb9301eb6890227215b633a886fb13c89698e51e482c42ca99613b20e22e5ce15272f5bda8b18cf53d49130a94135dd8a9692c", 0x34000, 0xbcff, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000000c0), 0xc)
writev(r0, &(0x7f0000001300)=[{&(0x7f0000000000)='^', 0x1}], 0x1)

4m42.398505174s ago: executing program 3 (id=1552):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="090000002a0001000049000001"], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x10000005)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)

4m38.646468562s ago: executing program 3 (id=1558):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f00000008c0)=""/238, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
socket$inet6(0xa, 0x802, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x14)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
r2 = memfd_secret(0x80000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x13, r2, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)

4m22.143094451s ago: executing program 34 (id=1558):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f00000008c0)=""/238, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
socket$inet6(0xa, 0x802, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x14)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
r2 = memfd_secret(0x80000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x13, r2, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)

4m13.60603247s ago: executing program 4 (id=1584):
r0 = socket$unix(0x1, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
bind$unix(r0, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
r4 = socket$unix(0x1, 0x5, 0x0)
connect$unix(r4, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

4m11.845689395s ago: executing program 4 (id=1585):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x10, &(0x7f0000000600)={0x8})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)

4m9.47125816s ago: executing program 4 (id=1586):
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
eventfd(0x5f0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(0xffffffffffffffff, 0x4020aed2, &(0x7f0000000000)={0x0, 0x300000, 0x8})
syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680))
sysinfo(&(0x7f0000000340)=""/193)
keyctl$chown(0x4, 0x0, 0xee01, 0xee00)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x16, 0x16, &(0x7f0000000f40)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000150400003d0301000000000095000f00000000006926000000000000bf67000000000000450700000fff07003506000002000000170600000ee50014bf250000000000005d670000000000006507000006000000070500004c0001000f75000000000000bf54000000000000070400000400f9ff2d4401000000000095000000000000000500000000000000950007000000000001722fabb733a0e757c7c45402000000a2d23da04d1ffc187f9955911aa1a2ba7ba030c7267c2de00435fd253cc0f0d9b2c3127c46b0f4f95345de3188f0d808398d09ee4dc258d726eae098804de25df627a64ab8efde50fd7f1d58d67e684c45e506598bae66ea1a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d88ef4b2ee62652b07e8a4b6e6155cecc13a5ddf4157f2bfab7201112a30274101fceee66eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a44dd9ff4ae730ae9d0ae42d8814a8c96f101df7da839bcdd7b7c33c8cfe74d599543ac604d8dd42fc66cdb79cd09ceeedce1e69f11967919f82b0276c90420d08897ee8514b43533f07132589a0a37110fd8571b1e69251bba35cd06c8bd430aafbecfd33757b7dc4803123e9107e5cceaec2a391f9b9b577295ac3864f6c1e30e6190a055953e18bedd1859acdd15af7209d15950f9195b401e74f8b5210e28d46dde2658b4695d9ac9ce7cbefc164a5454fc4da6104db281e18a8992b9f8c82b895da647e6ea4cb622314c5c48abfd620adf7757c23a31a619edcfb45a402c5fced05e5274e08a313d6c5fdd0a8d36b1a268056e6f7e9a6daa5632cda5ad2a9ebfac980c7db63137c226f71b7eb70c174d885232e522aad0f13b0e5b43d837d040f813d0115387e36f092d9aaafe7afc637d3d107451f4854613cfd43ac63ad6141ddb0311b8c96fef49af414e49be7c23b2e8eb686fbcdd2dab4cbdb02e30e4e1a6c25b2791facac56e4c5dc036c8d80e5c7c206d24603be75850927e02fd4eea168681498d1170478408c43bb90d9df3964b64fee41745f6785419ac8de8788398e3653f34970988866043136ada4771bf8d96eeb0f565d626a3e9089"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x253, 0x10, &(0x7f0000000000), 0x19f, 0x0, 0xffffffffffffffff, 0xffffffffffffff74}, 0x48)

4m3.628384484s ago: executing program 4 (id=1594):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)="0c9818f46cbb2bee0f594479e92ddcc3407862acd7061ab466daf69f330b7e1adf5b28798c2abc4e00530c645a279017e829c22b689bb50ea9e3389ef9948297317e6ae56b32", 0x46}], 0x1}, 0x40041)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x4}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0x4, 0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_TARGET={0x8, 0x8, 0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240040a1}, 0x4890)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r6, &(0x7f00000005c0)="bad386dd", 0x5dc, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r5, 0x1, 0xd8, 0x6, @multicast}, 0x14)

4m2.321773435s ago: executing program 4 (id=1596):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000001c0)='./file1\x00', 0x2048c5, &(0x7f0000000380)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0xee00, @ANYBLOB="2c73686f72746e616d653d6c6f7765722c726f6469722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d312c6e66733d6e6f7374616c655f726f2c73686f72746e616d653d6d697865642c64656275672c73686f72746e616d653d77696e39352c6e6f6e756d7461696c3d302c757466383d302c73686f72746e616d653d77696e6e742c00854edcfa2d618b2fde16b18f725f94cc09476d465b9a02c17b21f4c85ec059086da381e8a3f68091d93f8006b1180b9acbf5cea1b51fb4bb34babe28af478516fdbb5e1b891183e8"], 0x1, 0x2b4, &(0x7f0000000e40)="$eJzs3cFr024YwPFn7bZ2HVt7GIPfD8QHveglbPUvKLKBWFDmOqYHIXOplsZmNLVSEbeb1/0dw6MnBfUf2GU38SpeiiB42UGsrEm2rqu4ztVM8/1Aydv3fZ/kTd60PAk0bS5vPiwXXaNo1iSWVImJbMiuSGav5Bvyl7F2eVQ6bcjl8a/vz926fed6Lp+fW1Cdzy1eyarq5Pk3j5++uPCuNr70cvJ1QrYzd5tfsh+3p7f/a35fDNbuiJi64jg1c8W2dLXklg3Vm7ZlupaWKq5VrWlHe9F21tYaalZWJ1JrVct11aw0tGw1tOZordpQ875ZqqhhGDqRkqiJ9x1R2FpYMHMDGQzCMNarslrNmfGejYWtPzEoAABwtjSXN+Nh5P8PSq6WXK04h/L7o/l/TPrI/0Uinf/3j/w/Cvby/5T/+T2M/B8AAAAAAAAAAAAAAAAAAAAAgL/BbquVbrVa6WAZvBIikhSR4H3Y48RgMP/R1vHDvaSI/bxeqBe8pdeeK0pJbLFkZkTkW/t88Hnl+Wv5uRltm5a39rofv14vxCURxAcyveNnvXjtjF+XEUl1bj8raZnqHZ/tEV8vjMqli62Ev2VLDEnLzj1xxJbV9nl9EP9sVvXqjXxX/Fi7HwAAAAAA/wJD92W6r9/b7YYGjw3pavcqD+4PSPoX9we6rq+H5f/h8PYbAAAAAIAocRtPyqZtW9UIFIL/PziVFYZ/6JLH7TwsIn7Nq7MyFweFoQ1vVo42xUTkpGuO/94sfxaRQzVToU/3aRQ+PfKO9X7Nh593XpoI7UsJAAAAwEAESf9Q35GFnYEMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACACDruw8OC/id59ljH5uLh7CUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwNvwIAAD//5jbFjk=")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000020303000000000000000000000100000800010001"], 0x1c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x24, 0x2, 0x3, 0x3, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x24}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}]}, 0x24}}, 0x0)

3m58.269965913s ago: executing program 4 (id=1599):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000406c256d000000020000010902"], 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
r1 = openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$UHID_CREATE(r1, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6d207ee5}, 0x8)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback, 0x2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f0000000580)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x8020)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
lseek(r3, 0x2000, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x40810}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000000)={0x0, 0x3}, 0x8)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)

3m41.080379124s ago: executing program 35 (id=1599):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000406c256d000000020000010902"], 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
r1 = openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$UHID_CREATE(r1, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6d207ee5}, 0x8)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback, 0x2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f0000000580)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x8020)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
lseek(r3, 0x2000, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x40810}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000000)={0x0, 0x3}, 0x8)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)

3m22.542924037s ago: executing program 6 (id=1641):
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setpriority(0x2, r0, 0xffffffffffffffd1)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r4, 0x84, 0x1e, 0x0, &(0x7f00000000c0))

3m19.155323674s ago: executing program 6 (id=1644):
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
r4 = fanotify_init(0x200, 0x0)
fanotify_mark(r4, 0x1, 0x4800003e, r3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)

3m17.906294263s ago: executing program 6 (id=1646):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
recvmsg(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000580)=[{0x0}, {&(0x7f0000000540)=""/22, 0x16}], 0x2}, 0x40)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m14.17794217s ago: executing program 6 (id=1648):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff)
open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x178)
open(&(0x7f00000003c0)='./file3\x00', 0x14507e, 0x148)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
openat$incfs(0xffffffffffffff9c, 0x0, 0xa5d, 0x1)
syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)
open(0x0, 0x141042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)

3m9.602257344s ago: executing program 6 (id=1651):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r3, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000080)=[{&(0x7f0000000340)="480000001400190d09034beafd0d36020a841a000000230f00000000a2bc5603ca00000f7f89004e00200000000101ff00c00e03000200000000000000000300005839c900910000", 0x48}], 0x1)

3m1.81438705s ago: executing program 6 (id=1655):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40000000000029a, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c)
r4 = dup(r3)
r5 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d1)

3m0.483121131s ago: executing program 36 (id=1655):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40000000000029a, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c)
r4 = dup(r3)
r5 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0)
ftruncate(r5, 0x200004)
sendfile(r4, r5, 0x0, 0x80001d00c0d1)

1m27.982470822s ago: executing program 7 (id=1738):
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xa7ae6000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
setpriority(0x0, 0x0, 0x3)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000025300)=""/102392, 0x18ff8)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000d80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x1}, 0x28)

1m23.322987518s ago: executing program 7 (id=1745):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0xffffffffffffff00}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x5c399000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
set_mempolicy(0x3, &(0x7f0000000240)=0x1020fff, 0x6)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)

1m21.252409534s ago: executing program 7 (id=1747):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x15)
socket$inet6_icmp(0xa, 0x2, 0x3a)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0xb)
socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.idle_time\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000d62b00006110600000000000c6000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x12}, 0x48)
socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005080000000000008200000018010000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000048000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a6000000850000005000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x35}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

1m17.735002034s ago: executing program 7 (id=1750):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={0x0}, 0x1, 0x0, 0x0, 0x20040005}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000000600)="447df50ce4033a7b5ad00b83244c00b711", 0x11}, {&(0x7f00000006c0)='\b\f', 0x2}, {&(0x7f0000000780)="4274aa814c8f6ea8d8db43178dd2f41ef596a3ca465412910e05cba0f5d97e67886d55be18cac95a1aa093479596c3613670", 0x32}], 0x3, &(0x7f00000008c0)=ANY=[@ANYBLOB="ac1414bb0000000000000000140000000000000000000000020000000600000000000000d8000000000000000000000007000000072b52000000000a0101020a010100ac14141b640101020a010102ac1414bbac14143ee0000002"], 0x1a0}, 0x41)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1m13.612037404s ago: executing program 7 (id=1753):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x400000, 0x0, 0xfffffeb6, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
io_uring_setup(0x2a69, &(0x7f0000002240)={0x0, 0x0, 0x2, 0x2})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x0, @host}, 0x10)
listen(r4, 0x5)

1m7.234632575s ago: executing program 7 (id=1756):
socket$inet6(0xa, 0x1, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = io_uring_setup(0x3450, &(0x7f0000000080)={0x0, 0x1539, 0x0, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x0, 0x1}, 0x20)

50.245175059s ago: executing program 37 (id=1756):
socket$inet6(0xa, 0x1, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = io_uring_setup(0x3450, &(0x7f0000000080)={0x0, 0x1539, 0x0, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x0, 0x1}, 0x20)

21.778397565s ago: executing program 0 (id=1804):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0xfffffffd, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x3, 0x6361, 0x5, 0xfffffffd, 0xfffffff3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0xc04c001}, 0x20000804)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0x19}, {0xb, 0xb}, {0xfff2, 0x7}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000050}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

16.705988945s ago: executing program 8 (id=1810):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f00000000c0)=0x94e)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r3, &(0x7f0000000100)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
shutdown(r3, 0x1)
shutdown(r3, 0xd608f95d51b24383)

15.004636148s ago: executing program 8 (id=1811):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$can_j1939(0x1d, 0x2, 0x7)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = dup(r3)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x2, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x408c1}, 0x4)

13.621768082s ago: executing program 0 (id=1812):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8000000000000008, 0xfffffffffffffffa}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
setns(r5, 0x24020000)
syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)

13.535074135s ago: executing program 5 (id=1813):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f00000000c0)={0xc, r1})
ioctl$IOMMU_VFIO_IOAS$GET(r0, 0x3b88, &(0x7f0000000100)={0xc})
ioctl$IOMMU_VFIO_IOAS$CLEAR(r0, 0x3b88, &(0x7f0000000140)={0xc})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000180)={0x20, r1, 0x0, 0x0, &(0x7f00000001c0)})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f0000000200)={0xc, r1})
ioctl$IOMMU_VFIO_GET_API_VERSION(r0, 0x3b64)
ioctl$IOMMU_VFIO_SET_IOMMU(r0, 0x3b66, 0x3)
ioctl$IOMMU_VFIO_CHECK_EXTENSION(r0, 0x3b65, 0x9)
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r0, 0x3b70, &(0x7f0000000240)={0x70, 0x0, 0x0, 0x0, {}, {{}, 0x0, 0x0, [{}]}})
ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r0, 0x3b71, &(0x7f0000000280)={0x20, 0x0, &(0x7f00000002c0)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x1c})
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r0, 0x3b72, &(0x7f0000000300)={0x18, 0x0, 0x1c, 0x1c})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000340)={0x18, r1})
ioctl$IOMMU_DESTROY$ioas(r0, 0x3b80, &(0x7f0000000380)={0x8, r1})
close(r0)

13.327379551s ago: executing program 8 (id=1814):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x87, @private=0xa010101, 0x4e24, 0x1, 'none\x00', 0x5, 0x32bd, 0x9}, {@loopback, 0x4e25, 0x2, 0xfffffffe, 0x8, 0x12d5c}}, 0x44)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x69, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0x10d000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_GET_XSAVE(r2, 0x9000aea4, 0x0)
r3 = memfd_create(&(0x7f0000000080)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea\x7f\x8cZ7`_4t\xcda\x9b\x11\x11\x0e\xa1\xcf\x00'/51, 0x2)
ftruncate(r3, 0x1000006)
write$proc_mixer(r3, &(0x7f0000000000)=[{'VIDEO', @val={' \'', 'Mic'}}], 0x21)

10.145147151s ago: executing program 0 (id=1815):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
write$cgroup_int(r1, &(0x7f00000000c0)=0x6, 0x12)
add_key(&(0x7f0000000240)='asymmetric\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x26, &(0x7f0000000100)={0x0, 0x1, 0x80000000000036, 0xc1b2})
fcntl$lock(r2, 0x25, &(0x7f0000000000)={0x0, 0x1, 0x7, 0x67})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x7, &(0x7f0000000100)={0x0, 0x1, 0x80000000000036, 0xc1b0})
fcntl$lock(r4, 0x7, &(0x7f0000000100)={0x0, 0x1, 0x2, 0xc1b0})
fcntl$lock(r4, 0x7, &(0x7f0000000040)={0x2, 0x1, 0x8})
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r0}, 0xc)

