last executing test programs:

16m59.455577008s ago: executing program 1 (id=1657):
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x6fba950d, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x7, 0x3, 0x0, 0x5, 0x2c, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0xffffffff, 0xe661, 0x4, 0x7, 0x5, 0x8, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x407, 0x5, 0x3f, 0x8f, 0x4006, 0x6, 0x0, 0xffffffff, 0x4, 0x8, 0x400, 0x10000080, 0x0, 0x5, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xb, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x10, 0xea4, 0xffffffff, 0x4, 0x7, 0x7fff, 0x5a7c, 0x420, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0xfffffffe, 0x7, 0x2, 0x5, 0x3, 0x9, 0x1, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x8], [0x7, 0x408, 0x8004, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x3, 0x0, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x4, 0x1ef, 0x8, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x5, 0x1, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x1ff], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0xfffffff9, 0xffff, 0x2000a620, 0x2, 0x5, 0x4, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0x4, 0xc8, 0xa, 0x3, 0x10000, 0x7, 0x7e, 0x100, 0x7f, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2)
syz_open_dev$vim2m(&(0x7f0000000040), 0x40005, 0x2)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000140)={0x7, 0x9000000000000000, 0x8000000000000000, 0xea, 0x0, 0x8001, 0x0, 0x40}, 0x0, &(0x7f00000000c0)={0x3ff, 0x0, 0x0, 0x8, 0x0, 0x8000000000000001, 0x2, 0x7}, 0x0, 0x0)

16m58.07199471s ago: executing program 1 (id=1662):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000001c0)="00940a37", 0x4)
sendto$unix(r4, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea8", 0xb5, 0x800, 0x0, 0x0)
recvfrom(r4, &(0x7f00000017c0)=""/4123, 0x101b, 0x1, 0x0, 0x0)

16m56.647344789s ago: executing program 1 (id=1665):
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x3, 0x300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)

16m50.54953656s ago: executing program 1 (id=1673):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
r3 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000180)={0x0, &(0x7f00000000c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000002c0)={0x0, 0x0, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r3, 0xc01864b0, &(0x7f0000000000)={r4, r5, 0x1, 0x0, 0x3})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_mreq(r8, 0x29, 0x1c, 0x0, 0x0)
r9 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r9, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYRESHEX=r1, @ANYRES32=0x0, @ANYBLOB="606f6e64000000000c0002800600191624781c3f0c519734", @ANYRES32, @ANYBLOB="77495cc598b546c059624a4e630f5bf9d1d8b8ba1b663b7d3d1488fb21b07e31ed51a1d175015eb423377116192b61545a9ec519570eedc7ae34a99fd287621cdcf5f85420eb557df8eb71940c0b476414ef9c6126ab3255707934b4ff5c224895d11ff3a574436120355fe5117f0000"], 0x44}}, 0x0)
r11 = getpid()
syz_pidfd_open(r11, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r12 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000100)={'batadv0\x00'})

16m49.372154338s ago: executing program 1 (id=1677):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x5, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@map_idx={0x18, 0x3, 0x5, 0x0, 0x9}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x9, 0x0, 0x100000, {}, [{0x90, 0x1, [@m_ct={0x44, 0x19, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffe, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x4}}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb058}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4b, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1", 0x12)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e2b, 0x7, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0)
bind$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(0xffffffffffffffff, 0x4)
syz_open_dev$usbfs(0x0, 0x1ff, 0x402)

16m48.268066767s ago: executing program 1 (id=1680):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
socket(0x200000100000011, 0x3, 0x3)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sysvipc/shm\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000002480)={0x2020}, 0x2020)
r5 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x121041)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000000c0)={0x0, 0x0, 0x0, {0x0, 0x100000000000001}, {0x74, 0x2}})
write$evdev(r5, &(0x7f0000000040), 0x373)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r6 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r6, &(0x7f0000000040)={0x1f, @any, 0x2}, 0xa)
r7 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r7, &(0x7f00000001c0)={0x1f, @none, 0x1}, 0xa)
shutdown(r6, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

16m33.155964736s ago: executing program 32 (id=1680):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
socket(0x200000100000011, 0x3, 0x3)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sysvipc/shm\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000002480)={0x2020}, 0x2020)
r5 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x121041)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000000c0)={0x0, 0x0, 0x0, {0x0, 0x100000000000001}, {0x74, 0x2}})
write$evdev(r5, &(0x7f0000000040), 0x373)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r6 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r6, &(0x7f0000000040)={0x1f, @any, 0x2}, 0xa)
r7 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r7, &(0x7f00000001c0)={0x1f, @none, 0x1}, 0xa)
shutdown(r6, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

11m45.811185002s ago: executing program 5 (id=1704):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x24}, 0x0)
r0 = socket$inet(0x2, 0x3, 0x2)
sendmsg$inet(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6(0xa, 0x800000000000002, 0x0)
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES16], 0x14e)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xb, 0x100, 0xfd, 0x9, 0x40801, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)

11m44.15173435s ago: executing program 5 (id=2225):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x17, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x2, 0x1, 0x100)
r2 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VIDIOC_G_FMT(r2, 0xc0d05604, &(0x7f0000000140)={0x2, @raw_data="55a39da48abc6a97d3624e96f2b723cd340a6734505f335716ef430a888631c82c9ae14cdf2c23978d74235074dd97646ea2bca1c50a8e9c00963f74ca716b699a3fe3129ac3cda45ed0802ef00044b88246d57f13ec900d2d8dbf8f14c675b426ff6c4d1408725904004d438188cacb137c38affb4c444bc96d779ca45c35c424ec3b47f8be36a6eed4b27f44cee78f3017a0ce9bacd64f88a477d04a465bdd92164804c2854b68142b9b8c12e60bfcc44c9c59f577963baf783ad96e218cabfbd9ba2ff8e9fba4"})

11m28.515942439s ago: executing program 33 (id=2225):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x17, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000840)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x2, 0x1, 0x100)
r2 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VIDIOC_G_FMT(r2, 0xc0d05604, &(0x7f0000000140)={0x2, @raw_data="55a39da48abc6a97d3624e96f2b723cd340a6734505f335716ef430a888631c82c9ae14cdf2c23978d74235074dd97646ea2bca1c50a8e9c00963f74ca716b699a3fe3129ac3cda45ed0802ef00044b88246d57f13ec900d2d8dbf8f14c675b426ff6c4d1408725904004d438188cacb137c38affb4c444bc96d779ca45c35c424ec3b47f8be36a6eed4b27f44cee78f3017a0ce9bacd64f88a477d04a465bdd92164804c2854b68142b9b8c12e60bfcc44c9c59f577963baf783ad96e218cabfbd9ba2ff8e9fba4"})

8m39.894290662s ago: executing program 3 (id=2623):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x25, 0x10, 0x0, 0xffffffffffffffe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x94)
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="bbbbbbbbbbbbc9abacf360ea081d000108000604"], 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f00000000c0), 0xffffffffffffffff)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x50)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000240), 0x8002, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xd)
ioctl$DRM_IOCTL_IRQ_BUSID(0xffffffffffffffff, 0xc0106403, &(0x7f0000000140)={0x0, 0x6, 0x6, 0x8})
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000100), 0x1a5040, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)

8m38.640385948s ago: executing program 3 (id=2626):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000040)=<r3=>0x0)
ptrace$peek(0x2, r3, &(0x7f0000000080))
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x44040, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='rtc_alarm_irq_enable\x00'}, 0x18)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_AIE_ON(r4, 0x7001)

8m36.868037411s ago: executing program 3 (id=2629):
write(0xffffffffffffffff, &(0x7f0000000100)="140000001a004f7fb3e45f2024d2f1c9fb470000", 0x14)
recvmmsg(0xffffffffffffffff, &(0x7f0000004e80)=[{{0x0, 0x0, 0x0}, 0x645}, {{0x0, 0x0, 0x0}, 0xffffff80}], 0x2, 0x10122, 0x0)

8m36.191098879s ago: executing program 3 (id=2630):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000700)={0x0, 0x7208, 0x10, 0x8003}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff4, 0x0, 0x4)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x68, 0x11, r3, 0x0, 0x0, 0x0, 0x1, 0x1, {0x3}})
setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
socket$inet6_udplite(0xa, 0x2, 0x88)
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, 0x0, 0x0)
io_uring_enter(r0, 0x68be, 0x5002, 0x4, 0x0, 0x0)

8m35.032216602s ago: executing program 3 (id=2634):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'})
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x11000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r4, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000008100000008000300", @ANYRES32=r6, @ANYBLOB="0a000600080211000001000006006600c78800001a0033"], 0x50}}, 0x0)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newtaction={0x78, 0x30, 0xb, 0x0, 0x0, {}, [{0x64, 0x1, [@m_ct={0x60, 0x1, 0x0, 0x0, {{0x7}, {0x38, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @loopback}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x78}}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFC_CMD_DEV_DOWN(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4040054}, 0xc0)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r10=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@bridge_dellink={0x2c, 0x11, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r10, 0x60a10}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x4, 0x0, 0x1, {0x4, 0x4}}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc080}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@func={0xc, 0x0, 0x0, 0xc, 0x1}]}, {0x0, [0x3e]}}, &(0x7f0000000240)=""/220, 0x27, 0xdc, 0x1, 0x5, 0x0, @void, @value}, 0x28)

