last executing test programs:

18m52.798149039s ago: executing program 4 (id=1055):
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x3)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000810}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
io_uring_setup(0x5d59, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)={0xc8, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}]}, @CTA_EXPECT_MASK={0x3c, 0x3, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @remote}}}]}, @CTA_EXPECT_TUPLE={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @local}}}]}]}, 0xc8}}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$sock_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000080))
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e)
socket$nl_generic(0x10, 0x3, 0x10)

18m40.908269863s ago: executing program 4 (id=1075):
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x3)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000810}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
io_uring_setup(0x5d59, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)={0xc8, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}]}, @CTA_EXPECT_MASK={0x3c, 0x3, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @remote}}}]}, @CTA_EXPECT_TUPLE={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0}, {0x14, 0x4, @local}}}]}]}, 0xc8}}, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$sock_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000080))
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e)

18m36.116856515s ago: executing program 4 (id=1081):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140008000000000a000000"], 0x14}}, 0x40000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000001080)={'vxcan0\x00'})
socket$inet_sctp(0x2, 0x5, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0)
fanotify_init(0x20, 0x80000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x7b}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7b}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x64, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)

18m34.250452057s ago: executing program 4 (id=1084):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket(0x1, 0x803, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a3100000000080005400000"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)

18m32.842658485s ago: executing program 4 (id=1086):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x60008090)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000078000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000213c0011800a0001006c696d69740000002c0002800c00024000000000000000030c000140000000000000010108000540"], 0xc0}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6(0xa, 0x6, 0x10002)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="041817aaaaaaaa"], 0x1a)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
chdir(0x0)
chmod(&(0x7f0000000180)='./file0/file0\x00', 0x44)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@mpls_delroute={0x30, 0x18, 0x9, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_VIA={0x14, 0x13, {0x11, "8f997fa6ce8400a0286048c10b6b"}}]}, 0x30}}, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0xd)

18m31.070839735s ago: executing program 4 (id=1087):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f00000000c0))
ppoll(&(0x7f0000000080)=[{r0, 0x5300}], 0x1, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$packet(0x11, 0x2, 0x300)

18m15.458640581s ago: executing program 32 (id=1087):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f00000000c0))
ppoll(&(0x7f0000000080)=[{r0, 0x5300}], 0x1, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$packet(0x11, 0x2, 0x300)

15m43.271617087s ago: executing program 0 (id=1387):
r0 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e24, 0x14, @loopback}], 0x1c)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000080)={0x7ff, 0x10, 0x8, 0x2}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000240)={0x0, 0x4}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x44004, &(0x7f0000000040)={0xa, 0x4e24, 0x7, @loopback, 0xc5f}, 0x1c)

15m43.173592776s ago: executing program 0 (id=1388):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6(0x10, 0x2, 0x0)
r2 = dup(r0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, &(0x7f00000000c0)={0x0, 0x50424752, 0x2, @stepwise={0x5, 0xbc, 0x4, 0x766, 0x6, 0x2}})
syz_emit_vhci(&(0x7f0000001880)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x4}}, 0x9)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r4, 0x50009417, &(0x7f000001b000)={{r1}, 0x0, 0x2, @unused=[0x2, 0x9, 0x8000000000000001, 0x4], @name="f3a0f0cfc763c77a7de87677d90c3a363065bd7be19cc23f0a9008d396c8ca67a8439b542c7344d424a8500ccb23c36dda95cbbbce35c704610175ab859179926970081905dc022e2da7b2d83316908f99e2325b4a7fca51dd4b7ac2eb5ac000bc9111bf1725e8ca864a3f017550c9139a87ffd6897bcf22d70c705fa399386589476a1aab2e8062316fbd5e99a7101b2d0fb3e943fd813087c02db32637872c64389075173fc9d7906d4a372d05808ac223e71a98437941316cc3315c35da358609dd6d88011ea4f6bc0c16da0375aa36a3a98ab8172016455b1e1c0e55b4ed3d01ebbd9035dc76fea5392384c7c9deb793e5af526a1cb8bcbaf8d8fd60b7c1172f3d729e2d4208238c27ce0ce1681931f8b56da142f4d6be52fc4c287652c5a5c497fd1d8bbad943b002c4a351a17a80fa984ba8db6c2acdc2be327e8b06050631050c6239ac7f535b23c16d288207d24d9a18c9cbc14c481182c8186edf395d3f592473c2c0e6c8a48a460bba3fd37ea601b3304d713b511f3158c1fca92c0f23cda55f9a91f06037a5c8c81a2e8229624d6f1f4534e8b093a65681fa546fae8dc7a7fd0e6d80512e5d3225c95d6dc784608d97d92d6856bad0732aee080bd94a6c40fc936525c65df8acd0eef46dd8b681efa66b4a67ff39f34f70b9fc1fd50e01b4ecd1ab1e3fe2a344816184f3eb185feb635181b278cf6c1a9a7c037e494e27950d37b170bd1909db691c1304d4b1a56358cdc8c0deda2264c65f23540be80e582f01f6d55b28f27b2ed75de501e2dcf1f4972a92312d4ed82fc322ab318aac9bd43b8df9ce7d8187af65455419a78a316ec5de79e9786a15833de375a7c21d617b91463e35bf885bd553a4109e1bbb3ac13602ca77d078210fd521e8161afa2e26742295e3a12cfd7b846983c1dade9bda279ef2f1d5e32a5a41ac97f3317c524b22736290636bd96d128aee52e0e91227c8604acccbf1488de6c919ffd84477b380a3b3b296bb45c3f301a392d820f6bbcbb63d3236bd9b4508547eb543d02c1d26cd7bd7bc988cf681d4292f88f844b16d0232de6d96c97b098de92c7c8d772a2c281220c3069a1f1b07c5a13169bfd98679e2dd814a651143519a0db21e2e657772be7ceaf1fc673c095af7b472c67050183c31794401d1e2c59be6eca06d27d00e28386b50d29ff9a1d93e163afe06f0f34ab3c7567ee866275d845619285eb0ce0105114776f7eb57146d5d30bfa370670591310bb1d227184ad43519d8c67c0f457b79941b73b04fa2e3af66a309929ef058a2d4aa89828a6fb4c7e741d487a6f14e14975053dc497fe58e49461e0d6ebc73132b84474d4be82eab055cd5e7ae28ef5712fc03ccb947c0018c74c424bbf4d3e4ee7c416c2010c75f7e80904dbc1675d7ff85b5738a7de002b2f072520f7d0f7d1319874bf082b7f630f6531fee53613c9fbb93d977556d8c0a255058947fccf03630882726e0100e7165523fac4040d52d1b5305b12a508fa2c499afde71f8703962b5645bdf69f9695e981c6e571fd4bdc66256d6b1b346d704bea88386f7a585eb4fa377eb2865ab4736b861b064bca2bf9afc6bfb0e2aba72f52670acdb27760dd61b4062fc7cb65fc09a45c22d84ad39892f0d192db1270d6ff00f4173ca51c4de955c812c8f4b3adf978c6d6dd92a840fced6a3163ff95507b300906ab92a1a8e3652f04102efc5d7644ca37cfc6f00d7ec5de904e9e6c693d7b225f9677822d225b5d062bb2fb2e9e6ba9f96ffe16a01aaefe2eba6fa58a82e3faeec580159c7620b7eaf5d54fe12e6b4a0e17b57802b113a4363a00957beb369bb1f52842ca15cf3772eb203bda6f40c47158736fa2489cbb8b930052d31097cde77fd717223a783666d21bcc0eb672bb52e90fc30e38a8e8a67613e1bcc9a4f4dc4b59e39d0ef3f022d41be0230e7bba34afe3fa4075768191c912585ceb09b3f31af22b303ec9679ae2c5820e967e5ed96cd23de49e07538176f4327afd9d6763c72857e1c4fcbf305ce1f4fde7d1947acc49df1bd806f9b97678e512ad2e14034c35712eb362b5bfa30675706d5b405a2b12f2106e64bc04e72c293353e69ddd588ad4127ef37321f1dc2ac42a31d2e9f8d82ebd322c79880c85f394588d713426baa6aec8b1aa4aad2e7cfdf4e208ec383a9553610e1f10cf9a3720b81a228b30cff9fcd76fa68ef68fdde3f6cdc5812324f88f95ba3b378ba27c8e261e9df2b03047866459a931837b1967aed1ff2b5768227e6ae2564681f112e12fbe53b3341aa837bd40d45819857913abbedb189647131124845ac8e37670e5ac5668794812fc7cc2d3878288ef677c47bf0db145eca76b9b416e60850f1f2d0c8d9dd5dd02fd942a5bfde3180cedb431e30f54afa39e7d4f3007f3addd2def8610411ed32b0ed94346b970143aec5098c8345fdd683f20e56323a85b4a25d7e7781902c18bf063d4648473c04d2832d7b01976182c13671340964e3472b329d52e491f8f05161812fa3f328cb023ed1d2f544ec6cefb939c32f31e3a328ef82dfdf8b47ee9d388b880123f3fcbe7bd757251f24230dd68b2b60fe52d52f90b5f192d5c08a5421adae2c066fa86d10af9c017fdf0d6d062356278639139059c5ba9c0b4ab7cf4989f12cd4c1bd1e2414c79bc6b68ac1d695b61770e68af01545a4760c040e91128d05bf735e92f50d03660c7c0fca7b545198e6f1a92ebc2781405968d885d1ed1d3d1a8408c510dc5afc7e076e5a001263d12f26406f9b9a75936bf5aae8340ad713f62dc0f8df03c5b3054e0f2cd6b744fd4e882926c87d76a5cbb5f41f8a86dfa5cfe066ded48cc56364185e50f709e6b27e60b77f2b825c03f13d0ae600de853c280f32039609b0b699915595e20ee1f0cb3b5ab71c2c11b2122908447fdaf0651e29614bfa2fc437e5823d7710a31ed6484f95b68ff4b94035fba7d26434c6c35d801c14827233d21f3162427628447446accecee2b29886af43ea89775a923dfbd15921e26fa8e648608ff40c06596ae238cd653029a6b7f04fd3b6298e4d8f1e06d9e4682f8221fd883f53968a6e31b9372d855ad76eec46387f1442e299ec2bfe295bc43715a0320fde5badb79b42a283a41af323d83f37b14819dd7ce77017b0bf9800d6566344f45a1b1947521cc0846527073ac82c3a9ad03ff4a3e57c767617209e8cf86780e014be95443bf68cd83157d0a4559e41c2e88d2939aea591afe0855a6fa08cf93c3843ced5d185bb62ec05e18f6bb5c787c3068277434d87cc7e097c26b995f80f008c378e30229fa3de04a878a646c8129afc7d4dea661e84546839bd6fbad7967d6908d669d02741c847471fc418631822b4a3f757e8676f77d00db3848eca9cb0da43b11dc16edf748210654f88718f4e2d2c988e5a8ed6348ce00781cbd71472e08cb5baae8e71dc09741e2115f7bd13937543399b3729e09b960974706c2645ed1a6539c0726411b9b58af1b2ac7dc7aea436a9c7176440c23e08eb7406ed3c0aef7333ffe1fd3bafae467acc704803eb2ea74d128f1f175a350aa0d5a849654b94463bcb6e20a4d3481fcd51cf5866e5abb381567a949d42342ba0d3a6b01ce9a08d0bdeccd21f7c20d0020c82a3256c4ea5e8c7b37c5bcc08a7427004d7b39abec77491d6b1f34786f2cb844aec2e8b12173300030681b3906edc0b5e26629205630068c6d5047fea95c061f8e17d7e478e1392df5a445f50f8d65ea9b9ae05c384e72323c22694fd1f6597b7d3e130b434163bebd02a6fb1d49d340aae065ed14a6fd7aa248cc4809a47b6c67ee6d7145379172eab865e7ba8f140465aff89bbb9b7804705f8c24e2f8f24b457afbd47aca33492cc85f4295d703a123c71d4b4fea18b00e4c970ece5c0dbc3d9a466993c035106bae1a4df30677755af9b99769dd80749bda57132a4f7e70d285da72d2d3267ca977b690a5dc00061adb3139d47f623d91fae91650d6bd885efc9fa6687fd228f8b6a1f5276334601dcbf3fb4a0c1a84c18a46206d1d47d0bd417a83da343eb08edd191d47e5a4b655fabc4cf4e0dc0d8345d5257e50c1ecd47b38ccbb4089118a75b5eef8b22ba9e31254b531914cff5cc5f26eebcad9de56dc0307c06d26fefa2cca3bab6b45da6b75f18bfe556b6dec9d4d2e8571a6646a5ab84abbbb18e5cfe8cc681f0551f4d44e7efae7e23a158f6f2cd7e40c15559690ea28113a11fefbed50575d2bd5ac16431f36e656e1213074e965a78e6e1c960699e6c43582f623570aa786db097f036b9301c53ea92c2e2c356c200465f34684310ddaf380f3029583b7ba614630d5316780d66eea5cbdb5130f3fc106c7e285c5849460f0d881ae1ed99508171c6c1f9b96d9986de20ca3b1865cd43a48e04c7eee601b250c76473d96da7a77dc6701fabee796fb10badc119b1a2d029a4cb45567751a488547677927df8b8b3ceea315319d792d46337247b2ff198a45dc39e73f13ce1c74c509968ce302db17599077ef7f198a821e3ea5396863bff4ad5437230f2e65abc607c6441c463798ca937b0e7ab237764607e775b42514d01cbc32e7ec11003fb9d5643c5549f6b0e076fd1276936c4e21553d225db6a742da295e62785a059e23d76ff6af7adf190d0be3ae8dc1a0353eff9f144c0237715d70ece84956a193d48413fffb4418cb934f2ffca94307f1528eba66a0bcbc8babd105d24b19b807151d07b8e633622a9effc1056ebd20ff2518bcdd25a2c444b6a2792f671eb8c99026e1a49cd4598532a9e3e8bbe08fc0d6cd6a57d648eb4a524184dd921e039498616cc7771a232d658dee29e6d747da70307dc9fe8d03da298e498db16f92260ce5677f2633799811d025214b2e52ee0f0b39f39a2ae38858d4245223bdca196f274bed2f0d1a05ef59912c03db3bf8f1ab2d44a4de330c040350365f03d3b1fbfbf6d027efcf07f27171648929106d05bc444ff72f285d8cf38ebd8fad82667afb90d89d938102c8dbb54cc7e3c7f23b6105e57855df3973b546af5996a7601e0b57be199e071bcfcc7bc4da836c3103016bf80c1099af6c7d673126bb41f3eea2e617927658c2decb07fc393c3ae87c0e72af474450082128d6953af1b354563fc033b83f21c7b049b43e5e003ae6e5c59311a8f2c7a01973b7beec3ce382665a8514b91c79c08bb9c26b4c7c7ab159bb70ac887de205b32b12829ad7bfd9889f1a12d205a97ff9b51523161f519ec9be6bc443507c69e490be953c702ad9253c92047e01f74a8a53831be91ece84f570b2660a319766ba34c106365c6073506ad30cd0301b11af1944fdaf7c5a072433bee5e9a235ab31d9b0853295add5669c392752c23671fdf4d30dd71a2f90951024f93c5d883e56f00eb47b2d9f8dfa01b5123bafeea9dceeb3c151911cfd67f5711be33e7e13c7f2b457e5eac32606673db131f2c18a16599fedc4930963591bd533ce39c932ec2d2d80463eda6ecfebf5222a166d5d0414c76466eb26f243f5440c35efb08f389d31fd84ffa41f7af9c58e55c1ce5aef396050f1e43e361120c125c165a82591819c1d74f4839fde616456dfea9871058430713fcbd6d4e2357c4fb5965a501262d47c31dee8e1c5bb52f8a89cd5bf13c8796a75bc4101a68f84784d595c599c0f211539ecb366f6523829803d5f0cf4a"})
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000200)={0x6, <r6=>0x0, 0x1})
ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000001c0)={0x0, r6})
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
sendmsg$NFT_MSG_GETOBJ_RESET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})
r8 = syz_open_procfs$namespace(0x0, 0x0)
ioctl$NS_GET_PARENT(r8, 0xb702, 0x0)
r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103", @ANYRES8=r3], 0x0)
syz_usb_control_io$hid(r9, &(0x7f0000000240)={0x24, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r9, 0x0, &(0x7f0000001200)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x0, 0x4, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

15m37.663591969s ago: executing program 0 (id=1398):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt(r0, 0x200000000114, 0x2715, 0x0, &(0x7f0000000000))
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x181200, 0x0)
socket$inet(0x2, 0x3, 0xd)
socket$xdp(0x2c, 0x3, 0x0)
socket$kcm(0x29, 0x5, 0x0)
ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000080))
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
close(0x3)

15m37.579399351s ago: executing program 0 (id=1400):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, 0x0, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xa43d, 0x80, 0x2, 0x3b9}, &(0x7f0000000000), &(0x7f0000000280))

15m35.728514235s ago: executing program 0 (id=1401):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x10000005)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r5, 0x400, 0x0)
fcntl$setlease(r5, 0x400, 0x2)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x2000000, @private1={0xfc, 0x1, '\x00', 0x1}, 0x9}]}, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r7, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r6, 0x84, 0x70, &(0x7f0000000140)={r8, @in={{0x2, 0x4e22, @empty}}, [0x4, 0x0, 0xffffffffffff0000, 0x2, 0x9, 0x100000000, 0xef, 0x9, 0x8, 0x1ff, 0x10000, 0x2, 0x9, 0x7, 0x6]}, &(0x7f0000000240)=0x100)
r9 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r9, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r9, 0x40946400, &(0x7f0000000340)={'aio_iiro_16\x00', [0x8005, 0xb, 0x0, 0x7a55f50e, 0x27, 0xcc6, 0xb, 0x7, 0x3, 0xff, 0x0, 0x0, 0x4000000a, 0x6, 0xa991, 0x2009, 0xfffffffe, 0x40ed, 0x43, 0x40000003, 0x89, 0x6beab93e, 0xf27, 0x6, 0x800b, 0x9, 0x5, 0x0, 0x4fa7f95b, 0x5, 0x514b]})
setsockopt$inet_sctp_SCTP_CONTEXT(r5, 0x84, 0x11, 0x0, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0)

15m30.800252739s ago: executing program 0 (id=1407):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6(0x10, 0x2, 0x0)
r2 = dup(r0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, &(0x7f00000000c0)={0x0, 0x50424752, 0x2, @stepwise={0x5, 0xbc, 0x4, 0x766, 0x6, 0x2}})
syz_emit_vhci(&(0x7f0000001880)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x4}}, 0x9)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r4, 0x50009417, &(0x7f000001b000)={{r1}, 0x0, 0x2, @unused=[0x2, 0x9, 0x8000000000000001, 0x4], @name="f3a0f0cfc763c77a7de87677d90c3a363065bd7be19cc23f0a9008d396c8ca67a8439b542c7344d424a8500ccb23c36dda95cbbbce35c704610175ab859179926970081905dc022e2da7b2d83316908f99e2325b4a7fca51dd4b7ac2eb5ac000bc9111bf1725e8ca864a3f017550c9139a87ffd6897bcf22d70c705fa399386589476a1aab2e8062316fbd5e99a7101b2d0fb3e943fd813087c02db32637872c64389075173fc9d7906d4a372d05808ac223e71a98437941316cc3315c35da358609dd6d88011ea4f6bc0c16da0375aa36a3a98ab8172016455b1e1c0e55b4ed3d01ebbd9035dc76fea5392384c7c9deb793e5af526a1cb8bcbaf8d8fd60b7c1172f3d729e2d4208238c27ce0ce1681931f8b56da142f4d6be52fc4c287652c5a5c497fd1d8bbad943b002c4a351a17a80fa984ba8db6c2acdc2be327e8b06050631050c6239ac7f535b23c16d288207d24d9a18c9cbc14c481182c8186edf395d3f592473c2c0e6c8a48a460bba3fd37ea601b3304d713b511f3158c1fca92c0f23cda55f9a91f06037a5c8c81a2e8229624d6f1f4534e8b093a65681fa546fae8dc7a7fd0e6d80512e5d3225c95d6dc784608d97d92d6856bad0732aee080bd94a6c40fc936525c65df8acd0eef46dd8b681efa66b4a67ff39f34f70b9fc1fd50e01b4ecd1ab1e3fe2a344816184f3eb185feb635181b278cf6c1a9a7c037e494e27950d37b170bd1909db691c1304d4b1a56358cdc8c0deda2264c65f23540be80e582f01f6d55b28f27b2ed75de501e2dcf1f4972a92312d4ed82fc322ab318aac9bd43b8df9ce7d8187af65455419a78a316ec5de79e9786a15833de375a7c21d617b91463e35bf885bd553a4109e1bbb3ac13602ca77d078210fd521e8161afa2e26742295e3a12cfd7b846983c1dade9bda279ef2f1d5e32a5a41ac97f3317c524b22736290636bd96d128aee52e0e91227c8604acccbf1488de6c919ffd84477b380a3b3b296bb45c3f301a392d820f6bbcbb63d3236bd9b4508547eb543d02c1d26cd7bd7bc988cf681d4292f88f844b16d0232de6d96c97b098de92c7c8d772a2c281220c3069a1f1b07c5a13169bfd98679e2dd814a651143519a0db21e2e657772be7ceaf1fc673c095af7b472c67050183c31794401d1e2c59be6eca06d27d00e28386b50d29ff9a1d93e163afe06f0f34ab3c7567ee866275d845619285eb0ce0105114776f7eb57146d5d30bfa370670591310bb1d227184ad43519d8c67c0f457b79941b73b04fa2e3af66a309929ef058a2d4aa89828a6fb4c7e741d487a6f14e14975053dc497fe58e49461e0d6ebc73132b84474d4be82eab055cd5e7ae28ef5712fc03ccb947c0018c74c424bbf4d3e4ee7c416c2010c75f7e80904dbc1675d7ff85b5738a7de002b2f072520f7d0f7d1319874bf082b7f630f6531fee53613c9fbb93d977556d8c0a255058947fccf03630882726e0100e7165523fac4040d52d1b5305b12a508fa2c499afde71f8703962b5645bdf69f9695e981c6e571fd4bdc66256d6b1b346d704bea88386f7a585eb4fa377eb2865ab4736b861b064bca2bf9afc6bfb0e2aba72f52670acdb27760dd61b4062fc7cb65fc09a45c22d84ad39892f0d192db1270d6ff00f4173ca51c4de955c812c8f4b3adf978c6d6dd92a840fced6a3163ff95507b300906ab92a1a8e3652f04102efc5d7644ca37cfc6f00d7ec5de904e9e6c693d7b225f9677822d225b5d062bb2fb2e9e6ba9f96ffe16a01aaefe2eba6fa58a82e3faeec580159c7620b7eaf5d54fe12e6b4a0e17b57802b113a4363a00957beb369bb1f52842ca15cf3772eb203bda6f40c47158736fa2489cbb8b930052d31097cde77fd717223a783666d21bcc0eb672bb52e90fc30e38a8e8a67613e1bcc9a4f4dc4b59e39d0ef3f022d41be0230e7bba34afe3fa4075768191c912585ceb09b3f31af22b303ec9679ae2c5820e967e5ed96cd23de49e07538176f4327afd9d6763c72857e1c4fcbf305ce1f4fde7d1947acc49df1bd806f9b97678e512ad2e14034c35712eb362b5bfa30675706d5b405a2b12f2106e64bc04e72c293353e69ddd588ad4127ef37321f1dc2ac42a31d2e9f8d82ebd322c79880c85f394588d713426baa6aec8b1aa4aad2e7cfdf4e208ec383a9553610e1f10cf9a3720b81a228b30cff9fcd76fa68ef68fdde3f6cdc5812324f88f95ba3b378ba27c8e261e9df2b03047866459a931837b1967aed1ff2b5768227e6ae2564681f112e12fbe53b3341aa837bd40d45819857913abbedb189647131124845ac8e37670e5ac5668794812fc7cc2d3878288ef677c47bf0db145eca76b9b416e60850f1f2d0c8d9dd5dd02fd942a5bfde3180cedb431e30f54afa39e7d4f3007f3addd2def8610411ed32b0ed94346b970143aec5098c8345fdd683f20e56323a85b4a25d7e7781902c18bf063d4648473c04d2832d7b01976182c13671340964e3472b329d52e491f8f05161812fa3f328cb023ed1d2f544ec6cefb939c32f31e3a328ef82dfdf8b47ee9d388b880123f3fcbe7bd757251f24230dd68b2b60fe52d52f90b5f192d5c08a5421adae2c066fa86d10af9c017fdf0d6d062356278639139059c5ba9c0b4ab7cf4989f12cd4c1bd1e2414c79bc6b68ac1d695b61770e68af01545a4760c040e91128d05bf735e92f50d03660c7c0fca7b545198e6f1a92ebc2781405968d885d1ed1d3d1a8408c510dc5afc7e076e5a001263d12f26406f9b9a75936bf5aae8340ad713f62dc0f8df03c5b3054e0f2cd6b744fd4e882926c87d76a5cbb5f41f8a86dfa5cfe066ded48cc56364185e50f709e6b27e60b77f2b825c03f13d0ae600de853c280f32039609b0b699915595e20ee1f0cb3b5ab71c2c11b2122908447fdaf0651e29614bfa2fc437e5823d7710a31ed6484f95b68ff4b94035fba7d26434c6c35d801c14827233d21f3162427628447446accecee2b29886af43ea89775a923dfbd15921e26fa8e648608ff40c06596ae238cd653029a6b7f04fd3b6298e4d8f1e06d9e4682f8221fd883f53968a6e31b9372d855ad76eec46387f1442e299ec2bfe295bc43715a0320fde5badb79b42a283a41af323d83f37b14819dd7ce77017b0bf9800d6566344f45a1b1947521cc0846527073ac82c3a9ad03ff4a3e57c767617209e8cf86780e014be95443bf68cd83157d0a4559e41c2e88d2939aea591afe0855a6fa08cf93c3843ced5d185bb62ec05e18f6bb5c787c3068277434d87cc7e097c26b995f80f008c378e30229fa3de04a878a646c8129afc7d4dea661e84546839bd6fbad7967d6908d669d02741c847471fc418631822b4a3f757e8676f77d00db3848eca9cb0da43b11dc16edf748210654f88718f4e2d2c988e5a8ed6348ce00781cbd71472e08cb5baae8e71dc09741e2115f7bd13937543399b3729e09b960974706c2645ed1a6539c0726411b9b58af1b2ac7dc7aea436a9c7176440c23e08eb7406ed3c0aef7333ffe1fd3bafae467acc704803eb2ea74d128f1f175a350aa0d5a849654b94463bcb6e20a4d3481fcd51cf5866e5abb381567a949d42342ba0d3a6b01ce9a08d0bdeccd21f7c20d0020c82a3256c4ea5e8c7b37c5bcc08a7427004d7b39abec77491d6b1f34786f2cb844aec2e8b12173300030681b3906edc0b5e26629205630068c6d5047fea95c061f8e17d7e478e1392df5a445f50f8d65ea9b9ae05c384e72323c22694fd1f6597b7d3e130b434163bebd02a6fb1d49d340aae065ed14a6fd7aa248cc4809a47b6c67ee6d7145379172eab865e7ba8f140465aff89bbb9b7804705f8c24e2f8f24b457afbd47aca33492cc85f4295d703a123c71d4b4fea18b00e4c970ece5c0dbc3d9a466993c035106bae1a4df30677755af9b99769dd80749bda57132a4f7e70d285da72d2d3267ca977b690a5dc00061adb3139d47f623d91fae91650d6bd885efc9fa6687fd228f8b6a1f5276334601dcbf3fb4a0c1a84c18a46206d1d47d0bd417a83da343eb08edd191d47e5a4b655fabc4cf4e0dc0d8345d5257e50c1ecd47b38ccbb4089118a75b5eef8b22ba9e31254b531914cff5cc5f26eebcad9de56dc0307c06d26fefa2cca3bab6b45da6b75f18bfe556b6dec9d4d2e8571a6646a5ab84abbbb18e5cfe8cc681f0551f4d44e7efae7e23a158f6f2cd7e40c15559690ea28113a11fefbed50575d2bd5ac16431f36e656e1213074e965a78e6e1c960699e6c43582f623570aa786db097f036b9301c53ea92c2e2c356c200465f34684310ddaf380f3029583b7ba614630d5316780d66eea5cbdb5130f3fc106c7e285c5849460f0d881ae1ed99508171c6c1f9b96d9986de20ca3b1865cd43a48e04c7eee601b250c76473d96da7a77dc6701fabee796fb10badc119b1a2d029a4cb45567751a488547677927df8b8b3ceea315319d792d46337247b2ff198a45dc39e73f13ce1c74c509968ce302db17599077ef7f198a821e3ea5396863bff4ad5437230f2e65abc607c6441c463798ca937b0e7ab237764607e775b42514d01cbc32e7ec11003fb9d5643c5549f6b0e076fd1276936c4e21553d225db6a742da295e62785a059e23d76ff6af7adf190d0be3ae8dc1a0353eff9f144c0237715d70ece84956a193d48413fffb4418cb934f2ffca94307f1528eba66a0bcbc8babd105d24b19b807151d07b8e633622a9effc1056ebd20ff2518bcdd25a2c444b6a2792f671eb8c99026e1a49cd4598532a9e3e8bbe08fc0d6cd6a57d648eb4a524184dd921e039498616cc7771a232d658dee29e6d747da70307dc9fe8d03da298e498db16f92260ce5677f2633799811d025214b2e52ee0f0b39f39a2ae38858d4245223bdca196f274bed2f0d1a05ef59912c03db3bf8f1ab2d44a4de330c040350365f03d3b1fbfbf6d027efcf07f27171648929106d05bc444ff72f285d8cf38ebd8fad82667afb90d89d938102c8dbb54cc7e3c7f23b6105e57855df3973b546af5996a7601e0b57be199e071bcfcc7bc4da836c3103016bf80c1099af6c7d673126bb41f3eea2e617927658c2decb07fc393c3ae87c0e72af474450082128d6953af1b354563fc033b83f21c7b049b43e5e003ae6e5c59311a8f2c7a01973b7beec3ce382665a8514b91c79c08bb9c26b4c7c7ab159bb70ac887de205b32b12829ad7bfd9889f1a12d205a97ff9b51523161f519ec9be6bc443507c69e490be953c702ad9253c92047e01f74a8a53831be91ece84f570b2660a319766ba34c106365c6073506ad30cd0301b11af1944fdaf7c5a072433bee5e9a235ab31d9b0853295add5669c392752c23671fdf4d30dd71a2f90951024f93c5d883e56f00eb47b2d9f8dfa01b5123bafeea9dceeb3c151911cfd67f5711be33e7e13c7f2b457e5eac32606673db131f2c18a16599fedc4930963591bd533ce39c932ec2d2d80463eda6ecfebf5222a166d5d0414c76466eb26f243f5440c35efb08f389d31fd84ffa41f7af9c58e55c1ce5aef396050f1e43e361120c125c165a82591819c1d74f4839fde616456dfea9871058430713fcbd6d4e2357c4fb5965a501262d47c31dee8e1c5bb52f8a89cd5bf13c8796a75bc4101a68f84784d595c599c0f211539ecb366f6523829803d5f0cf4a"})
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000200)={0x6, <r6=>0x0, 0x1})
ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000001c0)={0x0, r6})
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
sendmsg$NFT_MSG_GETOBJ_RESET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})
r8 = syz_open_procfs$namespace(0x0, 0x0)
ioctl$NS_GET_PARENT(r8, 0xb702, 0x0)
r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103", @ANYRES8=r3], 0x0)
syz_usb_control_io$hid(r9, &(0x7f0000000240)={0x24, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)