9.886897119s ago: executing program 5 (id=1816):
r0 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000004c0)='j\x95\'\x8aC\x16\xca\\', &(0x7f0000000c40)='\xe6usek\v\xf6u%\x9b\x00\x00\xad\xeb\x00\x00\x00\x00\x01\x80\x00\x00\xcf\x9b\x9f\b\xb6\xfe\xc8\xda~-\x83w\xf9Z\xd2\xcb\xcdF\xd0#N7\x17\xfc\x1e\xf1\x97\xffxi\xe0KE}]\x8e\xca\xe3+\xc8\x98\x03\x91\x88(\bn\x7f\x0e\x85\xa5\xb4\n?^\xc9\xef\xe0Q\x01\xb6\xa5\x81t\x06\xda\x95\x935\xf1\x18\xac\x00\xf0\xff\xff\x80\x1a\xa1\x06\xfd\x01\x00\x00\x00\x0f\xf8\xe3\x8a\x1f\x9c\xf3\xc5\x1f\xf9\xbf?\xc1\rv\xd3j\r6\x7f\x00'/141, 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000140)='{:\'@-\x00', &(0x7f0000000180)='%*.\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000003c0)='\x00', &(0x7f0000000400)='(!\xef(.(\\-]\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000200)='^](*\r\\!\x00', &(0x7f0000000500)='{:\'@-\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f00000001c0)='\xe6\xd2=(L\x9f\x1c&\xda\xfa\xf3}\x18\xdckL<\xa5-#\xc8\xb7\x98\f\x87\xcf', &(0x7f0000000540)="82", 0x1)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000440)='.!@*\x00', &(0x7f0000000740)="e5", 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b80)='\xe0\"\xef\xb1\xea\xe6\x9c\xe6\xc8M\xdb\x86\xb3\x8b\xbe\xd5\xbdB\x92\xa0\x19-+a\x13qQ\xd5f39hSr\xafbB\xe2\xe8\xcd\x1bf\x18\x7f\xf27E#\"\xab\x99\xec\x88\x8d\xd8C\x0f\x95\xff\xfeG\xf9t\xb1 \xcc\xc5\xbb\x88\xb6\xd2\xf2Jwq\xf8oG<v\xb8\x18\x80\xe1Kf\xf8R\xdd\x06\xe8\xfbl\v\xb0\xdd\x05\x05\xd8\xdb\xfd`\xf9\xf8\x915\b\x8c\xad\xc8\x9d=\xfeN\x8b\x1eR\x1e\xf8\x9dn\x19H\xd2aE\xa0\x06\xb0Yv\xf9^\x8c\x8f\xc3\xa5\x985\x85U\x8cZ/\'\xbd\xe2\xdc\xe3\xb9\x8e$Z\xef\xa8\xe5(Mt\xd3\xd9\xf6X\x1a\x9b\t$N\xd0U\xe2z\xeb\x01\x80!0\xe8\xc3\xce\xf8\x03\xde\x92s\xf9', &(0x7f0000000ac0)='fuseblk\x00M\x13k\x92#\x05z)\xe0c\\35\xdf%\xa3\xac!zoO\xf8\xcex\xb3\f\xad@\x853o\x0f0\x1a\xc0\"\xf7\x11Z\x01\xc1\xd9\x9fbJ7\xd1\xad\xe1\xed\x87\xae\x11-s\xb4\xbd\x1e\x9a\xd7\xc1crt\x88%\x92\x8fL\x8d\xb3-\xb60O \xc5\xd1q\xcc\x97\xe0\xe8\xb0\n\v\xa9V\xfa\xeb\x1e|M\x98W\x81\xa2@{_\xba^\xa2\x82k\x10G\xfc\xd4\x99Pl\xfa\xe8\x7f\xc9 h\xd0\xfd\x04\x95\x8c\xb1\xe7', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000a40)='^,/\x00', &(0x7f0000000a80)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='\x1c@\\\x00', &(0x7f00000002c0)='\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='\xe6usek\v\xf6u%\x9b\x00\x00\xad\xeb\x00\x00\x00\x00\x01\x80\x00\x00\xcf\x9b\x9f\b\xb6\xfe\xc8\xda~-\xf5S>\xb8\x86\xfc\x9cVR\x82\x9a\xbdp\xbd\x83w\xf9Z\xd2\xcb\xcdF\xd0#N7\x17\xfc\x1e\xf1\x97\xffxi\xe0KE}]\x8e\xca\xe3+\xc8\x98\x03\x91\x88(\bn\x7f\x0e\x85\xa5\xb4\n?_\xc9\xef\xe0Q\xdb\xb6\xa5\x81t\x06\xda\x95\x935\xf1\x18\xac\x00\xf0\xff\xff\xbd\xb5\xa1\x06\xfd\x01\x00\x00\x00\x0f\xf8\xe3\x8a\x1f\x9c\xf3\xc5\x1f\xf9\xbf[\xd13\xb3\xd3j\r6\x7f', &(0x7f0000000640)='y', 0x1)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000300)='(\xed\xef(.(\\-]\x00', &(0x7f0000000340)="0f", 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='(\xed\xef(.(\\-]\x00', &(0x7f00000000c0)='f\xf0p\xce\x97\xbb\xd2dH\xdf\xbd\x18\x9baE\xef\x90\x90\x057g\x85\xf4\xf0\xba\xb0\xb1\x06\xa6q\xef\x03H\xda\"`\xd6', 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000240)='fuseblk\x00', 0x0, r0)
read(r0, 0x0, 0xfffffea1)
close(r0)

9.519208881s ago: executing program 8 (id=1817):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000001e80), 0x2, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='smaps\x00')

9.471904773s ago: executing program 5 (id=1818):
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x79})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000cea000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000257000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4004005)
r1 = io_uring_setup(0x64a, &(0x7f0000000040)={0x0, 0x8835c, 0xc000, 0x20000a, 0x33c})
r2 = io_uring_setup(0x7f9, &(0x7f0000000040)={0x0, 0xc8df, 0xfc00, 0x1, 0x20002f9})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x300, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xfff1, 0x6}, {0xe, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x20040000)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f00008e5000/0x400000)=nil)
madvise(&(0x7f00000ee000/0x2000)=nil, 0x2000, 0x8)

7.00456968s ago: executing program 8 (id=1819):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$vcsa(0x0, 0x1, 0x102)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
prlimit64(0x0, 0x7, &(0x7f00000000c0)={0x4, 0x8}, 0x0)
socket(0xa, 0x3, 0xff)

6.316414342s ago: executing program 5 (id=1820):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
mlock2(&(0x7f0000272000/0x1000)=nil, 0x1000, 0x1)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000040c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000851}, 0x40)

4.995168533s ago: executing program 5 (id=1821):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000000600)="447df50ce4033a7b5ad00b83244c00b711803e7cca2504a2600da98efff9e7d67f87b1", 0x23}, {&(0x7f0000000780)="4274aa814c8f6ea8d8db43178dd2f41ef596a3ca465412910e05cba0f5d97e67886d55be18cac95a1aa093479596c3613670aaf2a3b1edc465bedfdb5156035719c0baa8bb8bf2a825ec04f424dda801fea000f41edc43511e9c8bf89656071e91ae4c356d6a9ca608af6b83cc9f3d9ae37c", 0x72}, {&(0x7f0000000880)="a1755527af3bc7c4671ac86bf0a2338efb5db1", 0x13}], 0x3, &(0x7f00000008c0)=ANY=[@ANYBLOB="ac1414bb0000000000000000140000000000000000000000020000000600000000000000d8000000000000000000000007000000072b52000000000a0101020a010100ac14141b640101020a010102ac1414bbac14143ee000000200000000071731ac14143cac1e0101e0000002ac1414aaffffffff442cdf11ac1e010100000005ffffffff00000002ac1414bb00000006ffffffff000000000000000000000003441435230a01010200000001ffffffff00000007444477937f00000100000007ac1e000100000008ac14143200000005e0000002000000f77f00000100000200ac1414bb00000401ac1414aa0000e7a6ac1414aa000000b6010014000000000000000000000002000000020000000000000014"], 0x1a0}, 0x41)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="04"], 0xd)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

4.967721264s ago: executing program 9 (id=1770):
r0 = socket$netlink(0x10, 0x3, 0x0)
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
sendmsg$nl_route_sched(r0, 0x0, 0x8000)

4.619549575s ago: executing program 5 (id=1822):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setparam(r0, &(0x7f00000006c0)=0x4)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f00000000c0)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000280)='bbr', 0x3)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
syz_open_dev$loop(&(0x7f00000009c0), 0x5, 0x80200)

4.608892495s ago: executing program 0 (id=1823):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071105400000000001d400500000000004704000001ed00000f030000000000009f440000000000006b0a18fe000000007313000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff31a8fd3c0fd8b7ff831028e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a83469620c6e74e1f46132559c4f8700a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a920099c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @broadcast}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x9}}, 0x38, {0x2, 0x4e22, @empty}, 'ip6gre0\x00'})
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000002000010327bd7000ffdbdf250200000800000000f9"], 0x1c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)

3.120198442s ago: executing program 9 (id=1824):
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0xb)
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000740)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd28, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x1000, 0xffffffffffffffff, 0xfffffffc, 0xa}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="27030200000214000e00002fb96dffff1144ee163cddcb00"/38, 0x26}, {&(0x7f00000004c0)="f058fe7dad777f8f", 0x300}], 0x2}, 0x5)

2.828552291s ago: executing program 0 (id=1825):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000340)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2b00ad, &(0x7f0000000200))
sendmsg$key(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
recvmmsg(r1, &(0x7f0000000e00)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x20010020, 0x0)
rt_sigsuspend(&(0x7f0000000080)={[0x8]}, 0x8)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)

190.481614ms ago: executing program 8 (id=1826):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, 0x0, 0x4044044)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x810)
pipe(&(0x7f00000006c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0xa85, 0xf)
ioctl$VIDIOC_SUBDEV_G_CROP(r5, 0xc038563b, &(0x7f0000000080)={0x1, 0x0, {0x10, 0x6, 0x8, 0x2}})
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)

86.488548ms ago: executing program 0 (id=1827):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
socket$unix(0x1, 0x1, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6a72c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r3, 0x0, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})

0s ago: executing program 9 (id=1828):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4c4ac000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000440)={0x900, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)={0x2, 0xa, 0xfc, 0x0, 0x7, 0x0, 0x70bd28, 0x25dfdbfe, [@sadb_x_filter={0x5, 0x1a, @in=@empty, @in=@rand_addr=0x64010100, 0x2c, 0x30}]}, 0x38}}, 0x40408c0)

kernel console output (not intermixed with test programs):