8m33.205651847s ago: executing program 3 (id=2639):
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
mmap(&(0x7f0000fd5000/0x4000)=nil, 0x4000, 0x1000000, 0x80010, 0xffffffffffffffff, 0x4f90b000)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
pwritev2(r0, &(0x7f0000000440)=[{&(0x7f00000001c0)="b2", 0x1}], 0x1, 0x5, 0x80, 0x1)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)='3', 0x1}], 0x1)

8m17.709815802s ago: executing program 34 (id=2639):
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
mmap(&(0x7f0000fd5000/0x4000)=nil, 0x4000, 0x1000000, 0x80010, 0xffffffffffffffff, 0x4f90b000)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
pwritev2(r0, &(0x7f0000000440)=[{&(0x7f00000001c0)="b2", 0x1}], 0x1, 0x5, 0x80, 0x1)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)='3', 0x1}], 0x1)

7m59.841508581s ago: executing program 2 (id=2695):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/96, 0x129000, 0x800}, 0x20)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000140)=0x20, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000100)=0x20, 0x4)
bind$xdp(r0, &(0x7f00000002c0)={0x2c, 0x8, r2}, 0x10)

7m58.833198133s ago: executing program 2 (id=2696):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key$fscrypt_provisioning(0x0, 0x0, &(0x7f0000000340)={0x1, 0x0, @b}, 0x48, 0xffffffffffffffff)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
accept4(r1, &(0x7f00000000c0)=@rc={0x1f, @none}, &(0x7f0000000040)=0x80, 0x800)
socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DEL_PMKSA(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r4, 0x3, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8811}, 0x24008810)

7m57.662947797s ago: executing program 2 (id=2698):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_hsr\x00'})
r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.pending_reads\x00', 0x4e8100, 0x210)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1, 0x105)
fanotify_mark(r1, 0x6cf7a86385b4799, 0x40000003, r2, &(0x7f0000000100)='./file0\x00')
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
syz_clone3(&(0x7f0000000380)={0x33880, &(0x7f0000000040), &(0x7f00000000c0), 0x0, {0x2d}, &(0x7f00000001c0)=""/117, 0x75, &(0x7f0000002680)=""/4096, &(0x7f0000000240)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0], 0x4}, 0x58)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, 0x0, 0x0)
r4 = mq_open(&(0x7f00000011c0)='*^\':\x00', 0x40, 0x8a, 0x0)
mq_notify(r4, &(0x7f00000012c0)={0x0, 0x2e})
preadv(r4, &(0x7f0000001700)=[{&(0x7f0000001340)=""/103, 0x67}], 0x1, 0x1, 0xe29a)
syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x707b, 0x0, 0x4, 0x288}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000140))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, &(0x7f0000000540)={{0x1, 0x2, 0x6, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r6, 0x40505412, &(0x7f0000000440)={0x2, 0x20008003})
r7 = openat$sequencer2(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SNDCTL_TMR_CONTINUE(r7, 0x5404)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x20008815}, 0x0)

7m57.456459199s ago: executing program 2 (id=2700):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'})
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f0000000340), 0x11000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r4, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000008100000008000300", @ANYRES32=r6, @ANYBLOB="0a000600080211000001000006006600c78800001a0033"], 0x50}}, 0x0)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

7m51.545137948s ago: executing program 2 (id=2713):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd700000000000060000001303"], 0x328}}, 0x84)
sched_setscheduler(0x0, 0x0, 0x0)

7m48.376626244s ago: executing program 2 (id=2720):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key$fscrypt_provisioning(0x0, 0x0, &(0x7f0000000340)={0x1, 0x0, @b}, 0x48, 0xffffffffffffffff)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
accept4(r1, &(0x7f00000000c0)=@rc={0x1f, @none}, &(0x7f0000000040)=0x80, 0x800)
socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DEL_PMKSA(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r4, 0x3, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8811}, 0x24008810)

7m32.217081853s ago: executing program 35 (id=2720):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key$fscrypt_provisioning(0x0, 0x0, &(0x7f0000000340)={0x1, 0x0, @b}, 0x48, 0xffffffffffffffff)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
accept4(r1, &(0x7f00000000c0)=@rc={0x1f, @none}, &(0x7f0000000040)=0x80, 0x800)
socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DEL_PMKSA(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r4, 0x3, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8811}, 0x24008810)

15.10943985s ago: executing program 7 (id=3550):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000001080)={0x0, 0x1, 0x2})
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x6, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
io_setup(0x7, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[], 0x32, 0xfffffffffffffffc)
add_key(0x0, 0x0, &(0x7f00000010c0)="eed4b9b2f13ea5e6e6a64b63cf53bdf00525df538fdb893e78a30d0ac4578bcd23e64c937bc492be8dd78d566d525cd241a10d75077f54f8a1910036e643d546c80b54628fd70778d9094e91f91c0416fab97190520b913a", 0x58, 0xfffffffffffffffe)
write$vhost_msg_v2(0xffffffffffffffff, 0x0, 0x0)
symlink(&(0x7f00000049c0)='.\x00', &(0x7f00000059c0)='./file0\x00')
openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x13}, 0x18)
write$vhost_msg_v2(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000f80)=ANY=[@ANYBLOB="0900000066090005136ff88ca087be61f9bcc2df0951873983268381393d5eaae57ecfa92bf178c57e20fa0bc158d1230b0393ad48a37c767d6357fa68a0fd4c71cd9eea44e31e697a977478e2259cd2f4b27247020d92f96c66457bea83e31bae1cadc153638e84fc57f2a96fc31044340ebf5c1f6a111ffb0fba30c79b3534b522d91416f3b2c367d8c98d9a90a4c74d06e39c3a59a9ce9f6d923a4a5bed789bc7250cdb3d72a6eed599733468686dac11b95ecab19d2bc8e63b61ac43844e495d7c2c4b2a1783b5", @ANYBLOB="010700000000000000001600000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="6400000010000d042dbd7000fedbdf2500000000", @ANYRES32, @ANYBLOB="60c00000000000003c001280110001006272696467655f736c617665000000002400058006000200f7"], 0x64}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)

14.14100561s ago: executing program 0 (id=3553):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f00000047c0))

14.006625683s ago: executing program 7 (id=3554):
r0 = syz_open_procfs(0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x8000, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, 0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f0000000240)={0x9000000, 0x1000000})
r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r6, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x2}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
listen(r6, 0x1ad72f7)
accept4(r6, 0x0, 0x0, 0x80800)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
msgget$private(0x0, 0xae)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x8, &(0x7f0000000700)=ANY=[@ANYRESHEX=r0, @ANYBLOB="2c77e7ede71e2ff06c7246960b8f5fe6bacfd5ca8ea00c0ec7bd1225545d7ca9621e162fda5e836620a04e04d90a6ed73d98da34616f3100fdfd388d26e1a9edfc5c6fb891af07b58c2257b39f702667542604a440f3b08830dec77fe76336d4f79f849aefa1629c1022637671f345fb7789ee64186be9666339004327f7f0e1229b416520807e8811e8c0e6980ba393da35759b2a4a0ea9fb432a9419777afcf6ed836cac5cf43ff035c5cc820742ce", @ANYBLOB=',\x00'])

12.121533868s ago: executing program 8 (id=3556):
socket$packet(0x11, 0x2, 0x300)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

12.078881584s ago: executing program 0 (id=3557):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0x5c, 0x30, 0xb, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xfdb}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4004000}, 0x10000000)

11.990123858s ago: executing program 7 (id=3559):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x14, 0x126}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, 0x0)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

11.913542977s ago: executing program 4 (id=3560):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000dc0), 0xffffffffffffffff)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000280))
sendmsg$DEVLINK_CMD_RELOAD(r1, 0x0, 0x8010)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x101280)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$alg(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x4000045)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
syz_pidfd_open(0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x40000000002, 0x8000000000000000, 0x8000f, 0x2, 0x0, 0x100, 0x10001000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0x0, 0x4, 0x2, 0x0, 0x2, 0x7}, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1400000017000b63d25a80648c2594f90fa3c92b", 0x14}], 0x1}, 0x0)

11.845749111s ago: executing program 8 (id=3561):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd70000000000004000000130317"], 0x328}}, 0x84)

11.797336563s ago: executing program 0 (id=3562):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$DRM_IOCTL_MODE_ADDFB(0xffffffffffffffff, 0xc01c64ae, &(0x7f00000002c0)={0x0, 0x400, 0x0, 0x7, 0x9, 0x8, 0xfffffffc})
openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_uring_setup(0x4332, &(0x7f0000000780)={0x0, 0x986d, 0x1100, 0xfffffffc})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b800300000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc3"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000500)=ANY=[@ANYRES32, @ANYRES32=r4, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={0xffffffffffffffff, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r3}, 0x20)
recvmmsg(r3, &(0x7f00000073c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