15m13.199260998s ago: executing program 33 (id=1407):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6(0x10, 0x2, 0x0)
r2 = dup(r0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, &(0x7f00000000c0)={0x0, 0x50424752, 0x2, @stepwise={0x5, 0xbc, 0x4, 0x766, 0x6, 0x2}})
syz_emit_vhci(&(0x7f0000001880)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x4}}, 0x9)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r4, 0x50009417, &(0x7f000001b000)={{r1}, 0x0, 0x2, @unused=[0x2, 0x9, 0x8000000000000001, 0x4], @name="f3a0f0cfc763c77a7de87677d90c3a363065bd7be19cc23f0a9008d396c8ca67a8439b542c7344d424a8500ccb23c36dda95cbbbce35c704610175ab859179926970081905dc022e2da7b2d83316908f99e2325b4a7fca51dd4b7ac2eb5ac000bc9111bf1725e8ca864a3f017550c9139a87ffd6897bcf22d70c705fa399386589476a1aab2e8062316fbd5e99a7101b2d0fb3e943fd813087c02db32637872c64389075173fc9d7906d4a372d05808ac223e71a98437941316cc3315c35da358609dd6d88011ea4f6bc0c16da0375aa36a3a98ab8172016455b1e1c0e55b4ed3d01ebbd9035dc76fea5392384c7c9deb793e5af526a1cb8bcbaf8d8fd60b7c1172f3d729e2d4208238c27ce0ce1681931f8b56da142f4d6be52fc4c287652c5a5c497fd1d8bbad943b002c4a351a17a80fa984ba8db6c2acdc2be327e8b06050631050c6239ac7f535b23c16d288207d24d9a18c9cbc14c481182c8186edf395d3f592473c2c0e6c8a48a460bba3fd37ea601b3304d713b511f3158c1fca92c0f23cda55f9a91f06037a5c8c81a2e8229624d6f1f4534e8b093a65681fa546fae8dc7a7fd0e6d80512e5d3225c95d6dc784608d97d92d6856bad0732aee080bd94a6c40fc936525c65df8acd0eef46dd8b681efa66b4a67ff39f34f70b9fc1fd50e01b4ecd1ab1e3fe2a344816184f3eb185feb635181b278cf6c1a9a7c037e494e27950d37b170bd1909db691c1304d4b1a56358cdc8c0deda2264c65f23540be80e582f01f6d55b28f27b2ed75de501e2dcf1f4972a92312d4ed82fc322ab318aac9bd43b8df9ce7d8187af65455419a78a316ec5de79e9786a15833de375a7c21d617b91463e35bf885bd553a4109e1bbb3ac13602ca77d078210fd521e8161afa2e26742295e3a12cfd7b846983c1dade9bda279ef2f1d5e32a5a41ac97f3317c524b22736290636bd96d128aee52e0e91227c8604acccbf1488de6c919ffd84477b380a3b3b296bb45c3f301a392d820f6bbcbb63d3236bd9b4508547eb543d02c1d26cd7bd7bc988cf681d4292f88f844b16d0232de6d96c97b098de92c7c8d772a2c281220c3069a1f1b07c5a13169bfd98679e2dd814a651143519a0db21e2e657772be7ceaf1fc673c095af7b472c67050183c31794401d1e2c59be6eca06d27d00e28386b50d29ff9a1d93e163afe06f0f34ab3c7567ee866275d845619285eb0ce0105114776f7eb57146d5d30bfa370670591310bb1d227184ad43519d8c67c0f457b79941b73b04fa2e3af66a309929ef058a2d4aa89828a6fb4c7e741d487a6f14e14975053dc497fe58e49461e0d6ebc73132b84474d4be82eab055cd5e7ae28ef5712fc03ccb947c0018c74c424bbf4d3e4ee7c416c2010c75f7e80904dbc1675d7ff85b5738a7de002b2f072520f7d0f7d1319874bf082b7f630f6531fee53613c9fbb93d977556d8c0a255058947fccf03630882726e0100e7165523fac4040d52d1b5305b12a508fa2c499afde71f8703962b5645bdf69f9695e981c6e571fd4bdc66256d6b1b346d704bea88386f7a585eb4fa377eb2865ab4736b861b064bca2bf9afc6bfb0e2aba72f52670acdb27760dd61b4062fc7cb65fc09a45c22d84ad39892f0d192db1270d6ff00f4173ca51c4de955c812c8f4b3adf978c6d6dd92a840fced6a3163ff95507b300906ab92a1a8e3652f04102efc5d7644ca37cfc6f00d7ec5de904e9e6c693d7b225f9677822d225b5d062bb2fb2e9e6ba9f96ffe16a01aaefe2eba6fa58a82e3faeec580159c7620b7eaf5d54fe12e6b4a0e17b57802b113a4363a00957beb369bb1f52842ca15cf3772eb203bda6f40c47158736fa2489cbb8b930052d31097cde77fd717223a783666d21bcc0eb672bb52e90fc30e38a8e8a67613e1bcc9a4f4dc4b59e39d0ef3f022d41be0230e7bba34afe3fa4075768191c912585ceb09b3f31af22b303ec9679ae2c5820e967e5ed96cd23de49e07538176f4327afd9d6763c72857e1c4fcbf305ce1f4fde7d1947acc49df1bd806f9b97678e512ad2e14034c35712eb362b5bfa30675706d5b405a2b12f2106e64bc04e72c293353e69ddd588ad4127ef37321f1dc2ac42a31d2e9f8d82ebd322c79880c85f394588d713426baa6aec8b1aa4aad2e7cfdf4e208ec383a9553610e1f10cf9a3720b81a228b30cff9fcd76fa68ef68fdde3f6cdc5812324f88f95ba3b378ba27c8e261e9df2b03047866459a931837b1967aed1ff2b5768227e6ae2564681f112e12fbe53b3341aa837bd40d45819857913abbedb189647131124845ac8e37670e5ac5668794812fc7cc2d3878288ef677c47bf0db145eca76b9b416e60850f1f2d0c8d9dd5dd02fd942a5bfde3180cedb431e30f54afa39e7d4f3007f3addd2def8610411ed32b0ed94346b970143aec5098c8345fdd683f20e56323a85b4a25d7e7781902c18bf063d4648473c04d2832d7b01976182c13671340964e3472b329d52e491f8f05161812fa3f328cb023ed1d2f544ec6cefb939c32f31e3a328ef82dfdf8b47ee9d388b880123f3fcbe7bd757251f24230dd68b2b60fe52d52f90b5f192d5c08a5421adae2c066fa86d10af9c017fdf0d6d062356278639139059c5ba9c0b4ab7cf4989f12cd4c1bd1e2414c79bc6b68ac1d695b61770e68af01545a4760c040e91128d05bf735e92f50d03660c7c0fca7b545198e6f1a92ebc2781405968d885d1ed1d3d1a8408c510dc5afc7e076e5a001263d12f26406f9b9a75936bf5aae8340ad713f62dc0f8df03c5b3054e0f2cd6b744fd4e882926c87d76a5cbb5f41f8a86dfa5cfe066ded48cc56364185e50f709e6b27e60b77f2b825c03f13d0ae600de853c280f32039609b0b699915595e20ee1f0cb3b5ab71c2c11b2122908447fdaf0651e29614bfa2fc437e5823d7710a31ed6484f95b68ff4b94035fba7d26434c6c35d801c14827233d21f3162427628447446accecee2b29886af43ea89775a923dfbd15921e26fa8e648608ff40c06596ae238cd653029a6b7f04fd3b6298e4d8f1e06d9e4682f8221fd883f53968a6e31b9372d855ad76eec46387f1442e299ec2bfe295bc43715a0320fde5badb79b42a283a41af323d83f37b14819dd7ce77017b0bf9800d6566344f45a1b1947521cc0846527073ac82c3a9ad03ff4a3e57c767617209e8cf86780e014be95443bf68cd83157d0a4559e41c2e88d2939aea591afe0855a6fa08cf93c3843ced5d185bb62ec05e18f6bb5c787c3068277434d87cc7e097c26b995f80f008c378e30229fa3de04a878a646c8129afc7d4dea661e84546839bd6fbad7967d6908d669d02741c847471fc418631822b4a3f757e8676f77d00db3848eca9cb0da43b11dc16edf748210654f88718f4e2d2c988e5a8ed6348ce00781cbd71472e08cb5baae8e71dc09741e2115f7bd13937543399b3729e09b960974706c2645ed1a6539c0726411b9b58af1b2ac7dc7aea436a9c7176440c23e08eb7406ed3c0aef7333ffe1fd3bafae467acc704803eb2ea74d128f1f175a350aa0d5a849654b94463bcb6e20a4d3481fcd51cf5866e5abb381567a949d42342ba0d3a6b01ce9a08d0bdeccd21f7c20d0020c82a3256c4ea5e8c7b37c5bcc08a7427004d7b39abec77491d6b1f34786f2cb844aec2e8b12173300030681b3906edc0b5e26629205630068c6d5047fea95c061f8e17d7e478e1392df5a445f50f8d65ea9b9ae05c384e72323c22694fd1f6597b7d3e130b434163bebd02a6fb1d49d340aae065ed14a6fd7aa248cc4809a47b6c67ee6d7145379172eab865e7ba8f140465aff89bbb9b7804705f8c24e2f8f24b457afbd47aca33492cc85f4295d703a123c71d4b4fea18b00e4c970ece5c0dbc3d9a466993c035106bae1a4df30677755af9b99769dd80749bda57132a4f7e70d285da72d2d3267ca977b690a5dc00061adb3139d47f623d91fae91650d6bd885efc9fa6687fd228f8b6a1f5276334601dcbf3fb4a0c1a84c18a46206d1d47d0bd417a83da343eb08edd191d47e5a4b655fabc4cf4e0dc0d8345d5257e50c1ecd47b38ccbb4089118a75b5eef8b22ba9e31254b531914cff5cc5f26eebcad9de56dc0307c06d26fefa2cca3bab6b45da6b75f18bfe556b6dec9d4d2e8571a6646a5ab84abbbb18e5cfe8cc681f0551f4d44e7efae7e23a158f6f2cd7e40c15559690ea28113a11fefbed50575d2bd5ac16431f36e656e1213074e965a78e6e1c960699e6c43582f623570aa786db097f036b9301c53ea92c2e2c356c200465f34684310ddaf380f3029583b7ba614630d5316780d66eea5cbdb5130f3fc106c7e285c5849460f0d881ae1ed99508171c6c1f9b96d9986de20ca3b1865cd43a48e04c7eee601b250c76473d96da7a77dc6701fabee796fb10badc119b1a2d029a4cb45567751a488547677927df8b8b3ceea315319d792d46337247b2ff198a45dc39e73f13ce1c74c509968ce302db17599077ef7f198a821e3ea5396863bff4ad5437230f2e65abc607c6441c463798ca937b0e7ab237764607e775b42514d01cbc32e7ec11003fb9d5643c5549f6b0e076fd1276936c4e21553d225db6a742da295e62785a059e23d76ff6af7adf190d0be3ae8dc1a0353eff9f144c0237715d70ece84956a193d48413fffb4418cb934f2ffca94307f1528eba66a0bcbc8babd105d24b19b807151d07b8e633622a9effc1056ebd20ff2518bcdd25a2c444b6a2792f671eb8c99026e1a49cd4598532a9e3e8bbe08fc0d6cd6a57d648eb4a524184dd921e039498616cc7771a232d658dee29e6d747da70307dc9fe8d03da298e498db16f92260ce5677f2633799811d025214b2e52ee0f0b39f39a2ae38858d4245223bdca196f274bed2f0d1a05ef59912c03db3bf8f1ab2d44a4de330c040350365f03d3b1fbfbf6d027efcf07f27171648929106d05bc444ff72f285d8cf38ebd8fad82667afb90d89d938102c8dbb54cc7e3c7f23b6105e57855df3973b546af5996a7601e0b57be199e071bcfcc7bc4da836c3103016bf80c1099af6c7d673126bb41f3eea2e617927658c2decb07fc393c3ae87c0e72af474450082128d6953af1b354563fc033b83f21c7b049b43e5e003ae6e5c59311a8f2c7a01973b7beec3ce382665a8514b91c79c08bb9c26b4c7c7ab159bb70ac887de205b32b12829ad7bfd9889f1a12d205a97ff9b51523161f519ec9be6bc443507c69e490be953c702ad9253c92047e01f74a8a53831be91ece84f570b2660a319766ba34c106365c6073506ad30cd0301b11af1944fdaf7c5a072433bee5e9a235ab31d9b0853295add5669c392752c23671fdf4d30dd71a2f90951024f93c5d883e56f00eb47b2d9f8dfa01b5123bafeea9dceeb3c151911cfd67f5711be33e7e13c7f2b457e5eac32606673db131f2c18a16599fedc4930963591bd533ce39c932ec2d2d80463eda6ecfebf5222a166d5d0414c76466eb26f243f5440c35efb08f389d31fd84ffa41f7af9c58e55c1ce5aef396050f1e43e361120c125c165a82591819c1d74f4839fde616456dfea9871058430713fcbd6d4e2357c4fb5965a501262d47c31dee8e1c5bb52f8a89cd5bf13c8796a75bc4101a68f84784d595c599c0f211539ecb366f6523829803d5f0cf4a"})
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000200)={0x6, <r6=>0x0, 0x1})
ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f00000001c0)={0x0, r6})
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
sendmsg$NFT_MSG_GETOBJ_RESET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})
r8 = syz_open_procfs$namespace(0x0, 0x0)
ioctl$NS_GET_PARENT(r8, 0xb702, 0x0)
r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103", @ANYRES8=r3], 0x0)
syz_usb_control_io$hid(r9, &(0x7f0000000240)={0x24, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)

3m37.191243293s ago: executing program 3 (id=2468):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050ff850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0xe, 0x0, &(0x7f00000003c0)="fdfc19f52a929e03000000000000", 0x0, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x80202, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000bc0)={0x112c, 0x3f, 0x100, 0x70bd2c, 0x25dfdbfb, {0x6}, [@generic="7a1762d696d9c3156d8d65d5b7cd6a04c1f472e2941b72e79f6ad6733f64fbf168fcaa2da22dfccab76e61dde0b6ac421281b1b580786cac8dfde7bb0fa49b4e97e064d49809511b3f8cb9b11bf012a01755322c4fe11466e8bd368fe51a403d35ca7a157e970bf912bc8a98f2b2357189a211b1dafd48a517a31f7bcdd123af57383c417c", @nested={0x8, 0xff, 0x0, 0x1, [@nested={0x4, 0x8a}]}, @nested={0x2b, 0xdf, 0x0, 0x1, [@generic="c9d17abf30840ddc5381d1e9f914a01e3f9d5d7e6d737ffd6cfc17ace667ce69f090c6146bc43a"]}, @generic="bf7d0c6910a484b73ba4fdb3b9e84a3be89b0057572cd4e4fea0514a0bc2f6d9789f7b440599cb29df485106f1f1f7c248cd6233dab5b43bd10708bb24494b6eb204792b23eecd70e59fa52da97bcd68c80dbd6444af90d9984f77f8152c65", @generic="f2ee6128dc4372b16b0ea515869c224f82dd611b8d643f585d2a1034bfc2b52b622d7de0a8bcc026bb53996cd87c39a29f7403b262cbaf050f0837afbb7d9ef35dd730fc2934c25312f0fcf7b468c3f5fbfcf4db4bd1a4502268ddbc620c40f9201cbfeca393648b1fe4d5b59ddc52305b0cc9a4968f71046a70e219893fba25b56d172459950b89d80595e417cb5ac37e3cc786867d7b08d13dafdf27a8893fa0f826428774373581895de42c852a79642525bc50968a31910a42e685a88b4e4ea5316a9ae653f23395452323d862a9e663bd2924b9fcd019454de70e52b7672993708842a5b920ad6fdfe83f819c529084e83b77ab774a07f1fdfb9ff0bb665cba496dd814131484d78983215970ed8bc0103811650ae9264834ad75dbb7c30c576b4b07a67c94ded741730a569b7840d0bae3b55f892a2a7d480b4e6d97ab893edfda26a22faaf67804e2dc5daa9abe144591d909ea6f952572adac35e02fa188f9dc965a753f9fb9494191fb16921460a9799dbe83762c363a07e2edbe679644c900347caab141a03b5d2f08d7c61fc829a1bc4c4841fa62a8a696f1c9a26895e0e601534e9fb72975ec20a34d22378342cbc84efd0e315ff1de81b79d0b630d668d53486dd20a8176a111ecc6b3181f20f09b1ff33045b4672f1c387980e883c13c979738f93c155cface76202057ba5a84f407e0cf6e28adf547feffa9bba1286df3b35075fdc0da4836878cbcbeb4e71d52d6b4645e90997f5d9af9ec319159dc61f1ae5cf018392c6fbda81af7e60d1f86d8ae844f02208de1bc5a14a464be87549bfe2f57d4f81674167a5410ceed70b3bef1a7a30ca46a0a1bcb9c881f3c21d44cbb567e3b3bf84ace85630d03a48740d6b3d36aafed0804472679bf924051355de43fcac6a213831c8f5ddc9af62ccbe381baba7950f7dacefc349d50c553d67f9f5a32f6595d0f5ae6c49f5d702bb8a6a4710795e5d8f8619c6e3ef66fe65e2cda1cf306148fbbd3e7f9182db2fd1dc54cd843ec9bffe1cc127c2030447985a7a8cc36da997efb77fbf7bdaf0948b913a00a37ecf584a257b5c1197efce1f92b3c6158cb0dda7b727763cee05e79037ee4e18040a75ff1c2d6db61ef1e8104a6c8e8faa3b3bd57bf43df4fefbb7e965dc1c7a23d00487f2625d2ad676f4fc540f95bf42fea600f7e0fea988da03633cce5052155cf98072f7dd70f5a3cc584c7d3767e2c90c6c47a08575d99584e87df35e19eb3e8b0d4029292ba784eab2ebd6b91aaac22f85e9fc067497976f6b1bf880fbc13d2f1801bc8199bbb741dcffa8e7832bf5c2d558568bb48e3e29e5dc1ef3580a4a40593f08a884d993907862ee5442a50d677d30ef3b1cee86f0ca5e2a306522d0df77c793a7d3de22ee67ac7778e797f49ca08b99332454ad101c5cee8a32ede81306fc41a638d9e960b9c08b25733acd81527f079ed445c49c430f63a6ec14aaa8e91197edb70356eb1c27151ef62f6e2b84cb775effb82dfbaa0f8d60e9d62d3d0f5d1402b63112c5316cf57feddff38cebea0477d8c08ec6356a50f6783a124325e0e27ca8cc1fa94e98341e2c6fb9e062093eb3b8bf6778e9b392c310617aced60bd673ae9b776ba3f353c25fad8df586e7d1c8979c898d484dc41bb93cb3a04b5b8b465cb0801ca91b0eee0e3b5294607fa6fd8e8892c28dcc0a13185d62a66482022f1da8405b7eb18176d70bb9deed41853978bf2217ade390150f31858dbbffa87b2430e39a56a89216dccf44091130cd71717340ef9c9fc823107c976249905ed30830a9ea88164281a99883c918a5689b9c0fdca4eb14179b9ed1985d176c45eb8e3b442a8f10a122d74d6da66617812960922328b760f4a95dcfef5c4855f33961f3ffb656148c40ce937e0ce47f0c8fedb6d59e666b6d98eebd283da25746260fb88e9e58f93076833907ba0a4d672f5abea3bfe13ce65c1236d5a8fc8f66e4d2baa777c35642227d5bad504ada39db72aa4360c1801fdde63fa205f7e934fcaf1e8175d157e3735ea7e2b4983c4a34df26c3e359676b61035b34d307685d27e32254fb1efaf37205d159ceee151777f8b33d28c9720fab620596b71f066ab0e0fda9e4f3749cbacfc1611b77a8061d12cba04ea64f299dd819ee6c0acdb2673d28c52ddf45774b4f163f6cba901c0351465a9fb69709aa8be3d8ecf8114dfd652fa05507c9785a40ac39158df69752ca053c1e78a9411655a82cd57e09cf550783709ac53ed9dc31426c9fe7d189178e1f141c13349ecf3eb6a6750936154559c7178f6ee180e0d3bc3e7aaca9f61a7bc454d1adcc901c8b3de1f0cb923b2e32b199bfd7064bdc7b70526a7473ee66acf0a6417740b72bf89a88acad5eecf01c856f84cdc6f00dadd9bc8df00c610dbd2dd4c6e0325e5bbd70fb18a58aa8f2f0fed0027b9d8597c0bd3b96dc362c15d75aab4eaea1be13e370903fdac488c603701ed12c2d346f58f00b1daef0cf024d6a7af222b78045e77361bc7702fe52dd92e84959b53d27c92aae5eebb1cb40ffcfeb42e9e9689f98b1bc93febccf39bba191d941480dd0a645c2c62e8d4ac6bc87374e38a7ee779bd639e5053671cb93bdaf82b71ac02dd5a9b14e063b7b30d848731d3a8d51fa48d8a4a62046a4914838099c2265c64857b27fcf2a71c1b155366c02a3768d2fb26c0955e6f2958455bffed3f25eff6769e8d448184cbb9bb065da4120cbafa99c6adc9ab067bd405a9cb70c66038185bf66977d1bb9decaa6e223c5e02b6feebad6076ee5362270c64bcc3db010a8e194c52af5660caa03a194bec14f61e9a7cea6663826432b0ec08ec26e94e0d42b6f80c0db1a14affb7056d0e0614c0b1a9efb05f306e3ed7e10dee05c4a063aeefdda3809f8c137dd89a17641b0c5163082fe0da5b738d9be6344bafa4ded6b6e60f2809aa91634b7ecf8da6b4b50e37fd64d0ce1cc993e3bb4566c3ab2d552ae490cf1a19d0b538497440c55c1e0a8a837c405bc0bc8a2a8699d665262a1d8a10078455f464c5a05e7a2c7b0232c00423c309f67d0787f36e0f58b73dc1bc0dddbfb71974c7e455f8981ce678d3365451f86ce4241d7a1b32f30f0af800aa7e0ebf8fac47c498f3b6f6ea8ca30f4c2b03c65eba0a330ff3881ce7182b7711c339af940b418db509e451b2d69fa403d341f86c5f687912adcb54b5495c78b3e65281100daac04a9c80f76c049bf4c1cccc5e82d7e39f704bc70efeb9eb76149a8e45b88f5ff67f1aa9bf595c08ea861f85fe8e2ed84a1b438cc59b3f1df465ce6edbe94d9dbd35eb1091e8369abfbf14eef01225b6f31ec48380bd9f6987fb03c6fe15aabd29b9b8ba63f589ef2431b4a21bab968a49b6e31177f8d560aff0861d2d612e17dd709a26854e0503bcb417152bd1c441c057605b7897c1908310cb697fef6bde52b3f2bce2843c41bba935ca405e086ddce49e90d391485724d514afed0c4c48dcd187a0b924e2b3cd1f4e0b990af1b1b10ead77368fadb3ff74d2a72bc25062274f2446efdc114f944a0ceafa44f37a6ae5fa65e33ff1fc8f9b7972cf3cede33432ceb429f9c85617734dac004bbc1325954f464b673365d40c1cc335d65492808b1bb9ea4b5dbca1740048efbca7e3c21e8b7e6682345e1378a06cd8aee48ea3ea565dd7b2af353b8ee1b8d43f6bb2d06d21f3fdb8d185a802750dfbfec3c600f2d5caf08fc3b42938a5f3765d4618fb009bc5a869b92a52d32191469c4b239ec68e7d29db14e1b113f8b6fd07bca2a47957ce7235f2e4da739a263d357c55a50cd62fe81e4b769eba0e2f394d0c3572356f3823a52f6996e58ec5995a78d922142d12d098ee6662af5990ef49cd08d3065821771f4a0dd0572f5690eefe5676526c27a3b291e073049796b0223f57e91bbd349ea619d30ca127cca214b9ba5fc0de9381cab7c532e3ed71deb4610a5e5064c1c333f1c80095810c3bac9280ac194c4631d80a43b2ff10e221f0e188a2731437a00276d5cd64aeafddfafe3598cc02dd313c22d961e6ba98d837165da151b6aa13210e28e821e063c8e2e92cfd6ded18600253c64674ced490d3e163374cbae3c8aa7a39c8c4c7ebac05bd3d9816aa5a1f0471a3b172591f207475953ee153541868f808477f81d49f4ba57ad7908ae8b7a8d0b2a4ee628b3963eb6f74698f57ec8888d372a2810c45e30a36ef2aefd32dad94549a4b88aa7130e5c1900526a40ba6f89d56e9cc86f21e60ab796d2dde6f7d2207c1e86d5a275430bfadd6ade4bf644215f03e6d16861c00920bdcd79fb8dae8d47c416b672aaa81959efe50b124c921dc9a4692da7e2afd3ddce5f11ee6a6e7bfe74ea11a172d5e448e599083d5de8b0ab784a63ca4715308d7c6ba0313b2520a1fda4fa9f4d075681a9231e61c2338b175da5889d5c51b4b907005e0a4db77269b36cde1ae84f50fc24db33980936727d3623704abe46562ee5305a42e26671baec80cb7a853e97f5b239510dd5462841c51de31cd0502187f953f2b06c79d3496283856140bfd76e8f98387a1882d78b41afc5e8afd2aec61493480e6b03cb20b1896f76a8bfc06378af0983ce7d7e727bcdcce46bc5383881e824f801f88aab14f9fc98eaec00524d03c9f136262fd7b5c0eab90a4aad5cb840696030bdbe1cfff6ea663925172c87b14fa45e8447fba0b0705c2a284a4aacc10214a122f848bf3d782234c33d1443507683d31b3b71716a431091583d496fb81343567beff0e4e1b575ee4c93c2394fb58aa2c855eac46a6f1bdad8ad428f925b2b0d3e86b95624c373e36d07a9bf531c81495a377bb1d42098e4105a1290f93e4118ad61927e44558f58c6d07d6028aa6a6a5fb35805c78eab1a688814b5e00c64dff2dc46bd6eab669e462a4693640524c15ef8656778c0038fe38fbe3d512e489f44f74ed83ef8c316b6062381b2dfc2b61e90577d30343fd28c9941ce1e50f9cad8b895a80dbfd42bb519265dc739bb87928cf2a32243f1433299895aeb9f348e41406ecdee7480f7b131e3f5bdcf31e8cde4d84510bb38a6ec9409db84e42a7d93ddfca42b57835a76414a9d0711cc842b0866d587ac9a084f7ad3e711377e6603975a08471cc8639d531aa44e04099787caf3e7c64a1735e76d418fb34b3339301029f18aed09c3f4329d279aa4a7cd2b082b2283dca613b74ad608c14186efb548ac55d375a36ec8594fbba9268c39d958d9ece20e9ca489544ce90069e58f9b01a0fd0056cba270fa3137d441ce986b1a39ec45fbf7c852ff3146e16e42dc33b8bbd24583b852e0dfa48970f9277f11c22d725889a7197ce4eb53ec05c22937c98ce848aac97e6a824b8b2f2c263ff32a7da38b2a90245d4d127a507796255aebef86288384a12aa119219365a7c765dc920e83d72453968756873dcc2a35b3eea661b48763f877500cb8d508a297fc1649ba710fb35892bec332c20f13c50ed61d60d21087861891c7d7b1127d9485db5d1ae2f0170300fa1b6b1dbe34c75594caeac23c834c5d13e4f2df6799c7713bb0da61d717320e3edf6e39bf55cac563c7689ab6117950cb8e267f5524922b36ba16a8f416fbac01c8f7ceec7cf819da4dcb9267ece9384b9d9c9e9b1cadd575c61b6c1c21945fb389d3930f4f0d1f24706ebfb9ef54cffcbe846372a7ad03af7a8002de67c8ad03609db7c201d4e0b44071c7e7d26de9fa5513fe466011dc8fdf4466e3c522067f483b97840c291c39e7dc4ef1c8e65e93d0867f754"]}, 0x112c}, 0x1, 0x0, 0x0, 0x2010}, 0x8000)
connect$inet6(r2, &(0x7f0000000340)={0xa, 0x5, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd87}, &(0x7f0000000240)=0x40)
close_range(0xffffffffffffffff, r2, 0x0)
socket$phonet(0x23, 0x2, 0x1)
socket(0x80000000000000a, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