320.013847][ T5772] Bluetooth: hci2: command tx timeout
[  320.686205][ T8878] netlink: 'syz.3.789': attribute type 1 has an invalid length.
[  320.749323][ T8878] bond5: entered promiscuous mode
[  320.755530][ T8878] 8021q: adding VLAN 0 to HW filter on device bond5
[  320.871942][ T8881] vlan3: entered allmulticast mode
[  320.909393][ T8881] bond5: entered allmulticast mode
[  321.094936][ T8878] bond5: (slave bridge2): making interface the new active one
[  321.112273][ T8878] bridge2: entered promiscuous mode
[  321.129038][ T8878] bridge2: entered allmulticast mode
[  321.150361][ T8878] bond5: (slave bridge2): Enslaving as an active interface with an up link
[  321.598275][ T8892] netlink: zone id is out of range
[  321.643700][ T8892] netlink: zone id is out of range
[  321.665214][ T8892] netlink: zone id is out of range
[  321.702104][ T8892] netlink: zone id is out of range
[  321.724188][ T8892] netlink: zone id is out of range
[  321.737948][ T8892] netlink: zone id is out of range
[  321.755430][ T8892] netlink: zone id is out of range
[  321.781204][ T8759] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  321.782527][ T8892] netlink: zone id is out of range
[  321.808124][ T8759] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  321.824731][ T8892] netlink: zone id is out of range
[  321.829109][ T8759] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  321.851382][ T8759] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  321.862631][ T8892] netlink: zone id is out of range
[  322.121522][ T8759] 8021q: adding VLAN 0 to HW filter on device bond0
[  322.217805][ T8759] 8021q: adding VLAN 0 to HW filter on device team0
[  322.309675][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.316885][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  322.377805][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.385014][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.394932][ T8910] netlink: 4 bytes leftover after parsing attributes in process `syz.3.795'.
[  323.146128][ T8759] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  323.481831][ T8921] netlink: 'syz.4.799': attribute type 1 has an invalid length.
[  323.576198][ T8921] bond3: entered promiscuous mode
[  323.583218][ T8921] 8021q: adding VLAN 0 to HW filter on device bond3
[  324.264760][ T8930] vlan2: entered allmulticast mode
[  324.269946][ T8930] bond3: entered allmulticast mode
[  324.478663][ T8921] bond3: (slave bridge2): making interface the new active one
[  324.501400][ T8921] bridge2: entered promiscuous mode
[  324.514367][ T8921] bridge2: entered allmulticast mode
[  324.528582][ T8921] bond3: (slave bridge2): Enslaving as an active interface with an up link
[  324.586994][ T8759] 8021q: adding VLAN 0 to HW filter on device batadv0
[  324.712520][ T8759] veth0_vlan: entered promiscuous mode
[  324.739882][ T8759] veth1_vlan: entered promiscuous mode
[  324.849535][ T8759] veth0_macvtap: entered promiscuous mode
[  324.893256][ T8759] veth1_macvtap: entered promiscuous mode
[  324.937779][ T8759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.965142][ T8759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.990782][ T8759] batman_adv: batadv0: Interface activated: batadv_slave_0
[  325.016319][ T8759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.042108][ T8759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.058567][ T8759] batman_adv: batadv0: Interface activated: batadv_slave_1
[  325.089315][ T8759] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  325.114417][ T8759] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  325.123181][ T8759] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  325.163869][ T8759] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  325.384608][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  325.392485][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  325.506157][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  325.524046][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  325.539401][ T8962] loop4: detected capacity change from 0 to 1024
[  325.731875][ T8962] netlink: 64 bytes leftover after parsing attributes in process `syz.4.805'.
[  327.843507][    T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!!
[  328.371591][ T8991] loop5: detected capacity change from 0 to 2048
[  328.592176][ T8991] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  329.130062][ T9004] net_ratelimit: 23 callbacks suppressed
[  329.130101][ T9004] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16)
[  329.418516][ T8658] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.251108][ T5087] Bluetooth: hci0: command 0x0406 tx timeout
[  330.609074][ T9012] lo speed is unknown, defaulting to 1000
[  330.851162][ T9018] netlink: 'syz.4.815': attribute type 10 has an invalid length.
[  332.870440][ T9045] bond4: (slave bridge1): Releasing backup interface
[  332.874914][ T9043] mmap: syz.5.819 (9043) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  332.879734][ T9045] bridge1: left promiscuous mode
[  332.960660][ T9045] bond5: (slave bridge2): Releasing backup interface
[  332.983743][ T9045] bridge2: left promiscuous mode
[  332.994292][ T9045] bridge2: left allmulticast mode
[  333.214599][ T9055] netlink: 4 bytes leftover after parsing attributes in process `syz.4.818'.
[  333.608035][ T9048] team0: Mode changed to "broadcast"
[  334.206760][ T9065] loop0: detected capacity change from 0 to 8
[  334.233818][ T9059] loop4: detected capacity change from 0 to 4096
[  335.128580][ T9059] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  335.154029][ T9059] EXT4-fs (loop4): can't mount with data_err=abort, fs mounted w/o journal
[  335.974950][   T28] audit: type=1326 audit(1778677872.100:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9075 comm="syz.0.826" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  336.043558][   T28] audit: type=1326 audit(1778677872.120:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9075 comm="syz.0.826" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  336.082342][   T28] audit: type=1326 audit(1778677872.120:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9075 comm="syz.0.826" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  336.511446][   T28] audit: type=1326 audit(1778677872.120:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9075 comm="syz.0.826" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  336.853594][   T28] audit: type=1326 audit(1778677872.120:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9075 comm="syz.0.826" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  336.952919][   T28] audit: type=1326 audit(1778677872.120:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9075 comm="syz.0.826" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  337.013538][   T28] audit: type=1326 audit(1778677872.120:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9075 comm="syz.0.826" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  337.019233][ T9095] netlink: 12 bytes leftover after parsing attributes in process `syz.4.829'.
[  337.073838][   T28] audit: type=1326 audit(1778677872.120:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9075 comm="syz.0.826" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  337.163569][   T28] audit: type=1326 audit(1778677872.120:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9075 comm="syz.0.826" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  337.223256][ T9095] netlink: 63 bytes leftover after parsing attributes in process `syz.4.829'.
[  337.233605][   T28] audit: type=1326 audit(1778677872.130:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9075 comm="syz.0.826" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  337.363806][ T9084] (null): rxe_set_mtu: Set mtu to 1024
[  337.375566][ T9084] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[  338.103896][ T5856] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  338.413722][ T5856] usb 1-1: Using ep0 maxpacket: 16
[  338.491221][ T5856] usb 1-1: config index 0 descriptor too short (expected 16456, got 72)
[  338.586270][ T5856] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  338.721315][ T5856] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  338.812983][ T5856] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  338.883546][ T5856] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  338.892475][ T5856] usb 1-1: config 0 has no interface number 0
[  338.939328][ T5856] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  338.973759][ T5856] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  339.003680][ T5856] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  339.023564][ T5856] usb 1-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  339.058251][ T5856] usb 1-1: config 0 interface 125 has no altsetting 0
[  339.065711][ T5856] usb 1-1: config 0 interface 125 has no altsetting 2
[  339.103079][ T5856] usb 1-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  339.133410][ T5856] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.173557][ T5856] usb 1-1: Product: syz
[  339.192294][ T5856] usb 1-1: Manufacturer: syz
[  339.202097][ T5856] usb 1-1: SerialNumber: syz
[  339.214592][ T5856] usb 1-1: config 0 descriptor??
[  339.232003][ T5856] usb 1-1: selecting invalid altsetting 2
[  340.411834][ T9105] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  340.578713][ T9105] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  340.914808][ T9105] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  340.950768][ T9105] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  341.089259][ T5856] get_1284_register timeout
[  341.099403][    C1] usb 1-1: async_complete: urb error -104
[  341.316119][ T7032] usb 1-1: USB disconnect, device number 6
[  341.378652][ T9151] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  341.378652][ T9151] The task syz.5.838 (9151) triggered the difference, watch for misbehavior.
[  342.043133][ T9151] binder: 9146:9151 ioctl 4018620d 0 returned -22
[  343.025565][ T9173] bridge_slave_0: left allmulticast mode
[  343.046197][ T9173] bridge_slave_0: left promiscuous mode
[  343.088994][ T9173] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.102998][ T9173] bridge_slave_1: left allmulticast mode
[  343.109446][ T9173] bridge_slave_1: left promiscuous mode
[  343.124142][ T9173] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.146845][ T9173] bond0: (slave bond_slave_0): Releasing backup interface
[  344.328863][ T9173] bond0: (slave bond_slave_1): Releasing backup interface
[  344.500425][ T9173] team0: Port device team_slave_0 removed
[  344.517895][ T9173] team0: Port device team_slave_1 removed
[  344.525809][ T9173] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  344.533242][ T9173] batman_adv: batadv0: Removing interface: batadv_slave_0
[  344.542386][ T9173] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  344.549957][ T9173] batman_adv: batadv0: Removing interface: batadv_slave_1
[  344.566263][ T9175] team0: Mode changed to "broadcast"
[  344.621406][ T9195] bridge0: port 3(syz_tun) entered blocking state
[  344.633185][ T9195] bridge0: port 3(syz_tun) entered disabled state
[  344.641865][ T9195] syz_tun: entered allmulticast mode
[  344.656050][ T9195] syz_tun: entered promiscuous mode
[  344.662104][ T9195] bridge0: port 3(syz_tun) entered blocking state
[  344.669172][ T9195] bridge0: port 3(syz_tun) entered forwarding state
[  344.685431][ T9196] netlink: 'syz.5.847': attribute type 10 has an invalid length.
[  344.694189][ T9196] syz_tun: left allmulticast mode
[  344.721615][ T9196] bridge0: port 3(syz_tun) entered disabled state
[  345.800241][ T9211] loop4: detected capacity change from 0 to 256
[  345.929225][ T9209] tipc: Started in network mode
[  345.934353][ T9209] tipc: Node identity 0000000000000000002e00000000407f, cluster identity 4711
[  347.003571][   T28] kauditd_printk_skb: 63 callbacks suppressed
[  347.003587][   T28] audit: type=1800 audit(1778677883.110:325): pid=9223 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.862" name="file0" dev="overlay" ino=156 res=0 errno=0
[  349.883269][ T9280] loop4: detected capacity change from 0 to 512
[  350.873774][ T9280] EXT4-fs error (device loop4): ext4_orphan_get:1404: inode #15: comm syz.4.865: inode has both inline data and extents flags
[  350.986702][ T9280] EXT4-fs error (device loop4): ext4_orphan_get:1409: comm syz.4.865: couldn't read orphan inode 15 (err -117)
[  351.072201][ T9280] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.486075][ T7456] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.563899][ T9357] loop5: detected capacity change from 0 to 1024
[  356.571287][ T9357] EXT4-fs: inline encryption not supported
[  356.586072][ T9357] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  356.598509][ T9357] EXT4-fs (loop5): bad geometry: bigalloc file system with non-zero first_data_block
[  356.598509][ T9357] 
[  357.126467][ T9373] loop5: detected capacity change from 0 to 256
[  357.169974][ T9373] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  357.543790][ T7032] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  357.817627][ T7032] usb 5-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  357.858721][ T7032] usb 5-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  357.883607][ T7032] usb 5-1: New USB device found, idVendor=03f0, idProduct=0f9b, bcdDevice=d2.cf
[  357.892704][ T7032] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.930277][ T7032] usb 5-1: Product: syz
[  357.941112][ T7032] usb 5-1: Manufacturer: syz
[  357.953720][ T7032] usb 5-1: SerialNumber: syz
[  358.281793][ T7034] usb 5-1: USB disconnect, device number 3
[  359.901930][ T9423] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  360.540598][ T9438] loop4: detected capacity change from 0 to 512
[  360.734067][ T9438] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  360.742940][ T9438] EXT4-fs (loop4): failed to open journal device unknown-block(8,1) -16
[  361.477614][ T9449] netlink: 24 bytes leftover after parsing attributes in process `syz.4.893'.
[  361.563941][ T9449] netlink: 28 bytes leftover after parsing attributes in process `syz.4.893'.
[  361.608291][ T9449] veth3: entered promiscuous mode
[  361.624859][ T9449] veth3: entered allmulticast mode
[  363.596046][ T9492] bridge0: entered promiscuous mode
[  363.649838][ T9492] bridge0: entered allmulticast mode
[  365.977591][ T9513] ÿ: renamed from bond_slave_0
[  366.272454][   T28] audit: type=1326 audit(1778677902.390:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9521 comm="syz.5.913" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5e5dd9ce59 code=0x0
[  367.773564][ T5807] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  368.907969][ T5807] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  368.938561][ T5807] usb 1-1: config 0 has no interfaces?
[  368.957455][ T5807] usb 1-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50
[  368.992317][ T5807] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.035696][ T5807] usb 1-1: Product: syz
[  369.107104][ T5807] usb 1-1: Manufacturer: syz
[  369.111754][ T5807] usb 1-1: SerialNumber: syz
[  369.135855][ T5807] usb 1-1: config 0 descriptor??
[  369.736573][ T9539] loop0: detected capacity change from 0 to 512
[  369.820342][ T9539] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  369.891308][ T9539] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[  369.919965][ T9539] System zones: 1-12
[  369.930686][ T9539] EXT4-fs (loop0): 1 truncate cleaned up
[  369.938641][ T9539] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.967876][ T9563] loop4: detected capacity change from 0 to 256
[  370.019231][ T5856] usb 1-1: USB disconnect, device number 7
[  370.056428][ T9563] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x5955b8de, utbl_chksum : 0xe619d30d)
[  370.224245][ T9563] loop4: detected capacity change from 256 to 1
[  370.240290][ T9564] syz.4.923: attempt to access beyond end of device
[  370.240290][ T9564] loop4: rw=2049, sector=160, nr_sectors = 1 limit=1
[  370.256466][ T9564] Buffer I/O error on dev loop4, logical block 160, lost sync page write
[  370.267210][ T9564] syz.4.923: attempt to access beyond end of device
[  370.267210][ T9564] loop4: rw=2049, sector=161, nr_sectors = 1 limit=1
[  370.282812][ T9564] Buffer I/O error on dev loop4, logical block 161, lost sync page write
[  370.293805][ T9564] syz.4.923: attempt to access beyond end of device
[  370.293805][ T9564] loop4: rw=0, sector=160, nr_sectors = 1 limit=1
[  370.622317][ T9557] overlayfs: failed to clone upperpath
[  370.670025][ T8759] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  371.578117][ T7034] IPVS: starting estimator thread 0...
[  371.674259][ T9587] IPVS: using max 19 ests per chain, 45600 per kthread
[  371.983724][ T5856] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  372.184927][ T5856] usb 1-1: Using ep0 maxpacket: 16
[  372.327181][ T5856] usb 1-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  372.376333][ T5856] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  372.422685][ T5856] usb 1-1: config 0 descriptor??
[  372.474384][ T5856] gspca_main: sonixj-2.14.0 probing 0471:0327
[  372.583657][ T9606] netlink: 'syz.3.933': attribute type 1 has an invalid length.
[  374.134791][ T9620] loop5: detected capacity change from 0 to 512
[  374.184595][ T9620] EXT4-fs (loop5): external journal device major/minor numbers have changed
[  374.194717][ T9620] EXT4-fs (loop5): failed to open journal device unknown-block(8,1) -16
[  374.544869][ T9626] netlink: 'syz.4.936': attribute type 9 has an invalid length.
[  374.742004][ T9638] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  376.149833][ T5856] gspca_sonixj: reg_w1 err -71
[  376.228383][ T5856] sonixj: probe of 1-1:0.0 failed with error -71
[  376.257603][ T5856] usb 1-1: USB disconnect, device number 8
[  378.729449][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  378.735944][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  380.882239][ T9708] netlink: 12 bytes leftover after parsing attributes in process `syz.4.962'.
[  381.201123][ T9708] 8021q: adding VLAN 0 to HW filter on device bond5
[  381.259151][ T9711] macvlan3: entered promiscuous mode
[  381.272325][ T9711] macvlan3: entered allmulticast mode
[  381.329655][ T9708] bond5: (slave vti0): refused to change device type
[  381.833767][ T9720] binder: BINDER_SET_CONTEXT_MGR already set
[  381.852579][ T9720] binder: 9717:9720 ioctl 4018620d 200000000100 returned -16
[  382.414049][ T9720] binder: 9717:9720 ioctl c0306201 0 returned -14
[  383.782059][ T9738] loop5: detected capacity change from 0 to 256
[  384.019600][ T9738] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  384.217334][ T9738] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  384.350311][ T9738] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  385.856879][ T9757] loop4: detected capacity change from 0 to 128
[  385.945075][ T9757] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  386.612795][ T9765] IPVS: Error joining to the multicast group
[  386.860916][ T9769] syz.4.978: vmalloc error: size 18446744073709551614, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[  386.882409][ T9769] CPU: 0 PID: 9769 Comm: syz.4.978 Not tainted syzkaller #0
[  386.889745][ T9769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  386.899850][ T9769] Call Trace:
[  386.903216][ T9769]  <TASK>
[  386.906207][ T9769]  dump_stack_lvl+0x18c/0x250
[  386.911083][ T9769]  ? show_regs_print_info+0x20/0x20
[  386.916381][ T9769]  ? load_image+0x420/0x420
[  386.920953][ T9769]  ? __rcu_read_unlock+0x7c/0xd0
[  386.925968][ T9769]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  386.932422][ T9769]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  386.938949][ T9769]  warn_alloc+0x246/0x340
[  386.943346][ T9769]  ? zone_watermark_ok_safe+0x230/0x230
[  386.948938][ T9769]  ? __mutex_trylock_common+0x159/0x260
[  386.954507][ T9769]  __vmalloc_node_range+0x126/0x1330
[  386.959816][ T9769]  ? tomoyo_path_number_perm+0x217/0x620
[  386.965516][ T9769]  ? rcu_is_watching+0x15/0xb0
[  386.970305][ T9769]  ? trace_contention_end+0x39/0xe0
[  386.975521][ T9769]  ? __mutex_lock+0x315/0xcc0
[  386.980312][ T9769]  ? tomoyo_path_number_perm+0x5b4/0x620
[  386.985967][ T9769]  ? dvb_dvr_do_ioctl+0x79/0x220
[  386.990970][ T9769]  ? tomoyo_path_number_perm+0x217/0x620
[  386.996896][ T9769]  ? free_vm_area+0x50/0x50
[  387.001427][ T9769]  ? dvb_dvr_do_ioctl+0x12e/0x220
[  387.006556][ T9769]  vmalloc+0x79/0x90
[  387.010480][ T9769]  ? dvb_dvr_do_ioctl+0x12e/0x220
[  387.015525][ T9769]  dvb_dvr_do_ioctl+0x12e/0x220
[  387.020406][ T9769]  dvb_usercopy+0x195/0x2b0