10.606451293s ago: executing program 6 (id=3563):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd700000000000060000001303"], 0x328}}, 0x84)
sched_setscheduler(0x0, 0x0, 0x0)

10.605663755s ago: executing program 4 (id=3564):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x25, 0x10, 0x0, 0xffffffffffffffe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x94)
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[], 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f00000000c0), 0xffffffffffffffff)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x50)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000240), 0x8002, 0x0)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
ioctl$DRM_IOCTL_IRQ_BUSID(0xffffffffffffffff, 0xc0106403, &(0x7f0000000140)={0x0, 0x6, 0x6, 0x8})
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4})
openat$fb0(0xffffffffffffff9c, &(0x7f0000000100), 0x1a5040, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)

10.367406397s ago: executing program 7 (id=3565):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000001080)={0x0, 0x1, 0x2})
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x6, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
io_setup(0x7, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[], 0x32, 0xfffffffffffffffc)
add_key(0x0, 0x0, &(0x7f00000010c0)="eed4b9b2f13ea5e6e6a64b63cf53bdf00525df538fdb893e78a30d0ac4578bcd23e64c937bc492be8dd78d566d525cd241a10d75077f54f8a1910036e643d546c80b54628fd70778d9094e91f91c0416fab97190520b913a", 0x58, 0xfffffffffffffffe)
write$vhost_msg_v2(0xffffffffffffffff, 0x0, 0x0)
symlink(&(0x7f00000049c0)='.\x00', &(0x7f00000059c0)='./file0\x00')
openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x13}, 0x18)
write$vhost_msg_v2(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000f80)=ANY=[@ANYRES16=r1, @ANYBLOB="010700000000000000001600000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="6400000010000d042dbd7000fedbdf2500000000", @ANYRES32, @ANYBLOB="60c00000000000003c001280110001006272696467655f736c617665000000002400058006000200f7"], 0x64}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)

9.662653143s ago: executing program 0 (id=3566):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x281c2, 0x10)
fcntl$setlease(r0, 0x400, 0x1)
fremovexattr(r0, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000000c0)={{{@in6=@mcast2, @in=@multicast1}}, {{@in=@dev}, 0x0, @in6=@private2}}, &(0x7f0000000000)=0xe8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sysvipc/shm\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000002480)={0x2020}, 0x2020)
syz_open_dev$evdev(0x0, 0x0, 0x121041)
writev(0xffffffffffffffff, &(0x7f0000000800)=[{&(0x7f0000000700)="ebfa0e81ceb3dc4c43c215dc4dade38ff8c84ace9d15af003afa41ae5fbebe5b175c12cf29c48c2d4b61ce76443645c1dc73113beeb9b5a73cd0415b0437839aa6c68111a4582c3a6a3bb8f9e0", 0x4d}], 0x1)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000000c0)={0x0, 0x0, 0x0, {0x0, 0x100000000000001}, {0x74, 0x2}})
lseek(r4, 0xfffffffffffffff5, 0x1)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)='c:::\x00', 0x0)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), r4)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f00000004c0)={0x18c, r5, 0x300, 0x70bd2b, 0x25dfdbff, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0xf}, {0x6, 0x11, 0x2}, {0x8, 0x15, 0x274d}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x3}, {0x8, 0x15, 0x3}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x9}, {0x8, 0x15, 0x6}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x7}, {0x8, 0x15, 0x10}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x8}, {0x8, 0x15, 0x2}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x80}, {0x8, 0x15, 0x2}}]}, 0x18c}, 0x1, 0x0, 0x0, 0x4013}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

9.58575672s ago: executing program 8 (id=3567):
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4004)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x42280, 0x0)
close(r4)
accept4$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs, 0x0, 0x100000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='netlink_extack\x00'}, 0x18)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'erspan0\x00'})
sendmsg$nl_route_sched(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000440)={<r7=>0x0, 0x24, "bdbc11f4c2474f7ca8934dcf68b2aa1753c31dbe11a2e0202e3d33976a3f6fe6e98a3d70"}, &(0x7f0000000200)=0x2c)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000280)={r7, 0xa508}, &(0x7f0000000340)=0x8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
mount_setattr(0xffffffffffffffff, 0x0, 0x100, &(0x7f0000000400)={0x300094, 0x78, 0x20000, {r1}}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

9.355863097s ago: executing program 6 (id=3568):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f00000047c0))

7.077541168s ago: executing program 0 (id=3569):
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f0000000100)={0xa10000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x990a70, 0x7, '\x00', @p_u32=&(0x7f0000000200)=0x5}})
syz_emit_ethernet(0x3e, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000008004700003000000000000690780a010100ac1e00010186060000000000000000", @ANYRES32=0x41424344, @ANYBLOB="50000000907800008a4c0b30a2684ea4a0420ff45ab697e596f621"], 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
readv(r2, &(0x7f0000000300)=[{&(0x7f0000000080)=""/107, 0x6b}], 0x1)
fsmount(0xffffffffffffffff, 0x0, 0x0)

6.19789774s ago: executing program 4 (id=3570):
r0 = syz_open_procfs(0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x8000, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, 0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f0000000240)={0x9000000, 0x1000000})
r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r6, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x2}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
listen(r6, 0x1ad72f7)
accept4(r6, 0x0, 0x0, 0x80800)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
msgget$private(0x0, 0xae)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB="2c77e7ede71e2ff06c7246960b8f5fe6bacfd5ca8ea00c0ec7bd1225545d7ca9621e162fda5e836620a04e04d90a6ed73d98da34616f3100fdfd388d26e1a9edfc5c6fb891af07b58c2257b39f702667542604a440f3b08830dec77fe76336d4f79f849aefa1629c1022637671f345fb7789ee64186be9666339004327f7f0e1229b416520807e8811e8c0e6980ba393da35759b2a4a0ea9fb432a9419777afcf6ed836cac5cf43ff035c5cc820742ce", @ANYBLOB=',\x00'])

6.096120242s ago: executing program 7 (id=3571):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
preadv(r3, &(0x7f0000003780)=[{&(0x7f0000001300)=""/170, 0xaa}], 0x1, 0xffff, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f00000001c0)='\x00', &(0x7f0000000240)='{}k%@\x00', 0x0)

5.733586141s ago: executing program 8 (id=3572):
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

4.936259835s ago: executing program 4 (id=3573):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
inotify_init()
syz_open_dev$radio(&(0x7f0000000140), 0x1, 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x3a6}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r1, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000010000000100000009"], 0x18}, 0x0, 0x40000, 0x1})
io_uring_enter(r2, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)

3.678238268s ago: executing program 6 (id=3574):
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0, 0x0, 0x24000004}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000500)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="2f0000000200000000000000b9ade9cf48e433de3fa737fb40e17ba8b41fed792abf53ee09ca7e51e56e48d624ae5b715cffd14bbed66987b442f6fff0336bcc470a85dedd72f57a9ac95f95dbc995c948c97a7f0e48a2918eccf54417cc6a14548c5705afaa85688900000000", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000140)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB='/'], 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb058}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$TIPC_SRC_DROPPABLE(0xffffffffffffffff, 0x10f, 0x80, &(0x7f0000001640)=0x4f1d, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
mkdirat(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='map_files\x00')
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r4, 0xc0287c02, &(0x7f00000003c0)={0x80000000, &(0x7f0000000280), &(0x7f0000000340)=[{}, {{<r5=>0x80000000}}]})
ioctl$MEDIA_IOC_ENUM_LINKS(r4, 0xc0287c02, &(0x7f00000004c0)={r5, &(0x7f0000000400), &(0x7f0000000440)})
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000300), r6)
sendmsg$NLBL_CIPSOV4_C_ADD(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="08010000", @ANYRES16=r7, @ANYBLOB="0100000000000000000001000000080001000000000014000480050603000000000005000300000000000800020001000000d00008"], 0x108}}, 0x0)

3.652298155s ago: executing program 0 (id=3575):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000280)={{0x12, 0x1, 0x141, 0xf2, 0xc5, 0x96, 0x20, 0x16d0, 0x10b8, 0xde8e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x0, 0x83, 0xec, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0x2, 0x0, 0xa}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000000)={0x0, 0x30, 0xc, "00004700000040f400bec073"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000380)={0x34, &(0x7f0000000180)={0x20, 0xb, 0x28, "4959e02e2d5cd4083223c0166fa294c7f98e84cfb99f83b84aebdda3bb7bf9e1cd75a493ee52d4c1"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_io_uring_submit(0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000a00)={0x84, &(0x7f0000000300)={0x40, 0x3d, 0x5, "19d091dca7"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3.495059801s ago: executing program 8 (id=3576):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$DRM_IOCTL_MODE_ADDFB(0xffffffffffffffff, 0xc01c64ae, &(0x7f00000002c0)={0x0, 0x400, 0x0, 0x7, 0x9, 0x8, 0xfffffffc})
openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_uring_setup(0x4332, &(0x7f0000000780)={0x0, 0x986d, 0x1100, 0xfffffffc})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b800300000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000500)=ANY=[@ANYRES32, @ANYRES32=r4, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={0xffffffffffffffff, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r3}, 0x20)
recvmmsg(r3, &(0x7f00000073c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