3m34.935766244s ago: executing program 3 (id=2473):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, r3, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1f}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}, 0x1, 0xff07}, 0x2000000)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)={0x14, r3, 0x1, 0x70bd2c, 0x25dfdbfb}, 0x14}}, 0x800)

3m34.646907006s ago: executing program 3 (id=2478):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7e5}]})
socket$inet6(0xa, 0x2, 0x0)
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x1, <r3=>r1})
ioctl$DMA_BUF_SET_NAME_A(r3, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x4}]})
syz_clone3(0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

3m33.160221316s ago: executing program 3 (id=2481):
r0 = syz_open_dev$dri(0x0, 0x0, 0x3)
ioctl$DRM_IOCTL_MODE_CURSOR2(r0, 0xc02464bb, &(0x7f0000000180)={0x2, 0x0, 0xb8, 0x1, 0x2, 0xe53, 0x6, 0x6, 0x1d3})

3m32.29385423s ago: executing program 3 (id=2484):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000000c0)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000340)='vegas', 0x5)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

3m30.431635229s ago: executing program 3 (id=2489):
gettid()
socket$can_bcm(0x1d, 0x2, 0x2)
socket$inet(0x2b, 0x801, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01)
ioctl$EVIOCGRAB(r2, 0x40044590, 0x0)
io_setup(0x81, &(0x7f0000000380)=<r3=>0x0)
eventfd2(0x2, 0x80800)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
io_submit(r3, 0x0, 0x0)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x2778)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x400)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x1a, &(0x7f0000000080)=0x1ff, 0x4)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="5c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000420000003c00128008000100677470003000028008000200", @ANYRES32=r5], 0x5c}, 0x1, 0xba01}, 0x0)
close(r5)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
read(r1, 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000300), 0x0, 0x28082)

3m14.495032017s ago: executing program 34 (id=2489):
gettid()
socket$can_bcm(0x1d, 0x2, 0x2)
socket$inet(0x2b, 0x801, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01)
ioctl$EVIOCGRAB(r2, 0x40044590, 0x0)
io_setup(0x81, &(0x7f0000000380)=<r3=>0x0)
eventfd2(0x2, 0x80800)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
io_submit(r3, 0x0, 0x0)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x2778)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x400)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x1a, &(0x7f0000000080)=0x1ff, 0x4)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="5c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000420000003c00128008000100677470003000028008000200", @ANYRES32=r5], 0x5c}, 0x1, 0xba01}, 0x0)
close(r5)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
read(r1, 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000300), 0x0, 0x28082)

31.691018498s ago: executing program 6 (id=2804):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000009c0)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0xb0000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
write$uinput_user_dev(r1, 0x0, 0x0)
r2 = getpid()
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f0000000280), 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$radio(&(0x7f0000000180), 0x3, 0x2)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(r0, 0x7a4, &(0x7f0000000380)={{@host}, 0x59, 0x2800000000000000, 0x1, 0xfffffffa})
socket$nl_generic(0x10, 0x3, 0x10)

26.354209882s ago: executing program 6 (id=2810):
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000880)={0x0, 0x2, 0x1, [0x1, 0xeb5b, 0x6, 0x2, 0x100000000], [0x1, 0x1, 0x6, 0x2ca, 0x4, 0x200, 0x5, 0x5631, 0x7, 0x5, 0xfffffffffffffff7, 0xaf, 0x100000001, 0x7, 0x6e0, 0x86e, 0x2, 0x4, 0x1, 0xfffffffffffffffe, 0xfffffffffffffff7, 0x7c, 0x8, 0x2ad6, 0x8, 0x1, 0x0, 0xa, 0x80000001, 0xd, 0x10001, 0xd, 0x5, 0x1, 0x1, 0x1, 0x1, 0xffffffffffffffff, 0x4, 0x7, 0x8, 0x7, 0xb, 0x3, 0x0, 0x9, 0x10001, 0x1000, 0x2, 0x200000008, 0x64, 0x280000000000, 0x2, 0x4, 0x7, 0xa, 0x3, 0x8, 0x2, 0x0, 0xa0000000000, 0xfffffffffffffff5, 0x7, 0x3, 0x176, 0x15f, 0x0, 0x5, 0x4, 0xfc72, 0x9, 0x2000000010, 0x7, 0x2, 0x6, 0x81, 0x2, 0x1, 0x10000000100, 0x0, 0x9, 0x2ce1, 0x7f, 0x8, 0xeab5, 0xffffffffffffffff, 0xf000000000000000, 0x6, 0x10001, 0x2b6, 0x1, 0x2e06ffea, 0x10001, 0xf2d5, 0xffffffffffffffff, 0x2b6b, 0x1, 0x4, 0x5ac, 0x7f95, 0xd13, 0x2c, 0x1ff, 0x1000, 0xd05, 0x1, 0x9e, 0x8000000000000000, 0x3, 0x0, 0x3, 0x5, 0xc, 0x6, 0x6281, 0x10, 0x7f, 0x7, 0x3, 0x3, 0x7]})
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mdstat\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(r0, &(0x7f0000000000)=""/42, 0x2a)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000240)={0x101, 0x8, {}, {0xffffffffffffffff}, 0x9, 0x7})
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x0)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x86, 0xffffffff, 0x2})
ioctl$FIBMAP(r3, 0x1, &(0x7f0000000040)=0x85)
getdents(0xffffffffffffffff, &(0x7f0000000500)=""/198, 0xc6)
mknodat$loop(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x4, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000040)={0x28, 0x3, 0x0, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1})
ioctl$SNDCTL_TMR_TEMPO(0xffffffffffffffff, 0xc0045405, &(0x7f0000000040)=0xef)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x5, 0xfffffffffffffffd, 0x8001, 0x0, 0x1000001000, 0x45}, 0x0, &(0x7f0000000080)={0x3ff, 0x4, 0x100000, 0x9, 0x0, 0x10, 0x80000002}, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

24.103126565s ago: executing program 6 (id=2814):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a0)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})

22.547886486s ago: executing program 5 (id=2815):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
socket$packet(0x11, 0xa, 0x300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
socket(0x10, 0x803, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
ioctl$FE_GET_PROPERTY(0xffffffffffffffff, 0x80106f53, 0x0)
socket$rds(0x15, 0x5, 0x0)
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4)
syz_emit_ethernet(0xbe, &(0x7f0000000080)=ANY=[@ANYBLOB="2c1ffae7b9cc8d8ce93725f4161a589f6f31d83a625645807d8dd6498b836bec3b53bbf487653a42c2c4b11785"], 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000001400), 0x101)
epoll_create(0xff9)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB='lock io+me'], 0xc)
write$vga_arbiter(r2, &(0x7f00000002c0)=ANY=[@ANYRES16, @ANYBLOB="025409c3ac14d408ebf35d3b97c5799ccc021fd220019fb74b9eaff375f9640d988184aa507921339cd69fb7c86b962394e1c0d7c5e6a0761bdbbeb11addb1eb104778144f81991ed04283447fffcdb2b0fb148a589881e4", @ANYRESOCT, @ANYRES32, @ANYRESOCT=r1], 0xd)

17.337451928s ago: executing program 6 (id=2818):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0xe656b000)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000000680)=[{&(0x7f0000000040)="9e906f815885b5a130cc5fdf35ebe5bf10c1ee732276ab9ce71582", 0x1b}, {&(0x7f00000002c0)="eead31326b4d1b9ef561f2bd94226ab3649f536ec801c0a8c9bf9c378617351af35260072e05b2fbb32d5c54c46bf153b1c5f0be0e4b1002478bdec2eef4baa2e808c571192e27b035a832cc7dcf036af75945cfc8549b978858305158a7608a4438dc17ee6b0f85c0aa0d9459efed544e3fcf3e6dedad06c1b023bd817bb6ea2c8a3001459d36c8e185b80c53ed046e0987069ea61eea6290cddd3026242e17ad9b25368bb6d6a899200a2f40cb320bf54c7f34d5dcaeb21bd34d5c2f138ad40e27ea103b2b67dd424065776a689b320d509204ff527ff34e412ad9c43870e4344c51", 0xe3}, {&(0x7f00000003c0)="ba1f9eb6a0fd90eb284731a7222b46608176b1562f11a5bba83f2b81aca07de14258345faf93bca8c5e06718441c93ba559f610cc05b38fe4e6feea21fdfc4d9c9440632f5a08c0a8390b8b5d6c5daef4d", 0x51}, {&(0x7f0000000100)="b0dd19d3fcf3c31e420bf51c5624d03c8d15b1", 0x13}, {&(0x7f0000000440)="82fa5329edcd5d9cd3cf2076f8b4f2920adc4be58e7764d204ae72c1aa3ea7461b099a685a3dcf7aed79bafd1487cb09e62b47f9abe88d17313dcc697882546e6f9ac42c94333368e50319aa1d21634e7789e4ea3f73c0669051d858a30eb3c1f587f8659c4902bb34596fb3f2d7f526a0e031b18f9742f5c504158f71d9a2b10128c9555913c2b89effc6d0746b4f64c3a3c1385d8fb1cea5065848f99a9c63075349c09fae2b69403f", 0xaa}, {&(0x7f0000000540)="09fa3de22382b2947d58e62948658da4935120809343d380ef0c3a641a4d9c854a1c8a0d3280dafd68d476b34d2542acb35d18950bb1bfae5dd06899d353c46fe308460a4958012d42326ad9460095cff79873f7454a141f7135ebb0f24349431adf3f7384bafbf3ad6a9423ea053b6a4b15fac10f8e4698bbd3b9966f9fc6726f2e655566199db0e51c9169e2335ce61c4d3c221552f82f531a5995", 0x9c}], 0x6)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@dellinkprop={0x34, 0x6c, 0x1, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x20, 0x2800}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'bridge0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4044064}, 0x40000)
setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000000)=0x1000, 0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
ioctl$HIDIOCINITREPORT(r3, 0x4805, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r5 = openat$cgroup_devices(r4, 0x0, 0x2, 0x0)
write$cgroup_devices(r5, &(0x7f0000000500)=ANY=[], 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r9 = openat$cgroup_devices(r4, &(0x7f0000000240)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r9, &(0x7f0000000280)={'b', ' *:* ', 'rm\x00'}, 0x9)
r10 = socket(0x2d, 0x2, 0x0)
connect$qrtr(r10, &(0x7f00000000c0)={0x2d, 0x0, 0x4000}, 0xc)

17.229688568s ago: executing program 7 (id=2820):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000009c0)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0xb0000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
write$uinput_user_dev(r1, 0x0, 0x0)
r2 = getpid()
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f0000000280), 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$radio(&(0x7f0000000180), 0x3, 0x2)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(r0, 0x7a4, &(0x7f0000000380)={{@host}, 0x59, 0x2800000000000000, 0x1, 0xfffffffa})
socket$nl_generic(0x10, 0x3, 0x10)

13.464542756s ago: executing program 6 (id=2823):
socket$pppoe(0x18, 0x1, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000240)=ANY=[@ANYBLOB="1201100154e108101e041840b4ed010203010902120001000000000904"], 0x0)
syz_usb_control_io$lan78xx(r1, 0x0, &(0x7f0000001400)={0x34, &(0x7f000001b100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xe, 0x2010, r0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$BPF_GET_MAP_INFO(0x4, &(0x7f000001b000)={0xffffffffffffffff, 0x58, &(0x7f000001b040)}, 0x10)
close(0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xa}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
r4 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r4, &(0x7f00000000c0)=""/4096, 0x1000)
keyctl$read(0xb, r4, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='btrfs\x00', 0x210818, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_emit_ethernet(0x4a, 0x0, 0x0)

13.307987386s ago: executing program 2 (id=2824):
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000880)={0x0, 0x2, 0x1, [0x1, 0xeb5b, 0x6, 0x2, 0x100000000], [0x1, 0x1, 0x6, 0x2ca, 0x4, 0x200, 0x5, 0x5631, 0x7, 0x5, 0xfffffffffffffff7, 0xaf, 0x100000001, 0x7, 0x6e0, 0x86e, 0x2, 0x4, 0x1, 0xfffffffffffffffe, 0xfffffffffffffff7, 0x7c, 0x8, 0x2ad6, 0x8, 0x1, 0x0, 0xa, 0x80000001, 0xd, 0x10001, 0xd, 0x5, 0x1, 0x1, 0x1, 0x1, 0xffffffffffffffff, 0x4, 0x7, 0x8, 0x7, 0xb, 0x3, 0x0, 0x9, 0x10001, 0x1000, 0x2, 0x200000008, 0x64, 0x280000000000, 0x2, 0x4, 0x7, 0xa, 0x3, 0x8, 0x2, 0x0, 0xa0000000000, 0xfffffffffffffff5, 0x7, 0x3, 0x176, 0x15f, 0x0, 0x5, 0x4, 0xfc72, 0x9, 0x2000000010, 0x7, 0x2, 0x6, 0x81, 0x2, 0x1, 0x10000000100, 0x0, 0x9, 0x2ce1, 0x7f, 0x8, 0xeab5, 0xffffffffffffffff, 0xf000000000000000, 0x6, 0x10001, 0x2b6, 0x1, 0x2e06ffea, 0x10001, 0xf2d5, 0xffffffffffffffff, 0x2b6b, 0x1, 0x4, 0x5ac, 0x7f95, 0xd13, 0x2c, 0x1ff, 0x1000, 0xd05, 0x1, 0x9e, 0x8000000000000000, 0x3, 0x0, 0x3, 0x5, 0xc, 0x6, 0x6281, 0x10, 0x7f, 0x7, 0x3, 0x3, 0x7]})
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mdstat\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(r0, &(0x7f0000000000)=""/42, 0x2a)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000240)={0x101, 0x8, {}, {0xffffffffffffffff}, 0x9, 0x7})
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x0)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x86, 0xffffffff, 0x2})
ioctl$FIBMAP(r3, 0x1, &(0x7f0000000040)=0x85)
getdents(0xffffffffffffffff, &(0x7f0000000500)=""/198, 0xc6)
mknodat$loop(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x4, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000040)={0x28, 0x3, 0x0, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1})
ioctl$SNDCTL_TMR_TEMPO(0xffffffffffffffff, 0xc0045405, &(0x7f0000000040)=0xef)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x5, 0xfffffffffffffffd, 0x8001, 0x0, 0x1000001000, 0x45}, 0x0, &(0x7f0000000080)={0x3ff, 0x4, 0x100000, 0x9, 0x0, 0x10, 0x80000002}, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

13.094788192s ago: executing program 1 (id=2825):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = syz_io_uring_setup(0x54d, &(0x7f0000000040)={0x0, 0x735a, 0x100, 0x805, 0x350}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x5}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x6000, @fd_index=0x5, 0x73, 0x0, 0x0, 0x1e, 0x1, {0x3}})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

12.801110236s ago: executing program 5 (id=2826):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000000680)=[{&(0x7f0000000040)="9e906f815885b5a130cc5fdf35ebe5bf10c1ee732276ab9ce71582", 0x1b}, {&(0x7f00000002c0)="eead31326b4d1b9ef561f2bd94226ab3649f536ec801c0a8c9bf9c378617351af35260072e05b2fbb32d5c54c46bf153b1c5f0be0e4b1002478bdec2eef4baa2e808c571192e27b035a832cc7dcf036af75945cfc8549b978858305158a7608a4438dc17ee6b0f85c0aa0d9459efed544e3fcf3e6dedad06c1b023bd817bb6ea2c8a3001459d36c8e185b80c53ed046e0987069ea61eea6290cddd3026242e17ad9b25368bb6d6a899200a2f40cb320bf54c7f34d5dcaeb21bd34d5c2f138ad40e27ea103b2b67dd424065776a689b320d509204ff527ff34e412ad9c43870e4344c51", 0xe3}, {&(0x7f0000000100)="b0dd19d3fcf3c31e420bf51c5624d03c8d15b1e14a67408bf72f752a10422d1bcfd895df7a", 0x25}, {&(0x7f0000000440)="82fa5329edcd5d9cd3cf2076f8b4f2920adc4be58e7764d204ae72c1aa3ea7461b099a685a3dcf7aed79bafd1487cb09e62b47f9abe88d17313dcc697882546e6f9ac42c94333368e50319aa1d21634e7789e4ea3f73c0669051d858a30eb3c1f587f8659c4902bb34596fb3f2d7f526a0e031b18f9742f5c504158f71d9a2b10128c9555913c2b89effc6d0746b4f64c3a3c1385d", 0x95}, {&(0x7f0000000540)="09fa3de22382b2947d58e62948658da4935120809343d380ef0c3a641a4d9c854a1c8a0d3280dafd68d476b34d2542acb35d18950bb1bfae5dd06899d353c46fe308460a4958012d42326ad9460095cff79873f7454a141f7135ebb0f24349431adf3f7384bafbf3ad6a9423ea053b6a4b15fac10f8e4698bbd3b9966f9fc6726f2e655566199db0e51c9169e2335ce61c4d3c221552f82f531a5995", 0x9c}], 0x5)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@dellinkprop={0x34, 0x6c, 0x1, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x20, 0x2800}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'bridge0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4044064}, 0x40000)
setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000000)=0x1000, 0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
ioctl$HIDIOCINITREPORT(r3, 0x4805, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r5 = openat$cgroup_devices(r4, 0x0, 0x2, 0x0)
write$cgroup_devices(r5, &(0x7f0000000500)=ANY=[], 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r9 = openat$cgroup_devices(r4, &(0x7f0000000240)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r9, &(0x7f0000000280)={'b', ' *:* ', 'rm\x00'}, 0x9)
socket$nl_route(0x10, 0x3, 0x0)
connect$qrtr(0xffffffffffffffff, &(0x7f00000000c0)={0x2d, 0x0, 0x4000}, 0xc)

12.64574065s ago: executing program 7 (id=2827):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_cred(r0, 0x1, 0x47, 0x0, &(0x7f0000000080)=0x8)
openat$full(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @broadcast}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f00000004c0)=ANY=[@ANYBLOB="1c0000000000080000000000000000006ac68f0e56ac6b1faa8343800baf1f23a2a8964413a084e7298176215af0c86852ec766309970f42e7204f9269b1e3dcd68fbdd1d49f5bec219d1ebde65117099f22b2e351df58852b40e51eb958649d7caaf43e08b5020d46aac3e1f4035183554e10b8924981d192030bb9fe504efa21aaa08f3986b03abc066d025b7dbd024ca86652f3938bfa7529cd524c3b691bac3ea5615ca1fa0449ab86f1d9901e212da4ecbbdab0c90fb35b15f69510c8e314a471ce48b417ecd1a7ef19744388a62327d1ee5dd783f5dbd6f6f60e387a2f528d1dfad98c17de5a19bc7b6496076f57c2b778763b7f7ccef9d8ba434b5c7b", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b0014000000000000000000000007"], 0x38}, 0x4000000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r3 = getpid()
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000200)=ANY=[@ANYBLOB="4800000010000d0490bd7000fcffffff00000000", @ANYRES32=0x0, @ANYBLOB="b2000600410c04000a0001000000000000000000140035006d6163766c616e30"], 0x48}, 0x1, 0x0, 0x0, 0x8840}, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000040)=0x51)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r6, &(0x7f0000000180)=ANY=[@ANYBLOB='SYNTH \'Mic\' 00000000000000000000\nIGAIN \'Capture Volume\' 00000000000000000000\nVOLUME\nLINE\nMONITOR\nCD \'CD Capture'], 0x86)
r7 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card2/oss_mixer\x00', 0x0, 0x0)
dup3(r7, r6, 0x0)
r8 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r8, 0x4161, 0x0)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)

11.63997951s ago: executing program 2 (id=2828):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
geteuid()
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r4, 0x0, 0x0, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000180)={0x28, 0x2, r4, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000000})
ioctl$IOMMU_HWPT_ALLOC$NONE(r3, 0x3b89, &(0x7f0000000000)={0x28, 0x4, r5, r4, 0x0, 0x0, 0x0, 0x0, 0x0})
setsockopt$MRT_ADD_MFC(0xffffffffffffffff, 0x0, 0xcc, &(0x7f0000000140)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5", 0x0, 0xcc, 0xffffffff}, 0x3c)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
r7 = socket(0x40000000015, 0x5, 0x0)
recvmmsg(r7, &(0x7f0000000780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x60010000, 0x0)

11.495488656s ago: executing program 1 (id=2829):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a0)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})

10.409201298s ago: executing program 7 (id=2830):
openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
syz_io_uring_setup(0x496, 0x0, 0x0, 0x0)
r2 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, 0x0, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}}, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000b40)=ANY=[@ANYBLOB="3c000000100003042cbd70000000000000000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=r5], 0x3c}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), r6)
r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x6, 0x10000, 0x800000, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0xfffffffffffffffe, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x241000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000100))

10.263503308s ago: executing program 2 (id=2831):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000340)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x108})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
socket$nl_route(0x10, 0x3, 0x0)
syz_io_uring_setup(0x867, &(0x7f0000000140)={0x0, 0x9164, 0x1000, 0x1, 0x359}, &(0x7f00000002c0), &(0x7f0000ff4000))
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)

9.051466692s ago: executing program 1 (id=2832):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mkdir(0x0, 0x0)
write$nci(0xffffffffffffffff, 0x0, 0x20)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x5, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x400, 0x33e, 0x0, 0x0, 0x0, 0x4db, 0x8, 0x2, {0x4, 0x40}, {0x9, 0x1, 0xfffffffd}, {0x1}, {0x3, 0x0, 0xffffffff}, 0x0, 0x100, 0x10000040, 0x3, 0x0, 0x1, 0x0, 0xfffffc40, 0x2, 0x400, 0x100000, 0x10004, 0x21, 0x4, 0x0, 0x7})