[  387.024930][ T9769]  ? dvb_dvr_release+0x3e0/0x3e0
[  387.029892][ T9769]  ? dvb_generic_ioctl+0xb0/0xb0
[  387.034876][ T9769]  ? dvb_dvr_poll+0x230/0x230
[  387.039583][ T9769]  dvb_dvr_ioctl+0x29/0x30
[  387.044024][ T9769]  __se_sys_ioctl+0xfd/0x170
[  387.048688][ T9769]  do_syscall_64+0x55/0xa0
[  387.053199][ T9769]  ? clear_bhb_loop+0x40/0x90
[  387.057987][ T9769]  ? clear_bhb_loop+0x40/0x90
[  387.062686][ T9769]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  387.068628][ T9769] RIP: 0033:0x7f0b2619ce59
[  387.073128][ T9769] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  387.092902][ T9769] RSP: 002b:00007f0b243f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  387.101352][ T9769] RAX: ffffffffffffffda RBX: 00007f0b26416090 RCX: 00007f0b2619ce59
[  387.109350][ T9769] RDX: fffffffffffffffe RSI: 0000000000006f2d RDI: 0000000000000004
[  387.117342][ T9769] RBP: 00007f0b26232d6f R08: 0000000000000000 R09: 0000000000000000
[  387.125340][ T9769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  387.133337][ T9769] R13: 00007f0b26416128 R14: 00007f0b26416090 R15: 00007ffcd174ac78
[  387.141352][ T9769]  </TASK>
[  387.155211][ T9769] Mem-Info:
[  387.158411][ T9769] active_anon:28434 inactive_anon:0 isolated_anon:0
[  387.158411][ T9769]  active_file:18543 inactive_file:40093 isolated_file:0
[  387.158411][ T9769]  unevictable:17728 dirty:250 writeback:0
[  387.158411][ T9769]  slab_reclaimable:10695 slab_unreclaimable:95933
[  387.158411][ T9769]  mapped:24728 shmem:18640 pagetables:737
[  387.158411][ T9769]  sec_pagetables:0 bounce:0
[  387.158411][ T9769]  kernel_misc_reclaimable:0
[  387.158411][ T9769]  free:1307465 free_pcp:7662 free_cma:0
[  387.252288][ T9769] Node 0 active_anon:112536kB inactive_anon:0kB active_file:74172kB inactive_file:160168kB unevictable:69376kB isolated(anon):0kB isolated(file):0kB mapped:98912kB dirty:1000kB writeback:0kB shmem:71924kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11944kB pagetables:2948kB sec_pagetables:0kB all_unreclaimable? no
[  387.286607][ T9769] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  387.318606][ T9769] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  387.346840][ T9769] lowmem_reserve[]: 0 2521 2522 2522 2522
[  387.352770][ T9769] Node 0 DMA32 free:1316584kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:114796kB inactive_anon:0kB active_file:74172kB inactive_file:159336kB unevictable:69376kB writepending:1000kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:10112kB local_pcp:8776kB free_cma:0kB
[  387.429120][ T9769] lowmem_reserve[]: 0 0 0 0 0
[  387.447783][ T9769] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:832kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  387.493626][ T7034] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  387.497534][ T9769] lowmem_reserve[]: 0 0 0 0 0
[  387.507059][ T9769] Node 1 Normal free:3896664kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:22536kB local_pcp:11752kB free_cma:0kB
[  387.536811][ T9769] lowmem_reserve[]: 0 0 0 0 0
[  387.541642][ T9769] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  387.557862][ T9769] Node 0 DMA32: 505*4kB (UME) 81*8kB (UME) 27*16kB (ME) 439*32kB (UME) 234*64kB (UME) 96*128kB (UME) 45*256kB (M) 40*512kB (UME) 44*1024kB (UM) 17*2048kB (UM) 281*4096kB (UM) = 1307260kB
[  387.576963][ T9769] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  387.591067][ T9769] Node 1 Normal: 222*4kB (UME) 70*8kB (UME) 43*16kB (UME) 72*32kB (UME) 20*64kB (UME) 6*128kB (UE) 0*256kB 2*512kB (ME) 2*1024kB (UE) 2*2048kB (UE) 948*4096kB (M) = 3896664kB
[  387.915802][ T9769] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  388.120994][ T9769] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  388.300411][ T9769] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  388.313193][ T7034] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  388.326180][ T7034] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  388.344859][ T7034] usb 6-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a
[  388.354752][ T9769] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  388.368705][ T7034] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.377237][ T9769] 94666 total pagecache pages
[  388.382152][ T9769] 0 pages in swap cache
[  388.392666][ T9769] Free swap  = 124644kB
[  388.401877][ T9769] Total swap = 124996kB
[  388.408650][ T9769] 2097051 pages RAM
[  388.412502][ T9769] 0 pages HighMem/MovableOnly
[  388.413758][ T7034] usb 6-1: config 0 descriptor??
[  388.423896][ T9769] 416927 pages reserved
[  388.428085][ T9769] 0 pages cma reserved
[  388.682479][ T5856] usb 6-1: USB disconnect, device number 2
[  389.583222][ T9792] netlink: 28 bytes leftover after parsing attributes in process `syz.4.993'.
[  389.668224][ T9792] bridge3: entered promiscuous mode
[  389.697389][ T9792] bridge3: entered allmulticast mode
[  389.709334][ T9792] team0: Port device bridge3 added
[  389.759003][ T9794] damon-dbgfs: DAMON debugfs interface is deprecated, so users should move to DAMON_SYSFS. If you cannot, please report your usecase to damon@lists.linux.dev and linux-mm@kvack.org.
[  390.920825][ T9810] netlink: 24 bytes leftover after parsing attributes in process `syz.0.990'.
[  392.999087][ T5826] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  393.271484][ T5826] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  393.283946][ T5826] usb 5-1: config 0 has no interfaces?
[  393.326251][ T5826] usb 5-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50
[  393.339973][ T5826] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.365448][ T5826] usb 5-1: Product: syz
[  393.369653][ T5826] usb 5-1: Manufacturer: syz
[  393.384067][ T5826] usb 5-1: SerialNumber: syz
[  393.391300][ T5826] usb 5-1: config 0 descriptor??
[  393.622362][ T9834] loop4: detected capacity change from 0 to 512
[  393.630339][ T9834] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  393.677676][ T9834] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[  393.687507][ T9834] System zones: 1-12
[  393.692917][ T9834] EXT4-fs (loop4): 1 truncate cleaned up
[  393.700730][ T9834] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  393.742387][ T5826] usb 5-1: USB disconnect, device number 4
[  395.130075][ T7456] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  396.085643][ T9886] loop5: detected capacity change from 0 to 2048
[  396.184580][ T9886] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  396.663644][   T28] audit: type=1326 audit(1778677932.780:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9894 comm="syz.0.1016" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  396.950502][   T28] audit: type=1326 audit(1778677932.780:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9894 comm="syz.0.1016" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  398.413556][   T28] audit: type=1326 audit(1778677932.780:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9894 comm="syz.0.1016" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  398.490079][   T28] audit: type=1326 audit(1778677932.780:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9894 comm="syz.0.1016" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  398.532337][   T28] audit: type=1326 audit(1778677932.820:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9894 comm="syz.0.1016" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  398.588520][   T28] audit: type=1326 audit(1778677932.820:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9894 comm="syz.0.1016" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  398.603469][ T9907] IPVS: Error joining to the multicast group
[  398.666165][   T28] audit: type=1326 audit(1778677932.900:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9897 comm="syz.5.1017" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5dd9ce59 code=0x7ffc0000
[  398.768080][   T28] audit: type=1326 audit(1778677932.900:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9897 comm="syz.5.1017" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5dd9ce59 code=0x7ffc0000
[  398.807696][   T28] audit: type=1326 audit(1778677932.900:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9897 comm="syz.5.1017" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7f5e5dd9ce59 code=0x7ffc0000
[  398.863115][   T28] audit: type=1326 audit(1778677932.900:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9897 comm="syz.5.1017" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5dd9ce59 code=0x7ffc0000
[  402.089014][ T9947] IPVS: Error joining to the multicast group
[  402.971748][ T9954] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1034'.
[  403.039107][ T9954] bridge3: entered promiscuous mode
[  403.044915][ T9954] bridge3: entered allmulticast mode
[  403.228166][ T9967] syzkaller0: entered promiscuous mode
[  403.239223][ T9967] syzkaller0: entered allmulticast mode
[  403.319811][ T9972] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  403.327127][ T9972] IPv6: NLM_F_CREATE should be set when creating new route
[  406.465094][ T9972] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  406.478258][ T9972] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  406.488015][ T9972] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  406.497523][ T9972] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  406.586825][    T9] lo speed is unknown, defaulting to 1000
[  406.670498][T10012] syzkaller0: entered promiscuous mode
[  406.686164][T10012] syzkaller0: entered allmulticast mode
[  407.499564][T10040] syzkaller0: entered promiscuous mode
[  407.526216][T10040] syzkaller0: entered allmulticast mode
[  409.924114][  T788] usb 6-1: new low-speed USB device number 3 using dummy_hcd
[  410.130664][  T788] usb 6-1: config index 0 descriptor too short (expected 1307, got 27)
[  410.282467][  T788] usb 6-1: config 0 has an invalid interface number: 0 but max is -1
[  410.311033][  T788] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  410.340451][  T788] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0
[  411.397990][  T788] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  411.409432][  T788] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 246
[  411.424192][T10082] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  411.438836][  T788] usb 6-1: string descriptor 0 read error: -22
[  411.445659][  T788] usb 6-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  411.455077][  T788] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.484881][  T788] usb 6-1: config 0 descriptor??
[  411.509575][  T788] hub 6-1:0.0: bad descriptor, ignoring hub
[  411.526999][  T788] hub: probe of 6-1:0.0 failed with error -5
[  412.833957][ T5826] usb 6-1: USB disconnect, device number 3
[  415.725757][T10137] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  416.451225][T10127] loop0: detected capacity change from 0 to 40427
[  416.756238][T10127] F2FS-fs (loop0): Image doesn't support compression
[  416.771854][T10127] F2FS-fs (loop0): invalid crc value
[  417.700215][T10151] loop4: detected capacity change from 0 to 512
[  417.815846][T10151] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  417.886614][T10151] EXT4-fs error (device loop4): ext4_orphan_get:1430: comm syz.4.1085: bad orphan inode 131083
[  417.916034][T10127] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  417.924314][T10151] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  419.070634][ T7456] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.529065][   T28] kauditd_printk_skb: 39 callbacks suppressed
[  422.529149][   T28] audit: type=1326 audit(1778677958.580:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10190 comm="syz.3.1094" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853619ce59 code=0x7ffc0000
[  422.662800][   T28] audit: type=1326 audit(1778677958.580:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10190 comm="syz.3.1094" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853619ce59 code=0x7ffc0000
[  422.694177][   T28] audit: type=1326 audit(1778677958.580:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10190 comm="syz.3.1094" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853619ce59 code=0x7ffc0000
[  423.130914][   T28] audit: type=1326 audit(1778677958.580:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10190 comm="syz.3.1094" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853619ce59 code=0x7ffc0000
[  423.282298][   T28] audit: type=1326 audit(1778677958.580:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10190 comm="syz.3.1094" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853619ce59 code=0x7ffc0000
[  423.313558][   T28] audit: type=1326 audit(1778677958.580:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10190 comm="syz.3.1094" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f853619ce59 code=0x7ffc0000
[  423.435055][   T28] audit: type=1326 audit(1778677958.630:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10190 comm="syz.3.1094" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853619ce59 code=0x7ffc0000
[  423.460681][   T28] audit: type=1326 audit(1778677958.630:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10190 comm="syz.3.1094" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853619ce59 code=0x7ffc0000
[  423.488340][   T28] audit: type=1326 audit(1778677958.630:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10190 comm="syz.3.1094" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853619ce59 code=0x7ffc0000
[  423.529557][   T28] audit: type=1326 audit(1778677958.630:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10190 comm="syz.3.1094" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f853619ce59 code=0x7ffc0000
[  425.877034][T10232] loop0: detected capacity change from 0 to 2048
[  425.944529][T10232] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  427.162274][ T5772] Bluetooth: hci3: command 0x0406 tx timeout
[  427.761606][T10248] loop5: detected capacity change from 0 to 256
[  427.778955][T10248] exfat: Bad value for 'umask'
[  427.962754][T10248] loop5: detected capacity change from 0 to 512
[  428.851444][T10248] EXT4-fs error (device loop5): ext4_orphan_get:1404: inode #15: comm syz.5.1108: inode has both inline data and extents flags
[  428.884942][T10248] EXT4-fs error (device loop5): ext4_orphan_get:1409: comm syz.5.1108: couldn't read orphan inode 15 (err -117)
[  430.234879][T10248] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  430.401827][ T8658] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  431.491231][T10279] loop4: detected capacity change from 0 to 2048
[  432.488566][T10279] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  432.815484][T10283] sch_tbf: burst 255 is lower than device syzkaller0 mtu (1500) !
[  432.847042][T10283] syzkaller0: entered promiscuous mode
[  432.852567][T10283] syzkaller0: entered allmulticast mode
[  432.894494][T10283] sch_tbf: burst 185 is lower than device syzkaller0 mtu (1500) !
[  434.683471][    C1] hrtimer: interrupt took 62163 ns
[  438.193670][ T5772] Bluetooth: hci2: command 0x0406 tx timeout
[  438.949979][T10309] syz_tun: entered allmulticast mode
[  439.015158][T10308] syz_tun: left allmulticast mode
[  439.974722][T10319] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1126'.
[  440.175041][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  440.181572][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  440.204391][T10319] bond1: entered promiscuous mode
[  440.213898][T10319] 8021q: adding VLAN 0 to HW filter on device bond1
[  441.128688][T10319] 8021q: adding VLAN 0 to HW filter on device bond1
[  441.148697][T10319] bond1: (slave sit1): The slave device specified does not support setting the MAC address
[  441.195689][T10319] bond1: (slave sit1): Error -95 calling set_mac_address
[  442.804656][T10353] xt_l2tp: invalid flags combination: 0
[  443.463446][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  443.523451][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  443.785992][T10367] vlan3: entered promiscuous mode
[  443.827547][T10367] vlan3: entered allmulticast mode
[  443.862676][T10367] hsr_slave_1: entered allmulticast mode
[  444.085473][T10367] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1140'.
[  444.724010][ T5087] Bluetooth: hci3: command 0x0406 tx timeout
[  444.744212][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  445.876586][T10387] loop5: detected capacity change from 0 to 256
[  446.015380][   T28] kauditd_printk_skb: 87 callbacks suppressed
[  446.015396][   T28] audit: type=1800 audit(1778677982.130:473): pid=10387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1146" name="file2" dev="loop5" ino=1048610 res=0 errno=0
[  447.611861][T10406] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1151'.
[  450.059683][T10414] syzkaller0: entered promiscuous mode
[  450.166741][T10414] syzkaller0: entered allmulticast mode
[  451.885332][T10424] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  451.894624][T10424] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  451.903360][T10424] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  451.912999][T10424] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  451.988003][T10424] team0: Port device vxlan0 added
[  452.251626][T10433] loop5: detected capacity change from 0 to 512
[  452.328213][T10433] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  452.439129][T10433] EXT4-fs error (device loop5): ext4_orphan_get:1430: comm syz.5.1158: bad orphan inode 131083
[  452.449406][T10435] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1159'.
[  452.623393][T10433] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  453.093579][    T8] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  453.792244][    T8] usb 5-1: not running at top speed; connect to a high speed hub
[  453.832210][    T8] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  453.893249][    T8] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  453.943803][    T8] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  454.182142][ T8658] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  454.193031][    T8] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  454.209602][    T8] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  454.227606][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.253474][    T8] usb 5-1: Product: syz
[  454.282817][    T8] usb 5-1: Manufacturer: syz
[  454.731383][    T8] usb 5-1: SerialNumber: syz
[  455.393715][    T0] NOHZ tick-stop error: local softirq work is pending, handler #44!!!
[  455.543448][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  460.161130][    T8] usb 5-1: 0:2 : does not exist
[  460.258285][    T8] usb 5-1: USB disconnect, device number 5
[  460.285267][ T5772] Bluetooth: hci3: unexpected event for opcode 0x204e
[  460.441114][T10460] udevd[10460]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  464.844073][    T8] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  465.503447][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  465.533451][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  476.323434][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  476.443755][T10540] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1183'.
[  478.865491][T10564] loop5: detected capacity change from 0 to 32768
[  478.897294][T10564] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.1191 (10564)
[  478.930417][T10564] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  478.941316][T10564] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  478.951320][T10564] BTRFS info (device loop5): turning on sync discard
[  478.958163][T10564] BTRFS info (device loop5): enabling disk space caching
[  478.965269][T10564] BTRFS info (device loop5): turning off barriers
[  478.971976][T10564] BTRFS warning (device loop5): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  478.982669][T10564] BTRFS info (device loop5): trying to use backup root at mount time
[  478.990814][T10564] BTRFS info (device loop5): enabling auto defrag
[  478.997596][T10564] BTRFS info (device loop5): max_inline at 0
[  479.003976][T10564] BTRFS error (device loop5): cannot disable free space tree
[  479.025548][T10564] BTRFS error (device loop5): open_ctree failed: -22
[  479.954755][T10569] autofs4:pid:10569:autofs_fill_super: called with bogus options
[  480.271561][T10517] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by udevd (10517)
[  483.888092][T10605] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1201'.
[  483.973092][T10605] 8021q: adding VLAN 0 to HW filter on device bond6
[  484.059924][T10607] vlan3: entered promiscuous mode
[  484.484519][T10607] bond6: entered promiscuous mode
[  484.489868][T10607] vlan3: entered allmulticast mode