2.581293306s ago: executing program 6 (id=3577):
r0 = syz_open_dev$loop(&(0x7f0000000040), 0x6, 0x66382)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000040), 0xa, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x81)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xe)
syz_open_dev$tty1(0xc, 0x4, 0x3)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x1a, {"a2e3ad21ed6b52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b09719b711b5d34101b080d29308f0e1ac6e7049b3468959b189a242a9b45f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771acc18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f070077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {0x7, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffe00}, {}, {0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffe11}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0xc5}}]}, &(0x7f0000000300)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
pwritev(r4, &(0x7f0000000000)=[{&(0x7f0000000300)="38e315f450", 0x5}], 0x1, 0x400, 0x20000000)
sendfile(r0, r0, 0x0, 0x24002de8)

2.572063034s ago: executing program 4 (id=3578):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd700000000000060000001303"], 0x328}}, 0x84)
sched_setscheduler(0x0, 0x0, 0x0)

1.699198076s ago: executing program 8 (id=3579):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x281c2, 0x10)
fcntl$setlease(r0, 0x400, 0x1)
fremovexattr(r0, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000000c0)={{{@in6=@mcast2, @in=@multicast1}}, {{@in=@dev}, 0x0, @in6=@private2}}, &(0x7f0000000000)=0xe8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sysvipc/shm\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000002480)={0x2020}, 0x2020)
syz_open_dev$evdev(0x0, 0x0, 0x121041)
writev(0xffffffffffffffff, &(0x7f0000000800)=[{&(0x7f0000000700)="ebfa0e81ceb3dc4c43c215dc4dade38ff8c84ace9d15af003afa41ae5fbebe5b175c12cf29c48c2d4b61ce76443645c1dc73113beeb9b5a73cd0415b0437839aa6c68111a4582c3a6a3bb8f9e0", 0x4d}], 0x1)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000000c0)={0x0, 0x0, 0x0, {0x0, 0x100000000000001}, {0x74, 0x2}})
lseek(r3, 0xfffffffffffffff5, 0x1)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)='c:::\x00', 0x0)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), r3)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f00000004c0)={0x18c, r4, 0x300, 0x70bd2b, 0x25dfdbff, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0xf}, {0x6, 0x11, 0x2}, {0x8, 0x15, 0x274d}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x3}, {0x8, 0x15, 0x3}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x9}, {0x8, 0x15, 0x6}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x9}, {0x6, 0x11, 0x7}, {0x8, 0x15, 0x10}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x8}, {0x8, 0x15, 0x2}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x80}, {0x8, 0x15, 0x2}}]}, 0x18c}, 0x1, 0x0, 0x0, 0x4013}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

1.348575255s ago: executing program 4 (id=3580):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
r3 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000180)={0x0, &(0x7f00000000c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000002c0)={0x0, 0x0, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r3, 0xc01864b0, &(0x7f0000000000)={r4, r5, 0x1, 0x0, 0x3})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, 0x0, 0x0, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_mreq(r8, 0x29, 0x1c, 0x0, 0x0)
r9 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r9, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r10 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYRESHEX=r1, @ANYRES32=0x0, @ANYBLOB="606f6e64000000000c0002800600191624781c3f0c519734", @ANYRES32, @ANYBLOB="77495cc598b546c059624a4e630f5bf9d1d8b8ba1b663b7d3d1488fb21b07e31ed51a1d175015eb423377116192b61545a9ec519570eedc7ae34a99fd287621cdcf5f85420eb557df8eb71940c0b476414ef9c6126ab3255707934b4ff5c224895d11ff3a574436120355fe5117f0000"], 0x44}}, 0x0)
r11 = getpid()
syz_pidfd_open(r11, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r12 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000100)={'batadv0\x00'})

317.204223ms ago: executing program 6 (id=3581):
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x8, 0x0, 0x8}, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in=@remote, 0x2, 0x6c}, 0x0, @in=@empty, 0x0, 0x5, 0x0, 0xb7}}, 0xe8)
sendto$packet(0xffffffffffffffff, &(0x7f00000002c0)="1441c05465f0006fc8afa8e4", 0xc, 0x20000010, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

177.505932ms ago: executing program 6 (id=3582):
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4004)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x42280, 0x0)
close(r4)
accept4$unix(0xffffffffffffffff, &(0x7f00000000c0)=@abs, 0x0, 0x100000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='netlink_extack\x00'}, 0x18)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'erspan0\x00'})
sendmsg$nl_route_sched(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000440)={<r7=>0x0, 0x24, "bdbc11f4c2474f7ca8934dcf68b2aa1753c31dbe11a2e0202e3d33976a3f6fe6e98a3d70"}, &(0x7f0000000200)=0x2c)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000280)={r7, 0xa508}, &(0x7f0000000340)=0x8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
mount_setattr(0xffffffffffffffff, 0x0, 0x100, &(0x7f0000000400)={0x300094, 0x78, 0x20000, {r1}}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

0s ago: executing program 7 (id=3583):
r0 = syz_open_procfs(0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x8000, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, 0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f0000000240)={0x9000000, 0x1000000})
r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r6, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x2}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
listen(r6, 0x1ad72f7)
accept4(r6, 0x0, 0x0, 0x80800)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
msgget$private(0x0, 0xae)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYBLOB="2c77e7ede71e2ff06c7246960b8f5fe6bacfd5ca8ea00c0ec7bd1225545d7ca9621e162fda5e836620a04e04d90a6ed73d98da34616f3100fdfd388d26e1a9edfc5c6fb891af07b58c2257b39f702667542604a440f3b08830dec77fe76336d4f79f849aefa1629c1022637671f345fb7789ee64186be9666339004327f7f0e1229b416520807e8811e8c0e6980ba393da35759b2a4a0ea9fb432a9419777afcf6ed836cac5cf43ff035c5cc820742ce", @ANYBLOB=',\x00'])

kernel console output (not intermixed with test programs):