8.307256465s ago: executing program 6 (id=2833):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0xe656b000)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000000680)=[{&(0x7f0000000040)="9e906f815885b5a130cc5fdf35ebe5bf10c1ee732276ab9ce71582", 0x1b}, {&(0x7f00000002c0)="eead31326b4d1b9ef561f2bd94226ab3649f536ec801c0a8c9bf9c378617351af35260072e05b2fbb32d5c54c46bf153b1c5f0be0e4b1002478bdec2eef4baa2e808c571192e27b035a832cc7dcf036af75945cfc8549b978858305158a7608a4438dc17ee6b0f85c0aa0d9459efed544e3fcf3e6dedad06c1b023bd817bb6ea2c8a3001459d36c8e185b80c53ed046e0987069ea61eea6290cddd3026242e17ad9b25368bb6d6a899200a2f40cb320bf54c7f34d5dcaeb21bd34d5c2f138ad40e27ea103b2b67dd424065776a689b320d509204ff527ff34e412ad9c43870e4344c51", 0xe3}, {&(0x7f00000003c0)="ba1f9eb6a0fd90eb284731a7222b46608176b1562f11a5bba83f2b81aca07de14258345faf93bca8c5e06718441c93ba559f610cc05b38fe4e6feea21fdfc4d9c9440632f5a08c0a8390b8b5d6c5daef4d", 0x51}, {&(0x7f0000000100)="b0dd19d3fcf3c31e420bf51c5624d03c8d15b1", 0x13}, {&(0x7f0000000440)="82fa5329edcd5d9cd3cf2076f8b4f2920adc4be58e7764d204ae72c1aa3ea7461b099a685a3dcf7aed79bafd1487cb09e62b47f9abe88d17313dcc697882546e6f9ac42c94333368e50319aa1d21634e7789e4ea3f73c0669051d858a30eb3c1f587f8659c4902bb34596fb3f2d7f526a0e031b18f9742f5c504158f71d9a2b10128c9555913c2b89effc6d0746b4f64c3a3c1385d8fb1cea5065848f99a9c63075349c09fae2b69403f", 0xaa}, {&(0x7f0000000540)="09fa3de22382b2947d58e62948658da4935120809343d380ef0c3a641a4d9c854a1c8a0d3280dafd68d476b34d2542acb35d18950bb1bfae5dd06899d353c46fe308460a4958012d42326ad9460095cff79873f7454a141f7135ebb0f24349431adf3f7384bafbf3ad6a9423ea053b6a4b15fac10f8e4698bbd3b9966f9fc6726f2e655566199db0e51c9169e2335ce61c4d3c221552f82f531a5995", 0x9c}], 0x6)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@dellinkprop={0x34, 0x6c, 0x1, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x20, 0x2800}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'bridge0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4044064}, 0x40000)
setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000000)=0x1000, 0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
ioctl$HIDIOCINITREPORT(r3, 0x4805, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r5 = openat$cgroup_devices(r4, 0x0, 0x2, 0x0)
write$cgroup_devices(r5, &(0x7f0000000500)=ANY=[], 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r9 = openat$cgroup_devices(r4, &(0x7f0000000240)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r9, &(0x7f0000000280)={'b', ' *:* ', 'rm\x00'}, 0x9)
r10 = socket(0x2d, 0x2, 0x0)
connect$qrtr(r10, &(0x7f00000000c0)={0x2d, 0x0, 0x4000}, 0xc)

7.218712055s ago: executing program 5 (id=2834):
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8000, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x48, 0x10, 0x439, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x9801, 0x1303}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @sit={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_SPORT={0x6, 0x11, 0x4e21}, @IFLA_IPTUN_LOCAL={0x8, 0x2, @private=0xa010102}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @empty}]}}}]}, 0x48}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
ioctl$FIDEDUPERANGE(r5, 0xc0189436, &(0x7f0000000100)=ANY=[@ANYBLOB="3a45fa4d91380990c10fb1010000000000000600"])

5.623717725s ago: executing program 2 (id=2835):
r0 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r2, 0x29, 0x37, 0x0, 0x8)
sendmmsg$inet6(r2, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x0, @dev}, 0x18, 0x0}}], 0x6c00, 0x48)
r3 = syz_io_uring_setup(0x6fd6, &(0x7f0000000080)={0x0, 0xb405, 0x20, 0x2, 0x49}, &(0x7f0000000000), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_FILES(r3, 0x2, 0x0, 0x0)
r4 = fanotify_init(0x200, 0x0)
fanotify_mark(r4, 0x161, 0x40000867, 0xffffffffffffffff, 0x0)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x4)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
vmsplice(r5, &(0x7f00000009c0)=[{0x0}], 0x1, 0x7)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000fd41fd01020400003900120002002800000219002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)
fchown(0xffffffffffffffff, 0xee01, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x4, 0x0, &(0x7f0000000100)="e0b9547e", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

4.488435676s ago: executing program 5 (id=2836):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
socket$packet(0x11, 0xa, 0x300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
socket(0x10, 0x803, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
ioctl$FE_GET_PROPERTY(0xffffffffffffffff, 0x80106f53, 0x0)
socket$rds(0x15, 0x5, 0x0)
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4)
syz_emit_ethernet(0xbe, &(0x7f0000000080)=ANY=[@ANYBLOB="2c1ffae7b9cc8d8ce93725f4161a589f6f31d83a625645807d8dd6498b836bec3b53bbf487653a42c2c4b11785"], 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000001400), 0x101)
epoll_create(0xff9)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB='lock io+me'], 0xc)
write$vga_arbiter(r2, &(0x7f00000002c0)=ANY=[@ANYRES16, @ANYBLOB="025409c3ac14d408ebf35d3b97c5799ccc021fd220019fb74b9eaff375f9640d988184aa507921339cd69fb7c86b962394e1c0d7c5e6a0761bdbbeb11addb1eb104778144f81991ed04283447fffcdb2b0fb148a589881e4", @ANYRESOCT, @ANYRES32, @ANYRESOCT=r1], 0xd)

4.014472875s ago: executing program 2 (id=2837):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000009c0)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0xb0000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
write$uinput_user_dev(r1, 0x0, 0x0)
r2 = getpid()
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f0000000280), 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$radio(&(0x7f0000000180), 0x3, 0x2)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(r0, 0x7a4, &(0x7f0000000380)={{@host}, 0x59, 0x2800000000000000, 0x1, 0xfffffffa})
socket$nl_generic(0x10, 0x3, 0x10)

3.97863195s ago: executing program 1 (id=2838):
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000880)={0x0, 0x2, 0x1, [0x1, 0xeb5b, 0x6, 0x2, 0x100000000], [0x1, 0x1, 0x6, 0x2ca, 0x4, 0x200, 0x5, 0x5631, 0x7, 0x5, 0xfffffffffffffff7, 0xaf, 0x100000001, 0x7, 0x6e0, 0x86e, 0x2, 0x4, 0x1, 0xfffffffffffffffe, 0xfffffffffffffff7, 0x7c, 0x8, 0x2ad6, 0x8, 0x1, 0x0, 0xa, 0x80000001, 0xd, 0x10001, 0xd, 0x5, 0x1, 0x1, 0x1, 0x1, 0xffffffffffffffff, 0x4, 0x7, 0x8, 0x7, 0xb, 0x3, 0x0, 0x9, 0x10001, 0x1000, 0x2, 0x200000008, 0x64, 0x280000000000, 0x2, 0x4, 0x7, 0xa, 0x3, 0x8, 0x2, 0x0, 0xa0000000000, 0xfffffffffffffff5, 0x7, 0x3, 0x176, 0x15f, 0x0, 0x5, 0x4, 0xfc72, 0x9, 0x2000000010, 0x7, 0x2, 0x6, 0x81, 0x2, 0x1, 0x10000000100, 0x0, 0x9, 0x2ce1, 0x7f, 0x8, 0xeab5, 0xffffffffffffffff, 0xf000000000000000, 0x6, 0x10001, 0x2b6, 0x1, 0x2e06ffea, 0x10001, 0xf2d5, 0xffffffffffffffff, 0x2b6b, 0x1, 0x4, 0x5ac, 0x7f95, 0xd13, 0x2c, 0x1ff, 0x1000, 0xd05, 0x1, 0x9e, 0x8000000000000000, 0x3, 0x0, 0x3, 0x5, 0xc, 0x6, 0x6281, 0x10, 0x7f, 0x7, 0x3, 0x3, 0x7]})
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mdstat\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(r0, &(0x7f0000000000)=""/42, 0x2a)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000240)={0x101, 0x8, {}, {0xffffffffffffffff}, 0x9, 0x7})
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x0)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x86, 0xffffffff, 0x2})
ioctl$FIBMAP(r3, 0x1, &(0x7f0000000040)=0x85)
getdents(0xffffffffffffffff, &(0x7f0000000500)=""/198, 0xc6)
mknodat$loop(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x4, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000040)={0x28, 0x3, 0x0, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1})
ioctl$SNDCTL_TMR_TEMPO(0xffffffffffffffff, 0xc0045405, &(0x7f0000000040)=0xef)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x5, 0xfffffffffffffffd, 0x8001, 0x0, 0x1000001000, 0x45}, 0x0, &(0x7f0000000080)={0x3ff, 0x4, 0x100000, 0x9, 0x0, 0x10, 0x80000002}, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

3.938886275s ago: executing program 7 (id=2839):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = syz_io_uring_setup(0x54d, &(0x7f0000000040)={0x0, 0x735a, 0x100, 0x805, 0x350}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x5}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x6000, @fd_index=0x5, 0x73, 0x0, 0x0, 0x1e, 0x1, {0x3}})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

2.371859009s ago: executing program 5 (id=2840):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_cred(r0, 0x1, 0x47, 0x0, &(0x7f0000000080)=0x8)
openat$full(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @broadcast}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000140)="be38", 0x2}], 0x1, &(0x7f00000004c0)=ANY=[@ANYBLOB="1c0000000000080000000000000000006ac68f0e56ac6b1faa8343800baf1f23a2a8964413a084e7298176215af0c86852ec766309970f42e7204f9269b1e3dcd68fbdd1d49f5bec219d1ebde65117099f22b2e351df58852b40e51eb958649d7caaf43e08b5020d46aac3e1f4035183554e10b8924981d192030bb9fe504efa21aaa08f3986b03abc066d025b7dbd024ca86652f3938bfa7529cd524c3b691bac3ea5615ca1fa0449ab86f1d9901e212da4ecbbdab0c90fb35b15f69510c8e314a471ce48b417ecd1a7ef19744388a62327d1ee5dd783f5dbd6f6f60e387a2f528d1dfad98c17de5a19bc7b6496076f57c2b778763b7f7ccef9d8ba434b5c7b", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b0014000000000000000000000007"], 0x38}, 0x4000000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r3 = getpid()
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000200)=ANY=[@ANYBLOB="4800000010000d0490bd7000fcffffff00000000", @ANYRES32=0x0, @ANYBLOB="b2000600410c04000a0001000000000000000000140035006d6163766c616e30"], 0x48}, 0x1, 0x0, 0x0, 0x8840}, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000040)=0x51)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r6, &(0x7f0000000180)=ANY=[@ANYBLOB='SYNTH \'Mic\' 00000000000000000000\nIGAIN \'Capture Volume\' 00000000000000000000\nVOLUME\nLINE\nMONITOR\nCD \'CD Capture'], 0x86)
r7 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card2/oss_mixer\x00', 0x0, 0x0)
dup3(r7, r6, 0x0)
r8 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r8, 0x4161, 0x0)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)

1.948017367s ago: executing program 1 (id=2841):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="2800000035000701feffffff00000000017c00000c00018006000600800a000008000280"], 0x28}, 0x1, 0x0, 0x0, 0x48815}, 0xc000)

1.930622457s ago: executing program 7 (id=2842):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x0, 0x34}, 0x28)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000500)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000140)='cubic', 0x3)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r3, 0x40000000af01, 0x0)

1.612696015s ago: executing program 1 (id=2843):
syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xf635, 0x2000, 0x0, 0xfffffffc}, &(0x7f0000000240), 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={<r4=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4, @local}]}, &(0x7f0000000240)=0x10)
setsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000040)={r4, 0x6}, 0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
setresuid(0x0, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x2}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000000c0)={&(0x7f0000000a00)="2ec62918839c76120082058a8d001cadfc9ad5c80a4444681c0eaef58dc50ea8463fe93a87ff4f3bcca0f480469383243d731aaffad64bcc7497440fbe0114b08487b941904b0eb8ee67a8cd9117d1593b7ab0e79f7b73e0e504aa84abebe09663bc17cd8d4949d73d7c7bbbb60fef61a1251dab8c762de7d0a6f8f412f0cc3cd1de7d5df9b2f93746db69c33103f5ba20e5c334fbe2d9aa165c086e41b6439295ca5fd0e069baa57cc138ee4fb2ed1d417c494ccd1f7f83db92532abf400cb4a4eb3d6f925ff7ee3dd9beb779ca1bdaf1125f7b669c4abd8f45a7bf503d7bcef9d753a8bbd1f95d2b670039b290881f22f8b65ed2fc436b425b865d9cf91c66838dfd0e9ffdc2ed266d32fd23371dc9c706c4bac963866dff9794f8af5c7e4425ee4cabd5ebc8f2aa6b62e61c7ea526a8a3cad6a0df25ba227ca74d7f6fdf1ae2f559491837c777aafc87aff7b2b37b5cbcefe3d017c1c4bf1c4566f6cc011911397b348005e100a205ae6eab8453987569047da76cd7bac8b4c5d6495c35df74094ce7deeb442d47adf64c405b4f43282eea7a49d882fd46aa925102806b50a0746f29866d2448f6b8a461d5c50529883c16afde62bc0a09357be2438f55671a7d4a1a7ebddca90ed53370d11cf1ce50b082279833eccd108606beea351e0eb011165fd85fff3f7973fb0a66edaea844df796d3213dbee43f57dc96da8cc254d400709073a7c44904c94513df4e1e74fb333d3d3f707a566ec8905297f27dbf960862d09bddef41d8054bce7b8ee4db874992689af0eeb81afe67bb238c4501f980d114594c18b72629acbd302a2f8f91aa9d60d70b5af891082cedf7da7e24185d572804729c147c5a7d3661279fdb3e7018579c46dfd0f51fa3c33b92c99d85fa38c7cf6a8a45abd340c69cc8173538fb846bd29b7b8c48bbdb54d540bd4cbe2707ac558917064ee772369d4d9a7ca515b0ea5f94d094ca03d4f4cb55b69e59f09a3f8273af98785f032f132f0f68d3828d690aba5ad4f06c946619d59c3acce0e7cda916b32a87a4937c1dff03ff474451241b10a159b82e13cc1aa7f4373a3af5ad7edb958af7be3cc7b5ac50da1968dd52886be57d6e376549249a885d38c23c532cbe6447f24a302cf455919ed59dcecc9547b6e3ac43fa4fa6386e8240c1c55f7830d395281e9980c3a58e748d6f6e00e88ff04e7f8c036c4ef692685f62848d4cf5edb1cbb0ea505fc476fe806409fd506b42858dcbd5630e5569feb0092d77141b71869713817bad9e0d53ca235446ba2b1ca21010ab47c48e66468acd8d07e85a162b54b3ab46701cf6891bac64091861c508daa556ef06aedebe04685db1387faf00ffa0fe8d4a04ed1d2e91cb110d0e202ad4d5b398e261265ffd91f07c2d5d9ec5a465309a1b1e182f1964858545d8fb1dc3bcb4cb72d3090b3639dcc7f66f900ce3fe3b602c6d307808a528dbc93f7c38d2b5d275bd0c2e08aecb10c930530cc2d0a5447708417f93656b4bcf91f99f6cb85e38e38ee540a2a04b8b44bc993f5e135cfa692a80ccac79e7a4f69d272502fd04a5641d860a52850dffd1a8acc90507b4afd2ba6d6b9dab8c9fc40db75c5c7a6c138252dd740cf6f33495db4fbd1a8ad98a50e1e320f1385261c877f2c38c74fedea4f7f29006d49b37ad82d2d242dbccdddb61e41df7e1183e64133342a73371a1a320fe411ee662d4687bb486415357ebc806968a1d2e1cbfea080850942093643a201392630767699a7b9753cbfe259c5060f9a65f4b81fdc317a8d9d7818fca15dac85ac6461110eb0e5cdf4a0545f352091d4fbe20e7143c5cd7045a10b8f306c5e30b8a78a2e4bb5f68c7e487d5d4f594cc74f18b3c342b838b27fd3f650b5e4ca47c4c745d28e4e6551427115bca56e282d487e7016fa6556de2e78c272905011ec7f6d76f8513c222a21cc129cc5b106e6023cb6250884d9e2a373c6cfdd46d42ba946fe7efcc72620f4e96ba8917d7f46c49aab5cfd9dd9223596e85193099506561c30da1ea094b97fb9b0e8f925a76772d6642ac203d832141deef392cc1f44c6d6a75a57b69f0e51e681dd1f167a7ecc172e05034d3ce4a140d38caea1d70854a165b93c405799ee7b7a20f11c83d676c865bae23b5984963eca96d60eed740212cd889e61d2dd42e9b2cd63a32d1516662aa2a394cd365b9ef6c24fa00e7cb54168ea85cac0be7f40b0f464d0ba2f02a2c43b3f1b97f93acca3b7ec766cb1c72937ba851791240dc62700f266c64c385b0f9d26ecde162e7d3c6174d39eb9e0ab1c3c96605e56ac6e5c78745723196d0ac004b4e434e6b84d2a3af89673e670eeeec2b80db4a60faec70e40615ecd62fffaba781b611dec79cdf9e07fd18a71c85260a7c631ce036b658ee33b155fcef5977f43f112e5e84f03072ad2854d8fc2b662454cd068839067eb1e38a3d91f7fa0a39a322b64d6f7a7ba034deebb4e3c4a7863b7480d8d4ed8799acdd4e71cd9c88240bb6c8f603e68647070468343c07ce09310697db2520ca74df44fcdf21495b3c9d196fc507903cd0073873e037d9471295edd314c911cb243b809b04e970d668a064fc9008877f396650ae15f79185de3f890d4b81d2568befc10d2a57f4914eb00a42f9c25c2c85e9fec72b19a6c1e4e0cb9d2b783dd728205a7999bef1d5f0263d0a4f7b8fe8ce5d287dcc0f7380bbaab71b32e35aa7a94445dc3fe24b1307af0c0347906ff7df20aa82294a7d28909dd6da38e0136726709ad1a08e1df4cc5fea46047c6ddf5dff52895cd44ede8bb661c33b2fbebc9b830b8878945e7bfe61e2f73dc49604432f2644d1f1dfe9c6bc053204e419f38378293b355fa9848163cda7ea475a06c822fd32b034cb3e622d575eb491127628917d8b859a7ea3ee36b427d9aa0459e746d3916a49a6eec6a69e0e7e3d25723e47af15456318397be65437e721f1dcb531bc15d51b45049a6e29f3e447aa8680f193b80aac533fa983c7c271383b3fb76ab7013e47308e776bddde7194ff3266b8bb402d9dc3c10b31c421571ad462c1290815dda03d9a229c2224fe5a8ac635da0018a7f8433772751a4ac7fd2ed97f000f525ec36de37480b15cdfaa007f1e4b957e17ea445f975e7f49b21cb62ab4506c28dc5251e76ac245451cfa33f514c030e959f8d49a1cdef4cd480dc35e35f2b1729757708a0cc9bc43e22a358a0a590bfc64d19d777b8ccdd3f991b3b80b8090c047ca75a400e470bdee9090484a7988fa2209accf7d734bb5d3a4d1951340f65677b100a2f8bb3d4c50e018b64d718465896443e081f96cdb6de8b8c5a70d2353f90a1a9e64f0673d0cd4b99b8982702de361a3690051372ff7caddf18d9569c7f4026a5c70a01b92f791f2a00f0c67963277926d1b80cba2d611c1cf399f2cab7806d4d656f904e8fa68e5f89e51b40d0f4e76a64a8788b22d85c9b42c86882610397e11770b8255dc9a53aab9301d29ba5354aca37ed3bb2f3bd696591d02b087beac293052fbaab1ffe3de5b1ed9f5e7ce38420d97cc94c09cd302424d4e0ce8dd899034c3fa27b092b56c928bdee164d27a882908cd03e4522204bab4eb3546d1fa3e15425706c40d08ea389652315e65cf31f3eb2a752a4c7ffe379d02e5ce70d83885df3686d582616d182ec96efad63cff14dba27b00f6e46be563b66657694e1a9c972b61cf87ec3c4dd04868b3928e9bf222a8518456db71ce86c53062bea0058657bfebb11a40f6930b10ff6272a6589334d7f53cfbfbe9f6d2adc1dfd9666913a99f39e00b840006e8b4720e803050bcbb20fc0aec459b3a4a77992844431114647b6d09c81c4ab5c04e82c2637927a53ecdf38e07da0b1570314b70ead1dc08814d45401e6e3d5f145d304e5b7fa76af48452b59652a5076324a7a625686aee3fbccaef4b6308ec5255e5f53c14fc155f0eb224df6c247ca1ee2db4d2c5ef08ea65acadf4c140404032f31f9b31919c948c19137a37bd3a94cf2e93a05d2a044920476f5e4194be78866cdea30af5177aac7e94a8d0a76fd9a150c66b5039c8c12f94954670fec4e1602b37f4e0b9976a7b24f3834fe7ccde90902329368f7072d086f2149f15fb4770e73a1f7e2d88c20d839082af6437896188a07315af03c07138d555b2395b8b38372613b9e8527084fd2298d13b1d3a4cad7c192e954123f82dc0b487cf1dba785b0acbad43724b847337e7c9a9d01f9832952ccfe9d7c0d1c59580b7d9177d0663b31357ed5cd424235711eda7dc8bcfc5372321d6906fdd7ecb9b9ef0f6cb6033e62ccba2e276e1ea40a8ff8f9f6478662f734d8bf797b4eb5c788a255489cb9881197f795dec9584d8848b2a5d52f0caa1cbc461f4883f4e08f75882cc149aa6fccbf26ab1d0dde0e4425093d20c756f4a58434fb901a25d114a1573233ebb063330f3894285c503f6c74b3bb3a026b6fd3222f60bfe613f320c6d788e1f1fef05e26b3a6aaae80ad36202d6a2fe2d4f580257f3fcbf58e305f1efc78300e85c6eed622a8ab63b822fc9c197ad11e19f90743e567f8dd244750ed51f0b5592f04ffaa520b7e9757c749c264645e2eadb19aad133ab2237359d88de5ca4e11efab54b85531ebfb61eb1816abebbc54ed64d197c6b96ec1e043eeb11f48080fdde556773ee91c15bd86b0126c94b7e549888294de0176de3fba25ce3b55fddf73ad9989af2cac58b42e32683af9595c54c8352e587faab21d5a346c1da4eaa834f1621732f6678eae4e46b9c6ff5f0bc30cc5526d09a7e9bbd3c475b3ce627f26aab5f54589ec7c3c72c8d7e8215016c7fd909200c63a83272f8b8079b7be6a336422ec3bf8a980774b979b9a81d4d4da39f530c6f739ae2576924f6c14f295b0be263076f7e993ded8be6995f912461bec7cf172afbaa4ad0c8a0b886790d3d1984712dc5b0faa2d5c7b4f691fdabe5c629768a25939870779113a2119dc6ca24ea87c85a05b8b5c7c83ced15d61679bf6dcaea89139fe89b7463cac639f3fc64f9f701ceec2be930ad00162f3edd3e69e783fcc50299ef1c9cf2d04483b3c96f64357cb02babe11bd36bf6c3d4e8008c67998272b3ac8b20c39b0f9b1c9c09885fdb40425c1ece88f790ee9e660e7fba7237f8139f43f7a670735c932b5634a26d980819578c68ec563bd6eaa15e9e11ddf8eb5bf043b3204fa6a2d31be0a9ed8958728de9093d0af783e254ee7ca154f21690b847b9d6106c020c75bca7f44a7f91bdce40418bc6a9b9b8d8ddb498956435a2b07120f64f37a159cc8e5c3a94ffbb4869b0b0be319813dc6c36afb43a5ba77739b42229d4d2353d74a11d9aebb884b0f4c08b9353e9a3fa551fcb062227328bc5195eabbbc9b7f46016ce62d89cdff5653f5f22186535fb67d81b838cd9285d814cbe606e3f722f2184d1cd7e649ca4b4be881663b8b33916276e9ed31a356927e252e17ea4b1c8aba4e3e2c5c7ecfca12279cb4cb23e59bb506b6246a1cc46d73e6a22fd6409857f2f53dcc511f61699d4eb2c62b7a74ca8018ffebccbab781f873b880b3949e126b8989967ba78eba6118b869646c3463878e12d2d306ee06d290aeed041c96e20ff71bbb7766545f73122aeca8c0861f27678e8c09f9672584cec0eb81df4f69ef0c02f33f4c89e418844f812dcb6236eddfacc03ae1", &(0x7f0000000040)=""/17, &(0x7f0000001a00), &(0x7f0000000340)="fde7652b71e30d6b71a557d49c9bf726630b4fca1e29fa8b1562b2a12cc6cdd2706a37a184faba4cf52cba74ad98404d888f9148cfad492be378615449b89839af32e501bd796eadad3dc0c73d92e37287104ce4b14ea94b0570a9e102071cdb45307c69f84255cdb11855cc3a525cd9685374a1fffd84391eab5f339a97eb6533aa0c3387999d531b94d8977dd24f1fe613e863a5cad547cc2de65db3035650e1b77359d7eaddd0ea5f8b5819c24675c9e3043809251b2c97d05c9f9dde7346cd0b6f4fec447262a801073510d9eee53652", 0xd865824c, r6}, 0x38)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wg0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x5}, {0xfff1, 0xffff}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @qdisc_kind_options=@q_clsact={0xb}]}, 0x40}}, 0x10)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r8, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r8, 0x90004)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
accept(r8, 0x0, 0x0)