[  484.496049][T10607] bond6: entered allmulticast mode
[  484.623099][T10605] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1201'.
[  484.780126][T10605] 8021q: adding VLAN 0 to HW filter on device batadv1
[  485.231402][T10605] batadv1: entered promiscuous mode
[  485.282451][T10605] batadv1: entered allmulticast mode
[  485.299668][T10618] autofs4:pid:10618:autofs_fill_super: called with bogus options
[  485.578345][T10605] bond6: (slave batadv1): Enslaving as an active interface with an up link
[  487.564748][T10635] ptrace attach of "ci2-linux-6-6-kasan/syz-executor exec"[10638] was attempted by "ci2-linux-6-6-kasan/syz-executor exec"[10635]
[  487.780942][T10641] netlink: 'syz.4.1209': attribute type 1 has an invalid length.
[  487.890807][T10643] 9pnet_fd: p9_fd_create_tcp (10643): problem connecting socket to 127.0.0.1
[  487.982079][T10643] 9pnet_fd: p9_fd_create_tcp (10643): problem connecting socket to 127.0.0.1
[  488.020085][T10643] 9pnet_fd: p9_fd_create_tcp (10643): problem connecting socket to 127.0.0.1
[  488.071610][T10641] 8021q: adding VLAN 0 to HW filter on device bond7
[  488.113331][T10644] vlan4: entered allmulticast mode
[  488.147403][T10644] bond7: entered allmulticast mode
[  488.386013][T10647] bond7: (slave geneve2): making interface the new active one
[  488.401354][T10647] geneve2: entered allmulticast mode
[  490.792516][T10647] bond7: (slave geneve2): Enslaving as an active interface with an up link
[  490.835022][T10647] syz.4.1209 (10647) used greatest stack depth: 18952 bytes left
[  492.067344][T10672] loop4: detected capacity change from 0 to 4096
[  492.604212][T10672] ntfs3: loop4: Failed to initialize $Extend/$ObjId.
[  496.052827][T10721] loop0: detected capacity change from 0 to 256
[  496.420372][   T28] audit: type=1800 audit(1778678032.540:474): pid=10721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1230" name="file2" dev="loop0" ino=1048611 res=0 errno=0
[  497.557631][ T5772] Bluetooth: hci0: unexpected event for opcode 0x0c1c
[  497.933991][T10736] loop5: detected capacity change from 0 to 40427
[  497.963553][T10736] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  497.973590][T10736] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  497.983023][T10736] F2FS-fs (loop5): invalid crc value
[  498.048104][T10736] F2FS-fs (loop5): Found nat_bits in checkpoint
[  498.166639][T10736] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  498.173784][T10736] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  499.290294][   T28] audit: type=1800 audit(1778678034.710:475): pid=10749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1234" name="file1" dev="loop5" ino=10 res=0 errno=0
[  499.342584][T10746] loop4: detected capacity change from 0 to 2048
[  499.600310][T10746] EXT4-fs: Ignoring removed nobh option
[  499.728962][T10746] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  499.869067][T10746] ext4 filesystem being mounted at /188/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  500.013576][   T28] audit: type=1800 audit(1778678036.130:476): pid=10746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1235" name="file0" dev="loop4" ino=13 res=0 errno=0
[  500.125345][T10746] fs-verity: sha512 using implementation "sha512-avx2"
[  500.290805][ T3498] kworker/u4:11: attempt to access beyond end of device
[  500.290805][ T3498] loop5: rw=1, sector=77824, nr_sectors = 2368 limit=40427
[  500.369602][ T3498] kworker/u4:11: attempt to access beyond end of device
[  500.369602][ T3498] loop5: rw=1, sector=80192, nr_sectors = 1728 limit=40427
[  500.402712][ T7456] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  500.434981][ T3498] kworker/u4:11: attempt to access beyond end of device
[  500.434981][ T3498] loop5: rw=1, sector=49152, nr_sectors = 1776 limit=40427
[  501.389450][T10766] xt_bpf: check failed: parse error
[  501.617551][ T5772] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  501.630657][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  501.643594][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  501.643940][ T5772] Bluetooth: hci0: Injecting HCI hardware error event
[  501.660355][ T5772] Bluetooth: hci0: hardware error 0x00
[  501.744205][   T28] audit: type=1107 audit(1778678037.870:477): pid=10768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  503.239961][T10771] syz.4.1241 (10771) used greatest stack depth: 17608 bytes left
[  503.775154][ T5772] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  518.844613][T10859] loop4: detected capacity change from 0 to 8
[  519.095381][T10859] SQUASHFS error: Failed to read block 0x71: -5
[  519.192160][   T28] audit: type=1800 audit(1778678055.220:478): pid=10859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1266" name="file1" dev="loop4" ino=1 res=0 errno=0
[  521.632609][T10875] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -30507, delta: 1
[  522.371063][T10875] ref_ctr increment failed for inode: 0x427 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880248c0000
[  522.416348][T10882] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -30507, delta: -1
[  522.457274][T10882] ref_ctr decrement failed for inode: 0x427 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880248c0000
[  524.979445][T10907] loop0: detected capacity change from 0 to 1024
[  524.994816][T10907] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  525.024102][T10907] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  525.319551][T10907] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  525.423734][T10907] EXT4-fs error (device loop0): htree_dirblock_to_tree:1112: inode #2: block 48: comm syz.0.1279: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=16, rec_len=5, size=1024 fake=0
[  525.487367][T10914] loop5: detected capacity change from 0 to 512
[  525.574353][T10914] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  525.625231][ T8759] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.896036][ T8658] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  531.500377][T10961] loop4: detected capacity change from 0 to 128
[  531.635289][T10961] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  534.731729][T10990] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1299'.
[  535.704902][T10998] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1303'.
[  536.163993][ T5855] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  537.239010][ T5855] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  537.263587][ T5855] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  537.283484][ T5855] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  537.306281][ T5855] usb 1-1: config 0 descriptor??
[  537.333520][ T5855] pwc: Askey VC010 type 2 USB webcam detected.
[  537.868766][T11027] netlink: 'syz.3.1310': attribute type 29 has an invalid length.
[  537.894754][T11027] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1310'.
[  537.906969][ T5855] pwc: recv_control_msg error -32 req 02 val 2b00
[  537.943808][ T5855] pwc: recv_control_msg error -32 req 02 val 2700
[  537.952758][ T5855] pwc: recv_control_msg error -32 req 02 val 2c00
[  537.953736][T11027] netlink: 'syz.3.1310': attribute type 29 has an invalid length.
[  538.261914][T11027] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1310'.
[  539.100808][ T5855] pwc: recv_control_msg error -71 req 04 val 1000
[  539.130825][ T5855] pwc: recv_control_msg error -71 req 04 val 1300
[  539.144462][ T5855] pwc: recv_control_msg error -71 req 04 val 1400
[  539.173758][ T5855] pwc: recv_control_msg error -71 req 02 val 2000
[  539.192758][ T5855] pwc: recv_control_msg error -71 req 02 val 2100
[  539.213636][ T5855] pwc: recv_control_msg error -71 req 04 val 1500
[  539.234585][ T5855] pwc: recv_control_msg error -71 req 02 val 2500
[  539.255120][ T5855] pwc: recv_control_msg error -71 req 02 val 2400
[  539.273933][ T5855] pwc: recv_control_msg error -71 req 02 val 2600
[  539.282350][ T5855] pwc: recv_control_msg error -71 req 02 val 2900
[  539.298337][ T5855] pwc: recv_control_msg error -71 req 02 val 2800
[  539.307528][ T5855] pwc: recv_control_msg error -71 req 04 val 1100
[  539.316169][ T5855] pwc: recv_control_msg error -71 req 04 val 1200
[  539.350022][ T5855] pwc: Registered as video103.
[  539.387183][ T5855] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input8
[  539.988294][T11043] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1312'.
[  540.008770][ T5855] usb 1-1: USB disconnect, device number 9
[  540.542096][T11043] bond0: entered promiscuous mode
[  540.633913][T11043] bond_slave_0: entered promiscuous mode
[  540.689716][T11043] bond_slave_1: entered promiscuous mode
[  541.160794][T11043] batadv0: entered promiscuous mode
[  541.226371][T11045] syz_tun: left promiscuous mode
[  541.256558][T11045] bridge0: left promiscuous mode
[  541.299318][T11045] bridge0: port 1(bridge_slave_0) entered disabled state
[  541.319050][T11045] bridge0: port 2(bridge_slave_1) entered disabled state
[  542.345692][T11060] ptrace attach of "ci2-linux-6-6-kasan/syz-executor exec"[11061] was attempted by "ci2-linux-6-6-kasan/syz-executor exec"[11060]
[  544.703938][T11063] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1320'.
[  546.038077][T11068] loop4: detected capacity change from 0 to 1024
[  546.131864][T11068] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  546.930571][ T7456] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  548.783520][ T5087] Bluetooth: hci2: command 0x0406 tx timeout
[  555.411791][T11122] loop5: detected capacity change from 0 to 512
[  556.205572][T11122] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  556.314072][T11122] ext4 filesystem being mounted at /143/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  558.538790][ T5825] IPVS: starting estimator thread 0...
[  558.683570][T11161] IPVS: using max 19 ests per chain, 45600 per kthread
[  560.920442][T11179] netlink: 'syz.4.1343': attribute type 1 has an invalid length.
[  562.058977][T11184] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  562.134650][T11184] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  562.293556][T11184] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  562.340494][T11184] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  562.624691][T11184] bond8: (slave geneve3): making interface the new active one
[  563.033319][T11184] bond8: (slave geneve3): Enslaving as an active interface with an up link
[  563.060002][ T8658] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  563.071504][T11186] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1343'.
[  563.100424][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  563.109083][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  563.325451][T11186] 8021q: adding VLAN 0 to HW filter on device bond8
[  567.590848][T11223] io-wq is not configured for unbound workers
[  567.591317][T11226] tipc: Enabled bearer <udp:syz2>, priority 10
[  567.723577][T11226] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1354'.
[  569.856460][ T5825] tipc: Node number set to 3031167
[  571.238310][T11241] loop4: detected capacity change from 0 to 4096
[  571.275114][T11241] EXT4-fs: Ignoring removed mblk_io_submit option
[  571.333050][T11241] EXT4-fs: Ignoring removed orlov option
[  571.373283][T11241] ext4: Unknown parameter 'func'
[  574.275569][T11277] syzkaller0: entered promiscuous mode
[  574.303711][T11277] syzkaller0: entered allmulticast mode
[  574.608759][T11290] loop0: detected capacity change from 0 to 1024
[  574.918991][T11290] hfsplus: request for non-existent node 33423360 in B*Tree
[  574.953544][T11290] hfsplus: request for non-existent node 33423360 in B*Tree
[  575.121187][T11299] hfsplus: request for non-existent node 33423360 in B*Tree
[  575.193218][T11299] hfsplus: request for non-existent node 33423360 in B*Tree
[  575.265684][T11290] hfsplus: request for non-existent node 33423360 in B*Tree
[  575.274299][T11290] hfsplus: request for non-existent node 33423360 in B*Tree
[  576.503002][T11307] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  576.609841][T11308] hfsplus: request for non-existent node 33423360 in B*Tree
[  576.733440][T11308] hfsplus: request for non-existent node 33423360 in B*Tree
[  576.820009][T11290] hfsplus: request for non-existent node 33423360 in B*Tree
[  578.038033][T11290] hfsplus: request for non-existent node 33423360 in B*Tree
[  578.658616][T11320] loop0: detected capacity change from 0 to 512
[  578.701930][T11322] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1382'.
[  578.739167][T11320] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  578.825161][T11322] bridge0: entered promiscuous mode
[  578.853997][T11322] macvtap1: entered promiscuous mode
[  578.874705][T11320] EXT4-fs error (device loop0): xattr_find_entry:337: inode #15: comm syz.0.1379: corrupted xattr entries
[  578.899314][T11322] macvtap1: entered allmulticast mode
[  578.930338][T11326] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1382'.
[  578.971559][T11320] EXT4-fs (loop0): Remounting filesystem read-only
[  579.003841][T11320] EXT4-fs (loop0): 1 truncate cleaned up
[  579.031032][T11320] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  579.050183][T11326] bridge0: left promiscuous mode
[  580.146726][T11339] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  580.510323][ T8759] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  580.911635][T11349] binder: 11348:11349 ioctl c0306201 200000000180 returned -14
[  583.349206][   T28] audit: type=1326 audit(1778678119.470:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.5.1392" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5dd9ce59 code=0x7ffc0000
[  583.435946][   T28] audit: type=1326 audit(1778678119.500:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.5.1392" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5dd9ce59 code=0x7ffc0000
[  583.466093][   T28] audit: type=1326 audit(1778678119.500:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.5.1392" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5dd9ce59 code=0x7ffc0000
[  583.494440][   T28] audit: type=1326 audit(1778678119.500:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.5.1392" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5dd9ce59 code=0x7ffc0000
[  583.523329][   T28] audit: type=1326 audit(1778678119.500:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.5.1392" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f5e5dd9ce59 code=0x7ffc0000
[  583.681215][   T28] audit: type=1326 audit(1778678119.500:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.5.1392" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5dd9ce59 code=0x7ffc0000
[  583.736708][   T28] audit: type=1326 audit(1778678119.510:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.5.1392" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5dd9ce59 code=0x7ffc0000
[  584.258789][   T28] audit: type=1326 audit(1778678119.510:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.5.1392" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5dd9ce59 code=0x7ffc0000
[  584.393676][   T28] audit: type=1326 audit(1778678119.510:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.5.1392" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5e5dd9ce59 code=0x7ffc0000
[  584.395192][T11375] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1395'.
[  584.453543][   T28] audit: type=1326 audit(1778678119.510:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11361 comm="syz.5.1392" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e5dd9ce59 code=0x7ffc0000
[  585.299938][T11375] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1395'.
[  589.061146][T11401] team0: Mode changed to "loadbalance"
[  589.091047][T11401] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1402'.
[  599.139221][T11443] loop4: detected capacity change from 0 to 4096
[  599.253629][T11443] __ntfs_error: 55 callbacks suppressed
[  599.253682][T11443] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  599.352102][T11443] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  599.467969][T11443] ntfs: (device loop4): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  599.533669][T11443] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  599.614624][T11443] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  599.678660][T11443] ntfs: volume version 3.1.
[  599.733475][T11443] ntfs: (device loop4): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  599.788986][T11443] ntfs: (device loop4): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  599.901626][T11443] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  600.053806][T11443] ntfs: (device loop4): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  600.129253][T11443] ntfs: (device loop4): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  600.995192][T11461] netlink: 'syz.4.1417': attribute type 1 has an invalid length.
[  601.116624][T11463] bond9: (slave gretap1): making interface the new active one
[  601.177151][T11463] bond9: (slave gretap1): Enslaving as an active interface with an up link
[  601.249138][T11461] macvlan4: entered promiscuous mode
[  601.266386][T11461] macvlan4: entered allmulticast mode
[  601.282929][T11461] bond9: entered promiscuous mode
[  601.298762][T11461] gretap1: entered promiscuous mode
[  601.326683][T11461] 8021q: adding VLAN 0 to HW filter on device macvlan4
[  601.346710][T11461] bond9: (slave macvlan4): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  601.389596][T11461] bond9: left promiscuous mode
[  601.457881][T11461] gretap1: left promiscuous mode
[  601.659341][T11470] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1418'.
[  603.218575][T11484] loop5: detected capacity change from 0 to 512
[  603.622612][T11484] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002]
[  603.647287][T11484] System zones: 1-12
[  603.656442][T11484] EXT4-fs error (device loop5): ext4_iget_extra_inode:4739: inode #15: comm syz.5.1424: corrupted in-inode xattr: e_value size too large
[  604.567546][T11484] EXT4-fs error (device loop5): ext4_orphan_get:1409: comm syz.5.1424: couldn't read orphan inode 15 (err -117)
[  604.596457][T11484] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  605.298634][T11494] dns_resolver: Unsupported server list version (6)
[  606.024989][ T8658] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  611.713647][T11521] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1430'.
[  626.138838][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  626.147080][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  635.562590][T11636] syzkaller0: entered promiscuous mode
[  635.583531][T11636] syzkaller0: entered allmulticast mode
[  639.202830][   T28] kauditd_printk_skb: 4 callbacks suppressed
[  639.202880][   T28] audit: type=1326 audit(1778678173.470:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11646 comm="syz.4.1464" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2619ce59 code=0x7ffc0000
[  639.239196][   T28] audit: type=1326 audit(1778678173.470:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11646 comm="syz.4.1464" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2619ce59 code=0x7ffc0000
[  639.270138][   T28] audit: type=1326 audit(1778678173.470:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11646 comm="syz.4.1464" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f0b2619ce59 code=0x7ffc0000
[  639.299277][   T28] audit: type=1326 audit(1778678173.480:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11646 comm="syz.4.1464" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2619ce59 code=0x7ffc0000
[  639.327915][   T28] audit: type=1326 audit(1778678173.480:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11646 comm="syz.4.1464" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2619ce59 code=0x7ffc0000
[  639.460543][   T28] audit: type=1326 audit(1778678173.480:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11646 comm="syz.4.1464" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0b2619ce59 code=0x7ffc0000
[  639.688036][   T28] audit: type=1326 audit(1778678173.480:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11646 comm="syz.4.1464" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2619ce59 code=0x7ffc0000
[  639.908322][   T28] audit: type=1326 audit(1778678173.480:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11646 comm="syz.4.1464" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2619ce59 code=0x7ffc0000
[  640.035616][   T28] audit: type=1326 audit(1778678173.480:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11646 comm="syz.4.1464" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0b2619ce59 code=0x7ffc0000