 - 0
[ 1189.017591][  T991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1189.042775][  T991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1189.192234][  T991] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1189.215931][  T991] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1189.793634][T14686] macvlan0: entered promiscuous mode
[ 1189.803180][T14686] macvlan0: entered allmulticast mode
[ 1189.825147][T14686] veth1_vlan: entered allmulticast mode
[ 1190.055897][T14686] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[ 1193.915247][T14719] overlayfs: missing 'workdir'
[ 1193.916269][T14724] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1193.929282][T14724] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1194.776770][T14730] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1198.174827][T14744] 9pnet_fd: Insufficient options for proto=fd
[ 1199.929802][T14772] overlayfs: missing 'workdir'
[ 1200.784496][T14783] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1200.793568][T14783] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1204.346599][T14811] 9pnet_fd: Insufficient options for proto=fd
[ 1206.365419][T14829] overlayfs: missing 'workdir'
[ 1207.324940][T14838] 9pnet_fd: Insufficient options for proto=fd
[ 1208.869908][   T55] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1208.893594][   T55] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1208.902949][   T55] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1208.911375][   T55] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1208.921618][   T55] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1210.964317][   T55] Bluetooth: hci5: command tx timeout
[ 1211.382255][T10539] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1211.456008][T14846] chnl_net:caif_netlink_parms(): no params data found
[ 1211.556861][T14875] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1211.568670][T14875] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1212.440505][T10539] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1212.702971][T14886] 9pnet_fd: Insufficient options for proto=fd
[ 1212.876951][T14890] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1213.044448][   T55] Bluetooth: hci5: command tx timeout
[ 1213.630663][T10539] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1214.209725][T10539] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1214.263241][T14846] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1214.279956][T14846] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1214.302031][T14846] bridge_slave_0: entered allmulticast mode
[ 1214.327714][T14846] bridge_slave_0: entered promiscuous mode
[ 1214.363350][T14846] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1214.381366][T14846] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1214.402055][T14846] bridge_slave_1: entered allmulticast mode
[ 1214.431909][T14846] bridge_slave_1: entered promiscuous mode
[ 1215.025610][T14903] 9pnet_fd: Insufficient options for proto=fd
[ 1215.134079][   T55] Bluetooth: hci5: command tx timeout
[ 1215.190942][T14846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1215.205486][T14846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1215.682208][T14846] team0: Port device team_slave_0 added
[ 1215.691484][T14846] team0: Port device team_slave_1 added
[ 1215.911963][T14846] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1216.113853][T14846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1216.140407][T14846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1216.174944][T14846] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1216.680554][T14846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1216.916924][T14846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1217.194597][   T55] Bluetooth: hci5: command tx timeout
[ 1218.221367][T14846] hsr_slave_0: entered promiscuous mode
[ 1218.238549][T14846] hsr_slave_1: entered promiscuous mode
[ 1218.299247][T14846] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1218.954801][T14846] Cannot create hsr debugfs directory
[ 1219.039216][T10539] bridge_slave_1: left allmulticast mode
[ 1219.048955][T10539] bridge_slave_1: left promiscuous mode
[ 1219.065994][T10539] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1219.116175][T10539] bridge_slave_0: left allmulticast mode
[ 1219.124393][T10539] bridge_slave_0: left promiscuous mode
[ 1219.130219][T10539] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1219.899737][T14942] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1219.911677][T14942] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1221.171022][T14952] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1222.682660][T10539] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1222.769709][T10539] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1222.781858][T10539] bond0 (unregistering): Released all slaves
[ 1223.032826][T14964] 9pnet_fd: Insufficient options for proto=fd
[ 1223.843285][T14975] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2284'.
[ 1223.852411][T14975] netlink: 'syz.4.2284': attribute type 3 has an invalid length.
[ 1223.860328][T14975] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2284'.
[ 1225.488110][   T55] Bluetooth: hci3: unknown advertising packet type: 0x70
[ 1225.780882][T14983] macvtap3: entered allmulticast mode
[ 1225.797643][T14983] veth0_macvtap: entered allmulticast mode
[ 1226.048394][T10539] hsr_slave_0: left promiscuous mode
[ 1226.109819][T10539] hsr_slave_1: left promiscuous mode
[ 1226.145059][T10539] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1226.177665][T10539] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1226.229795][T10539] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1226.253604][T10539] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1226.481112][T15006] 9pnet_fd: Insufficient options for proto=fd
[ 1227.030616][T10539] veth1_macvtap: left promiscuous mode
[ 1227.058488][T10539] veth0_macvtap: left promiscuous mode
[ 1227.087338][T10539] veth1_vlan: left promiscuous mode
[ 1227.253073][T10539] veth0_vlan: left promiscuous mode
[ 1228.775856][T10539] team0 (unregistering): Port device team_slave_1 removed
[ 1228.853588][T10539] team0 (unregistering): Port device team_slave_0 removed
[ 1229.503613][T15002] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1229.759512][T15033] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2294'.
[ 1229.768882][T15033] netlink: 'syz.0.2294': attribute type 3 has an invalid length.
[ 1229.777168][T15033] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2294'.
[ 1230.275186][T15035] macvtap5: entered allmulticast mode
[ 1230.280706][T15035] veth0_macvtap: entered allmulticast mode
[ 1230.313767][T14846] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1230.645981][T14846] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1230.864546][T14846] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1230.952732][T14846] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1231.266330][T15045] netlink: 'syz.0.2298': attribute type 10 has an invalid length.
[ 1231.957438][T14846] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1231.991755][T15069] 9pnet_fd: Insufficient options for proto=fd
[ 1232.709916][T14846] 8021q: adding VLAN 0 to HW filter on device team0
[ 1232.885426][   T77] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1232.892538][   T77] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1233.627753][   T77] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1233.635018][   T77] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1233.907349][T15079] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1234.103199][   T55] Bluetooth: hci3: unknown advertising packet type: 0x70
[ 1234.608322][T15076] tipc: Disabling bearer <eth:syzkaller0>
[ 1234.723691][T15085] macvtap4: entered allmulticast mode
[ 1235.160822][T15093] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2306'.
[ 1235.169958][T15093] netlink: 'syz.4.2306': attribute type 3 has an invalid length.
[ 1235.178098][T15093] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2306'.
[ 1235.948439][T14846] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1236.489064][T15104] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2309'.
[ 1238.206333][T14846] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1238.675097][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.742912][T15137] macvtap2: entered allmulticast mode
[ 1238.748554][T15137] veth0_macvtap: entered allmulticast mode
[ 1238.778170][   T55] Bluetooth: hci4: unknown advertising packet type: 0x70
[ 1239.464299][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.966112][T15151] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[ 1240.028002][T15158] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2320'.
[ 1240.350292][T15155] 9pnet_fd: Insufficient options for proto=fd
[ 1242.059988][T14846] veth0_vlan: entered promiscuous mode
[ 1242.087443][T14846] veth1_vlan: entered promiscuous mode
[ 1242.169403][T14846] veth0_macvtap: entered promiscuous mode
[ 1242.336270][T14846] veth1_macvtap: entered promiscuous mode
[ 1242.356295][T14846] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1242.369687][T14846] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1243.287033][T14846] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1243.360264][T14846] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1243.370347][T14846] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1243.379389][T14846] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1244.508550][   T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1244.570586][   T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1244.696962][T10539] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1244.715452][T10539] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1245.404967][T15231] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1245.414046][T15231] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1246.495706][T15239] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2335'.
[ 1246.504924][T15239] netlink: 'syz.4.2335': attribute type 3 has an invalid length.
[ 1246.514376][T15239] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2335'.
[ 1253.105199][T15284] 9pnet_fd: Insufficient options for proto=fd
[ 1253.916379][T15299] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2348'.
[ 1253.925730][T15299] netlink: 'syz.0.2348': attribute type 3 has an invalid length.
[ 1253.933801][T15299] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2348'.
[ 1254.455593][T15305] 9pnet_fd: Insufficient options for proto=fd
[ 1257.415893][T15323] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[ 1258.375892][T15337] macvtap5: entered allmulticast mode
[ 1258.431001][T14288] Bluetooth: hci3: unknown advertising packet type: 0x70
[ 1258.734783][T15354] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2359'.
[ 1259.042118][T14288] Bluetooth: hci5: command 0x0405 tx timeout
[ 1259.487623][T15369] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2361'.
[ 1259.496822][T15369] netlink: 'syz.0.2361': attribute type 3 has an invalid length.
[ 1259.505017][T15369] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2361'.
[ 1263.796888][T15405] overlayfs: missing 'workdir'
[ 1264.433799][T15408] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2371'.
[ 1264.976539][T15425] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2373'.
[ 1264.985504][T15425] netlink: 'syz.3.2373': attribute type 3 has an invalid length.
[ 1264.993318][T15425] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2373'.
[ 1265.823005][T15429] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1265.834686][T15429] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1266.522541][T15422] 9pnet_fd: Insufficient options for proto=fd
[ 1266.825640][T15436] 9pnet_fd: Insufficient options for proto=fd
[ 1272.302400][T15473] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[ 1273.596956][T15482] macvtap6: entered allmulticast mode