1.181147083s ago: executing program 5 (id=2844):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
writev(r0, &(0x7f0000000680)=[{&(0x7f0000000040)="9e906f815885b5a130cc5fdf35ebe5bf10c1ee732276ab9ce71582", 0x1b}, {&(0x7f00000002c0)="eead31326b4d1b9ef561f2bd94226ab3649f536ec801c0a8c9bf9c378617351af35260072e05b2fbb32d5c54c46bf153b1c5f0be0e4b1002478bdec2eef4baa2e808c571192e27b035a832cc7dcf036af75945cfc8549b978858305158a7608a4438dc17ee6b0f85c0aa0d9459efed544e3fcf3e6dedad06c1b023bd817bb6ea2c8a3001459d36c8e185b80c53ed046e0987069ea61eea6290cddd3026242e17ad9b25368bb6d6a899200a2f40cb320bf54c7f34d5dcaeb21bd34d5c2f138ad40e27ea103b2b67dd424065776a689b320d509204ff527ff34e412ad9c43870e4344c51", 0xe3}, {0x0}, {&(0x7f0000000100)="b0dd19d3fcf3c31e420bf51c5624d03c8d15b1e14a67408bf72f752a10422d1bcfd895df7a", 0x25}, {&(0x7f0000000440)="82fa5329edcd5d9cd3cf2076f8b4f2920adc4be58e7764d204ae72c1aa3ea7461b099a685a3dcf7aed79bafd1487cb09e62b47f9abe88d17313dcc697882546e6f9ac42c94333368e50319aa1d21634e7789e4ea3f73c0669051d858a30eb3c1f587f8659c4902bb34596fb3f2d7f526a0e031b18f9742f5c504158f71d9a2b10128c9555913c2b89effc6d0746b4f64c3a3c1385d", 0x95}, {&(0x7f0000000540)="09fa3de22382b2947d58e62948658da4935120809343d380ef0c3a641a4d9c854a1c8a0d3280dafd68d476b34d2542acb35d18950bb1bfae5dd06899d353c46fe308460a4958012d42326ad9460095cff79873f7454a141f7135ebb0f24349431adf3f7384bafbf3ad6a9423ea053b6a4b15fac10f8e4698bbd3b9966f9fc6726f2e655566199db0e51c9169e2335ce61c4d3c221552f82f531a5995", 0x9c}], 0x6)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@dellinkprop={0x34, 0x6c, 0x1, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x20, 0x2800}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'bridge0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4044064}, 0x40000)
setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000000)=0x1000, 0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
ioctl$HIDIOCINITREPORT(r3, 0x4805, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r5 = openat$cgroup_devices(r4, 0x0, 0x2, 0x0)
write$cgroup_devices(r5, &(0x7f0000000500)=ANY=[], 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r9 = openat$cgroup_devices(r4, &(0x7f0000000240)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r9, &(0x7f0000000280)={'b', ' *:* ', 'rm\x00'}, 0x9)
socket$nl_route(0x10, 0x3, 0x0)
connect$qrtr(0xffffffffffffffff, &(0x7f00000000c0)={0x2d, 0x0, 0x4000}, 0xc)

1.267168ms ago: executing program 2 (id=2845):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000340)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x108})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
socket$nl_route(0x10, 0x3, 0x0)
syz_io_uring_setup(0x867, &(0x7f0000000140)={0x0, 0x9164, 0x1000, 0x1, 0x359}, &(0x7f00000002c0), &(0x7f0000ff4000))
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)

0s ago: executing program 7 (id=2846):
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8000, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x48, 0x10, 0x439, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x9801, 0x1303}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @sit={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_SPORT={0x6, 0x11, 0x4e21}, @IFLA_IPTUN_LOCAL={0x8, 0x2, @private=0xa010102}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @empty}]}}}]}, 0x48}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
ioctl$FIDEDUPERANGE(r5, 0xc0189436, &(0x7f0000000100)=ANY=[@ANYBLOB="3a45fa4d91380990c10fb1010000000000000600"])

kernel console output (not intermixed with test programs):