[  640.216641][T11660] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1468'.
[  640.443703][   T28] audit: type=1326 audit(1778678173.480:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11646 comm="syz.4.1464" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b2619ce59 code=0x7ffc0000
[  640.609764][T11660] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1468'.
[  643.542705][T11695] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  643.551540][T11695] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  643.560564][T11695] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  643.569432][T11695] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  643.852299][T11695] vxlan0: entered promiscuous mode
[  644.564921][T11695] bond0: (slave vxlan0): Enslaving as an active interface with an up link
[  644.983300][T11711] loop5: detected capacity change from 0 to 8
[  645.154358][T11436] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  645.178209][ T5772] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11
[  649.412567][T11736] syzkaller0: entered promiscuous mode
[  650.899396][T11754] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  651.998975][ T5772] Bluetooth: hci1: unexpected event for opcode 0x0009
[  657.650062][T11790] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  657.690330][T11790] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1505'.
[  657.740429][T11790] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  662.608272][T11811] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  662.999139][T11813] loop0: detected capacity change from 0 to 128
[  663.542103][T11813] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  663.816857][T11813] hpfs: filesystem error: improperly stopped
[  663.855848][T11813] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  663.877647][T11813] hpfs: You really don't want any checks? You are crazy...
[  665.354561][T11813] hpfs: hpfs_map_sector(): read error
[  665.360108][T11813] hpfs: code page support is disabled
[  667.432055][T11813] hpfs: hpfs_map_4sectors(): unaligned read
[  667.574604][T11813] hpfs: hpfs_map_4sectors(): unaligned read
[  667.580574][T11813] hpfs: filesystem error: unable to find root dir
[  673.512064][T11850] loop0: detected capacity change from 0 to 256
[  674.553555][ T5825] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  674.753304][ T5825] usb 5-1: config index 0 descriptor too short (expected 39, got 27)
[  674.761837][ T5825] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  674.795508][ T5825] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  674.831286][ T5825] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  674.842622][ T5825] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  674.871653][ T5825] usb 5-1: Product: syz
[  674.878704][ T5825] usb 5-1: Manufacturer: syz
[  674.895753][ T5825] usb 5-1: SerialNumber: syz
[  674.928719][ T5825] usb 5-1: config 0 descriptor??
[  675.176183][ T5825] usb 5-1: USB disconnect, device number 6
[  682.706084][T11895] netlink: 184 bytes leftover after parsing attributes in process `syz.5.1531'.
[  682.784170][T11895] bond0: entered allmulticast mode
[  682.789362][T11895] bond_slave_0: entered allmulticast mode
[  682.813506][T11895] bond_slave_1: entered allmulticast mode
[  682.845222][T11895] vxlan0: entered allmulticast mode
[  683.098246][T11898] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1532'.
[  685.934387][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  685.941844][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  688.794643][T11942] syzkaller0: entered promiscuous mode
[  688.823768][T11942] syzkaller0: entered allmulticast mode
[  698.557408][T11976] loop4: detected capacity change from 0 to 736
[  715.884016][T12052] loop5: detected capacity change from 0 to 256
[  722.517014][ T5087] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  722.543827][ T5087] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  722.581158][ T5087] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  722.604123][ T5087] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  722.643677][ T5087] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  722.656489][ T5087] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  722.947220][T12060] lo speed is unknown, defaulting to 1000
[  725.143818][ T5772] Bluetooth: hci4: command tx timeout
[  726.552855][T12060] chnl_net:caif_netlink_parms(): no params data found
[  727.204424][ T5772] Bluetooth: hci4: command tx timeout
[  729.343466][ T5772] Bluetooth: hci4: command tx timeout
[  729.800700][T12060] bridge0: port 1(bridge_slave_0) entered blocking state
[  729.868751][T12060] bridge0: port 1(bridge_slave_0) entered disabled state
[  729.890497][T12060] bridge_slave_0: entered allmulticast mode
[  729.915345][T12060] bridge_slave_0: entered promiscuous mode
[  729.944855][T12060] bridge0: port 2(bridge_slave_1) entered blocking state
[  729.962326][T12060] bridge0: port 2(bridge_slave_1) entered disabled state
[  729.982744][T12060] bridge_slave_1: entered allmulticast mode
[  729.994467][T12060] bridge_slave_1: entered promiscuous mode
[  730.118596][T12060] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  730.166668][T12060] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  730.347516][T12060] team0: Port device team_slave_0 added
[  730.408646][T12060] team0: Port device team_slave_1 added
[  730.808284][T12060] batman_adv: batadv0: Adding interface: batadv_slave_0
[  730.838322][T12060] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  730.973663][T12060] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  731.035861][T12060] batman_adv: batadv0: Adding interface: batadv_slave_1
[  731.075613][T12060] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  731.186875][T12060] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  731.363503][ T5772] Bluetooth: hci4: command tx timeout
[  731.418538][T12060] hsr_slave_0: entered promiscuous mode
[  731.453723][T12060] hsr_slave_1: entered promiscuous mode
[  731.480329][T12060] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  731.511371][T12060] Cannot create hsr debugfs directory
[  734.459989][T12060] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  734.479839][T12060] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  734.507026][T12060] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  735.090541][T12060] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  735.478289][T12060] 8021q: adding VLAN 0 to HW filter on device bond0
[  735.528195][T12060] 8021q: adding VLAN 0 to HW filter on device team0
[  735.575266][T11688] bridge0: port 1(bridge_slave_0) entered blocking state
[  735.582445][T11688] bridge0: port 1(bridge_slave_0) entered forwarding state
[  737.847987][T11688] bridge0: port 2(bridge_slave_1) entered blocking state
[  737.855200][T11688] bridge0: port 2(bridge_slave_1) entered forwarding state
[  738.998390][T12060] 8021q: adding VLAN 0 to HW filter on device batadv0
[  739.877733][   T28] kauditd_printk_skb: 4 callbacks suppressed
[  739.877759][   T28] audit: type=1326 audit(1778678276.000:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12135 comm="syz.0.1593" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2d4919ce59 code=0x0
[  741.240642][T12157] loop4: detected capacity change from 0 to 128
[  743.557206][T12163] syzkaller0: entered promiscuous mode
[  743.564017][T12163] syzkaller0: entered allmulticast mode
[  743.886630][T12060] veth0_vlan: entered promiscuous mode
[  744.132597][T12060] veth1_vlan: entered promiscuous mode
[  744.162781][T12060] veth0_macvtap: entered promiscuous mode
[  744.184582][T12060] veth1_macvtap: entered promiscuous mode
[  744.275946][T12060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  744.329973][T12060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  744.373881][T12060] batman_adv: batadv0: Interface activated: batadv_slave_0
[  744.663883][T12060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  745.076772][T12060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  745.105389][T12060] batman_adv: batadv0: Interface activated: batadv_slave_1
[  745.153744][T12060] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  745.164039][T12060] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  745.174270][T12060] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  745.184417][T12060] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  745.726516][T11688] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  745.763896][T11688] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  745.856367][ T5855] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  746.389229][ T3498] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  746.426302][ T3498] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  746.604988][T12181] syzkaller0: entered promiscuous mode
[  746.622189][T12181] syzkaller0: entered allmulticast mode
[  746.656616][ T5855] usb 5-1: config 0 has no interfaces?
[  746.668553][ T5855] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  746.680522][ T5855] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  746.690162][ T5855] usb 5-1: Manufacturer: syz
[  746.708199][ T5855] usb 5-1: config 0 descriptor??
[  747.397616][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  747.411166][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  750.157607][   T28] audit: type=1326 audit(1778678286.280:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12201 comm="syz.6.1603" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f982d59ce59 code=0x0
[  760.603668][T12191] bond2: left promiscuous mode
[  762.203439][T12191] bridge1: left promiscuous mode
[  762.296926][T12191] bond3: left promiscuous mode
[  762.302635][T12191] bridge2: left promiscuous mode
[  762.363976][T12191] vlan2: left allmulticast mode
[  762.369737][T12191] bond3: left allmulticast mode
[  762.392189][T12191] bridge2: left allmulticast mode
[  762.448168][T12191] veth3: left promiscuous mode
[  762.463856][T12191] veth3: left allmulticast mode
[  762.487520][T12191] macvlan3: left promiscuous mode
[  762.503905][T12191] macvlan3: left allmulticast mode
[  762.511759][T12191] bridge3: left promiscuous mode
[  762.517724][T12191] bridge3: left allmulticast mode
[  762.637240][T12191] vlan3: left promiscuous mode
[  762.678512][T12191] bond6: left promiscuous mode
[  762.693668][T12191] batadv1: left promiscuous mode
[  762.699973][T12191] vlan3: left allmulticast mode
[  762.733533][T12191] bond6: left allmulticast mode
[  762.740852][T12191] batadv1: left allmulticast mode
[  762.819266][T12191] vlan4: left allmulticast mode
[  762.833659][T12191] bond7: left allmulticast mode
[  762.838650][T12191] geneve2: left allmulticast mode
[  762.861409][T12191] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  762.883420][T12191] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  762.892597][T12191] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  762.923372][T12191] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  763.004939][ T5087] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  763.023676][ T5087] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  763.034277][T12191] netdevsim netdevsim4 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  763.044091][ T5087] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  763.054642][T12191] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  763.065791][ T5087] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  763.075084][ T5087] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  763.084159][T12191] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  763.095049][ T5087] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  763.107791][T12191] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  763.224526][T12239] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  763.421191][T12266] lo speed is unknown, defaulting to 1000
[  765.703558][ T5772] Bluetooth: hci1: command tx timeout
[  766.401055][T12266] chnl_net:caif_netlink_parms(): no params data found
[  767.454202][T12266] bridge0: port 1(bridge_slave_0) entered blocking state
[  767.515858][T12266] bridge0: port 1(bridge_slave_0) entered disabled state
[  767.523245][T12266] bridge_slave_0: entered allmulticast mode
[  767.591829][T12266] bridge_slave_0: entered promiscuous mode
[  767.630948][T12266] bridge0: port 2(bridge_slave_1) entered blocking state
[  767.676948][T12266] bridge0: port 2(bridge_slave_1) entered disabled state
[  767.799172][ T5772] Bluetooth: hci1: command tx timeout
[  767.800984][T12266] bridge_slave_1: entered allmulticast mode
[  767.963252][T12266] bridge_slave_1: entered promiscuous mode
[  768.698861][T12266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  768.747645][T12266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  769.734115][T12266] team0: Port device team_slave_0 added
[  769.797348][T12266] team0: Port device team_slave_1 added
[  769.914549][ T5772] Bluetooth: hci1: command tx timeout
[  769.992006][T12266] batman_adv: batadv0: Adding interface: batadv_slave_0
[  770.030133][T12266] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  770.164343][T12266] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  770.208376][T12266] batman_adv: batadv0: Adding interface: batadv_slave_1
[  770.216550][T12266] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  770.243239][T12307] Bluetooth: MGMT ver 1.22
[  770.243567][T12307] Bluetooth: hci0: invalid length 0, exp 2 for type 12
[  770.303765][T12266] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  770.377795][ T5856] usb 5-1: USB disconnect, device number 7
[  770.874164][T12266] hsr_slave_0: entered promiscuous mode
[  770.951223][T12266] hsr_slave_1: entered promiscuous mode
[  770.982876][T12266] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  771.940162][ T5772] Bluetooth: hci1: command tx timeout
[  772.208573][T12266] Cannot create hsr debugfs directory
[  775.556273][T12324] syzkaller0: entered promiscuous mode
[  775.562766][T12324] syzkaller0: entered allmulticast mode
[  776.816042][ T3498] tipc: Disabling bearer <udp:syz2>
[  776.822357][ T3498] tipc: Left network mode
[  777.164885][T12266] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  777.260897][T12266] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  777.292495][T12266] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  777.546343][T12266] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  778.359248][ T3498] bond9: (slave gretap1): Releasing active interface
[  778.423983][T12367] syzkaller0: entered promiscuous mode
[  778.445223][T12367] syzkaller0: entered allmulticast mode
[  778.999801][T12370] kvm: kvm [12369]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x0
[  779.032963][T12370] kvm: kvm [12369]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[  779.138220][T12380] hub 8-0:1.0: USB hub found
[  779.146906][T12380] hub 8-0:1.0: 1 port detected
[  779.801498][T12266] 8021q: adding VLAN 0 to HW filter on device bond0
[  780.017340][T12384] libceph: secret too big 32
[  780.017543][ T5772] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  780.891735][T12266] 8021q: adding VLAN 0 to HW filter on device team0
[  784.247323][T12388] sch_tbf: burst 12 is lower than device lo mtu (1550) !
[  784.614223][ T3498] hsr_slave_0: left promiscuous mode
[  784.749613][ T3498] bond9 (unregistering): Released all slaves
[  785.448321][ T3498] bond8 (unregistering): (slave geneve3): Releasing active interface
[  789.343807][T12428] loop6: detected capacity change from 0 to 64
[  791.368498][ T3498] bond8 (unregistering): Released all slaves
[  791.459305][ T3498] bond7 (unregistering): (slave geneve2): Releasing active interface
[  793.785685][T12060] BFS-fs: bfs_iget(): Bad inode number loop6:0000fe02
[  793.826302][T12060] BFS-fs: bfs_iget(): Bad inode number loop6:0000fe02
[  794.066735][ T3498] bond7 (unregistering): Released all slaves
[  794.116897][ T3498] bond6 (unregistering): (slave batadv1): Releasing backup interface
[  794.291781][T12444] kvm: kvm [12443]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x100000000
[  794.309801][T12444] kvm: kvm [12443]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x0
[  794.318769][T12444] kvm: kvm [12443]: vcpu0, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[  794.435083][ T3498] bond6 (unregistering): Released all slaves
[  794.521916][ T3498] team0 (unregistering): Port device bridge3 removed
[  797.178957][ T3498] bond5 (unregistering): Released all slaves
[  797.358654][ T3498] bond4 (unregistering): Released all slaves
[  797.395828][ T3498] bond3 (unregistering): (slave bridge2): Releasing backup interface
[  798.051810][ T3498] bond3 (unregistering): Released all slaves
[  798.351104][ T3498] bond2 (unregistering): (slave bridge1): Releasing backup interface
[  798.900886][ T3498] bond2 (unregistering): Released all slaves
[  799.135355][ T3498] bond1 (unregistering): (slave dummy0): Releasing backup interface
[  799.145627][ T3498] bond1 (unregistering): Released all slaves
[  800.800320][ T3498] bond0 (unregistering): Released all slaves
[  800.939541][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  800.946864][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  800.958687][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  800.966017][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  802.572190][ T3498] IPVS: stop unused estimator thread 0...
[  802.920339][T12266] 8021q: adding VLAN 0 to HW filter on device batadv0
[  803.456118][ T3498] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  804.030009][ T3498] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  805.088109][ T3498] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  805.172262][T12500] loop0: detected capacity change from 0 to 64
[  805.328015][ T5772] Bluetooth: hci3: unexpected event for opcode 0x0009
[  805.454768][ T5087] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  805.470395][ T3498] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  805.484954][ T5087] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  805.497238][ T5087] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  805.509431][ T5087] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  805.519806][ T5087] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  805.614024][ T5087] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  805.734813][T12510] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1660'.
[  805.760412][T12510] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1660'.
[  805.772283][T12510] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1660'.
[  805.787833][T12510] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1660'.
[  806.325190][T12506] lo speed is unknown, defaulting to 1000
[  807.686077][ T5087] Bluetooth: hci0: command tx timeout
[  808.290468][T12266] veth0_vlan: entered promiscuous mode
[  808.487815][T12506] chnl_net:caif_netlink_parms(): no params data found
[  808.542866][T12266] veth1_vlan: entered promiscuous mode
[  808.848372][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  808.857524][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  809.766284][ T5087] Bluetooth: hci0: command tx timeout
[  809.887351][T12506] bridge0: port 1(bridge_slave_0) entered blocking state
[  809.903115][T12506] bridge0: port 1(bridge_slave_0) entered disabled state
[  809.921790][T12506] bridge_slave_0: entered allmulticast mode
[  809.932100][T12506] bridge_slave_0: entered promiscuous mode
[  809.962305][T12506] bridge0: port 2(bridge_slave_1) entered blocking state
[  809.993823][T12506] bridge0: port 2(bridge_slave_1) entered disabled state
[  810.001207][T12506] bridge_slave_1: entered allmulticast mode
[  810.036629][T12506] bridge_slave_1: entered promiscuous mode
[  810.077282][T12266] veth0_macvtap: entered promiscuous mode
[  811.163782][T12506] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  811.206963][T12506] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  811.331102][T12266] veth1_macvtap: entered promiscuous mode
[  811.812590][T12506] team0: Port device team_slave_0 added
[  811.850292][ T5087] Bluetooth: hci0: command tx timeout
[  812.471105][T12506] team0: Port device team_slave_1 added
[  812.557457][T12266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  812.576705][T12266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.591159][T12266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  812.609025][T12266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.622470][T12266] batman_adv: batadv0: Interface activated: batadv_slave_0