[ 1273.961874][T15488] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1273.961985][T15488] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1274.068607][T15490] 9pnet_fd: Insufficient options for proto=fd
[ 1280.705182][T15543] 9pnet_fd: Insufficient options for proto=fd
[ 1280.892299][T15523] trusted_key: encrypted_key: insufficient parameters specified
[ 1287.293130][T15601] 9pnet_fd: Insufficient options for proto=fd
[ 1290.383892][T15649] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1291.084632][T15654] trusted_key: encrypted_key: insufficient parameters specified
[ 1291.838317][T15666] 9pnet_fd: Insufficient options for proto=fd
[ 1295.556809][T15707] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1296.369717][T15714] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1300.170959][T15761] trusted_key: encrypted_key: insufficient parameters specified
[ 1300.315883][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.322253][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 1301.761185][T15770] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1303.606111][T15786] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1307.587961][T15833] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1308.206996][T15834] trusted_key: encrypted_key: insufficient parameters specified
[ 1309.777499][T15855] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1311.322894][T15876] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1311.904583][T15873] Bluetooth: MGMT ver 1.23
[ 1313.436873][T15905] x_tables: duplicate underflow at hook 1
[ 1315.380141][T15924] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1315.652854][T15928] macvtap7: entered allmulticast mode
[ 1315.868651][T15927] trusted_key: encrypted_key: insufficient parameters specified
[ 1316.256565][T15939] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1317.967268][T15949] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.2488'.
[ 1317.976953][T15949] netlink: zone id is out of range
[ 1317.982150][T15949] netlink: get zone limit has 8 unknown bytes
[ 1319.086508][   T30] audit: type=1800 audit(1745135033.321:899): pid=15960 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.2490" name="SYSV00000000" dev="tmpfs" ino=4 res=0 errno=0
[ 1319.808644][ T5883] libceph: connect (1)[c::]:6789 error -101
[ 1320.026680][T15966] ceph: No mds server is up or the cluster is laggy
[ 1320.069941][ T5883] libceph: mon0 (1)[c::]:6789 connect error
[ 1320.444922][T15982] tipc: Started in network mode
[ 1320.474262][T15982] tipc: Node identity ae18c1df0e3b, cluster identity 4711
[ 1320.503539][T15982] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1320.777500][T15981] tipc: Disabling bearer <eth:syzkaller0>
[ 1321.844612][T14288] Bluetooth: hci5: command 0x0405 tx timeout
[ 1325.455360][   T30] audit: type=1800 audit(1745135040.201:900): pid=16030 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.2503" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0
[ 1326.347493][T16040] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2505'.
[ 1327.189287][T16049] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1327.219752][T16048] tipc: Disabling bearer <eth:syzkaller0>
[ 1327.947625][T16036] trusted_key: encrypted_key: insufficient parameters specified
[ 1328.037275][T16065] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1331.190332][T16089] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[ 1333.817559][ T5835] libceph: connect (1)[c::]:6789 error -101
[ 1334.285078][T16105] ceph: No mds server is up or the cluster is laggy
[ 1334.314643][ T5835] libceph: mon0 (1)[c::]:6789 connect error
[ 1336.457648][T16129] trusted_key: encrypted_key: insufficient parameters specified
[ 1340.779373][T16164] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1340.790690][T16164] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1342.975225][T16188] trusted_key: encrypted_key: insufficient parameters specified
[ 1346.832466][T16224] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1346.843756][T16224] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1348.490042][T16230] trusted_key: encrypted_key: insufficient parameters specified
[ 1349.366632][T16234] netlink: 6 bytes leftover after parsing attributes in process `syz.2.2556'.
[ 1350.430085][T16251] x_tables: duplicate underflow at hook 1
[ 1351.511914][T16263] overlayfs: conflicting lowerdir path
[ 1353.674746][T16279] trusted_key: encrypted_key: insufficient parameters specified
[ 1354.765595][T16293] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2572'.
[ 1355.680529][T16300] trusted_key: encrypted_key: insufficient parameters specified
[ 1355.796097][T16293] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2572'.
[ 1357.753989][T16319] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1358.630658][T16320] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1358.719555][T16320] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1359.111693][T16338] trusted_key: encrypted_key: insufficient parameters specified
[ 1361.673146][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1363.231327][T16372] trusted_key: encrypted_key: insufficient parameters specified
[ 1364.310968][T16388] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1364.322364][T16388] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1364.678049][ T9278] libceph: connect (1)[c::]:6789 error -101
[ 1364.686448][ T9278] libceph: mon0 (1)[c::]:6789 connect error
[ 1365.019212][T16390] ceph: No mds server is up or the cluster is laggy
[ 1365.034044][ T9278] libceph: connect (1)[c::]:6789 error -101
[ 1365.054414][ T9278] libceph: mon0 (1)[c::]:6789 connect error
[ 1365.595710][T16403] trusted_key: encrypted_key: insufficient parameters specified
[ 1366.423347][T14288] Bluetooth: hci4: unknown advertising packet type: 0x70
[ 1366.432693][T16405] overlayfs: statfs failed on './file0'
[ 1366.505788][T16371] macvtap3: entered allmulticast mode
[ 1366.714239][T14288] Bluetooth: hci5: command 0x0405 tx timeout
[ 1368.423159][T16424] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1368.770915][T16424] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1371.494427][T16441] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[ 1374.901950][T16480] trusted_key: encrypted_key: insufficient parameters specified
[ 1375.664283][   T55] Bluetooth: hci5: unknown advertising packet type: 0x70
[ 1375.775482][T16481] macvtap1: entered allmulticast mode
[ 1375.872525][T16481] veth0_macvtap: entered allmulticast mode
[ 1377.256947][ T5835] libceph: connect (1)[c::]:6789 error -101
[ 1377.504471][ T5835] libceph: mon0 (1)[c::]:6789 connect error
[ 1377.559430][T16491] ceph: No mds server is up or the cluster is laggy
[ 1381.405044][T16531] trusted_key: encrypted_key: insufficient parameters specified
[ 1382.321642][T16545] syz.3.2639 (16545): drop_caches: 0
[ 1389.309769][T16595] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2651'.
[ 1393.823249][T16605] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1393.834973][T16605] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1399.519494][T16649] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1399.531293][T16649] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1400.477615][T16656] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2670'.
[ 1401.214031][T16545] syz.3.2639 (16545): drop_caches: 3
[ 1401.640123][T14288] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1401.676001][T14288] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1401.694058][T14288] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1401.719767][T14288] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1401.740962][T14288] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1402.221141][T16669] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2673'.
[ 1405.464215][T14288] Bluetooth: hci2: command tx timeout
[ 1407.515976][T14288] Bluetooth: hci2: command tx timeout
[ 1408.371930][T16708] ieee802154 phy0 wpan0: encryption failed: -22
[ 1409.594251][T14288] Bluetooth: hci2: command tx timeout
[ 1411.004071][T16662] chnl_net:caif_netlink_parms(): no params data found
[ 1411.899295][T14288] Bluetooth: hci2: command tx timeout
[ 1414.806334][T16740] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1414.818367][T16740] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1415.762333][T16662] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1415.805706][T16662] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1415.843972][T16662] bridge_slave_0: entered allmulticast mode
[ 1415.888587][T16662] bridge_slave_0: entered promiscuous mode
[ 1416.535221][T16662] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1416.542992][T16662] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1416.584543][T16662] bridge_slave_1: entered allmulticast mode
[ 1416.592523][T16662] bridge_slave_1: entered promiscuous mode
[ 1417.853326][T16662] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1417.933274][T16662] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1418.229108][   T12] bridge_slave_1: left allmulticast mode
[ 1418.280503][T16770] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2700'.
[ 1418.989351][   T12] bridge_slave_1: left promiscuous mode
[ 1418.995727][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1419.087780][   T12] bridge_slave_0: left allmulticast mode
[ 1419.181090][   T12] bridge_slave_0: left promiscuous mode
[ 1419.266399][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1422.993538][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.636707][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1423.648748][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1423.659368][   T12] bond0 (unregistering): Released all slaves
[ 1423.681565][T16662] team0: Port device team_slave_0 added
[ 1423.871496][T16662] team0: Port device team_slave_1 added
[ 1425.375134][T16662] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1425.414223][T16662] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1425.440146][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1425.457169][T16662] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1425.716560][T16662] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1425.732944][T16662] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1425.767110][T16662] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1426.404829][ T5910] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1426.604165][ T5910] usb 5-1: Using ep0 maxpacket: 32
[ 1426.671832][ T5910] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[ 1426.704594][ T5910] usb 5-1: config 0 has no interface number 0
[ 1426.737791][ T5910] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1426.756517][   T12] hsr_slave_0: left promiscuous mode
[ 1426.762161][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1426.792792][ T5910] usb 5-1: Product: syz
[ 1426.794300][   T12] hsr_slave_1: left promiscuous mode
[ 1426.807977][ T5910] usb 5-1: Manufacturer: syz
[ 1426.812614][ T5910] usb 5-1: SerialNumber: syz
[ 1426.839880][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1426.888892][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1426.897242][ T5910] usb 5-1: config 0 descriptor??
[ 1426.958111][ T5910] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1426.989380][   T12] veth0_macvtap: left allmulticast mode
[ 1427.204777][ T5910] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1428.308722][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1428.317674][ T5910] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1428.337570][ T5910] usb 5-1: USB disconnect, device number 20
[ 1428.350342][ T5910] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1428.771089][ T5910] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1428.785643][ T5910] quatech2 5-1:0.51: device disconnected
[ 1432.864188][T16879] libceph: resolve '.