[T14139] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1332.377405][T14139] bridge_slave_0: entered allmulticast mode
[ 1332.903531][T14139] bridge_slave_0: entered promiscuous mode
[ 1332.934741][T14139] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1332.934880][T14139] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1332.935170][T14139] bridge_slave_1: entered allmulticast mode
[ 1332.963403][T14139] bridge_slave_1: entered promiscuous mode
[ 1334.570671][T14153] chnl_net:caif_netlink_parms(): no params data found
[ 1334.658434][T14139] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1336.136572][T14139] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1336.733883][T14310] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1338.494026][T14139] team0: Port device team_slave_0 added
[ 1338.518912][T14139] team0: Port device team_slave_1 added
[ 1338.729242][T14139] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1338.729262][T14139] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1338.729336][T14139] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1338.779440][T14153] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1338.779649][T14153] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1338.779902][T14153] bridge_slave_0: entered allmulticast mode
[ 1338.822526][T14153] bridge_slave_0: entered promiscuous mode
[ 1340.052571][T14335] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1340.206355][ T5879] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[ 1340.241498][T14139] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1340.241517][T14139] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1340.241547][T14139] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1340.269121][T14153] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1340.269567][T14153] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1340.270301][T14153] bridge_slave_1: entered allmulticast mode
[ 1340.313592][T14153] bridge_slave_1: entered promiscuous mode
[ 1340.362615][ T5879] usb 4-1: Using ep0 maxpacket: 32
[ 1340.365038][ T5879] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1340.366402][ T5879] usb 4-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[ 1340.366430][ T5879] usb 4-1: config 102 has 0 interfaces, different from the descriptor's value: 1
[ 1340.368955][ T5879] usb 4-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=d9.27
[ 1340.368989][ T5879] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1340.369004][ T5879] usb 4-1: Product: syz
[ 1340.369015][ T5879] usb 4-1: Manufacturer: syz
[ 1340.369035][ T5879] usb 4-1: SerialNumber: syz
[ 1340.496444][T14153] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1340.543276][T14153] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1340.729409][T14139] hsr_slave_0: entered promiscuous mode
[ 1340.730814][T14139] hsr_slave_1: entered promiscuous mode
[ 1340.731960][T14139] debugfs: 'hsr0' already exists in 'hsr'
[ 1340.731987][T14139] Cannot create hsr debugfs directory
[ 1340.860746][ T9488] bridge_slave_1: left allmulticast mode
[ 1340.860776][ T9488] bridge_slave_1: left promiscuous mode
[ 1340.861162][ T9488] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1340.947409][ T5879] usb 4-1: USB disconnect, device number 19
[ 1340.953655][ T9488] bridge_slave_0: left allmulticast mode
[ 1340.953731][ T9488] bridge_slave_0: left promiscuous mode
[ 1340.972050][ T9488] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1341.823466][ T9488] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1343.741956][ T9488] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1343.829896][ T9488] bond0 (unregistering): Released all slaves
[ 1344.089936][T14153] team0: Port device team_slave_0 added
[ 1345.575538][T14153] team0: Port device team_slave_1 added
[ 1346.052743][ T9488] hsr_slave_0: left promiscuous mode
[ 1346.080434][ T9488] hsr_slave_1: left promiscuous mode
[ 1346.089584][ T9488] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1346.115524][ T9488] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1347.013440][ T9488] team0 (unregistering): Port device team_slave_1 removed
[ 1347.114642][ T9488] team0 (unregistering): Port device team_slave_0 removed
[ 1347.411062][T14153] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1347.411077][T14153] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1347.411097][T14153] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1347.444319][   T10] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[ 1347.478896][T14153] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1347.478915][T14153] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1347.478943][T14153] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1347.607389][   T10] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1347.607422][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1347.607512][   T10] usb 3-1: Product: syz
[ 1347.607529][   T10] usb 3-1: Manufacturer: syz
[ 1347.607545][   T10] usb 3-1: SerialNumber: syz
[ 1347.674206][   T10] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1347.771773][ T5984] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1349.306789][    T9] usb 3-1: USB disconnect, device number 27
[ 1349.410363][ T5984] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[ 1349.410876][ T5984] ath9k_htc: Failed to initialize the device
[ 1349.418274][    T9] usb 3-1: ath9k_htc: USB layer deinitialized
[ 1349.551339][T14153] hsr_slave_0: entered promiscuous mode
[ 1349.552274][T14153] hsr_slave_1: entered promiscuous mode
[ 1349.566424][T14153] debugfs: 'hsr0' already exists in 'hsr'
[ 1349.566451][T14153] Cannot create hsr debugfs directory
[ 1350.716579][T14408] fuse: Invalid rootmode
[ 1351.117054][T14421] program syz.3.2075 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1351.537684][T14425] program syz.2.2076 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1353.046141][T14139] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1353.102529][T14139] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1353.351376][T14139] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1354.566312][T14139] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1355.780037][T14153] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1356.036423][T14153] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1356.152571][T14153] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1356.225033][T14153] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1356.755499][T14139] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1356.884069][T14139] 8021q: adding VLAN 0 to HW filter on device team0
[ 1356.967300][T14488] program syz.3.2087 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1358.334712][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1358.334870][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1358.632568][T14153] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1358.634709][ T1403] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1358.634813][ T1403] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1358.766422][T14153] 8021q: adding VLAN 0 to HW filter on device team0
[ 1358.828605][ T9817] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1358.828824][ T9817] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1358.866465][ T9817] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1358.866733][ T9817] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1361.799141][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.799224][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.873952][T14139] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1362.719540][T14153] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1364.807919][T14561] program syz.3.2098 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1366.951605][T14570] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1368.042872][T14139] veth0_vlan: entered promiscuous mode
[ 1368.206067][T14139] veth1_vlan: entered promiscuous mode
[ 1368.212984][T14153] veth0_vlan: entered promiscuous mode
[ 1368.300771][T14153] veth1_vlan: entered promiscuous mode
[ 1368.496106][T14139] veth0_macvtap: entered promiscuous mode
[ 1368.577578][T14153] veth0_macvtap: entered promiscuous mode
[ 1368.617524][T14153] veth1_macvtap: entered promiscuous mode
[ 1368.725449][T14153] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1368.785213][T14153] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1368.853430][ T9817] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1368.857033][ T9817] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1368.857533][ T9817] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1368.857804][ T9817] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1370.501271][T11360] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1370.527057][T11360] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1370.549775][T11360] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1370.576606][T11360] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1370.588942][T11360] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1371.122489][   T10] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[ 1371.312477][   T10] usb 2-1: Using ep0 maxpacket: 32
[ 1371.315205][   T10] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1371.316428][   T10] usb 2-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[ 1371.318777][   T10] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[ 1371.318806][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1371.318827][   T10] usb 2-1: Product: syz
[ 1371.318842][   T10] usb 2-1: Manufacturer: syz
[ 1371.318857][   T10] usb 2-1: SerialNumber: syz
[ 1371.596187][   T10] usb 2-1: Cannot retrieve CPort count: 0
[ 1371.596241][   T10] usb 2-1: Cannot retrieve CPort count: -5
[ 1371.596279][   T10] es2_ap_driver 2-1:7.0: probe with driver es2_ap_driver failed with error -5
[ 1371.879884][T14492] usb 2-1: USB disconnect, device number 26
[ 1372.441684][T11379] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1372.464033][T11379] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1372.472039][T11379] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1372.488434][T11379] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1372.514277][T11379] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1372.705158][T11379] Bluetooth: hci2: command tx timeout
[ 1372.716176][   T37] audit: type=1326 audit(1772277651.978:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14629 comm="syz.2.2107" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a52ccc799 code=0x0
[ 1374.602651][T11379] Bluetooth: hci1: command tx timeout
[ 1374.681153][T14651] program syz.1.2110 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1374.753618][T11379] Bluetooth: hci2: command tx timeout
[ 1376.672574][T11379] Bluetooth: hci1: command tx timeout
[ 1377.720367][T11379] Bluetooth: hci2: command tx timeout
[ 1378.752849][T11379] Bluetooth: hci1: command tx timeout
[ 1379.042651][ T5787] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 1379.388238][ T5787] usb 3-1: Using ep0 maxpacket: 32
[ 1379.874140][T11379] Bluetooth: hci2: command tx timeout
[ 1380.137515][ T5787] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1380.139062][ T5787] usb 3-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[ 1380.161772][ T5787] usb 3-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[ 1380.161804][ T5787] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1380.161825][ T5787] usb 3-1: Product: syz
[ 1380.161840][ T5787] usb 3-1: Manufacturer: syz
[ 1380.161855][ T5787] usb 3-1: SerialNumber: syz
[ 1380.487112][ T5787] usb 3-1: Cannot retrieve CPort count: 0
[ 1380.487166][ T5787] usb 3-1: Cannot retrieve CPort count: -5
[ 1380.487204][ T5787] es2_ap_driver 3-1:7.0: probe with driver es2_ap_driver failed with error -5
[ 1380.694917][ T5948] usb 3-1: USB disconnect, device number 28
[ 1380.832620][T11379] Bluetooth: hci1: command tx timeout
[ 1381.516785][T14600] chnl_net:caif_netlink_parms(): no params data found
[ 1382.393548][   T37] audit: type=1326 audit(1772277661.658:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14712 comm="syz.1.2122" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f50247bc799 code=0x0
[ 1382.674097][T14725] program syz.2.2123 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1383.821562][T14600] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1383.821708][T14600] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1383.821924][T14600] bridge_slave_0: entered allmulticast mode
[ 1383.850421][T14600] bridge_slave_0: entered promiscuous mode
[ 1383.905903][T14600] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1383.906032][T14600] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1383.906262][T14600] bridge_slave_1: entered allmulticast mode
[ 1384.156933][T14600] bridge_slave_1: entered promiscuous mode
[ 1384.190527][ T3885] bridge_slave_1: left allmulticast mode
[ 1384.190557][ T3885] bridge_slave_1: left promiscuous mode
[ 1384.190816][ T3885] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1385.612662][T14745] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1385.687787][ T3885] bridge_slave_0: left allmulticast mode
[ 1385.687816][ T3885] bridge_slave_0: left promiscuous mode
[ 1385.688117][ T3885] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1387.463170][ T3885] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1388.473479][ T3885] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1388.755844][ T3885] bond0 (unregistering): Released all slaves
[ 1388.807949][T14770] program syz.2.2133 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1389.505426][T14600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1390.608427][T14790] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1390.932632][ T3885] hsr_slave_0: left promiscuous mode
[ 1390.972676][ T3885] hsr_slave_1: left promiscuous mode
[ 1390.973781][ T3885] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1390.997998][ T3885] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1392.014353][ T3885] veth0_macvtap: left promiscuous mode
[ 1392.014666][ T3885] veth1_vlan: left promiscuous mode
[ 1392.014845][ T3885] veth0_vlan: left promiscuous mode
[ 1392.103942][T14800] fuse: Unknown parameter 'use00000000000000000000'
[ 1392.653756][ T3885] team0 (unregistering): Port device team_slave_1 removed
[ 1392.713095][ T3885] team0 (unregistering): Port device team_slave_0 removed
[ 1393.038526][T14600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1393.393057][T14631] chnl_net:caif_netlink_parms(): no params data found
[ 1393.452658][ T5984] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[ 1393.672465][ T5984] usb 4-1: Using ep0 maxpacket: 32
[ 1393.675775][ T5984] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1393.677286][ T5984] usb 4-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[ 1393.677312][ T5984] usb 4-1: config 102 has 0 interfaces, different from the descriptor's value: 1
[ 1393.899734][T14600] team0: Port device team_slave_0 added
[ 1393.912821][ T5984] usb 4-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=d9.27
[ 1393.912853][ T5984] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1393.912874][ T5984] usb 4-1: Product: syz
[ 1393.912889][ T5984] usb 4-1: Manufacturer: syz
[ 1393.912905][ T5984] usb 4-1: SerialNumber: syz
[ 1394.134187][T14600] team0: Port device team_slave_1 added
[ 1397.204119][T14600] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1397.204210][T14600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1397.204241][T14600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1397.219738][T14600] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1397.219757][T14600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1397.219793][T14600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1397.591003][ T5984] usb 4-1: USB disconnect, device number 20
[ 1397.637871][T14631] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1397.638000][T14631] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1397.638189][T14631] bridge_slave_0: entered allmulticast mode
[ 1397.641015][T14631] bridge_slave_0: entered promiscuous mode
[ 1397.731557][T14631] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1397.742522][T14631] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1397.771692][T14631] bridge_slave_1: entered allmulticast mode
[ 1397.798568][T14631] bridge_slave_1: entered promiscuous mode
[ 1397.863818][T14600] hsr_slave_0: entered promiscuous mode
[ 1397.864917][T14600] hsr_slave_1: entered promiscuous mode
[ 1397.865567][T14600] debugfs: 'hsr0' already exists in 'hsr'
[ 1397.865586][T14600] Cannot create hsr debugfs directory
[ 1398.041344][T14631] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1398.083170][T14631] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1398.506905][T14631] team0: Port device team_slave_0 added
[ 1398.569022][T14631] team0: Port device team_slave_1 added
[ 1398.704156][T14844] overlayfs: failed to resolve './file2': -2
[ 1400.758938][T14631] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1400.758953][T14631] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1400.758972][T14631] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1401.303183][T14631] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1401.303217][T14631] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1401.303239][T14631] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1402.260103][T14631] hsr_slave_0: entered promiscuous mode
[ 1402.261143][T14631] hsr_slave_1: entered promiscuous mode
[ 1402.261838][T14631] debugfs: 'hsr0' already exists in 'hsr'
[ 1402.261857][T14631] Cannot create hsr debugfs directory
[ 1403.702753][    T9] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[ 1403.822504][  T810] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[ 1403.854669][    T9] usb 2-1: Using ep0 maxpacket: 16
[ 1403.859940][    T9] usb 2-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.b4
[ 1403.859972][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1403.859986][    T9] usb 2-1: Product: syz
[ 1403.859996][    T9] usb 2-1: Manufacturer: syz
[ 1403.860007][    T9] usb 2-1: SerialNumber: syz
[ 1403.887382][    T9] usb 2-1: config 0 descriptor??
[ 1403.941535][    T9] gspca_main: spca508-2.14.0 probing 041e:4018
[ 1403.982520][  T810] usb 3-1: Using ep0 maxpacket: 32
[ 1403.991703][  T810] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1403.995582][  T810] usb 3-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[ 1403.995611][  T810] usb 3-1: config 102 has 0 interfaces, different from the descriptor's value: 1
[ 1404.027152][  T810] usb 3-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=d9.27
[ 1404.027184][  T810] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1404.027215][  T810] usb 3-1: Product: syz
[ 1404.027231][  T810] usb 3-1: Manufacturer: syz
[ 1404.027245][  T810] usb 3-1: SerialNumber: syz
[ 1404.622875][    T9] gspca_spca508: reg_read err -110
[ 1404.623314][    T9] gspca_spca508: reg_read err -32
[ 1404.623810][    T9] gspca_spca508: reg_read err -32
[ 1404.624220][    T9] gspca_spca508: reg_read err -32
[ 1404.626098][    T9] gspca_spca508: reg write: error -32
[ 1404.626206][    T9] spca508 2-1:0.0: probe with driver spca508 failed with error -32
[ 1404.793110][    T9] usb 2-1: USB disconnect, device number 27
[ 1404.877151][ T3885] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1405.072636][  T810] usb 3-1: USB disconnect, device number 29
[ 1407.186802][ T3885] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1410.376432][T14909] ceph: No mds server is up or the cluster is laggy
[ 1410.385103][ T5948] libceph: connect (1)[c::]:6789 error -101
[ 1410.385303][ T5948] libceph: mon0 (1)[c::]:6789 connect error
[ 1412.825620][ T3885] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1415.112824][T14929] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1415.773084][ T5948] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[ 1415.954162][ T5948] usb 4-1: Using ep0 maxpacket: 32
[ 1415.996830][ T5948] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1416.210340][ T5948] usb 4-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[ 1416.210443][ T5948] usb 4-1: config 102 has 0 interfaces, different from the descriptor's value: 1
[ 1416.231233][ T3885] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1416.259573][ T5948] usb 4-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=d9.27
[ 1416.259658][ T5948] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1416.259711][ T5948] usb 4-1: Product: syz
[ 1416.259752][ T5948] usb 4-1: Manufacturer: syz
[ 1416.259793][ T5948] usb 4-1: SerialNumber: syz
[ 1416.642716][ T5948] usb 4-1: USB disconnect, device number 21
[ 1417.524335][ T3885] bridge_slave_1: left allmulticast mode
[ 1417.524367][ T3885] bridge_slave_1: left promiscuous mode
[ 1417.524636][ T3885] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1417.634226][ T3885] bridge_slave_0: left allmulticast mode
[ 1417.634256][ T3885] bridge_slave_0: left promiscuous mode
[ 1417.634526][ T3885] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1417.671769][T14958] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2172'.
[ 1420.347223][T14980] overlayfs: failed to resolve './file1': -2
[ 1420.527570][T14981] overlayfs: failed to resolve './file2': -2
[ 1421.205814][T14983] fuse: Unknown parameter '0x0000000000000005'
[ 1421.563147][ T3885] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1421.616646][ T3885] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1421.639543][ T3885] bond0 (unregistering): Released all slaves
[ 1421.657874][   T37] audit: type=1326 audit(1772277700.918:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14998 comm="syz.2.2180" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a52ccc799 code=0x0
[ 1422.153212][ T3885] hsr_slave_0: left promiscuous mode
[ 1422.176894][ T3885] hsr_slave_1: left promiscuous mode
[ 1422.178010][ T3885] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1422.178035][ T3885] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1422.237330][T15013] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2182'.
[ 1422.464090][ T3885] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1422.464121][ T3885] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1423.388351][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.388430][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1424.505208][T15026] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1425.766016][ T3885] veth1_macvtap: left promiscuous mode
[ 1425.766128][ T3885] veth0_macvtap: left promiscuous mode
[ 1425.766397][ T3885] veth1_vlan: left promiscuous mode
[ 1425.766576][ T3885] veth0_vlan: left promiscuous mode
[ 1427.055023][ T3885] team0 (unregistering): Port device team_slave_1 removed
[ 1427.989240][ T3885] team0 (unregistering): Port device team_slave_0 removed
[ 1428.341733][T15038] fuse: Unknown parameter 'fd0x0000000000000005'
[ 1428.739672][T15047] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2192'.
[ 1430.208120][T14600] netdevsim netdevsim6: probe with driver netdevsim failed with error -12
[ 1430.524836][T14631] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1430.587895][T14631] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1430.634428][T14631] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1430.714390][T14631] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1431.065330][T15082] fuse: Unknown parameter 'fd0x0000000000000005'
[ 1432.114647][T11360] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1432.167272][T11360] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1432.169352][T11360] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1432.188954][T11360] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1432.189914][T11360] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1432.626374][ T9477] bridge_slave_1: left allmulticast mode
[ 1432.626409][ T9477] bridge_slave_1: left promiscuous mode
[ 1432.626730][ T9477] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1432.685829][ T9477] bridge_slave_0: left allmulticast mode
[ 1432.685861][ T9477] bridge_slave_0: left promiscuous mode
[ 1432.686258][ T9477] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1433.210832][ T9477] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1433.285465][ T9477] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1433.370542][ T9477] bond0 (unregistering): Released all slaves
[ 1433.697827][T11379] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1433.703609][T11379] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1433.727339][T11379] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1433.784489][T11379] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1433.799628][T11379] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1434.112900][ T9477] hsr_slave_0: left promiscuous mode
[ 1434.152715][ T9477] hsr_slave_1: left promiscuous mode
[ 1434.153573][ T9477] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1434.207090][ T9477] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1434.272562][T11379] Bluetooth: hci2: command tx timeout
[ 1434.633282][ T9477] team0 (unregistering): Port device team_slave_1 removed
[ 1434.683220][ T9477] team0 (unregistering): Port device team_slave_0 removed
[ 1436.933749][T15111] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1437.020180][T11379] Bluetooth: hci1: command tx timeout
[ 1437.021617][T11379] Bluetooth: hci2: command tx timeout
[ 1437.356715][T15115] program syz.2.2202 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1437.935292][T15122] program syz.1.2206 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1438.880044][T15093] chnl_net:caif_netlink_parms(): no params data found
[ 1439.082772][T11360] Bluetooth: hci2: command tx timeout
[ 1439.082799][T11360] Bluetooth: hci1: command tx timeout
[ 1439.312600][ T5787] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[ 1439.488886][ T5787] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1439.488921][ T5787] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1439.488942][ T5787] usb 2-1: Product: syz
[ 1439.488957][ T5787] usb 2-1: Manufacturer: syz
[ 1439.488973][ T5787] usb 2-1: SerialNumber: syz
[ 1439.555243][ T5787] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1439.604321][    T9] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1440.975026][    T9] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[ 1440.975169][    T9] ath9k_htc: Failed to initialize the device
[ 1440.984570][ T5787] usb 2-1: USB disconnect, device number 28
[ 1441.071436][ T5787] usb 2-1: ath9k_htc: USB layer deinitialized
[ 1441.090705][    C0] dummy_hcd dummy_hcd.1: timer fired with no URBs pending?
[ 1441.152765][T11379] Bluetooth: hci1: command tx timeout
[ 1441.152957][T11379] Bluetooth: hci2: command tx timeout
[ 1441.422565][T15099] chnl_net:caif_netlink_parms(): no params data found
[ 1442.608873][T15169] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1444.152689][T11379] Bluetooth: hci1: command tx timeout
[ 1444.496264][T15093] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1444.496396][T15093] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1444.496631][T15093] bridge_slave_0: entered allmulticast mode
[ 1444.524735][T15093] bridge_slave_0: entered promiscuous mode
[ 1444.553502][T15093] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1444.553647][T15093] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1444.553821][T15093] bridge_slave_1: entered allmulticast mode
[ 1444.556300][T15093] bridge_slave_1: entered promiscuous mode
[ 1444.902529][ T5984] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[ 1445.084517][T15093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1445.339494][T15179] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1445.342637][ T5984] usb 4-1: Using ep0 maxpacket: 32
[ 1445.345793][ T5984] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1445.347337][ T5984] usb 4-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[ 1445.362536][ T5984] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[ 1445.362567][ T5984] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1445.362596][ T5984] usb 4-1: Product: syz
[ 1445.362612][ T5984] usb 4-1: Manufacturer: syz
[ 1445.362626][ T5984] usb 4-1: SerialNumber: syz
[ 1445.662868][ T5984] usb 4-1: Invalid number of CPorts: 0
[ 1445.662902][ T5984] es2_ap_driver 4-1:7.0: probe with driver es2_ap_driver failed with error -22
[ 1446.237626][ T5984] usb 4-1: USB disconnect, device number 22
[ 1446.398742][T15093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1446.399048][T15099] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1446.399263][T15099] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1446.399450][T15099] bridge_slave_0: entered allmulticast mode
[ 1446.450442][T15099] bridge_slave_0: entered promiscuous mode
[ 1446.602845][T15099] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1446.602932][T15099] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1446.603102][T15099] bridge_slave_1: entered allmulticast mode
[ 1446.605971][T15099] bridge_slave_1: entered promiscuous mode
[ 1446.788059][T15093] team0: Port device team_slave_0 added
[ 1446.814883][T15099] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1446.818833][T15099] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1446.821652][T15093] team0: Port device team_slave_1 added
[ 1448.818791][T15099] team0: Port device team_slave_0 added
[ 1449.164333][T15093] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1449.164354][T15093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1449.164383][T15093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1449.167945][T15099] team0: Port device team_slave_1 added
[ 1449.191266][T15093] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1449.191285][T15093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1449.191314][T15093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1449.669455][T15099] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1449.669475][T15099] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1449.669505][T15099] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1449.689954][T15191] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1449.689977][T15191] overlayfs: failed to set xattr on upper
[ 1449.689983][T15191] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1449.689989][T15191] overlayfs: ...falling back to index=off.
[ 1449.689994][T15191] overlayfs: ...falling back to uuid=null.
[ 1449.789403][T15201] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1449.789425][T15201] overlayfs: failed to set xattr on upper
[ 1449.789431][T15201] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1449.789437][T15201] overlayfs: ...falling back to index=off.
[ 1449.789442][T15201] overlayfs: ...falling back to uuid=null.
[ 1449.789477][T15201] overlayfs: conflicting lowerdir path
[ 1449.910104][T15099] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1449.910118][T15099] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1449.910138][T15099] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1450.027300][T15093] hsr_slave_0: entered promiscuous mode
[ 1450.028196][T15093] hsr_slave_1: entered promiscuous mode
[ 1450.028808][T15093] debugfs: 'hsr0' already exists in 'hsr'
[ 1450.028827][T15093] Cannot create hsr debugfs directory
[ 1450.257289][ T9477] bridge_slave_1: left allmulticast mode
[ 1450.257320][ T9477] bridge_slave_1: left promiscuous mode
[ 1450.257567][ T9477] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1450.345337][ T9477] bridge_slave_0: left allmulticast mode
[ 1450.345368][ T9477] bridge_slave_0: left promiscuous mode
[ 1450.345639][ T9477] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1453.813141][ T9477] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1453.913334][ T9477] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1453.991293][ T9477] bond0 (unregistering): Released all slaves
[ 1454.206238][T15099] hsr_slave_0: entered promiscuous mode
[ 1454.317173][T15099] hsr_slave_1: entered promiscuous mode
[ 1454.341860][T15099] debugfs: 'hsr0' already exists in 'hsr'
[ 1454.341925][T15099] Cannot create hsr debugfs directory
[ 1456.053259][ T9477] hsr_slave_0: left promiscuous mode
[ 1456.116083][ T9477] hsr_slave_1: left promiscuous mode
[ 1456.116850][ T9477] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1456.160315][ T9477] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1457.263133][ T9477] team0 (unregistering): Port device team_slave_1 removed
[ 1457.333323][ T9477] team0 (unregistering): Port device team_slave_0 removed
[ 1457.536125][T15234] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1457.536157][T15234] overlayfs: failed to set xattr on upper
[ 1457.536166][T15234] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1457.536175][T15234] overlayfs: ...falling back to index=off.
[ 1457.536183][T15234] overlayfs: ...falling back to uuid=null.
[ 1457.604401][T15240] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1457.604432][T15240] overlayfs: failed to set xattr on upper
[ 1457.604442][T15240] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1457.604451][T15240] overlayfs: ...falling back to index=off.
[ 1457.604459][T15240] overlayfs: ...falling back to uuid=null.
[ 1457.604516][T15240] overlayfs: conflicting lowerdir path
[ 1458.528977][T15244] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2234'.
[ 1459.526244][T15259] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2238'.
[ 1459.640323][T15093] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1459.974519][T15093] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1460.190309][T15093] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1460.579553][T15093] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1463.115265][T15294] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2244'.
[ 1464.090430][T15093] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1464.356326][T15093] 8021q: adding VLAN 0 to HW filter on device team0
[ 1464.407302][ T9477] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1464.407428][ T9477] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1464.496856][ T9477] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1464.496954][ T9477] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1464.936975][T15099] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1465.001011][T15099] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1465.233214][T15099] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1465.313349][T15099] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1465.701373][T15332] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1466.756397][T15099] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1466.900752][T15099] 8021q: adding VLAN 0 to HW filter on device team0
[ 1466.949921][ T7148] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1466.951876][ T7148] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1466.989159][T15093] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1467.011360][  T159] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1467.011456][  T159] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1467.993671][T15355] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2253'.
[ 1469.294956][T15093] veth0_vlan: entered promiscuous mode
[ 1470.016978][T15099] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1470.126964][T15093] veth1_vlan: entered promiscuous mode
[ 1470.219612][T15093] veth0_macvtap: entered promiscuous mode
[ 1470.228651][T15093] veth1_macvtap: entered promiscuous mode
[ 1470.382118][T15093] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1470.451295][T15093] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1470.546661][ T9477] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1470.549840][ T9477] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1470.551175][ T9477] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1470.652140][ T9477] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1471.199722][ T9817] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1471.199741][ T9817] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1472.203183][   T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1472.203206][   T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1472.816153][T15099] veth0_vlan: entered promiscuous mode
[ 1472.899439][T15099] veth1_vlan: entered promiscuous mode
[ 1473.495050][T15099] veth0_macvtap: entered promiscuous mode
[ 1473.500527][T15099] veth1_macvtap: entered promiscuous mode
[ 1473.636123][T15099] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1473.774955][T15398] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2262'.
[ 1473.811051][T15099] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1473.887649][ T9488] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1473.887883][ T9488] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1473.887925][ T9488] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1473.887962][ T9488] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1476.535003][ T9488] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1476.535027][ T9488] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1476.870753][ T9486] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1476.870770][ T9486] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1480.884449][T15442] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2273'.
[ 1484.685804][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.685877][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1485.075344][T15448] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1485.075376][T15448] overlayfs: failed to set xattr on upper
[ 1485.075386][T15448] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1485.075395][T15448] overlayfs: ...falling back to index=off.
[ 1485.075404][T15448] overlayfs: ...falling back to uuid=null.
[ 1486.357863][T11360] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1486.380385][T11360] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1486.390193][T11360] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1486.402691][T11360] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1486.411499][T11360] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1488.569812][T11360] Bluetooth: hci5: command tx timeout
[ 1489.738112][   T41] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1489.923477][T15477] chnl_net:caif_netlink_parms(): no params data found
[ 1490.609913][T11360] Bluetooth: hci5: command tx timeout
[ 1492.224091][   T41] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1492.684510][T11360] Bluetooth: hci5: command tx timeout
[ 1493.374254][   T41] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1493.617930][T15524] input: syz1 as /devices/virtual/input/input20
[ 1494.487734][   T41] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1494.752596][T11360] Bluetooth: hci5: command tx timeout
[ 1496.968254][T15532] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1496.968288][T15532] overlayfs: failed to set xattr on upper
[ 1496.968297][T15532] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1496.968307][T15532] overlayfs: ...falling back to index=off.
[ 1496.968316][T15532] overlayfs: ...falling back to uuid=null.
[ 1497.089161][T15541] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1497.089184][T15541] overlayfs: failed to set xattr on upper
[ 1497.089190][T15541] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1497.089196][T15541] overlayfs: ...falling back to index=off.
[ 1497.089201][T15541] overlayfs: ...falling back to uuid=null.
[ 1497.089237][T15541] overlayfs: conflicting lowerdir path
[ 1497.123195][T15477] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1497.123482][T15477] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1497.124232][T15477] bridge_slave_0: entered allmulticast mode
[ 1497.146174][T15477] bridge_slave_0: entered promiscuous mode
[ 1497.183656][T15477] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1497.183801][T15477] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1497.184013][T15477] bridge_slave_1: entered allmulticast mode
[ 1497.232105][T15477] bridge_slave_1: entered promiscuous mode
[ 1497.502685][T15553] afs: Unknown parameter 'dy'
[ 1498.005531][T15477] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1498.225866][T15477] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1498.835243][T15477] team0: Port device team_slave_0 added
[ 1499.269484][T15477] team0: Port device team_slave_1 added
[ 1499.935302][T15477] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1499.935316][T15477] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1499.935345][T15477] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1500.013848][   T41] batman_adv: batadv0: Interface deactivated: geneve2
[ 1500.414619][T15584] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2310'.
[ 1500.726925][   T41] batman_adv: batadv0: Removing interface: geneve2
[ 1500.847151][   T41] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1500.933353][   T41] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1500.985643][   T41] bond0 (unregistering): Released all slaves
[ 1501.023595][T15477] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1501.023615][T15477] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1501.023647][T15477] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1501.025299][T15578] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1501.119566][T15586] ALSA: mixer_oss: invalid OSS volume ''
[ 1501.694219][T15477] hsr_slave_0: entered promiscuous mode
[ 1501.695502][T15477] hsr_slave_1: entered promiscuous mode
[ 1501.696371][T15477] debugfs: 'hsr0' already exists in 'hsr'