[  812.829645][T12266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  812.846756][T12266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.859854][T12266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  812.879104][T12266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.896469][T12266] batman_adv: batadv0: Interface activated: batadv_slave_1
[  812.921876][T12506] batman_adv: batadv0: Adding interface: batadv_slave_0
[  812.932346][T12506] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  812.967658][T12506] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  813.000751][T12506] batman_adv: batadv0: Adding interface: batadv_slave_1
[  813.011454][T12506] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  813.042974][T12506] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  813.062126][T12266] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  813.073496][T12266] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  813.084147][T12266] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  813.094320][T12266] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  813.180871][ T3498] hsr_slave_0: left promiscuous mode
[  813.196505][ T3498] hsr_slave_1: left promiscuous mode
[  813.210516][ T3498] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  813.219203][ T3498] batman_adv: batadv0: Removing interface: batadv_slave_0
[  813.229104][ T3498] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  813.239818][ T3498] batman_adv: batadv0: Removing interface: batadv_slave_1
[  813.259037][ T3498] bridge_slave_1: left allmulticast mode
[  813.270032][ T3498] bridge_slave_1: left promiscuous mode
[  813.277238][ T3498] bridge0: port 2(bridge_slave_1) entered disabled state
[  813.313033][ T3498] bridge_slave_0: left allmulticast mode
[  813.330105][ T3498] bridge_slave_0: left promiscuous mode
[  813.339958][ T3498] bridge0: port 1(bridge_slave_0) entered disabled state
[  813.407074][ T3498] veth1_macvtap: left promiscuous mode
[  813.438965][ T3498] veth0_macvtap: left promiscuous mode
[  813.474415][ T3498] veth1_vlan: left promiscuous mode
[  813.480903][ T3498] veth0_vlan: left promiscuous mode
[  813.937388][ T5087] Bluetooth: hci0: command tx timeout
[  814.664722][   T28] audit: type=1326 audit(1778678350.780:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.0.1678" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  814.771615][   T28] audit: type=1326 audit(1778678350.780:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.0.1678" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  814.864121][   T28] audit: type=1326 audit(1778678350.780:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.0.1678" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  814.965768][   T28] audit: type=1326 audit(1778678350.780:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.0.1678" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f2d4919ce59 code=0x7ffc0000
[  815.028875][   T28] audit: type=1326 audit(1778678350.850:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.0.1678" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2d4915d68e code=0x7ffc0000
[  815.067114][   T28] audit: type=1326 audit(1778678350.850:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.0.1678" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2d4915d68e code=0x7ffc0000
[  815.161927][   T28] audit: type=1326 audit(1778678350.850:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.0.1678" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2d4915d68e code=0x7ffc0000
[  815.248672][   T28] audit: type=1326 audit(1778678350.850:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.0.1678" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2d4915d68e code=0x7ffc0000
[  815.276383][   T28] audit: type=1326 audit(1778678350.850:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.0.1678" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2d4915d68e code=0x7ffc0000
[  815.390155][   T28] audit: type=1326 audit(1778678350.850:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12588 comm="syz.0.1678" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2d4915d68e code=0x7ffc0000
[  815.896866][T12606] loop0: detected capacity change from 0 to 512
[  815.970168][T12606] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  816.221268][T12606] EXT4-fs (loop0): 1 truncate cleaned up
[  816.230192][T12606] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  816.871101][ T3498] team0 (unregistering): Port device team_slave_1 removed
[  816.991374][ T3498] team0 (unregistering): Port device team_slave_0 removed
[  817.099354][ T3498] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  817.134652][ T8759] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  817.239900][ T3498] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  820.509950][ T3498] bond0 (unregistering): Released all slaves
[  820.832809][T12506] hsr_slave_0: entered promiscuous mode
[  820.841121][T12506] hsr_slave_1: entered promiscuous mode
[  820.850677][T12506] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  820.860552][T12506] Cannot create hsr debugfs directory
[  820.975189][ T3458] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  820.983172][ T3458] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  823.604453][T12627] netlink: 'syz.0.1682': attribute type 14 has an invalid length.
[  823.624153][T11688] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  823.632161][T11688] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  823.646376][T12627] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1682'.
[  823.684084][T12627] bond0: option xmit_hash_policy: invalid value (79)
[  824.335090][T12506] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  824.407515][T12506] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  824.534714][T12506] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  824.640974][T12506] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  825.046326][ T5772] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  825.061890][ T5772] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  825.074673][ T5772] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  825.088237][ T5772] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  825.097070][ T5772] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  825.106003][ T5772] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  825.344248][T12506] 8021q: adding VLAN 0 to HW filter on device bond0
[  825.677288][ T1079] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  825.755119][T12638] lo speed is unknown, defaulting to 1000
[  825.802083][T12506] 8021q: adding VLAN 0 to HW filter on device team0
[  825.866961][ T1079] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  825.928393][T11688] bridge0: port 1(bridge_slave_0) entered blocking state
[  825.935686][T11688] bridge0: port 1(bridge_slave_0) entered forwarding state
[  825.985633][ T1079] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  826.032992][ T3458] bridge0: port 2(bridge_slave_1) entered blocking state
[  826.041130][ T3458] bridge0: port 2(bridge_slave_1) entered forwarding state
[  826.135373][ T1079] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  826.513459][T12638] chnl_net:caif_netlink_parms(): no params data found
[  826.982968][T12638] bridge0: port 1(bridge_slave_0) entered blocking state
[  827.005307][T12638] bridge0: port 1(bridge_slave_0) entered disabled state
[  827.012731][T12638] bridge_slave_0: entered allmulticast mode
[  827.028322][T12638] bridge_slave_0: entered promiscuous mode
[  827.119104][T12638] bridge0: port 2(bridge_slave_1) entered blocking state
[  827.128537][T12638] bridge0: port 2(bridge_slave_1) entered disabled state
[  827.142027][T12638] bridge_slave_1: entered allmulticast mode
[  827.151563][T12638] bridge_slave_1: entered promiscuous mode
[  827.206422][ T5772] Bluetooth: hci1: command tx timeout
[  827.345298][T12638] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  827.369334][T12506] 8021q: adding VLAN 0 to HW filter on device batadv0
[  827.386815][T12638] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  827.542203][T12638] team0: Port device team_slave_0 added
[  827.562530][T12638] team0: Port device team_slave_1 added
[  827.708175][T12638] batman_adv: batadv0: Adding interface: batadv_slave_0
[  827.723590][T12638] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  827.751174][T12638] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  827.838580][T12638] batman_adv: batadv0: Adding interface: batadv_slave_1
[  827.849292][T12638] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  827.879453][T12638] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  828.094575][T12638] hsr_slave_0: entered promiscuous mode
[  828.101484][T12638] hsr_slave_1: entered promiscuous mode
[  828.109471][T12638] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  828.118474][T12638] Cannot create hsr debugfs directory
[  828.389525][ T1079] hsr_slave_0: left promiscuous mode
[  828.410912][ T1079] hsr_slave_1: left promiscuous mode
[  828.419693][ T1079] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  828.428636][ T1079] batman_adv: batadv0: Removing interface: batadv_slave_0
[  828.438642][ T1079] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  828.447592][ T1079] batman_adv: batadv0: Removing interface: batadv_slave_1
[  828.458396][ T1079] bridge_slave_1: left allmulticast mode
[  828.465307][ T1079] bridge_slave_1: left promiscuous mode
[  828.472262][ T1079] bridge0: port 2(bridge_slave_1) entered disabled state
[  828.495332][ T1079] bridge_slave_0: left allmulticast mode
[  828.501814][ T1079] bridge_slave_0: left promiscuous mode
[  828.508556][ T1079] bridge0: port 1(bridge_slave_0) entered disabled state
[  828.592478][ T1079] veth1_macvtap: left promiscuous mode
[  828.599103][ T1079] veth0_macvtap: left promiscuous mode
[  828.605712][ T1079] veth1_vlan: left promiscuous mode
[  828.612149][ T1079] veth0_vlan: left promiscuous mode
[  829.287456][ T5772] Bluetooth: hci1: command tx timeout
[  829.870109][ T1079] team0 (unregistering): Port device team_slave_1 removed
[  829.962102][ T1079] team0 (unregistering): Port device team_slave_0 removed
[  830.045489][ T1079] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  830.115906][ T1079] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  830.764134][ T1079] bond0 (unregistering): Released all slaves
[  831.141612][T12506] veth0_vlan: entered promiscuous mode
[  831.217936][T12506] veth1_vlan: entered promiscuous mode
[  831.363696][ T5772] Bluetooth: hci1: command tx timeout
[  831.497643][T12506] veth0_macvtap: entered promiscuous mode
[  831.530465][T12506] veth1_macvtap: entered promiscuous mode
[  831.598890][T12506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  831.620068][T12506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  831.641312][T12506] batman_adv: batadv0: Interface activated: batadv_slave_0
[  831.691050][T12506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  831.710334][T12506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  831.739462][T12506] batman_adv: batadv0: Interface activated: batadv_slave_1
[  831.752458][T12506] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  831.769835][T12506] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  831.795609][T12506] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  831.808396][T12506] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  832.051918][T11688] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  832.081804][T11688] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  832.158800][ T3498] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  832.195502][ T3498] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  832.210550][T12638] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  832.231402][T12638] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  832.269157][T12638] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  832.292477][T12638] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  832.558090][T12638] 8021q: adding VLAN 0 to HW filter on device bond0
[  832.708007][T12638] 8021q: adding VLAN 0 to HW filter on device team0
[  833.453345][ T5772] Bluetooth: hci1: command tx timeout
[  833.508192][T11688] bridge0: port 1(bridge_slave_0) entered blocking state
[  833.515527][T11688] bridge0: port 1(bridge_slave_0) entered forwarding state
[  834.477528][T11688] bridge0: port 2(bridge_slave_1) entered blocking state
[  834.485939][T11688] bridge0: port 2(bridge_slave_1) entered forwarding state
[  834.769118][T12638] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  838.394218][T12738] fuse: Unknown parameter 'user_i00000000000000000003'
[  839.872505][T12638] 8021q: adding VLAN 0 to HW filter on device batadv0
[  844.105285][T12774] vlan3: entered promiscuous mode
[  844.110476][T12774] bond0: entered promiscuous mode
[  844.524710][T12638] veth0_vlan: entered promiscuous mode
[  844.539248][T12638] veth1_vlan: entered promiscuous mode
[  847.732696][T12638] veth0_macvtap: entered promiscuous mode
[  847.779388][T12638] veth1_macvtap: entered promiscuous mode
[  850.135846][T12638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  850.194512][T12638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  850.269145][T12638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  850.331154][T12638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  850.397558][T12638] batman_adv: batadv0: Interface activated: batadv_slave_0
[  850.449857][T12638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  850.462744][T12638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  850.474424][T12638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  850.486707][T12638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  850.500944][T12638] batman_adv: batadv0: Interface activated: batadv_slave_1
[  850.526502][T12638] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  850.654041][T12638] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  850.803817][T12638] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  850.812721][T12638] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  851.335054][T12435] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  851.343035][T12435] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  851.462186][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  851.514276][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  855.871981][T12828] loop5: detected capacity change from 0 to 8
[  858.316224][T12825] loop0: detected capacity change from 0 to 4096
[  861.069816][T12864] xt_TPROXY: Can be used only with -p tcp or -p udp
[  862.654526][T12875] loop8: detected capacity change from 0 to 1024
[  862.703790][T12875] EXT4-fs: inline encryption not supported
[  862.779356][T12875] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  862.857310][T12875] EXT4-fs (loop8): bad geometry: bigalloc file system with non-zero first_data_block
[  862.857310][T12875] 
[  863.640705][T12875] loop8: detected capacity change from 0 to 1024
[  867.007492][T12899] loop5: detected capacity change from 0 to 64
[  867.196770][T11688] hfsplus: b-tree write err: -5, ino 25
[  867.213552][T11688] hfsplus: b-tree write err: -5, ino 4
[  867.219502][T11688] hfsplus: b-tree write err: -5, ino 2
[  870.440234][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  870.540873][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  876.145900][T12969] loop0: detected capacity change from 0 to 64
[  876.428711][T12969] hfs: unable to parse mount options
[  879.985630][T12986] virt_wifi0 speed is unknown, defaulting to 1000
[  879.992553][T12986] virt_wifi0 speed is unknown, defaulting to 1000
[  880.009474][T12986] virt_wifi0 speed is unknown, defaulting to 1000
[  880.063917][T12986] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  880.137872][T12986] virt_wifi0 speed is unknown, defaulting to 1000
[  880.155241][T12986] virt_wifi0 speed is unknown, defaulting to 1000
[  880.167453][T12986] virt_wifi0 speed is unknown, defaulting to 1000
[  880.181719][T12986] virt_wifi0 speed is unknown, defaulting to 1000
[  880.192599][T12986] virt_wifi0 speed is unknown, defaulting to 1000
[  881.526090][T12997] tipc: Failed to remove unknown binding: 66,0,0/0:3907677302/3907677304
[  881.594910][T12997] tipc: Failed to remove unknown binding: 66,0,0/0:3907677302/3907677303
[  881.769473][T12988] tipc: Failed to remove unknown binding: 66,0,0/0:3907677302/3907677304
[  881.833805][T12988] tipc: Failed to remove unknown binding: 66,0,0/0:3907677302/3907677303
[  886.304863][ T5772] Bluetooth: hci2: unexpected event for opcode 0x0000
[  892.315061][T13053] syzkaller0: entered promiscuous mode
[  892.321554][T13053] syzkaller0: entered allmulticast mode
[  895.510920][T13073] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  895.564067][T13073] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  897.422120][T13084] loop8: detected capacity change from 0 to 32768
[  897.720058][T13084] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop8 scanned by syz.8.1741 (13084)
[  897.784770][T13084] BTRFS info (device loop8): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  897.795223][T13084] BTRFS info (device loop8): using sha256 (sha256-avx2) checksum algorithm
[  897.804153][T13084] BTRFS info (device loop8): using free space tree
[  897.969678][T13084] BTRFS info (device loop8): enabling ssd optimizations
[  897.976943][T13084] BTRFS info (device loop8): auto enabling async discard
[  900.572171][T12506] BTRFS info (device loop8): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  902.125919][T13121] loop5: detected capacity change from 0 to 512
[  902.253338][T13121] EXT4-fs (loop5): Test dummy encryption mode enabled
[  902.289466][T13121] EXT4-fs (loop5): Using encoding defined by superblock: utf8-12.1.0 with flags 0x0
[  902.319655][T13121] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  902.353540][T13121] EXT4-fs (loop5): Couldn't mount because of unsupported optional features (fffc1829)
[  902.425018][T13121] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[  905.435010][T13135] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1743'.
[  908.063996][T12650] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  908.276836][T12650] usb 9-1: config index 0 descriptor too short (expected 9, got 0)
[  908.293832][T12650] usb 9-1: can't read configurations, error -22
[  916.664653][T13178] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  930.452330][T13229] Bluetooth: hci0: command 0x0406 tx timeout
[  932.946304][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  932.973376][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  934.575741][T13229] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  934.595204][T13229] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  934.627813][T13229] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  934.683809][T13229] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  934.699377][T13229] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  934.709515][T13229] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  934.882763][T13257] lo speed is unknown, defaulting to 1000
[  934.936301][T13257] virt_wifi0 speed is unknown, defaulting to 1000
[  936.919698][T13229] Bluetooth: hci4: command tx timeout
[  938.963516][T13229] Bluetooth: hci4: command tx timeout
[  939.766589][T13257] chnl_net:caif_netlink_parms(): no params data found
[  940.677148][T13257] bridge0: port 1(bridge_slave_0) entered blocking state
[  940.710070][T13257] bridge0: port 1(bridge_slave_0) entered disabled state
[  940.734987][T13257] bridge_slave_0: entered allmulticast mode
[  940.780202][T13257] bridge_slave_0: entered promiscuous mode
[  940.824668][T13257] bridge0: port 2(bridge_slave_1) entered blocking state
[  940.831971][T13257] bridge0: port 2(bridge_slave_1) entered disabled state
[  940.887507][T13257] bridge_slave_1: entered allmulticast mode
[  940.921765][T13257] bridge_slave_1: entered promiscuous mode
[  940.947003][T13316] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1780'.
[  941.043359][T13229] Bluetooth: hci4: command tx timeout
[  941.256088][ T3498] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  941.368443][T13316] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1780'.
[  941.426836][T13257] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  941.468793][T13316] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1780'.
[  941.568070][ T3498] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  941.661707][T13257] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  942.078895][ T3498] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  942.830769][ T3498] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  943.074553][T13257] team0: Port device team_slave_0 added
[  943.113971][T13257] team0: Port device team_slave_1 added