[ 1432.864188][T16879] #)|.زf͹Ç�²a×ïÅ2sˆoÖw¿úÕ?£'Ê%Ð�KAq‰f»�CÖê¨Âz¿e­Sb3L)Hyúo¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM�¤¨ìó¤h‡E$
[ 1432.864188][T16879] ' (ret=-3): failed
[ 1434.334236][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1436.133439][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1436.774334][ T9278] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[ 1436.954398][ T9278] usb 1-1: Using ep0 maxpacket: 8
[ 1436.996003][ T9278] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1437.039210][ T9278] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1437.082843][ T9278] usb 1-1: Product: syz
[ 1437.105374][ T9278] usb 1-1: Manufacturer: syz
[ 1437.129556][ T9278] usb 1-1: SerialNumber: syz
[ 1437.234320][ T9278] usb 1-1: config 0 descriptor??
[ 1437.576392][ T9278] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1441.755200][ T9278] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1441.804523][ T9278] usb 1-1: USB disconnect, device number 13
[ 1441.900989][T16925] libceph: resolve '.
[ 1441.900989][T16925] #)|.زf͹Ç�²a×ïÅ2sˆoÖw¿úÕ?£'Ê%Ð�KAq‰f»�CÖê¨Âz¿e­Sb3L)Hyúo¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM�¤¨ìó¤h‡E$
[ 1441.900989][T16925] ' (ret=-3): failed
[ 1445.509238][T14288] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1445.597232][T14288] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1445.691507][T14288] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1445.968752][T14288] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1445.976905][T14288] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1446.289954][T16662] hsr_slave_0: entered promiscuous mode
[ 1446.314893][T16662] hsr_slave_1: entered promiscuous mode
[ 1448.074245][T14288] Bluetooth: hci4: command tx timeout
[ 1448.254857][T16856] bond0: (slave syz_tun): Releasing backup interface
[ 1449.529927][T16976] libceph: resolve '.
[ 1449.529927][T16976] #)|.زf͹Ç�²a×ïÅ2sˆoÖw¿úÕ?£'Ê%Ð�KAq‰f»�CÖê¨Âz¿e­Sb3L)Hyúo¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM�¤¨ìó¤h‡E$
[ 1449.529927][T16976] ' (ret=-3): failed
[ 1450.161477][T14288] Bluetooth: hci4: command tx timeout
[ 1451.951889][T17007] ieee802154 phy0 wpan0: encryption failed: -22
[ 1452.331788][T14288] Bluetooth: hci4: command tx timeout
[ 1453.654392][T16662] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1453.729491][T16662] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1453.984770][T16662] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1454.711263][   T55] Bluetooth: hci4: command tx timeout
[ 1454.788070][T16662] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1455.048663][T16948] chnl_net:caif_netlink_parms(): no params data found
[ 1455.888838][T17035] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2761'.
[ 1455.960460][T17037] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2761'.
[ 1456.804531][   T55] Bluetooth: hci4: command 0x0405 tx timeout
[ 1457.616356][T17046] 9pnet_fd: Insufficient options for proto=fd
[ 1458.624219][ T5884] libceph: connect (1)[c::]:6789 error -101
[ 1458.672924][ T5884] libceph: mon0 (1)[c::]:6789 connect error
[ 1459.119474][ T9278] libceph: connect (1)[c::]:6789 error -101
[ 1459.125689][T17052] ceph: No mds server is up or the cluster is laggy
[ 1459.126124][ T9278] libceph: mon0 (1)[c::]:6789 connect error
[ 1459.314131][T14288] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1459.323138][T14288] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1459.341287][T14288] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1459.358211][T14288] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1459.439045][T14288] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1461.060242][T17067] 9pnet_fd: Insufficient options for proto=fd
[ 1461.594419][T14288] Bluetooth: hci0: command tx timeout
[ 1462.090346][T16948] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1462.098578][T16948] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1462.106307][T16948] bridge_slave_0: entered allmulticast mode
[ 1462.114927][T16948] bridge_slave_0: entered promiscuous mode
[ 1462.126617][T16948] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1462.140430][T16948] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1462.148364][T16948] bridge_slave_1: entered allmulticast mode
[ 1462.156836][T16948] bridge_slave_1: entered promiscuous mode
[ 1462.332594][T16948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1463.104185][T17086] Bluetooth: MGMT ver 1.23
[ 1464.070010][T17096] 9pnet_fd: Insufficient options for proto=fd
[ 1464.078475][   T55] Bluetooth: hci0: command tx timeout
[ 1464.311841][T16948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1464.785154][   T12] bridge_slave_1: left allmulticast mode
[ 1464.824342][   T12] bridge_slave_1: left promiscuous mode
[ 1464.842242][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1464.881778][   T12] bridge_slave_0: left allmulticast mode
[ 1464.907881][   T12] bridge_slave_0: left promiscuous mode
[ 1464.921107][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1465.194277][T14288] Bluetooth: hci0: Opcode 0x1407 failed: -110
[ 1465.259419][T17118] 9pnet_fd: Insufficient options for proto=fd
[ 1465.934790][T17125] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2779'.
[ 1466.028677][T17128] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2779'.
[ 1466.158428][T14288] Bluetooth: hci0: command 0x040f tx timeout
[ 1466.227959][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1466.238143][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1466.248565][   T12] bond0 (unregistering): Released all slaves
[ 1466.329724][T16948] team0: Port device team_slave_0 added
[ 1466.351244][T16948] team0: Port device team_slave_1 added
[ 1468.240983][T14288] Bluetooth: hci0: command 0x040f tx timeout
[ 1468.517747][T14288] Bluetooth: hci1: unknown advertising packet type: 0x70
[ 1469.596059][T17138] macvtap2: entered allmulticast mode
[ 1469.601674][T17138] veth0_macvtap: entered allmulticast mode
[ 1470.133715][T17149] 9pnet_fd: Insufficient options for proto=fd
[ 1470.314248][T14288] Bluetooth: hci0: command 0x040f tx timeout
[ 1470.460735][T16948] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1470.470305][T16948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1470.705125][T16948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1471.030063][T17159] 9pnet_fd: Insufficient options for proto=fd
[ 1471.112633][T16948] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1471.210931][T16948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1471.403053][T16948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1471.752700][T16948] hsr_slave_0: entered promiscuous mode
[ 1471.767543][T16948] hsr_slave_1: entered promiscuous mode
[ 1471.773928][T16948] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1471.794740][T16948] Cannot create hsr debugfs directory
[ 1472.010419][T17171] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2792'.
[ 1472.994855][T17177] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2792'.
[ 1473.973214][   T12] hsr_slave_0: left promiscuous mode
[ 1474.016911][   T12] hsr_slave_1: left promiscuous mode
[ 1474.034723][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1474.057607][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1474.085693][   T12] veth0_macvtap: left allmulticast mode
[ 1474.637249][T14288] Bluetooth: hci5: unknown advertising packet type: 0x70
[ 1475.246477][T17198] ieee802154 phy0 wpan0: encryption failed: -22
[ 1476.583455][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1476.631191][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1477.053659][T17193] macvtap2: entered allmulticast mode
[ 1477.739766][T17206] 9pnet_fd: Insufficient options for proto=fd
[ 1479.504540][T17227] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2802'.
[ 1479.579316][T17229] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2802'.
[ 1483.013139][T14288] Bluetooth: hci5: unknown advertising packet type: 0x70
[ 1483.026188][T17247] macvtap3: entered allmulticast mode
[ 1484.157114][T17055] chnl_net:caif_netlink_parms(): no params data found
[ 1484.421624][T17258] 9pnet_fd: Insufficient options for proto=fd
[ 1484.433540][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1486.884950][T17055] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1486.918274][T17055] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1486.936591][T17055] bridge_slave_0: entered allmulticast mode
[ 1486.977859][T17055] bridge_slave_0: entered promiscuous mode
[ 1487.071701][T17055] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1487.105958][T17055] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1487.113276][T17055] bridge_slave_1: entered allmulticast mode
[ 1487.126729][T17055] bridge_slave_1: entered promiscuous mode
[ 1487.199441][T16948] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1487.293883][T16948] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1487.319476][T16948] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1487.550697][T16948] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1487.860853][T17055] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1488.153089][T17055] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1488.234354][T17021] Bluetooth: hci0: command 0x040f tx timeout
[ 1488.240569][T14288] Bluetooth: hci0: Opcode 0x1407 failed: -110
[ 1488.795985][T17302] 9pnet_fd: Insufficient options for proto=fd
[ 1488.841728][T16920] Bluetooth: (null): Invalid header checksum
[ 1488.900722][T16920] Bluetooth: (null): Invalid header checksum
[ 1488.936821][  T991] Bluetooth: (null): Invalid header checksum
[ 1489.213439][T17055] team0: Port device team_slave_0 added
[ 1489.267144][T17055] team0: Port device team_slave_1 added
[ 1489.706507][T17055] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1489.713977][T17055] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1489.741223][T17055] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1489.787056][T17055] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1489.794056][T17055] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1489.999789][T17055] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1491.253505][T17055] hsr_slave_0: entered promiscuous mode
[ 1491.294587][T17055] hsr_slave_1: entered promiscuous mode
[ 1491.409265][T17055] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1491.416932][T17055] Cannot create hsr debugfs directory
[ 1492.314371][T17097] Bluetooth: hci0: command 0x040f tx timeout
[ 1492.317503][T14288] Bluetooth: hci0: Opcode 0x1407 failed: -110
[ 1492.576658][T14288] Bluetooth: hci1: unknown advertising packet type: 0x70
[ 1493.084272][ T5835] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[ 1493.634194][ T5835] usb 7-1: device descriptor read/64, error -71
[ 1493.752261][   T12] bridge_slave_1: left allmulticast mode
[ 1493.830170][   T12] bridge_slave_1: left promiscuous mode
[ 1493.837052][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1493.858502][   T12] bridge_slave_0: left allmulticast mode
[ 1493.864269][   T12] bridge_slave_0: left promiscuous mode
[ 1493.870090][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1493.994426][ T5835] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[ 1494.002563][ T4515] Bluetooth: (null): Invalid header checksum
[ 1494.031633][ T4515] Bluetooth: (null): Invalid header checksum
[ 1494.091343][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1494.104036][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1494.107872][ T4515] Bluetooth: (null): Invalid header checksum
[ 1494.129873][   T12] bond0 (unregistering): Released all slaves
[ 1494.144271][ T5835] usb 7-1: device descriptor read/64, error -71
[ 1494.163600][T16948] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1494.215910][ T4515] Bluetooth: (null): Invalid header checksum
[ 1494.270163][ T5835] usb usb7-port1: attempt power cycle
[ 1494.280650][   T12] hsr_slave_0: left promiscuous mode
[ 1494.307443][   T12] hsr_slave_1: left promiscuous mode