[ 1501.696394][T15477] Cannot create hsr debugfs directory
[ 1502.992583][ T5849] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1503.155150][ T5849] usb 7-1: Using ep0 maxpacket: 16
[ 1503.159825][ T5849] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1503.159854][ T5849] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1503.188060][ T5849] usb 7-1: New USB device found, idVendor=046d, idProduct=0900, bcdDevice=fa.5a
[ 1503.188091][ T5849] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1503.188113][ T5849] usb 7-1: Product: syz
[ 1503.188128][ T5849] usb 7-1: Manufacturer: syz
[ 1503.188144][ T5849] usb 7-1: SerialNumber: syz
[ 1503.227752][ T5849] usb 7-1: config 0 descriptor??
[ 1503.557713][ T6841] usb 7-1: USB disconnect, device number 2
[ 1504.197932][T15300] IPVS: starting estimator thread 0...
[ 1504.303154][T15626] IPVS: using max 7 ests per chain, 16800 per kthread
[ 1505.030071][T15606] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1505.030102][T15606] overlayfs: failed to set xattr on upper
[ 1505.030112][T15606] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1505.030121][T15606] overlayfs: ...falling back to index=off.
[ 1505.030129][T15606] overlayfs: ...falling back to uuid=null.
[ 1505.117133][T15606] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1505.117166][T15606] overlayfs: failed to set xattr on upper
[ 1505.117175][T15606] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1505.117184][T15606] overlayfs: ...falling back to index=off.
[ 1505.117193][T15606] overlayfs: ...falling back to uuid=null.
[ 1505.117264][T15606] overlayfs: conflicting lowerdir path
[ 1506.133237][T15638] overlayfs: failed to resolve './file2': -2
[ 1507.155914][   T41] hsr_slave_0: left promiscuous mode
[ 1507.294870][   T41] hsr_slave_1: left promiscuous mode
[ 1507.295945][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1507.295972][   T41] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1507.351890][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1507.351912][   T41] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1507.456276][   T41] veth1_macvtap: left promiscuous mode
[ 1507.456384][   T41] veth0_macvtap: left promiscuous mode
[ 1507.456641][   T41] veth1_vlan: left promiscuous mode
[ 1507.456817][   T41] veth0_vlan: left promiscuous mode
[ 1507.848535][T15655] openvswitch: netlink: VXLAN extension message has 1 unknown bytes.
[ 1507.854530][T15655] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2322'.
[ 1509.228908][   T41] team0 (unregistering): Port device team_slave_1 removed
[ 1509.273219][   T41] team0 (unregistering): Port device team_slave_0 removed
[ 1509.999126][T15658] netdevsim netdevsim1: Direct firmware load for /
[ 1509.999126][T15658]  failed with error -2
[ 1509.999159][T15658] netdevsim netdevsim1: Falling back to sysfs fallback for: /
[ 1509.999159][T15658] 
[ 1510.077060][T15670] syz_tun: entered allmulticast mode
[ 1510.282567][ T6841] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1510.282857][    C0] raw-gadget.0 gadget.5: ignoring, device is not running
[ 1510.412532][ T6841] usb 6-1: device descriptor read/64, error -32
[ 1510.789177][T15681] overlayfs: missing 'lowerdir'
[ 1510.963024][T15682] overlayfs: failed to resolve './file2': -2
[ 1511.482880][ T6841] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 1511.483374][    C0] raw-gadget.0 gadget.5: ignoring, device is not running
[ 1511.685824][ T6841] usb 6-1: device descriptor read/64, error -32
[ 1511.792927][ T6841] usb usb6-port1: attempt power cycle
[ 1512.153225][ T6841] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1512.936273][ T6841] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1512.936305][ T6841] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1512.936320][ T6841] usb 6-1: Product: syz
[ 1512.936330][ T6841] usb 6-1: Manufacturer: syz
[ 1512.936341][ T6841] usb 6-1: SerialNumber: syz
[ 1513.235666][ T6841] usb 6-1: can't set config #1, error -71
[ 1513.281213][ T6841] usb 6-1: USB disconnect, device number 4
[ 1513.685300][ T6841] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1513.870087][ T6841] usb 6-1: Using ep0 maxpacket: 16
[ 1513.875726][ T6841] usb 6-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.b4
[ 1513.875758][ T6841] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1513.875779][ T6841] usb 6-1: Product: syz
[ 1513.875794][ T6841] usb 6-1: Manufacturer: syz
[ 1513.875809][ T6841] usb 6-1: SerialNumber: syz
[ 1513.922165][ T6841] usb 6-1: config 0 descriptor??
[ 1513.945981][ T6841] gspca_main: spca508-2.14.0 probing 041e:4018
[ 1514.004823][   T41] IPVS: stop unused estimator thread 0...
[ 1514.373193][ T6841] gspca_spca508: reg_read err -71
[ 1514.382588][ T6841] gspca_spca508: reg_read err -71
[ 1514.400175][ T6841] gspca_spca508: reg_read err -71
[ 1514.400918][ T6841] gspca_spca508: reg_read err -71
[ 1514.405642][ T6841] gspca_spca508: reg write: error -71
[ 1514.405744][ T6841] spca508 6-1:0.0: probe with driver spca508 failed with error -71
[ 1514.441403][ T6841] usb 6-1: USB disconnect, device number 5
[ 1514.773735][T15714] program syz.1.2338 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1515.650937][T15733] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1515.745525][T15734] overlayfs: missing 'lowerdir'
[ 1515.921944][T15735] overlayfs: failed to resolve './file2': -2
[ 1516.500398][T15477] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1516.884349][T15477] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1516.967269][T15477] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1517.022694][T15477] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1517.122457][ T5787] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[ 1517.291927][ T5787] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1517.291964][ T5787] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1517.291986][ T5787] usb 2-1: Product: syz
[ 1517.292002][ T5787] usb 2-1: Manufacturer: syz
[ 1517.292018][ T5787] usb 2-1: SerialNumber: syz
[ 1517.364779][ T5787] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1517.398408][ T5984] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1517.761238][T15760] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2347'.
[ 1517.763688][T15477] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1518.182901][T15764] ALSA: mixer_oss: invalid OSS volume ''
[ 1518.205203][T15764] netlink: 'syz.5.2347': attribute type 8 has an invalid length.
[ 1518.602765][T15477] 8021q: adding VLAN 0 to HW filter on device team0
[ 1519.594498][ T5984] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[ 1519.594644][ T5984] ath9k_htc: Failed to initialize the device
[ 1519.628028][T15477] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1519.628050][T15477] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1519.741566][ T5787] usb 2-1: USB disconnect, device number 29
[ 1519.857536][ T1018] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1519.857677][ T1018] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1519.860219][ T1018] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1519.860358][ T1018] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1519.921093][ T5787] usb 2-1: ath9k_htc: USB layer deinitialized
[ 1522.543399][T15790] program syz.1.2352 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1523.816988][T15805] overlayfs: missing 'lowerdir'
[ 1524.062105][T15807] overlayfs: failed to resolve './file2': -2
[ 1524.916541][T15477] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1525.072889][T15817] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2359'.
[ 1526.981307][T15827] ÿÿÿÿÿÿ5gæ¹Q[Ô: renamed from lo (while UP)
[ 1527.624968][T15850] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1527.691869][T15849] program syz.5.2366 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1527.748640][T15477] veth0_vlan: entered promiscuous mode
[ 1527.821697][T15477] veth1_vlan: entered promiscuous mode
[ 1530.005016][T15477] veth0_macvtap: entered promiscuous mode
[ 1530.037156][T15864] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1530.037186][T15864] overlayfs: failed to set xattr on upper
[ 1530.037195][T15864] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1530.037203][T15864] overlayfs: ...falling back to index=off.
[ 1530.037211][T15864] overlayfs: ...falling back to uuid=null.
[ 1530.104859][T15867] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1530.104891][T15867] overlayfs: failed to set xattr on upper
[ 1530.104900][T15867] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1530.104908][T15867] overlayfs: ...falling back to index=off.
[ 1530.104916][T15867] overlayfs: ...falling back to uuid=null.
[ 1530.104966][T15867] overlayfs: conflicting lowerdir path
[ 1530.105914][T15477] veth1_macvtap: entered promiscuous mode
[ 1531.122983][T15886] overlayfs: missing 'lowerdir'
[ 1531.677205][T15887] Can't find ip_set type bitmap:ip
[ 1532.266114][T15893] program syz.3.2375 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1532.757307][T15902] program syz.6.2377 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1533.021183][T15477] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1533.093747][T15477] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1533.255528][T15913] overlayfs: failed to resolve './file0': -2
[ 1534.314197][T15939] overlay: Unknown parameter '/bus'
[ 1534.724005][T15940] Can't find ip_set type bitmap:ip
[ 1535.216736][T15918] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1535.216783][T15918] overlayfs: failed to set xattr on upper
[ 1535.216792][T15918] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1535.216801][T15918] overlayfs: ...falling back to index=off.
[ 1535.216809][T15918] overlayfs: ...falling back to uuid=null.
[ 1535.280133][T15942] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1535.280165][T15942] overlayfs: failed to set xattr on upper
[ 1535.280175][T15942] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1535.280184][T15942] overlayfs: ...falling back to index=off.
[ 1535.280199][T15942] overlayfs: ...falling back to uuid=null.
[ 1535.280243][T15942] overlayfs: conflicting lowerdir path
[ 1535.424702][T15945] QAT: Invalid ioctl 1075883590
[ 1535.424809][T15945] QAT: Invalid ioctl 1075883590
[ 1535.425055][T15945] QAT: Invalid ioctl 1075883590
[ 1535.425144][T15945] QAT: Invalid ioctl 1075883590
[ 1535.425233][T15945] QAT: Invalid ioctl 1075883590
[ 1535.425320][T15945] QAT: Invalid ioctl 1075883590
[ 1535.425413][T15945] QAT: Invalid ioctl 1075883590
[ 1535.425503][T15945] QAT: Invalid ioctl 1075883590
[ 1535.425803][T15945] QAT: Invalid ioctl 1075883590
[ 1535.425894][T15945] QAT: Invalid ioctl 1075883590
[ 1535.818576][T15951] program syz.5.2388 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1535.818858][ T9484] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1537.723123][ T9484] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1537.782835][ T9484] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1537.788050][ T9484] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1538.154800][T15963] overlayfs: failed to resolve './file0': -2
[ 1538.700285][T15974] program syz.1.2392 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1538.700590][ T9990] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1538.700609][ T9990] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1538.976270][ T9990] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1538.976293][ T9990] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1539.681658][T15983] overlay: Unknown parameter '/bus'
[ 1540.030089][T15984] Can't find ip_set type bitmap:ip
[ 1544.018374][T16006] program syz.6.2399 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1544.462801][T16011] ALSA: mixer_oss: invalid OSS volume 'VOLU'
[ 1545.583407][T16019] overlayfs: failed to resolve './file0': -2
[ 1546.049037][T16028] ALSA: mixer_oss: invalid OSS volume ''
[ 1546.175440][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.175925][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.995712][T11379] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1547.122588][T11379] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1547.125479][T11379] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1547.126689][T11379] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1547.153760][T11379] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1547.307886][T16043] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2406'.
[ 1548.120758][T16035] program syz.5.2407 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1548.564459][T16050] program syz.2.2409 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1548.909294][T16053] IPv6: sit1: Disabled Multicast RS
[ 1549.485152][T16032] chnl_net:caif_netlink_parms(): no params data found
[ 1549.552484][T11360] Bluetooth: hci4: command tx timeout
[ 1550.707787][T16032] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1550.782727][T16032] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1550.782969][T16032] bridge_slave_0: entered allmulticast mode
[ 1550.784827][T16032] bridge_slave_0: entered promiscuous mode
[ 1550.787599][T16032] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1550.787682][T16032] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1550.787841][T16032] bridge_slave_1: entered allmulticast mode
[ 1550.863803][T16032] bridge_slave_1: entered promiscuous mode
[ 1551.478589][T16063] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1551.478622][T16063] overlayfs: failed to set xattr on upper
[ 1551.478632][T16063] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1551.478640][T16063] overlayfs: ...falling back to index=off.
[ 1551.478649][T16063] overlayfs: ...falling back to uuid=null.
[ 1551.633240][T11360] Bluetooth: hci4: command tx timeout
[ 1551.738821][T16094] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2418'.
[ 1552.344340][T16089] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1552.344379][T16089] overlayfs: failed to set xattr on upper
[ 1552.344388][T16089] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1552.344396][T16089] overlayfs: ...falling back to index=off.
[ 1552.344404][T16089] overlayfs: ...falling back to uuid=null.
[ 1552.344454][T16089] overlayfs: conflicting lowerdir path
[ 1552.958868][T16032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1553.209641][T16032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1553.712372][T11360] Bluetooth: hci4: command tx timeout
[ 1553.942523][T16117] ALSA: mixer_oss: invalid OSS volume ''
[ 1553.948658][ T9488] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1554.069513][T16111] IPv6: sit1: Disabled Multicast RS
[ 1555.219279][T16032] team0: Port device team_slave_0 added
[ 1555.386054][   T37] audit: type=1804 audit(1772277834.648:111): pid=16129 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.3.2424" name="/newroot/586/file1" dev="fuse" ino=1 res=1 errno=0
[ 1555.792883][T11360] Bluetooth: hci4: command tx timeout
[ 1556.460271][ T9488] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1557.395225][T16148] overlay: filesystem on ./file0 not supported as upperdir
[ 1557.418217][T16149] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2428'.
[ 1557.984818][T16032] team0: Port device team_slave_1 added
[ 1558.589666][T16150] Can't find ip_set type bitmap:ip
[ 1558.594495][T16140] Bluetooth: hci1: command 0x0406 tx timeout
[ 1558.908932][T16032] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1558.908952][T16032] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1558.908980][T16032] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1558.911498][T16032] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1558.911512][T16032] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1558.911540][T16032] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1559.062040][T16140] Bluetooth: hci2: command 0x0406 tx timeout
[ 1559.500962][ T9488] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1560.290230][T16032] hsr_slave_0: entered promiscuous mode
[ 1560.301037][T16032] hsr_slave_1: entered promiscuous mode
[ 1560.302129][T16032] debugfs: 'hsr0' already exists in 'hsr'
[ 1560.302157][T16032] Cannot create hsr debugfs directory
[ 1560.749114][T16185] netlink: 68 bytes leftover after parsing attributes in process `syz.5.2434'.
[ 1562.797126][ T9488] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1563.504152][T16212] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2439'.
[ 1564.592535][   T10] usb 4-1: new full-speed USB device number 23 using dummy_hcd
[ 1564.620179][T16202] netlink: 'syz.2.2438': attribute type 6 has an invalid length.
[ 1564.635233][T16202] netlink: 'syz.2.2438': attribute type 6 has an invalid length.
[ 1564.774851][   T10] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1564.777525][   T10] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1564.777556][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1564.777577][   T10] usb 4-1: Product: syz
[ 1564.777592][   T10] usb 4-1: Manufacturer: syz
[ 1564.777607][   T10] usb 4-1: SerialNumber: syz
[ 1564.932467][ T5948] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[ 1565.103163][ T5948] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1565.103190][ T5948] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1565.296603][ T5948] usb 3-1: New USB device found, idVendor=1ac7, idProduct=0001, bcdDevice=cc.19
[ 1565.296686][ T5948] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1565.296755][ T5948] usb 3-1: Product: syz
[ 1565.296803][ T5948] usb 3-1: Manufacturer: syz
[ 1565.296859][ T5948] usb 3-1: SerialNumber: syz
[ 1565.408777][T16226] ALSA: mixer_oss: invalid OSS volume ''
[ 1566.239328][ T5948] usb 3-1: config 0 descriptor??
[ 1566.327101][ T5948] usb 3-1: can't set config #0, error -71
[ 1566.405905][ T5948] usb 3-1: USB disconnect, device number 30
[ 1566.941954][ T9488] bridge_slave_1: left allmulticast mode
[ 1566.941986][ T9488] bridge_slave_1: left promiscuous mode
[ 1566.954574][ T9488] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1567.225555][ T9488] bridge_slave_0: left allmulticast mode
[ 1567.225587][ T9488] bridge_slave_0: left promiscuous mode
[ 1567.225844][ T9488] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1567.329066][T16244] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2446'.
[ 1567.329172][T16244] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2446'.
[ 1568.252555][ T6841] usb 4-1: USB disconnect, device number 23
[ 1569.380931][T16255] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2450'.
[ 1570.690346][T16261] program syz.6.2453 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1571.077333][ T9488] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1571.136302][ T9488] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1571.155174][ T9488] bond0 (unregistering): Released all slaves
[ 1572.177771][T16280] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2458'.
[ 1572.177827][T16280] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2458'.
[ 1573.649043][T16294] program syz.2.2465 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1575.977032][T16313] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2470'.
[ 1575.977136][T16313] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2470'.
[ 1577.228755][T16321] input: syz1 as /devices/virtual/input/input22
[ 1577.381672][T16032] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1577.436998][   T37] audit: type=1326 audit(1772277856.698:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16326 comm="syz.3.2478" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa3e0b4c799 code=0x0
[ 1577.494524][   T37] audit: type=1326 audit(1772277856.758:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16326 comm="syz.3.2478" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa3e0b4c799 code=0x0
[ 1577.612423][   T10] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[ 1577.613115][T16032] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1577.707438][T16032] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1577.742668][   T10] usb 3-1: device descriptor read/64, error -71
[ 1578.083032][   T10] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[ 1578.305678][   T10] usb 3-1: device descriptor read/64, error -71
[ 1578.527937][   T10] usb usb3-port1: attempt power cycle
[ 1578.572485][T16032] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1579.399100][   T10] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 1579.514016][   T10] usb 3-1: device descriptor read/8, error -71
[ 1579.755688][   T10] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 1579.998884][   T10] usb 3-1: device descriptor read/8, error -71
[ 1580.114916][   T10] usb usb3-port1: unable to enumerate USB device
[ 1580.128987][T16359] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2482'.
[ 1581.833323][ T9488] hsr_slave_0: left promiscuous mode
[ 1581.873887][T16376] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2489'.
[ 1581.920840][T15300] IPVS: starting estimator thread 0...
[ 1581.929605][ T9488] hsr_slave_1: left promiscuous mode
[ 1581.930803][ T9488] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1581.930826][ T9488] batadv0: mtu less than device minimum
[ 1581.966595][ T9488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1582.007060][ T9488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1582.028468][ T9488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1582.047736][ T9488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1582.066709][ T9488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1582.085729][ T9488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1582.104859][ T9488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1582.125045][ T9488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1582.144134][ T9488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1582.311867][T16383] IPVS: using max 11 ests per chain, 26400 per kthread
[ 1582.335287][ T9488] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1582.579910][ T9488] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1583.555020][ T9488] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1583.644367][ T9488] batman_adv: batadv0: Interface deactivated: dummy0
[ 1583.644399][ T9488] batman_adv: batadv0: Removing interface: dummy0
[ 1583.652474][   T10] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1583.722163][T16397] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2494'.
[ 1583.932927][   T10] usb 6-1: Using ep0 maxpacket: 16
[ 1584.572500][   T10] usb 6-1: config 0 has no interfaces?
[ 1584.580983][   T10] usb 6-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20
[ 1584.581016][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1584.581037][   T10] usb 6-1: Product: syz
[ 1584.581053][   T10] usb 6-1: Manufacturer: syz
[ 1584.581067][   T10] usb 6-1: SerialNumber: syz
[ 1584.607055][   T10] usb 6-1: config 0 descriptor??
[ 1584.739689][ T9488] veth1_macvtap: left promiscuous mode
[ 1584.739767][ T9488] veth0_macvtap: left promiscuous mode
[ 1584.739934][ T9488] veth1_vlan: left promiscuous mode
[ 1584.740055][ T9488] veth0_vlan: left promiscuous mode
[ 1585.383714][T15300] usb 6-1: USB disconnect, device number 6
[ 1589.533033][T16435] program syz.6.2505 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1590.242069][ T9488] team0 (unregistering): Port device team_slave_1 removed
[ 1590.780402][ T9488] team0 (unregistering): Port device team_slave_0 removed
[ 1591.132434][   T10] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 1591.742837][   T10] usb 3-1: Using ep0 maxpacket: 16
[ 1592.157148][   T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1592.157207][   T10] usb 3-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00
[ 1592.157232][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1592.196039][   T10] usb 3-1: config 0 descriptor??
[ 1592.240410][   T10] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1595.985672][T15966] usb 3-1: USB disconnect, device number 35
[ 1597.530169][T16032] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1597.664750][T16032] 8021q: adding VLAN 0 to HW filter on device team0
[ 1597.704267][ T9817] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1597.704370][ T9817] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1597.706363][ T9817] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1597.706463][ T9817] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1598.331124][T16483] program syz.6.2516 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1598.583744][T11360] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1598.627302][T11360] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1598.641028][T11360] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1598.643824][T11360] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1598.669946][T11360] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1599.352730][T15066] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 1599.534694][T15066] usb 3-1: Using ep0 maxpacket: 16
[ 1599.543511][T15066] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1599.543572][T15066] usb 3-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00
[ 1599.543595][T15066] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1599.651189][T15066] usb 3-1: config 0 descriptor??
[ 1599.673572][T15066] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1601.079252][T11360] Bluetooth: hci0: command tx timeout
[ 1601.126594][T16376] syz_tun (unregistering): left allmulticast mode
[ 1601.422136][T16032] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1601.585475][T16484] chnl_net:caif_netlink_parms(): no params data found
[ 1601.591414][ T9488] IPVS: stop unused estimator thread 0...
[ 1602.541159][T15066] usb 3-1: USB disconnect, device number 36
[ 1603.152587][T11360] Bluetooth: hci0: command tx timeout
[ 1603.571958][T16542] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1603.765637][T15066] IPVS: starting estimator thread 0...
[ 1604.027136][T16550] IPVS: using max 11 ests per chain, 26400 per kthread
[ 1606.122375][T16555] overlayfs: failed to resolve './file2': -2
[ 1606.126479][T11360] Bluetooth: hci0: command tx timeout
[ 1606.265630][T16484] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1606.265761][T16484] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1606.266013][T16484] bridge_slave_0: entered allmulticast mode
[ 1606.268820][T16484] bridge_slave_0: entered promiscuous mode
[ 1606.585781][T11379] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1606.589661][T11379] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1606.610187][T11379] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1606.623218][T11379] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1606.624032][T11379] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1606.762449][ T6841] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1606.934799][ T6841] usb 6-1: Using ep0 maxpacket: 16
[ 1607.004406][ T6841] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1607.005510][ T6841] usb 6-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00
[ 1607.005537][ T6841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1607.062372][ T6841] usb 6-1: config 0 descriptor??
[ 1607.225113][ T9488] netdevsim netdevsim3 netdevsim3 (unregistering): left allmulticast mode
[ 1607.253671][ T9488] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1608.252034][T11360] Bluetooth: hci0: command tx timeout
[ 1608.264801][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1608.264875][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1609.515267][ T6841] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[ 1609.515376][T16140] Bluetooth: hci3: command tx timeout
[ 1610.758260][T16140] Bluetooth: hci5: command 0x0406 tx timeout
[ 1610.815457][T16484] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1610.815549][T16484] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1610.815747][T16484] bridge_slave_1: entered allmulticast mode
[ 1610.817850][T16484] bridge_slave_1: entered promiscuous mode
[ 1611.553219][T11360] Bluetooth: hci3: command tx timeout
[ 1612.121215][T15300] usb 6-1: USB disconnect, device number 7
[ 1612.506703][ T9488] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1613.632704][T11360] Bluetooth: hci3: command tx timeout
[ 1613.688384][T16484] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1615.248959][ T9488] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1615.326216][T16484] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1615.473696][T16484] team0: Port device team_slave_0 added
[ 1615.511227][T16484] team0: Port device team_slave_1 added
[ 1615.515352][ T5948] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[ 1615.662550][ T5948] usb 3-1: Using ep0 maxpacket: 16
[ 1615.664889][ T5948] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1615.664946][ T5948] usb 3-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00
[ 1615.664971][ T5948] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1615.681470][ T5948] usb 3-1: config 0 descriptor??
[ 1615.712467][T11360] Bluetooth: hci3: command tx timeout
[ 1615.764205][ T5948] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1616.188025][ T9488] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1617.155907][T16484] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1617.155926][T16484] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1617.155953][T16484] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1618.022172][T16484] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1618.022191][T16484] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1618.022222][T16484] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1618.326522][ T6841] usb 3-1: USB disconnect, device number 37
[ 1618.477685][T16484] hsr_slave_0: entered promiscuous mode
[ 1618.479091][T16484] hsr_slave_1: entered promiscuous mode
[ 1618.588519][T16643] program syz.2.2562 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1622.065971][T16562] chnl_net:caif_netlink_parms(): no params data found
[ 1623.910736][T16562] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1623.911265][T16562] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1623.937385][T16562] bridge_slave_0: entered allmulticast mode
[ 1623.968322][T16562] bridge_slave_0: entered promiscuous mode
[ 1624.490950][T16562] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1624.491677][T16562] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1624.492758][T16562] bridge_slave_1: entered allmulticast mode
[ 1624.566689][T16562] bridge_slave_1: entered promiscuous mode
[ 1624.598542][ T9488] bridge_slave_1: left allmulticast mode
[ 1624.598576][ T9488] bridge_slave_1: left promiscuous mode
[ 1624.599363][ T9488] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1625.976408][ T9488] bridge_slave_0: left allmulticast mode
[ 1625.976432][ T9488] bridge_slave_0: left promiscuous mode
[ 1625.978666][ T9488] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1626.553342][T16677] sg_write: data in/out 28/14 bytes for SCSI command 0x0-- guessing data in;
[ 1626.553342][T16677]    program syz.5.2571 not setting count and/or reply_len properly
[ 1626.847235][T16681] program syz.6.2572 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1629.266491][ T9488] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1629.323717][ T9488] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1629.344616][ T9488] bond0 (unregistering): Released all slaves
[ 1629.726525][T16562] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1629.854116][T16562] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1629.970586][T11360] Bluetooth: hci2: unexpected event for opcode 0x203d
[ 1630.361737][T16562] team0: Port device team_slave_0 added
[ 1630.361881][T16484] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1631.612059][T16562] team0: Port device team_slave_1 added
[ 1635.048776][T11360] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1635.074265][T11360] Bluetooth: hci2: Injecting HCI hardware error event
[ 1635.077904][T16140] Bluetooth: hci2: hardware error 0x00
[ 1635.528064][T16484] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1635.719893][T16484] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1636.589503][T16484] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1636.639581][T16562] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1636.639598][T16562] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1636.639624][T16562] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1636.642043][T16562] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1636.642060][T16562] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1636.642089][T16562] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1637.227424][T16750] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2587'.
[ 1637.260523][T16562] hsr_slave_0: entered promiscuous mode
[ 1637.262905][T16562] hsr_slave_1: entered promiscuous mode
[ 1637.279939][T16562] debugfs: 'hsr0' already exists in 'hsr'
[ 1637.279971][T16562] Cannot create hsr debugfs directory
[ 1637.557199][T16140] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1637.973531][T16757] sg_write: data in/out 28/14 bytes for SCSI command 0x0-- guessing data in;
[ 1637.973531][T16757]    program syz.2.2588 not setting count and/or reply_len properly
[ 1640.368707][T16781] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2592'.
[ 1641.582514][ T9488] hsr_slave_0: left promiscuous mode
[ 1641.626515][ T9488] hsr_slave_1: left promiscuous mode
[ 1641.642658][ T9488] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1641.642681][ T9488] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1642.110523][ T9488] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1642.110555][ T9488] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1642.225811][ T9488] veth1_macvtap: left promiscuous mode
[ 1642.225923][ T9488] veth0_macvtap: left promiscuous mode
[ 1642.226209][ T9488] veth1_vlan: left promiscuous mode
[ 1642.226391][ T9488] veth0_vlan: left promiscuous mode
[ 1642.716282][T16796] netlink: 'syz.6.2595': attribute type 6 has an invalid length.
[ 1642.866986][T16797] netlink: 'syz.6.2595': attribute type 6 has an invalid length.
[ 1643.322424][ T5849] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1643.492523][ T5849] usb 6-1: Using ep0 maxpacket: 16
[ 1643.509510][ T5849] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1643.527412][ T5849] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1643.527444][ T5849] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1643.527465][ T5849] usb 6-1: Product: syz
[ 1643.527482][ T5849] usb 6-1: Manufacturer: syz
[ 1643.527497][ T5849] usb 6-1: SerialNumber: syz
[ 1643.976190][ T9488] team0 (unregistering): Port device team_slave_1 removed
[ 1644.063741][ T9488] team0 (unregistering): Port device team_slave_0 removed
[ 1645.638106][ T5948] usb 6-1: USB disconnect, device number 8
[ 1646.061616][T16484] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1649.054698][T16843] netlink: 'syz.5.2605': attribute type 6 has an invalid length.
[ 1651.359054][ T9488] IPVS: stop unused estimator thread 0...
[ 1652.161331][T16484] 8021q: adding VLAN 0 to HW filter on device team0
[ 1652.297478][ T9817] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1652.297802][ T9817] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1652.333880][ T9817] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1652.334140][ T9817] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1652.342631][ T6841] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[ 1652.572395][ T6841] usb 3-1: Using ep0 maxpacket: 32
[ 1652.575405][ T6841] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1652.577491][ T6841] usb 3-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[ 1652.577520][ T6841] usb 3-1: config 102 has 0 interfaces, different from the descriptor's value: 1
[ 1652.639889][ T6841] usb 3-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=d9.27
[ 1652.639929][ T6841] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1652.639944][ T6841] usb 3-1: Product: syz
[ 1652.639954][ T6841] usb 3-1: Manufacturer: syz
[ 1652.639965][ T6841] usb 3-1: SerialNumber: syz
[ 1652.720694][ T9488] bridge_slave_1: left allmulticast mode
[ 1652.720717][ T9488] bridge_slave_1: left promiscuous mode
[ 1652.720990][ T9488] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1652.836267][ T9488] bridge_slave_0: left allmulticast mode
[ 1652.836290][ T9488] bridge_slave_0: left promiscuous mode
[ 1652.858478][ T9488] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1653.208209][T16868] ALSA: mixer_oss: invalid OSS volume ''
[ 1654.920868][ T9488] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1655.023187][ T9488] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1655.090117][ T9488] bond0 (unregistering): Released all slaves
[ 1655.763403][ T6841] usb 3-1: USB disconnect, device number 38
[ 1655.770130][ T9488] hsr_slave_0: left promiscuous mode
[ 1655.828872][ T9488] hsr_slave_1: left promiscuous mode
[ 1655.829992][ T9488] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1655.874267][ T9488] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1657.530765][ T9488] team0 (unregistering): Port device team_slave_1 removed
[ 1657.670518][ T9488] team0 (unregistering): Port device team_slave_0 removed
[ 1658.457890][T16887] sg_write: data in/out 28/14 bytes for SCSI command 0x0-- guessing data in;
[ 1658.457890][T16887]    program syz.6.2613 not setting count and/or reply_len properly
[ 1658.521212][T16881] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1658.521239][T16881] overlayfs: failed to set xattr on upper
[ 1658.521245][T16881] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1658.521251][T16881] overlayfs: ...falling back to index=off.
[ 1658.521256][T16881] overlayfs: ...falling back to uuid=null.
[ 1658.622156][T16889] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1658.622190][T16889] overlayfs: failed to set xattr on upper
[ 1658.622199][T16889] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1658.622208][T16889] overlayfs: ...falling back to index=off.
[ 1658.622429][T16889] overlayfs: ...falling back to uuid=null.
[ 1658.622632][T16889] overlayfs: conflicting lowerdir path
[ 1659.261948][T16562] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1659.358931][T16562] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1659.479523][T16562] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1659.882124][T16899] netlink: 'syz.6.2615': attribute type 6 has an invalid length.
[ 1660.300599][T11360] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1660.337732][T11360] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1660.362649][T11360] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1660.381204][T11360] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1660.393067][T11360] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1660.591344][T16908] program syz.6.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1663.131271][T16140] Bluetooth: hci4: command tx timeout
[ 1663.899178][T16562] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1665.095575][ T5849] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[ 1665.248742][T16140] Bluetooth: hci4: command tx timeout
[ 1665.282469][ T5849] usb 3-1: Using ep0 maxpacket: 32
[ 1665.312054][ T5849] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1665.315799][ T5849] usb 3-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[ 1665.315873][ T5849] usb 3-1: config 102 has 0 interfaces, different from the descriptor's value: 1
[ 1665.358366][ T5849] usb 3-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=d9.27
[ 1665.358400][ T5849] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1665.358421][ T5849] usb 3-1: Product: syz
[ 1665.358436][ T5849] usb 3-1: Manufacturer: syz
[ 1665.358452][ T5849] usb 3-1: SerialNumber: syz
[ 1665.777094][ T5849] usb 3-1: USB disconnect, device number 39
[ 1667.440768][T16140] Bluetooth: hci4: command tx timeout
[ 1668.676925][T11360] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1668.731547][T11360] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1668.748261][T11360] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1668.777038][T11360] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1668.793040][T11360] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1668.998108][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1668.998161][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1670.193370][T16140] Bluetooth: hci4: command tx timeout
[ 1670.328534][T16971] program syz.6.2628 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1670.915316][T16140] Bluetooth: hci0: command tx timeout
[ 1671.146713][T16900] chnl_net:caif_netlink_parms(): no params data found
[ 1672.992549][T16140] Bluetooth: hci0: command tx timeout
[ 1673.074351][T16529] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 1673.160786][T16900] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1673.160996][T16900] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1673.161245][T16900] bridge_slave_0: entered allmulticast mode
[ 1673.206478][T16900] bridge_slave_0: entered promiscuous mode
[ 1673.221147][T16900] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1673.221347][T16900] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1673.221592][T16900] bridge_slave_1: entered allmulticast mode
[ 1673.244877][T16529] usb 7-1: Using ep0 maxpacket: 32
[ 1673.245988][T16900] bridge_slave_1: entered promiscuous mode
[ 1673.257971][T16529] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1673.259565][T16529] usb 7-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[ 1673.259591][T16529] usb 7-1: config 102 has 0 interfaces, different from the descriptor's value: 1