[  943.133325][T13229] Bluetooth: hci4: command tx timeout
[  945.555648][T13257] batman_adv: batadv0: Adding interface: batadv_slave_0
[  945.562778][T13257] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  945.627933][T13257] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  945.851491][T13257] batman_adv: batadv0: Adding interface: batadv_slave_1
[  945.877044][T13257] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  946.957971][T13257] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  948.948824][T13257] hsr_slave_0: entered promiscuous mode
[  949.003931][T13257] hsr_slave_1: entered promiscuous mode
[  949.109690][T13257] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  949.143455][T13257] Cannot create hsr debugfs directory
[  949.280136][T13366] autofs4:pid:13366:autofs_fill_super: called with bogus options
[  950.109064][T13257] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  950.295711][T13257] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  950.410729][T13257] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  950.540956][T13257] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  950.720928][T13379] Invalid option length (57448) for dns_resolver key
[  953.523526][T13384] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  953.553470][T13384] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  953.575188][T13384] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  953.620117][T13384] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  954.016912][T13257] 8021q: adding VLAN 0 to HW filter on device bond0
[  954.264335][T13257] 8021q: adding VLAN 0 to HW filter on device team0
[  954.389086][T13257] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  954.400594][T13257] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  954.877528][T13384] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  954.911191][T13384] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  955.000135][T13384] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  955.017574][ T3458] bridge0: port 1(bridge_slave_0) entered blocking state
[  955.024888][ T3458] bridge0: port 1(bridge_slave_0) entered forwarding state
[  955.081823][ T3458] bridge0: port 2(bridge_slave_1) entered blocking state
[  955.089168][ T3458] bridge0: port 2(bridge_slave_1) entered forwarding state
[  955.625279][ T5772] Bluetooth: hci0: command 0x0406 tx timeout
[  955.633359][ T5772] Bluetooth: hci2: command 0x0406 tx timeout
[  955.640208][T13229] Bluetooth: hci3: command 0x0406 tx timeout
[  956.718255][T13419] netlink: 'syz.8.1797': attribute type 1 has an invalid length.
[  956.883625][T13426] Bluetooth: hci4: command 0x0c1a tx timeout
[  956.987821][T13419] netlink: 'syz.8.1797': attribute type 1 has an invalid length.
[  959.717429][T13426] Bluetooth: hci0: command 0x0406 tx timeout
[  959.724395][T13426] Bluetooth: hci4: command 0x0c1a tx timeout
[  959.956698][T13444] syzkaller0: entered promiscuous mode
[  959.972791][T13444] syzkaller0: entered allmulticast mode
[  960.371728][T13257] 8021q: adding VLAN 0 to HW filter on device batadv0
[  961.763917][ T5087] Bluetooth: hci4: command 0x0c1a tx timeout
[  962.120215][T13471] tipc: Started in network mode
[  962.133500][T13471] tipc: Node identity 0a31f487eb47, cluster identity 4711
[  962.171446][T13471] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  962.246456][ T3498] hsr_slave_0: left promiscuous mode
[  962.271243][ T3498] hsr_slave_1: left promiscuous mode
[  962.313714][ T3498] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  962.347755][ T3498] batman_adv: batadv0: Removing interface: batadv_slave_0
[  962.365199][ T3498] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  962.372781][ T3498] batman_adv: batadv0: Removing interface: batadv_slave_1
[  962.469817][ T3498] bridge_slave_1: left allmulticast mode
[  962.479944][ T3498] bridge_slave_1: left promiscuous mode
[  962.508304][ T3498] bridge0: port 2(bridge_slave_1) entered disabled state
[  962.551028][ T3498] bridge_slave_0: left allmulticast mode
[  962.570816][ T3498] bridge_slave_0: left promiscuous mode
[  962.598773][ T3498] bridge0: port 1(bridge_slave_0) entered disabled state
[  962.735619][ T3498] veth1_macvtap: left promiscuous mode
[  962.741309][ T3498] veth0_macvtap: left promiscuous mode
[  962.758478][ T3498] veth1_vlan: left promiscuous mode
[  963.110157][ T3498] veth0_vlan: left promiscuous mode
[  966.591487][ T3498] team0 (unregistering): Port device team_slave_1 removed
[  966.829659][ T3498] team0 (unregistering): Port device team_slave_0 removed
[  966.963670][ T3498] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  967.071971][ T3498] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  968.487532][ T3498] bond0 (unregistering): Released all slaves
[  968.722979][T13467] syzkaller0: entered promiscuous mode
[  968.737148][T13467] syzkaller0: entered allmulticast mode
[  968.923816][T13474] tipc: Resetting bearer <eth:syzkaller0>
[  969.439116][T13466] tipc: Resetting bearer <eth:syzkaller0>
[  969.531507][T13466] tipc: Disabling bearer <eth:syzkaller0>
[  969.558035][T12238] tipc: Node number set to 3782669447
[  969.577036][T13493] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  969.608387][T13498] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1809'.
[  969.952570][T13257] veth0_vlan: entered promiscuous mode
[  970.005542][T13426] Bluetooth: hci4: command 0x0c1a tx timeout
[  973.395905][T13257] veth1_vlan: entered promiscuous mode
[  973.566409][T13257] veth0_macvtap: entered promiscuous mode
[  973.654484][T13257] veth1_macvtap: entered promiscuous mode
[  973.737704][T13257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  973.788678][T13257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  973.808974][T13257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  973.871466][T13257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  973.917177][T13257] batman_adv: batadv0: Interface activated: batadv_slave_0
[  973.978833][T13257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  974.051594][T13257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  974.092786][T13257] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  974.142164][T13257] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  976.400137][T13257] batman_adv: batadv0: Interface activated: batadv_slave_1
[  976.507222][T13257] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  976.549117][T13257] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  976.586221][T13257] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  976.633442][T13257] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  976.988148][ T3498] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  977.029725][ T3498] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  977.144558][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  977.209410][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  978.492548][T13426] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  979.703604][T13578] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1823'.
[  980.731847][T13583] syzkaller0: entered promiscuous mode
[  980.762939][T13583] syzkaller0: entered allmulticast mode
[ 1088.763160][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1088.770163][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P13601/2:b..l P12506/1:b..l
[ 1088.780134][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=66617, q=225 ncpus=2)
[ 1088.787861][    C0] task:syz-executor    state:R  running task     stack:21736 pid:12506 ppid:12478  flags:0x00004002
[ 1088.800380][    C0] Call Trace:
[ 1088.803676][    C0]  <TASK>
[ 1088.806649][    C0]  __schedule+0x1553/0x45a0
[ 1088.811284][    C0]  ? __lock_acquire+0x1347/0x7d40
[ 1088.816365][    C0]  ? asan.module_dtor+0x20/0x20
[ 1088.821228][    C0]  ? mark_lock+0x94/0x320
[ 1088.825572][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1088.831576][    C0]  ? preempt_schedule_irq+0xb4/0x150
[ 1088.836873][    C0]  preempt_schedule_irq+0xbf/0x150
[ 1088.841995][    C0]  ? preempt_schedule_notrace+0x110/0x110
[ 1088.847722][    C0]  ? verify_lock_unused+0x140/0x140
[ 1088.852935][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[ 1088.858765][    C0]  irqentry_exit+0x67/0x70
[ 1088.863217][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1088.869221][    C0] RIP: 0010:__kasan_check_read+0xa/0x20
[ 1088.874813][    C0] Code: 48 c7 c7 c4 ad a2 8c 4c 89 e6 eb 0a 48 c7 c7 0e 78 84 8c 48 89 de e8 b5 81 9b 08 31 ed eb d4 cc f3 0f 1e fa 89 f6 48 8b 0c 24 <31> d2 e9 df ea ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00
[ 1088.894429][    C0] RSP: 0018:ffffc9000cc6f4f8 EFLAGS: 00000246
[ 1088.900510][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff81682ae7
[ 1088.908500][    C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8e8b19a8
[ 1088.916500][    C0] RBP: ffffc9000cc6f610 R08: 0000000000000000 R09: 0000000000000000
[ 1088.924488][    C0] R10: dffffc0000000000 R11: fffff9400025640f R12: 1ffff9200198deac
[ 1088.932558][    C0] R13: ffffffff8d1320e0 R14: 0000000000000000 R15: dffffc0000000000
[ 1088.940550][    C0]  ? lock_acquire+0xb7/0x420
[ 1088.945164][    C0]  ? lock_chain_count+0x20/0x20
[ 1088.950020][    C0]  lock_acquire+0xb7/0x420
[ 1088.954465][    C0]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[ 1088.960415][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[ 1088.965624][    C0]  ? read_lock_is_recursive+0x20/0x20
[ 1088.971006][    C0]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[ 1088.976912][    C0]  ? _raw_spin_unlock+0x40/0x40
[ 1088.981772][    C0]  ? do_syscall_64+0x55/0xa0
[ 1088.986370][    C0]  ? page_ext_get+0x22/0x2b0
[ 1088.990971][    C0]  page_ext_get+0x3e/0x2b0
[ 1088.995397][    C0]  ? page_ext_get+0x22/0x2b0
[ 1089.000011][    C0]  __reset_page_owner+0x2e/0x190
[ 1089.004980][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1089.009780][    C0]  free_unref_page_prepare+0x7b2/0x8c0
[ 1089.015312][    C0]  free_unref_page_list+0xbe/0x860
[ 1089.020444][    C0]  ? __folio_memcg+0x63/0x160
[ 1089.025156][    C0]  ? folio_memcg+0x127/0x480
[ 1089.029772][    C0]  release_pages+0x1f7a/0x2200
[ 1089.034574][    C0]  ? lru_cache_disable+0x30/0x30
[ 1089.039522][    C0]  ? do_raw_spin_unlock+0x121/0x230
[ 1089.044743][    C0]  __folio_batch_release+0x71/0xe0
[ 1089.049865][    C0]  shmem_undo_range+0x630/0x1b20
[ 1089.054825][    C0]  ? shmem_truncate_range+0xa0/0xa0
[ 1089.060056][    C0]  ? inode_wait_for_writeback+0x1e3/0x230
[ 1089.065810][    C0]  ? __lock_acquire+0x7d40/0x7d40
[ 1089.072071][    C0]  ? do_raw_spin_lock+0x11f/0x2c0
[ 1089.077129][    C0]  shmem_evict_inode+0x245/0x9e0
[ 1089.082092][    C0]  ? inode_wait_for_writeback+0x1e3/0x230
[ 1089.087836][    C0]  ? shmem_free_in_core_inode+0xb0/0xb0
[ 1089.093493][    C0]  ? sb_clear_inode_writeback+0x360/0x360
[ 1089.099233][    C0]  ? do_raw_spin_lock+0x11f/0x2c0
[ 1089.104283][    C0]  ? bit_waitqueue+0x30/0x30
[ 1089.108923][    C0]  ? do_raw_spin_unlock+0x121/0x230
[ 1089.114136][    C0]  ? shmem_free_in_core_inode+0xb0/0xb0
[ 1089.119691][    C0]  evict+0x4ca/0x8d0
[ 1089.123603][    C0]  ? proc_nr_inodes+0x230/0x230
[ 1089.128463][    C0]  ? do_raw_spin_unlock+0x121/0x230
[ 1089.133679][    C0]  ? _raw_spin_unlock+0x28/0x40
[ 1089.138540][    C0]  ? iput+0x706/0x920
[ 1089.142538][    C0]  do_unlinkat+0x38c/0x590
[ 1089.146967][    C0]  ? fsnotify_link_count+0xf0/0xf0
[ 1089.152094][    C0]  ? getname_flags+0x20a/0x500
[ 1089.156878][    C0]  __x64_sys_unlink+0x49/0x50
[ 1089.161582][    C0]  do_syscall_64+0x55/0xa0
[ 1089.166023][    C0]  ? clear_bhb_loop+0x40/0x90
[ 1089.170734][    C0]  ? clear_bhb_loop+0x40/0x90
[ 1089.175447][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1089.181395][    C0] RIP: 0033:0x7fa56979bf47
[ 1089.185823][    C0] RSP: 002b:00007ffdfdb14838 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
[ 1089.194253][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa56979bf47
[ 1089.202238][    C0] RDX: 00007ffdfdb14860 RSI: 00007ffdfdb148f0 RDI: 00007ffdfdb148f0
[ 1089.210223][    C0] RBP: 00007ffdfdb148f0 R08: 00007ffdfdb158f0 R09: 00000000ffffffff
[ 1089.218205][    C0] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffdfdb15980
[ 1089.226191][    C0] R13: 00007fa5698321ca R14: 00000000000ef7a1 R15: 00007ffdfdb159c0
[ 1089.234185][    C0]  </TASK>
[ 1089.237212][    C0] task:dhcpcd-run-hook state:R  running task     stack:28744 pid:13601 ppid:13565  flags:0x00004002
[ 1089.248008][    C0] Call Trace:
[ 1089.251290][    C0]  <TASK>
[ 1089.254231][    C0]  __schedule+0x1553/0x45a0
[ 1089.258789][    C0]  ? asan.module_dtor+0x20/0x20
[ 1089.263656][    C0]  ? mark_lock+0x94/0x320
[ 1089.267998][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1089.274001][    C0]  ? preempt_schedule_irq+0xb4/0x150
[ 1089.279294][    C0]  preempt_schedule_irq+0xbf/0x150
[ 1089.284409][    C0]  ? preempt_schedule_notrace+0x110/0x110
[ 1089.290140][    C0]  ? mark_lock+0x94/0x320
[ 1089.294483][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[ 1089.300306][    C0]  irqentry_exit+0x67/0x70
[ 1089.304734][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1089.310725][    C0] RIP: 0010:lock_is_held_type+0x13e/0x190
[ 1089.316453][    C0] Code: 75 40 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 75 46 41 f7 c5 00 02 00 00 74 01 fb 65 48 8b 04 25 28 00 00 00 <48> 3b 44 24 08 75 3c 89 e8 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f
[ 1089.336065][    C0] RSP: 0000:ffffc9000460f9e8 EFLAGS: 00000206
[ 1089.342149][    C0] RAX: e73630ae2d22ba00 RBX: ffff88807e96da00 RCX: e73630ae2d22ba00
[ 1089.350141][    C0] RDX: ffff88807e96da00 RSI: ffffffff8acadb60 RDI: ffffffff8b1c8fa0
[ 1089.358206][    C0] RBP: 0000000000000001 R08: ffffea00003332b7 R09: 1ffffd4000066656
[ 1089.366187][    C0] R10: dffffc0000000000 R11: fffff94000066657 R12: 0000000000000001
[ 1089.374165][    C0] R13: 0000000000000246 R14: ffffffff8d1320e0 R15: ffff88807e96e508
[ 1089.382176][    C0]  xas_reload+0x19c/0x470
[ 1089.386524][    C0]  next_uptodate_folio+0x203/0xad0
[ 1089.391652][    C0]  filemap_map_pages+0x2c5/0x1970
[ 1089.396696][    C0]  ? filemap_map_pages+0x1d7/0x1970
[ 1089.401906][    C0]  ? filemap_read_folio+0x760/0x760
[ 1089.407137][    C0]  handle_mm_fault+0x3b05/0x4c00
[ 1089.412087][    C0]  ? handle_mm_fault+0xe7/0x4c00
[ 1089.417048][    C0]  ? lock_vma_under_rcu+0x549/0x680
[ 1089.422276][    C0]  ? numa_migrate_prep+0x350/0x350
[ 1089.427417][    C0]  do_user_addr_fault+0xac8/0x12c0
[ 1089.432568][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1089.437351][    C0]  exc_page_fault+0x64/0x100
[ 1089.441957][    C0]  asm_exc_page_fault+0x26/0x30
[ 1089.446816][    C0] RIP: 0033:0x7f9b3cecf9e0
[ 1089.451237][    C0] RSP: 002b:00007ffc054277c8 EFLAGS: 00010246
[ 1089.457313][    C0] RAX: 00007f9b3cd1cf40 RBX: 0000000000000000 RCX: 00007f9b3ce24f07
[ 1089.465290][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 1089.473267][    C0] RBP: 00007f9b3cd1cc80 R08: 00007f9b3cfb7b60 R09: 0000000000000000
[ 1089.481242][    C0] R10: 0000000000000008 R11: 0000000000000246 R12: 00007f9b3d0beb10
[ 1089.489223][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 00007f9b3d0beb10
[ 1089.497214][    C0]  </TASK>
[ 1089.500245][    C0] rcu: rcu_preempt kthread starved for 10464 jiffies! g66617 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1089.511445][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1089.521413][    C0] rcu: RCU grace-period kthread stack dump:
[ 1089.527297][    C0] task:rcu_preempt     state:R  running task     stack:27496 pid:17    ppid:2      flags:0x00004000
[ 1089.538089][    C0] Call Trace:
[ 1089.541394][    C0]  <TASK>
[ 1089.544341][    C0]  __schedule+0x1553/0x45a0
[ 1089.548887][    C0]  ? _raw_spin_unlock_irqrestore+0x51/0x120
[ 1089.554810][    C0]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[ 1089.560810][    C0]  ? asan.module_dtor+0x20/0x20
[ 1089.565685][    C0]  ? enqueue_timer+0x23d/0x550
[ 1089.570467][    C0]  ? __mod_timer+0x984/0xdb0
[ 1089.575088][    C0]  schedule+0xbd/0x170
[ 1089.579174][    C0]  schedule_timeout+0x188/0x2d0
[ 1089.584035][    C0]  ? console_conditional_schedule+0x40/0x40
[ 1089.589948][    C0]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[ 1089.595855][    C0]  ? update_process_times+0x1b0/0x1b0
[ 1089.601240][    C0]  ? prepare_to_swait_event+0x339/0x360
[ 1089.606809][    C0]  rcu_gp_fqs_loop+0x313/0x1590
[ 1089.611687][    C0]  ? dyntick_save_progress_counter+0x2b0/0x2b0
[ 1089.617853][    C0]  ? rcu_gp_init+0x1560/0x1560
[ 1089.622621][    C0]  ? rcu_gp_cleanup+0xb41/0xc90
[ 1089.627487][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1089.632698][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[ 1089.637909][    C0]  rcu_gp_kthread+0x9d/0x3b0
[ 1089.642509][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[ 1089.647658][    C0]  ? __kthread_parkme+0x7a/0x1c0
[ 1089.652706][    C0]  ? __kthread_parkme+0x162/0x1c0
[ 1089.657746][    C0]  kthread+0x2fa/0x390
[ 1089.661831][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[ 1089.666967][    C0]  ? kthread_blkcg+0xd0/0xd0
[ 1089.671572][    C0]  ret_from_fork+0x48/0x80
[ 1089.676006][    C0]  ? kthread_blkcg+0xd0/0xd0
[ 1089.680610][    C0]  ret_from_fork_asm+0x11/0x20
[ 1089.685483][    C0]  </TASK>
[ 1089.688508][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1089.694835][    C0] CPU: 0 PID: 42 Comm: kworker/u4:2 Not tainted syzkaller #0
[ 1089.702294][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1089.712362][    C0] Workqueue: events_unbound toggle_allocation_gate
[ 1089.718901][    C0] RIP: 0010:smp_call_function_many_cond+0xdfe/0x1140
[ 1089.725600][    C0] Code: 45 8b 2c 24 44 89 ee 83 e6 01 31 ff e8 cb f5 0a 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 06 f2 0a 00 eb 38 f3 90 <42> 0f b6 04 2b 84 c0 75 11 41 f7 04 24 01 00 00 00 74 1e e8 ea f1
[ 1089.745218][    C0] RSP: 0018:ffffc90000b2f780 EFLAGS: 00000293
[ 1089.751294][    C0] RAX: ffffffff817c3016 RBX: 1ffff110171e826d RCX: ffff888018eb1e00
[ 1089.759274][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1089.767250][    C0] RBP: ffffc90000b2f900 R08: ffffffff911c6507 R09: 1ffffffff2238ca0
[ 1089.775232][    C0] R10: dffffc0000000000 R11: fffffbfff2238ca1 R12: ffff8880b8f41368
[ 1089.783211][    C0] R13: dffffc0000000000 R14: ffff8880b8e3d148 R15: 0000000000000001
[ 1089.791188][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1089.800128][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1089.806714][    C0] CR2: 00007f123a14da08 CR3: 000000000cf32000 CR4: 00000000003506f0
[ 1089.814694][    C0] Call Trace:
[ 1089.818066][    C0]  <TASK>
[ 1089.821010][    C0]  ? text_poke_sync+0x30/0x30
[ 1089.825792][    C0]  ? smp_call_function_many+0x40/0x40
[ 1089.831179][    C0]  ? text_poke+0xc0/0xc0
[ 1089.835428][    C0]  ? __mutex_trylock_common+0x159/0x260
[ 1089.840985][    C0]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1089.847149][    C0]  ? text_poke_sync+0x30/0x30
[ 1089.851835][    C0]  on_each_cpu_cond_mask+0x3f/0x80
[ 1089.856962][    C0]  ? kmem_cache_alloc_bulk+0x12a/0x5a0
[ 1089.862439][    C0]  text_poke_bp_batch+0x31e/0x990
[ 1089.867489][    C0]  ? text_poke_loc_init+0x880/0x880
[ 1089.872703][    C0]  ? mutex_lock_nested+0x20/0x20
[ 1089.877646][    C0]  ? text_poke_queue+0x140/0x190
[ 1089.882599][    C0]  ? arch_jump_label_transform_queue+0x93/0x100
[ 1089.888862][    C0]  text_poke_finish+0x30/0x50
[ 1089.893558][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[ 1089.899554][    C0]  static_key_enable_cpuslocked+0x123/0x240
[ 1089.905458][    C0]  ? process_scheduled_works+0x96f/0x15d0
[ 1089.911188][    C0]  static_key_enable+0x1a/0x20
[ 1089.915962][    C0]  toggle_allocation_gate+0xa8/0x260
[ 1089.921262][    C0]  ? show_object+0x70/0x70
[ 1089.925691][    C0]  ? read_lock_is_recursive+0x20/0x20
[ 1089.931080][    C0]  ? process_scheduled_works+0x96f/0x15d0
[ 1089.936812][    C0]  ? process_scheduled_works+0x96f/0x15d0
[ 1089.942541][    C0]  process_scheduled_works+0xa5d/0x15d0
[ 1089.948126][    C0]  ? worker_attach_to_pool+0x380/0x380
[ 1089.953601][    C0]  ? assign_work+0x3d2/0x5d0
[ 1089.958208][    C0]  worker_thread+0xa55/0xfc0
[ 1089.962812][    C0]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[ 1089.968715][    C0]  ? _raw_spin_unlock+0x40/0x40
[ 1089.973574][    C0]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[ 1089.979495][    C0]  kthread+0x2fa/0x390
[ 1089.983578][    C0]  ? pr_cont_work+0x560/0x560
[ 1089.988268][    C0]  ? kthread_blkcg+0xd0/0xd0
[ 1089.992867][    C0]  ret_from_fork+0x48/0x80
[ 1089.997297][    C0]  ? kthread_blkcg+0xd0/0xd0
[ 1090.001902][    C0]  ret_from_fork_asm+0x11/0x20
[ 1090.006694][    C0]  </TASK>