[ 1673.264859][ T5849] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[ 1673.273123][T16529] usb 7-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=d9.27
[ 1673.273155][T16529] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1673.273176][T16529] usb 7-1: Product: syz
[ 1673.273194][T16529] usb 7-1: Manufacturer: syz
[ 1673.273210][T16529] usb 7-1: SerialNumber: syz
[ 1673.434957][ T5849] usb 3-1: Using ep0 maxpacket: 16
[ 1673.489881][ T5849] usb 3-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.b4
[ 1673.489915][ T5849] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1673.489937][ T5849] usb 3-1: Product: syz
[ 1673.489952][ T5849] usb 3-1: Manufacturer: syz
[ 1673.489968][ T5849] usb 3-1: SerialNumber: syz
[ 1673.517265][ T5849] usb 3-1: config 0 descriptor??
[ 1673.560131][ T5849] gspca_main: spca508-2.14.0 probing 041e:4018
[ 1673.946869][T16900] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1674.071507][T16529] usb 7-1: USB disconnect, device number 3
[ 1674.119009][ T5849] gspca_spca508: reg_read err -71
[ 1674.119904][ T5849] gspca_spca508: reg_read err -71
[ 1674.124366][ T5849] gspca_spca508: reg_read err -71
[ 1674.132975][ T5849] gspca_spca508: reg_read err -71
[ 1674.142768][ T5849] gspca_spca508: reg write: error -71
[ 1674.143016][ T5849] spca508 3-1:0.0: probe with driver spca508 failed with error -71
[ 1674.241260][ T5849] usb 3-1: USB disconnect, device number 40
[ 1674.395654][T16900] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1674.514032][ T9488] bridge_slave_1: left allmulticast mode
[ 1674.514062][ T9488] bridge_slave_1: left promiscuous mode
[ 1674.514311][ T9488] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1674.611496][ T9488] bridge_slave_0: left allmulticast mode
[ 1674.611528][ T9488] bridge_slave_0: left promiscuous mode
[ 1674.611761][ T9488] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1675.140136][T16140] Bluetooth: hci0: command tx timeout
[ 1676.029505][T17014] program syz.2.2640 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1677.152507][T16140] Bluetooth: hci0: command tx timeout
[ 1678.384929][T17028] program syz.2.2645 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1678.682862][ T5849] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[ 1679.174000][ T5849] usb 6-1: Using ep0 maxpacket: 32
[ 1679.179354][ T5849] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1679.196815][ T5849] usb 6-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[ 1679.196846][ T5849] usb 6-1: config 102 has 0 interfaces, different from the descriptor's value: 1
[ 1679.199914][ T5849] usb 6-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=d9.27
[ 1679.199951][ T5849] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1679.199966][ T5849] usb 6-1: Product: syz
[ 1679.199977][ T5849] usb 6-1: Manufacturer: syz
[ 1679.199988][ T5849] usb 6-1: SerialNumber: syz
[ 1679.385794][ T9488] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1679.453158][ T9488] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1679.485559][ T9488] bond0 (unregistering): Released all slaves
[ 1679.502752][  T810] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1679.506867][T16900] team0: Port device team_slave_0 added
[ 1679.636433][T16900] team0: Port device team_slave_1 added
[ 1679.656236][  T810] usb 7-1: Using ep0 maxpacket: 16
[ 1679.661416][  T810] usb 7-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.b4
[ 1679.661509][  T810] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1679.661533][  T810] usb 7-1: Product: syz
[ 1679.661549][  T810] usb 7-1: Manufacturer: syz
[ 1679.661565][  T810] usb 7-1: SerialNumber: syz
[ 1679.722972][  T810] usb 7-1: config 0 descriptor??
[ 1679.772782][  T810] gspca_main: spca508-2.14.0 probing 041e:4018
[ 1679.834604][ T5849] usb 6-1: USB disconnect, device number 9
[ 1680.154552][ T9488] hsr_slave_0: left promiscuous mode
[ 1680.234623][ T9488] hsr_slave_1: left promiscuous mode
[ 1680.240430][ T9488] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1680.243039][  T810] gspca_spca508: reg_read err -71
[ 1680.243664][  T810] gspca_spca508: reg_read err -71
[ 1680.244058][  T810] gspca_spca508: reg_read err -71
[ 1680.244484][  T810] gspca_spca508: reg_read err -71
[ 1680.244881][  T810] gspca_spca508: reg write: error -71
[ 1680.244975][  T810] spca508 7-1:0.0: probe with driver spca508 failed with error -71
[ 1680.293989][  T810] usb 7-1: USB disconnect, device number 4
[ 1680.313841][ T9488] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1680.527457][T17050] program syz.5.2650 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1681.937798][T17054] sg_write: data in/out 28/14 bytes for SCSI command 0x0-- guessing data in;
[ 1681.937798][T17054]    program syz.6.2652 not setting count and/or reply_len properly
[ 1682.595164][ T9488] team0 (unregistering): Port device team_slave_1 removed
[ 1682.676853][ T9488] team0 (unregistering): Port device team_slave_0 removed
[ 1683.234298][T16900] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1683.234318][T16900] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1683.234348][T16900] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1683.342406][ T5787] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[ 1683.387350][T16900] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1683.387363][T16900] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1683.387384][T16900] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1683.388601][T16958] chnl_net:caif_netlink_parms(): no params data found
[ 1683.492409][ T5787] usb 6-1: Using ep0 maxpacket: 32
[ 1683.494560][ T5787] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1683.494586][ T5787] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1683.497166][ T5787] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1683.497193][ T5787] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1683.497213][ T5787] usb 6-1: Product: syz
[ 1683.497232][ T5787] usb 6-1: Manufacturer: syz
[ 1683.497243][ T5787] usb 6-1: SerialNumber: syz
[ 1683.603917][ T5787] usb 6-1: config 0 descriptor??
[ 1683.861459][  T810] usb 6-1: USB disconnect, device number 10
[ 1684.392960][T15066] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[ 1684.592756][T16900] hsr_slave_0: entered promiscuous mode
[ 1684.594246][T16900] hsr_slave_1: entered promiscuous mode
[ 1684.604313][T15066] usb 3-1: Using ep0 maxpacket: 32
[ 1684.607581][T15066] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1684.611688][T15066] usb 3-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[ 1684.611716][T15066] usb 3-1: config 102 has 0 interfaces, different from the descriptor's value: 1
[ 1684.697999][T15066] usb 3-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=d9.27
[ 1684.698035][T15066] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1684.698057][T15066] usb 3-1: Product: syz
[ 1684.698118][T15066] usb 3-1: Manufacturer: syz
[ 1684.698133][T15066] usb 3-1: SerialNumber: syz
[ 1685.313827][T16958] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1685.313965][T16958] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1685.314166][T16958] bridge_slave_0: entered allmulticast mode
[ 1685.332931][T16958] bridge_slave_0: entered promiscuous mode
[ 1685.402581][T16958] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1685.403335][T16958] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1685.403739][T16958] bridge_slave_1: entered allmulticast mode
[ 1685.448492][T16958] bridge_slave_1: entered promiscuous mode
[ 1685.479439][  T810] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1685.558695][T15066] usb 3-1: USB disconnect, device number 41
[ 1685.632555][  T810] usb 6-1: Using ep0 maxpacket: 16
[ 1685.652729][  T810] usb 6-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.b4
[ 1685.652763][  T810] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1685.652784][  T810] usb 6-1: Product: syz
[ 1685.652799][  T810] usb 6-1: Manufacturer: syz
[ 1685.652814][  T810] usb 6-1: SerialNumber: syz
[ 1685.739718][  T810] usb 6-1: config 0 descriptor??
[ 1685.784288][  T810] gspca_main: spca508-2.14.0 probing 041e:4018
[ 1685.927032][T16958] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1686.001019][T16958] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1686.236452][  T810] gspca_spca508: reg_read err -71
[ 1686.236787][  T810] gspca_spca508: reg_read err -71
[ 1686.237157][  T810] gspca_spca508: reg_read err -71
[ 1686.237468][  T810] gspca_spca508: reg_read err -71
[ 1686.237812][  T810] gspca_spca508: reg write: error -71
[ 1686.237883][  T810] spca508 6-1:0.0: probe with driver spca508 failed with error -71
[ 1686.298572][  T810] usb 6-1: USB disconnect, device number 11
[ 1686.965588][T16958] team0: Port device team_slave_0 added
[ 1688.127527][T16958] team0: Port device team_slave_1 added
[ 1688.433494][T17100] program syz.2.2663 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1688.464118][T16958] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1688.464210][T16958] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1688.464275][T16958] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1688.547853][T16958] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1688.547868][T16958] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1688.547889][T16958] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1690.602524][T16943] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[ 1690.735863][T16958] hsr_slave_0: entered promiscuous mode
[ 1690.737376][T16958] hsr_slave_1: entered promiscuous mode
[ 1690.738458][T16958] debugfs: 'hsr0' already exists in 'hsr'
[ 1690.738484][T16958] Cannot create hsr debugfs directory
[ 1690.765408][T16943] usb 6-1: Using ep0 maxpacket: 32
[ 1690.767766][T16943] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1690.767793][T16943] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1690.771191][T16943] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1690.771221][T16943] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1690.771243][T16943] usb 6-1: Product: syz
[ 1690.771260][T16943] usb 6-1: Manufacturer: syz
[ 1690.771275][T16943] usb 6-1: SerialNumber: syz
[ 1690.834984][T16943] usb 6-1: config 0 descriptor??
[ 1691.065874][T16529] usb 6-1: USB disconnect, device number 12
[ 1691.392436][T16943] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[ 1691.542348][T16943] usb 3-1: Using ep0 maxpacket: 32
[ 1691.547746][T16943] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1691.550679][T16943] usb 3-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[ 1691.550707][T16943] usb 3-1: config 102 has 0 interfaces, different from the descriptor's value: 1
[ 1691.622897][T16943] usb 3-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=d9.27
[ 1691.622930][T16943] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1691.622951][T16943] usb 3-1: Product: syz
[ 1691.622966][T16943] usb 3-1: Manufacturer: syz
[ 1691.622981][T16943] usb 3-1: SerialNumber: syz
[ 1692.092570][T16529] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 1692.099964][T16943] usb 3-1: USB disconnect, device number 42
[ 1692.262584][T16529] usb 6-1: Using ep0 maxpacket: 16
[ 1692.265914][T16529] usb 6-1: config 0 interface 0 altsetting 2 has an invalid descriptor for endpoint zero, skipping
[ 1692.265936][T16529] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1692.268336][T16529] usb 6-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20
[ 1692.268357][T16529] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1692.268372][T16529] usb 6-1: Product: syz
[ 1692.268382][T16529] usb 6-1: Manufacturer: syz
[ 1692.268393][T16529] usb 6-1: SerialNumber: syz
[ 1692.363600][T16529] usb 6-1: config 0 descriptor??
[ 1692.590786][T16529] imon:imon_find_endpoints: no valid input (IR) endpoint found
[ 1692.590863][T16529] imon 6-1:0.0: unable to initialize intf0, err -19
[ 1692.590876][T16529] imon:imon_probe: failed to initialize context!
[ 1692.590885][T16529] imon 6-1:0.0: unable to register, err -19
[ 1692.641106][T16529] usb 6-1: USB disconnect, device number 13
[ 1695.537154][ T9488] bridge_slave_1: left allmulticast mode
[ 1695.537178][ T9488] bridge_slave_1: left promiscuous mode
[ 1695.537381][ T9488] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1695.771817][ T9488] bridge_slave_0: left allmulticast mode
[ 1695.771841][ T9488] bridge_slave_0: left promiscuous mode
[ 1695.772039][ T9488] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1696.703532][ T9488] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1697.073623][ T9488] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1697.996593][ T9488] bond0 (unregistering): Released all slaves
[ 1698.203889][T16900] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1698.557375][T17195] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2681'.
[ 1698.850610][T16943] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[ 1699.076940][T16943] usb 3-1: Using ep0 maxpacket: 32
[ 1699.166321][T16943] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1699.179102][T16943] usb 3-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[ 1699.179164][T16943] usb 3-1: config 102 has 0 interfaces, different from the descriptor's value: 1
[ 1699.418113][T16943] usb 3-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=d9.27
[ 1699.418180][T16943] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1699.418253][T16943] usb 3-1: Product: syz
[ 1699.418319][T16943] usb 3-1: Manufacturer: syz
[ 1699.418376][T16943] usb 3-1: SerialNumber: syz
[ 1700.966408][T16900] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1701.087068][T16900] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1701.203381][T16943] usb 3-1: USB disconnect, device number 43
[ 1703.088915][T16900] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1703.387670][ T9488] hsr_slave_0: left promiscuous mode
[ 1703.416840][ T9488] hsr_slave_1: left promiscuous mode
[ 1703.417924][ T9488] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1703.463258][ T9488] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1703.613834][T16140] Bluetooth: hci1: unexpected event for opcode 0x003d
[ 1704.040069][T17224] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1705.623247][ T9488] team0 (unregistering): Port device team_slave_1 removed
[ 1705.701184][ T9488] team0 (unregistering): Port device team_slave_0 removed
[ 1707.638122][T16140] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[ 1707.683134][T16140] Bluetooth: hci1: Injecting HCI hardware error event
[ 1707.691918][T16140] Bluetooth: hci1: hardware error 0x00
[ 1708.662331][T15066] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[ 1708.837143][T15066] usb 3-1: Using ep0 maxpacket: 32
[ 1708.920009][T15066] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1708.931369][T15066] usb 3-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[ 1708.931397][T15066] usb 3-1: config 102 has 0 interfaces, different from the descriptor's value: 1
[ 1708.934642][T15066] usb 3-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=d9.27
[ 1708.934673][T15066] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1708.934694][T15066] usb 3-1: Product: syz
[ 1708.934710][T15066] usb 3-1: Manufacturer: syz
[ 1708.934726][T15066] usb 3-1: SerialNumber: syz
[ 1709.476038][T15066] usb 3-1: USB disconnect, device number 44
[ 1709.675340][T16900] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1709.697357][T16900] 8021q: adding VLAN 0 to HW filter on device team0
[ 1709.814506][T16900] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1709.814531][T16900] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1709.928541][ T1172] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1709.928682][ T1172] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1709.931285][ T1172] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1709.931418][ T1172] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1710.086099][T15066] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[ 1710.279677][T16140] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1710.407336][T15066] usb 6-1: Using ep0 maxpacket: 32
[ 1710.492763][T15066] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1710.492791][T15066] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1710.498246][T15066] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1710.498278][T15066] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1710.498300][T15066] usb 6-1: Product: syz
[ 1710.498316][T15066] usb 6-1: Manufacturer: syz
[ 1710.498332][T15066] usb 6-1: SerialNumber: syz
[ 1710.596281][T15066] usb 6-1: config 0 descriptor??
[ 1710.901272][T16943] usb 6-1: USB disconnect, device number 14
[ 1711.624134][T16958] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1711.779379][T16958] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1711.852937][T16958] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1711.920983][T16958] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1712.126781][T16900] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1715.000740][T16958] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1715.644807][T16900] veth0_vlan: entered promiscuous mode
[ 1715.661761][T16900] veth1_vlan: entered promiscuous mode
[ 1715.739748][T16900] veth0_macvtap: entered promiscuous mode
[ 1715.757530][T16900] veth1_macvtap: entered promiscuous mode
[ 1715.795174][T16900] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1715.839763][T16900] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1715.888796][ T1018] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1715.889255][ T1018] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1715.889687][ T1018] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1715.890308][ T1018] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1715.953687][T16958] 8021q: adding VLAN 0 to HW filter on device team0
[ 1716.020972][  T159] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1716.041929][  T159] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1716.124677][T15641] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1716.141692][T15641] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1716.718302][T15641] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1716.718325][T15641] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1716.933988][ T5849] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1716.935287][ T1018] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1716.935316][ T1018] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1717.489552][T17328] sg_write: data in/out 28/14 bytes for SCSI command 0x0-- guessing data in;
[ 1717.489552][T17328]    program syz.2.2711 not setting count and/or reply_len properly
[ 1717.503142][ T5849] usb 7-1: Using ep0 maxpacket: 32
[ 1717.519163][ T5849] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1717.540206][ T5849] usb 7-1: config 102 has an invalid descriptor of length 0, skipping remainder of the config
[ 1717.540241][ T5849] usb 7-1: config 102 has 0 interfaces, different from the descriptor's value: 1
[ 1717.571559][ T5849] usb 7-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=d9.27
[ 1717.571583][ T5849] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1717.571597][ T5849] usb 7-1: Product: syz
[ 1717.571607][ T5849] usb 7-1: Manufacturer: syz
[ 1717.571618][ T5849] usb 7-1: SerialNumber: syz
[ 1717.972817][ T5849] usb 7-1: USB disconnect, device number 5
[ 1718.676995][ T5879] IPVS: starting estimator thread 0...
[ 1718.782448][T17351] IPVS: using max 7 ests per chain, 16800 per kthread
[ 1719.787465][T16958] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1720.115622][T16958] veth0_vlan: entered promiscuous mode
[ 1721.505165][T16958] veth1_vlan: entered promiscuous mode
[ 1721.638059][T16958] veth0_macvtap: entered promiscuous mode
[ 1721.654906][T16958] veth1_macvtap: entered promiscuous mode
[ 1721.738435][T16958] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1721.904830][T16958] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1721.938684][ T9488] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1721.940182][ T1172] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1721.940811][ T1172] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1721.940855][ T1172] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1722.643064][   T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1722.643087][   T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1722.790958][T15641] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1722.790980][T15641] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1727.789431][T17435] netlink: 'syz.1.2742': attribute type 1 has an invalid length.
[ 1727.858334][T17436] syz_tun: entered allmulticast mode
[ 1728.208328][T17446] program syz.5.2744 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1730.452451][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.452525][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1730.749086][T17474] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2755'.
[ 1730.914296][T17476] syz_tun: entered allmulticast mode
[ 1731.222413][ T5984] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1731.444446][ T5984] usb 7-1: Using ep0 maxpacket: 16
[ 1731.660689][ T5984] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1731.660785][ T5984] usb 7-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00
[ 1731.660812][ T5984] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1732.068466][ T5984] usb 7-1: config 0 descriptor??
[ 1732.075362][ T5984] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[ 1734.518824][   T37] audit: type=1326 audit(1772278013.778:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17499 comm="syz.1.2763" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f454064c799 code=0x0
[ 1734.624857][   T37] audit: type=1326 audit(1772278013.888:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17499 comm="syz.1.2763" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f454064c799 code=0x0
[ 1734.735498][ T5948] usb 7-1: USB disconnect, device number 6
[ 1735.578103][   T37] audit: type=1326 audit(1772278014.838:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17507 comm="syz.1.2766" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f454064c799 code=0x0
[ 1735.594284][ T6841] libceph: connect (1)[c::]:6789 error -101
[ 1735.594869][ T6841] libceph: mon0 (1)[c::]:6789 connect error
[ 1735.606495][T17509] ceph: No mds server is up or the cluster is laggy
[ 1736.098315][T17518] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2767'.
[ 1736.449904][T17519] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[ 1736.932412][T17514] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1736.932709][T17514] overlayfs: failed to set xattr on upper
[ 1736.932762][T17514] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1736.932773][T17514] overlayfs: ...falling back to index=off.
[ 1736.932782][T17514] overlayfs: ...falling back to uuid=null.
[ 1736.936951][T17514] overlayfs: failed to clone lowerpath
[ 1743.031566][T17548] ALSA: mixer_oss: invalid OSS volume ''
[ 1743.857764][   T37] audit: type=1326 audit(1772278023.118:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17551 comm="syz.6.2776" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fefa417c799 code=0x0
[ 1743.961718][   T37] audit: type=1326 audit(1772278023.218:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17551 comm="syz.6.2776" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fefa417c799 code=0x0
[ 1744.092352][T15066] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[ 1744.412309][T15066] usb 6-1: Using ep0 maxpacket: 16
[ 1744.416825][T15066] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1744.416897][T15066] usb 6-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00
[ 1744.416923][T15066] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1744.465081][T15066] usb 6-1: config 0 descriptor??
[ 1744.492158][T15066] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[ 1745.366164][ T5984] libceph: connect (1)[c::]:6789 error -101
[ 1745.366375][ T5984] libceph: mon0 (1)[c::]:6789 connect error
[ 1745.525238][T17565] ceph: No mds server is up or the cluster is laggy
[ 1745.922729][   T37] audit: type=1326 audit(1772278025.178:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17569 comm="syz.6.2779" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fefa417c799 code=0x0
[ 1747.432525][ T5948] usb 6-1: USB disconnect, device number 15
[ 1747.592353][T17580] fuse: Bad value for 'rootmode'
[ 1749.840677][T17594] ALSA: mixer_oss: invalid OSS volume ''
[ 1751.230499][   T37] audit: type=1326 audit(1772278030.488:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17600 comm="syz.2.2789" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57b6c0c799 code=0x0
[ 1751.444074][   T37] audit: type=1326 audit(1772278030.668:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17600 comm="syz.2.2789" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57b6c0c799 code=0x0
[ 1755.267311][T15066] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1755.428806][T17624] fuse: Bad value for 'rootmode'
[ 1755.462301][T15066] usb 7-1: Using ep0 maxpacket: 16
[ 1755.465776][T15066] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1755.465892][T15066] usb 7-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00
[ 1755.465917][T15066] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1755.529650][T15066] usb 7-1: config 0 descriptor??
[ 1755.568288][T15066] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[ 1756.469121][T17628] program syz.7.2797 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1756.977874][T17641] ALSA: mixer_oss: invalid OSS volume ''
[ 1758.468190][ T5948] usb 7-1: USB disconnect, device number 7
[ 1759.402958][T17654] overlay: filesystem on ./file0 not supported as upperdir
[ 1765.439803][T17671] fuse: Bad value for 'rootmode'
[ 1767.324241][T17683] program syz.6.2810 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1770.062774][T17701] overlay: filesystem on ./file0 not supported as upperdir
[ 1774.890463][T17712] fuse: Unknown parameter 'use00000000000000000000'
[ 1778.932412][   T10] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 1779.076233][T17734] program syz.2.2824 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1779.562771][   T10] usb 7-1: Using ep0 maxpacket: 16
[ 1779.684162][   T10] usb 7-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.b4
[ 1779.684208][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1779.684229][   T10] usb 7-1: Product: syz
[ 1779.684253][   T10] usb 7-1: Manufacturer: syz
[ 1779.684268][   T10] usb 7-1: SerialNumber: syz
[ 1779.690765][   T10] usb 7-1: config 0 descriptor??
[ 1779.725616][   T10] gspca_main: spca508-2.14.0 probing 041e:4018
[ 1780.402061][T17745] ALSA: mixer_oss: invalid OSS volume ''
[ 1780.482605][   T10] gspca_spca508: reg_read err -110
[ 1780.482939][   T10] gspca_spca508: reg_read err -32
[ 1780.483334][   T10] gspca_spca508: reg_read err -32
[ 1780.484511][   T10] gspca_spca508: reg_read err -32
[ 1780.485879][   T10] gspca_spca508: reg write: error -32
[ 1780.485945][   T10] spca508 7-1:0.0: probe with driver spca508 failed with error -32
[ 1781.072412][T17750] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1782.334095][T17753] overlay: filesystem on ./file0 not supported as upperdir
[ 1783.584807][   T10] usb 7-1: USB disconnect, device number 8
[ 1783.804406][T16140] Bluetooth: hci4: command 0x0406 tx timeout
[ 1789.463764][T17784] program syz.1.2838 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1789.976884][T17791] ALSA: mixer_oss: invalid OSS volume ''
[ 1790.219758][T17793] netlink: 'syz.1.2841': attribute type 1 has an invalid length.
[ 1791.965919][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1791.965997][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1792.292986][T11360] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[ 1792.293091][T11360] CPU: 0 UID: 0 PID: 11360 Comm: kworker/u9:2 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1792.293127][T11360] Tainted: [L]=SOFTLOCKUP
[ 1792.293136][T11360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1792.293152][T11360] Workqueue: hci0 hci_rx_work
[ 1792.293337][T11360] Call Trace:
[ 1792.293351][T11360]  <TASK>
[ 1792.293364][T11360]  dump_stack_lvl+0xe8/0x150
[ 1792.293444][T11360]  sysfs_create_dir_ns+0x271/0x2a0
[ 1792.293520][T11360]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1792.293620][T11360]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1792.293650][T11360]  ? rt_spin_unlock+0x160/0x200
[ 1792.293678][T11360]  kobject_add_internal+0x631/0xd10
[ 1792.293774][T11360]  kobject_add+0x163/0x240
[ 1792.293815][T11360]  ? __pfx_kobject_add+0x10/0x10
[ 1792.293859][T11360]  ? get_device_parent+0x370/0x3a0
[ 1792.293990][T11360]  device_add+0x408/0xb80
[ 1792.294030][T11360]  hci_conn_add_sysfs+0xd5/0x210
[ 1792.294119][T11360]  le_conn_complete_evt+0xf1d/0x1430
[ 1792.294206][T11360]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1792.294251][T11360]  ? skb_pull_data+0xfb/0x200
[ 1792.294369][T11360]  hci_le_conn_complete_evt+0x187/0x470
[ 1792.294412][T11360]  hci_event_packet+0x7af/0x12c0
[ 1792.294469][T11360]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1792.294503][T11360]  ? __pfx_hci_event_packet+0x10/0x10
[ 1792.294532][T11360]  ? preempt_schedule_common+0x82/0xd0
[ 1792.294585][T11360]  ? preempt_schedule_thunk+0x16/0x30
[ 1792.294620][T11360]  ? hci_send_to_monitor+0xe2/0x590
[ 1792.294647][T11360]  hci_rx_work+0x3ee/0x1030
[ 1792.294678][T11360]  ? preempt_schedule_thunk+0x16/0x30
[ 1792.294708][T11360]  ? process_scheduled_works+0xa25/0x1830
[ 1792.294764][T11360]  process_scheduled_works+0xb02/0x1830
[ 1792.294829][T11360]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1792.294871][T11360]  ? assign_work+0x3d5/0x5e0
[ 1792.294911][T11360]  worker_thread+0xa50/0xfc0
[ 1792.294977][T11360]  kthread+0x388/0x470
[ 1792.295002][T11360]  ? __pfx_worker_thread+0x10/0x10
[ 1792.295034][T11360]  ? __pfx_kthread+0x10/0x10
[ 1792.295060][T11360]  ret_from_fork+0x51e/0xb90
[ 1792.295117][T11360]  ? __pfx_ret_from_fork+0x10/0x10
[ 1792.295148][T11360]  ? __switch_to+0xc7d/0x1450
[ 1792.295192][T11360]  ? __pfx_kthread+0x10/0x10
[ 1792.295218][T11360]  ret_from_fork_asm+0x1a/0x30
[ 1792.295260][T11360]  </TASK>
[ 1792.295609][T11360] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1792.295942][T11360] Bluetooth: hci0: failed to register connection device
[ 1792.367461][T11360] ==================================================================
[ 1792.367484][T11360] BUG: KASAN: slab-use-after-free in l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1792.367580][T11360] Read of size 8 at addr ffff88805e57c7b0 by task kworker/u9:2/11360
[ 1792.367601][T11360] 
[ 1792.367619][T11360] CPU: 0 UID: 0 PID: 11360 Comm: kworker/u9:2 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1792.367652][T11360] Tainted: [L]=SOFTLOCKUP
[ 1792.367661][T11360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1792.367678][T11360] Workqueue: hci0 hci_rx_work
[ 1792.367709][T11360] Call Trace:
[ 1792.367718][T11360]  <TASK>
[ 1792.367729][T11360]  dump_stack_lvl+0xe8/0x150
[ 1792.367765][T11360]  print_report+0xba/0x230
[ 1792.367811][T11360]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1792.367836][T11360]  kasan_report+0x117/0x150
[ 1792.367937][T11360]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1792.367969][T11360]  l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1792.368000][T11360]  l2cap_connect_cfm+0x368/0x1390
[ 1792.368030][T11360]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1792.368051][T11360]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1792.368083][T11360]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1792.368143][T11360]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1792.368174][T11360]  ? mutex_lock_nested+0x152/0x1d0
[ 1792.368197][T11360]  ? hci_connect_cfm+0x2c/0x140
[ 1792.368230][T11360]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1792.368253][T11360]  hci_connect_cfm+0x95/0x140
[ 1792.368288][T11360]  le_conn_complete_evt+0xf65/0x1430
[ 1792.368329][T11360]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1792.368378][T11360]  ? skb_pull_data+0xfb/0x200
[ 1792.368416][T11360]  hci_le_conn_complete_evt+0x187/0x470
[ 1792.368455][T11360]  hci_event_packet+0x7af/0x12c0
[ 1792.368487][T11360]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1792.368520][T11360]  ? __pfx_hci_event_packet+0x10/0x10
[ 1792.368548][T11360]  ? preempt_schedule_common+0x82/0xd0
[ 1792.368577][T11360]  ? preempt_schedule_thunk+0x16/0x30
[ 1792.368608][T11360]  ? hci_send_to_monitor+0xe2/0x590
[ 1792.368632][T11360]  hci_rx_work+0x3ee/0x1030
[ 1792.368661][T11360]  ? preempt_schedule_thunk+0x16/0x30
[ 1792.368690][T11360]  ? process_scheduled_works+0xa25/0x1830
[ 1792.368723][T11360]  process_scheduled_works+0xb02/0x1830
[ 1792.368775][T11360]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1792.368812][T11360]  ? assign_work+0x3d5/0x5e0
[ 1792.368845][T11360]  worker_thread+0xa50/0xfc0
[ 1792.368896][T11360]  kthread+0x388/0x470
[ 1792.368920][T11360]  ? __pfx_worker_thread+0x10/0x10
[ 1792.368951][T11360]  ? __pfx_kthread+0x10/0x10
[ 1792.368974][T11360]  ret_from_fork+0x51e/0xb90
[ 1792.369008][T11360]  ? __pfx_ret_from_fork+0x10/0x10
[ 1792.369039][T11360]  ? __switch_to+0xc7d/0x1450
[ 1792.369068][T11360]  ? __pfx_kthread+0x10/0x10
[ 1792.369092][T11360]  ret_from_fork_asm+0x1a/0x30
[ 1792.369124][T11360]  </TASK>
[ 1792.369133][T11360] 
[ 1792.369138][T11360] Allocated by task 11360:
[ 1792.369150][T11360]  kasan_save_track+0x3e/0x80
[ 1792.369178][T11360]  __kasan_kmalloc+0x93/0xb0
[ 1792.369207][T11360]  __kmalloc_noprof+0x3e7/0x7b0
[ 1792.369270][T11360]  sk_prot_alloc+0xe7/0x210
[ 1792.369330][T11360]  sk_alloc+0x3a/0x390
[ 1792.369362][T11360]  bt_sock_alloc+0x3b/0x310
[ 1792.369411][T11360]  l2cap_sock_new_connection_cb+0xe2/0x2e0
[ 1792.369436][T11360]  l2cap_connect_cfm+0x368/0x1390
[ 1792.369455][T11360]  hci_connect_cfm+0x95/0x140
[ 1792.369485][T11360]  le_conn_complete_evt+0xf65/0x1430
[ 1792.369518][T11360]  hci_le_conn_complete_evt+0x187/0x470
[ 1792.369561][T11360]  hci_event_packet+0x7af/0x12c0
[ 1792.369590][T11360]  hci_rx_work+0x3ee/0x1030
[ 1792.369615][T11360]  process_scheduled_works+0xb02/0x1830
[ 1792.369643][T11360]  worker_thread+0xa50/0xfc0
[ 1792.369671][T11360]  kthread+0x388/0x470
[ 1792.369691][T11360]  ret_from_fork+0x51e/0xb90
[ 1792.369719][T11360]  ret_from_fork_asm+0x1a/0x30
[ 1792.369737][T11360] 
[ 1792.369742][T11360] Freed by task 17804:
[ 1792.369752][T11360]  kasan_save_track+0x3e/0x80
[ 1792.369779][T11360]  kasan_save_free_info+0x46/0x50
[ 1792.369816][T11360]  __kasan_slab_free+0x5c/0x80
[ 1792.369843][T11360]  kfree+0x1c1/0x6c0
[ 1792.369869][T11360]  __sk_destruct+0x626/0x880
[ 1792.369894][T11360]  l2cap_sock_cleanup_listen+0xe0/0x440
[ 1792.369917][T11360]  l2cap_sock_release+0x6e/0x270
[ 1792.369936][T11360]  sock_close+0xc3/0x240
[ 1792.369967][T11360]  __fput+0x461/0xa90
[ 1792.370030][T11360]  task_work_run+0x1d9/0x270
[ 1792.370053][T11360]  get_signal+0x11c3/0x1310
[ 1792.370086][T11360]  arch_do_signal_or_restart+0xbc/0x830
[ 1792.370112][T11360]  exit_to_user_mode_loop+0x86/0x480
[ 1792.370159][T11360]  do_syscall_64+0x32d/0xf80
[ 1792.370211][T11360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1792.370253][T11360] 
[ 1792.370258][T11360] The buggy address belongs to the object at ffff88805e57c000
[ 1792.370258][T11360]  which belongs to the cache kmalloc-2k of size 2048
[ 1792.370278][T11360] The buggy address is located 1968 bytes inside of
[ 1792.370278][T11360]  freed 2048-byte region [ffff88805e57c000, ffff88805e57c800)
[ 1792.370302][T11360] 
[ 1792.370308][T11360] The buggy address belongs to the physical page:
[ 1792.370329][T11360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5e578
[ 1792.370424][T11360] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1792.370446][T11360] flags: 0x80000000000040(head|node=0|zone=1)
[ 1792.370477][T11360] page_type: f5(slab)
[ 1792.370499][T11360] raw: 0080000000000040 ffff88813fe1d000 dead000000000100 dead000000000122
[ 1792.370519][T11360] raw: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[ 1792.370540][T11360] head: 0080000000000040 ffff88813fe1d000 dead000000000100 dead000000000122
[ 1792.370561][T11360] head: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[ 1792.370581][T11360] head: 0080000000000003 ffffea0001795e01 00000000ffffffff 00000000ffffffff
[ 1792.370601][T11360] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000008
[ 1792.370614][T11360] page dumped because: kasan: bad access detected
[ 1792.370630][T11360] page_owner tracks the page as allocated
[ 1792.370639][T11360] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 9, tgid 9 (kworker/0:0), ts 100247674342, free_ts 0
[ 1792.370679][T11360]  post_alloc_hook+0x231/0x280
[ 1792.370760][T11360]  get_page_from_freelist+0x28bb/0x2950
[ 1792.370803][T11360]  __alloc_frozen_pages_noprof+0x18d/0x380
[ 1792.370824][T11360]  allocate_slab+0x77/0x660
[ 1792.370865][T11360]  refill_objects+0x334/0x3c0
[ 1792.370886][T11360]  __pcs_replace_empty_main+0x328/0x5f0
[ 1792.370911][T11360]  __kmalloc_node_track_caller_noprof+0x60b/0x7e0
[ 1792.370944][T11360]  __alloc_skb+0x2c1/0x7d0
[ 1792.370968][T11360]  mld_newpack+0x14c/0xc90
[ 1792.371040][T11360]  add_grhead+0x5a/0x2a0
[ 1792.371138][T11360]  add_grec+0x1452/0x1740
[ 1792.371167][T11360]  mld_ifc_work+0x6e6/0xe70
[ 1792.371193][T11360]  process_scheduled_works+0xb02/0x1830
[ 1792.371223][T11360]  worker_thread+0xa50/0xfc0
[ 1792.371252][T11360]  kthread+0x388/0x470
[ 1792.371273][T11360]  ret_from_fork+0x51e/0xb90
[ 1792.371301][T11360] page_owner free stack trace missing
[ 1792.371310][T11360] 
[ 1792.371316][T11360] Memory state around the buggy address:
[ 1792.371327][T11360]  ffff88805e57c680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1792.371342][T11360]  ffff88805e57c700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1792.371358][T11360] >ffff88805e57c780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1792.371371][T11360]                                      ^
[ 1792.371383][T11360]  ffff88805e57c800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1792.371399][T11360]  ffff88805e57c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1792.371411][T11360] ==================================================================
[ 1792.371447][T11360] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1792.371469][T11360] CPU: 0 UID: 0 PID: 11360 Comm: kworker/u9:2 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1792.371501][T11360] Tainted: [L]=SOFTLOCKUP
[ 1792.371510][T11360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1792.371527][T11360] Workqueue: hci0 hci_rx_work
[ 1792.371557][T11360] Call Trace:
[ 1792.371567][T11360]  <TASK>
[ 1792.371577][T11360]  vpanic+0x56c/0xa60
[ 1792.371616][T11360]  ? __pfx_vpanic+0x10/0x10
[ 1792.371649][T11360]  ? __pfx___schedule+0x10/0x10
[ 1792.371682][T11360]  panic+0xc5/0xd0
[ 1792.371712][T11360]  ? __pfx_panic+0x10/0x10
[ 1792.371747][T11360]  ? preempt_schedule_common+0x82/0xd0
[ 1792.371779][T11360]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1792.371805][T11360]  check_panic_on_warn+0x89/0xb0
[ 1792.371830][T11360]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1792.371857][T11360]  end_report+0x73/0x180
[ 1792.371890][T11360]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1792.371916][T11360]  kasan_report+0x128/0x150
[ 1792.371951][T11360]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1792.371983][T11360]  l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1792.372012][T11360]  l2cap_connect_cfm+0x368/0x1390
[ 1792.372041][T11360]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1792.372062][T11360]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1792.372100][T11360]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1792.372132][T11360]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1792.372166][T11360]  ? mutex_lock_nested+0x152/0x1d0
[ 1792.372187][T11360]  ? hci_connect_cfm+0x2c/0x140
[ 1792.372215][T11360]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1792.372238][T11360]  hci_connect_cfm+0x95/0x140
[ 1792.372271][T11360]  le_conn_complete_evt+0xf65/0x1430
[ 1792.372311][T11360]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1792.372350][T11360]  ? skb_pull_data+0xfb/0x200
[ 1792.372386][T11360]  hci_le_conn_complete_evt+0x187/0x470
[ 1792.372424][T11360]  hci_event_packet+0x7af/0x12c0
[ 1792.372456][T11360]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1792.372487][T11360]  ? __pfx_hci_event_packet+0x10/0x10
[ 1792.372514][T11360]  ? preempt_schedule_common+0x82/0xd0
[ 1792.372544][T11360]  ? preempt_schedule_thunk+0x16/0x30
[ 1792.372574][T11360]  ? hci_send_to_monitor+0xe2/0x590
[ 1792.372597][T11360]  hci_rx_work+0x3ee/0x1030
[ 1792.372626][T11360]  ? preempt_schedule_thunk+0x16/0x30
[ 1792.372654][T11360]  ? process_scheduled_works+0xa25/0x1830
[ 1792.372688][T11360]  process_scheduled_works+0xb02/0x1830
[ 1792.372736][T11360]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1792.372772][T11360]  ? assign_work+0x3d5/0x5e0
[ 1792.372816][T11360]  worker_thread+0xa50/0xfc0
[ 1792.372865][T11360]  kthread+0x388/0x470
[ 1792.372888][T11360]  ? __pfx_worker_thread+0x10/0x10
[ 1792.372918][T11360]  ? __pfx_kthread+0x10/0x10
[ 1792.372941][T11360]  ret_from_fork+0x51e/0xb90
[ 1792.372975][T11360]  ? __pfx_ret_from_fork+0x10/0x10
[ 1792.373005][T11360]  ? __switch_to+0xc7d/0x1450
[ 1792.373033][T11360]  ? __pfx_kthread+0x10/0x10
[ 1792.373056][T11360]  ret_from_fork_asm+0x1a/0x30
[ 1792.373093][T11360]  </TASK>
[ 1792.373696][T11360] Kernel Offset: disabled