[ 1494.320004][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1494.329898][T16920] Bluetooth: (null): Invalid header checksum
[ 1494.342083][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1494.440693][ T6423] Bluetooth: (null): Invalid header checksum
[ 1495.181160][ T5835] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[ 1495.204597][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1495.222472][ T5835] usb 7-1: device descriptor read/8, error -71
[ 1495.331423][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1495.464409][ T5835] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[ 1495.552606][ T5835] usb 7-1: device descriptor read/8, error -71
[ 1495.715578][ T5835] usb usb7-port1: unable to enumerate USB device
[ 1496.404498][T17373] 9pnet_fd: Insufficient options for proto=fd
[ 1498.468780][T14288] Bluetooth: hci3: unknown advertising packet type: 0x70
[ 1499.407824][ T6423] Bluetooth: (null): Invalid header checksum
[ 1499.426188][ T6423] Bluetooth: (null): Invalid header checksum
[ 1499.517506][   T36] Bluetooth: (null): Invalid header checksum
[ 1499.630742][ T6423] Bluetooth: (null): Invalid header checksum
[ 1499.734754][   T36] Bluetooth: (null): Invalid header checksum
[ 1500.854332][T17079] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1501.014416][T17079] usb 7-1: Using ep0 maxpacket: 32
[ 1501.026300][T17079] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[ 1501.043176][T17079] usb 7-1: config 0 has no interface number 0
[ 1501.051886][T17079] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1501.061244][T17079] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1501.069336][T17079] usb 7-1: Product: syz
[ 1501.073617][T17079] usb 7-1: Manufacturer: syz
[ 1501.078870][T17079] usb 7-1: SerialNumber: syz
[ 1501.093689][T17079] usb 7-1: config 0 descriptor??
[ 1501.106735][T17079] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1501.302503][T17392] macvtap6: entered allmulticast mode
[ 1501.317140][T16948] 8021q: adding VLAN 0 to HW filter on device team0
[ 1501.348974][T17079] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1501.366408][T10539] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1501.373589][T10539] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1501.385366][T17079] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1501.472628][T10539] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1501.479909][T10539] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1501.747584][    C1] usb 7-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1501.757517][ T5835] usb 7-1: USB disconnect, device number 6
[ 1501.813751][ T5835] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1501.850305][ T5835] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1501.905262][ T5835] quatech2 7-1:0.51: device disconnected
[ 1501.990858][T17055] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1503.037828][T17055] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1503.392474][T17424] 9pnet_fd: Insufficient options for proto=fd
[ 1503.614872][T17055] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1504.101441][T17055] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1504.685239][T10539] Bluetooth: (null): Invalid header checksum
[ 1504.811038][T10539] Bluetooth: (null): Invalid header checksum
[ 1504.819331][T10539] Bluetooth: (null): Invalid header checksum
[ 1504.847832][   T53] Bluetooth: (null): Invalid header checksum
[ 1504.955132][   T53] Bluetooth: (null): Invalid header checksum
[ 1504.997254][T17097] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1505.008687][T17097] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1505.018840][T17097] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1505.039019][T17097] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1505.155872][T17097] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1505.210472][T17055] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1505.487447][T17055] 8021q: adding VLAN 0 to HW filter on device team0
[ 1505.508800][ T6423] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1505.515997][ T6423] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1506.259108][ T6423] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1506.266399][ T6423] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1506.556353][T14288] Bluetooth: hci1: unknown advertising packet type: 0x70
[ 1506.631768][T17459] macvtap3: entered allmulticast mode
[ 1506.887659][T17469] macvtap3: left allmulticast mode
[ 1506.904462][T17469] macvtap4: left allmulticast mode
[ 1506.928677][T17469] macvtap5: left allmulticast mode
[ 1507.194217][T14288] Bluetooth: hci2: command tx timeout
[ 1507.364755][T17469] veth0_macvtap: left allmulticast mode
[ 1507.376880][T17469] macvtap6: left allmulticast mode
[ 1507.526042][ T9812] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[ 1507.799481][ T9812] usb 1-1: Using ep0 maxpacket: 32
[ 1507.826210][ T9812] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[ 1507.834782][ T9812] usb 1-1: config 0 has no interface number 0
[ 1507.846917][ T9812] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1507.856306][ T9812] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1507.868463][ T9812] usb 1-1: Product: syz
[ 1507.872676][ T9812] usb 1-1: Manufacturer: syz
[ 1507.882293][ T9812] usb 1-1: SerialNumber: syz
[ 1508.094961][ T9812] usb 1-1: config 0 descriptor??
[ 1508.115278][ T9812] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1508.588073][ T9812] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1508.769953][ T9812] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1508.883824][    C0] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1508.897419][ T9812] usb 1-1: USB disconnect, device number 14
[ 1508.908292][ T9812] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1508.930071][ T9812] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1508.942858][ T9812] quatech2 1-1:0.51: device disconnected
[ 1509.284988][T14288] Bluetooth: hci2: command tx timeout
[ 1509.882348][ T6423] Bluetooth: (null): Invalid header checksum
[ 1509.895288][ T6423] Bluetooth: (null): Invalid header checksum
[ 1509.908454][ T6423] Bluetooth: (null): Invalid header checksum
[ 1509.998502][T17306] Bluetooth: (null): Invalid header checksum
[ 1510.870165][T17448] chnl_net:caif_netlink_parms(): no params data found
[ 1510.929696][T17055] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1511.353869][T14288] Bluetooth: hci5: unknown advertising packet type: 0x70
[ 1511.356016][T14288] Bluetooth: hci2: command tx timeout
[ 1511.499876][T17524] macvtap4: entered allmulticast mode
[ 1513.434219][T17097] Bluetooth: hci2: command tx timeout
[ 1513.471387][T17448] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1513.489037][T17448] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1513.499134][T17448] bridge_slave_0: entered allmulticast mode
[ 1513.508624][T17448] bridge_slave_0: entered promiscuous mode
[ 1513.635265][T17551] syz_tun: left promiscuous mode
[ 1514.074488][T17551] veth1_vlan: left allmulticast mode
[ 1514.089331][T17551] macvlan0: left promiscuous mode
[ 1514.110223][T17551] macvlan0: left allmulticast mode
[ 1514.318305][T17551] macvtap2: left allmulticast mode
[ 1514.332742][T17551] veth0_macvtap: left allmulticast mode
[ 1514.338586][T17551] macvtap3: left allmulticast mode
[ 1514.419436][T17566] trusted_key: encrypted_key: insufficient parameters specified
[ 1515.163253][T17448] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1515.203728][T17448] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1515.213050][T17448] bridge_slave_1: entered allmulticast mode
[ 1515.221215][T17448] bridge_slave_1: entered promiscuous mode
[ 1515.563726][   T53] bridge_slave_1: left allmulticast mode
[ 1515.740287][   T53] bridge_slave_1: left promiscuous mode
[ 1515.881130][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1516.375524][   T53] bridge_slave_0: left allmulticast mode
[ 1516.381265][   T53] bridge_slave_0: left promiscuous mode
[ 1516.424417][   T53] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1517.150750][  T991] Bluetooth: (null): Invalid header checksum
[ 1517.167480][  T991] Bluetooth: (null): Invalid header checksum
[ 1517.194713][T14288] Bluetooth: hci5: command 0x0405 tx timeout
[ 1519.432484][T17606] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2875'.
[ 1520.540555][T14288] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1520.550581][T14288] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1520.561396][T14288] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1520.587205][T14288] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1520.611456][T14288] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1520.746007][T17614] trusted_key: encrypted_key: insufficient parameters specified
[ 1520.882317][   T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1521.005705][   T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1521.061518][   T53] bond0 (unregistering): Released all slaves
[ 1521.271920][T17448] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1521.297635][T17448] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1522.205384][   T53] hsr_slave_0: left promiscuous mode
[ 1522.232287][   T53] hsr_slave_1: left promiscuous mode
[ 1522.233167][   T53] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1522.233955][   T53] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1522.464902][ T5964] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[ 1522.816890][ T5964] usb 5-1: Using ep0 maxpacket: 32
[ 1522.826343][ T5964] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[ 1523.140331][ T5964] usb 5-1: config 0 has no interface number 0
[ 1523.167171][ T5964] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1523.177996][ T5964] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1523.190518][ T5964] usb 5-1: Product: syz
[ 1523.195105][ T5964] usb 5-1: Manufacturer: syz
[ 1523.210842][ T5964] usb 5-1: SerialNumber: syz
[ 1523.222249][ T5964] usb 5-1: config 0 descriptor??
[ 1523.242780][ T5964] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1523.350857][   T53] team0 (unregistering): Port device team_slave_1 removed
[ 1523.434991][T17097] Bluetooth: hci4: command tx timeout
[ 1523.507511][ T5964] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1523.528851][ T5964] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1523.653782][   T53] team0 (unregistering): Port device team_slave_0 removed
[ 1523.846059][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1523.846498][T17079] usb 5-1: USB disconnect, device number 21
[ 1523.882836][T17079] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1523.913671][T17079] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1523.951269][T17079] quatech2 5-1:0.51: device disconnected
[ 1524.299872][T17448] team0: Port device team_slave_0 added
[ 1524.358577][T17448] team0: Port device team_slave_1 added
[ 1524.538149][T17448] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1524.763954][T17448] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1525.472717][T17448] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1525.514259][T17097] Bluetooth: hci4: command tx timeout
[ 1525.524845][T17643] trusted_key: encrypted_key: insufficient parameters specified
[ 1525.843902][T17448] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1525.864879][T17448] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1525.978799][T17448] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1526.991680][T17653] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2887'.
[ 1528.094996][T17097] Bluetooth: hci4: command tx timeout
[ 1529.341857][T17448] hsr_slave_0: entered promiscuous mode
[ 1529.374437][T17448] hsr_slave_1: entered promiscuous mode
[ 1529.955039][T17611] chnl_net:caif_netlink_parms(): no params data found
[ 1530.154186][T17097] Bluetooth: hci4: command tx timeout
[ 1530.693883][T17697] trusted_key: encrypted_key: insufficient parameters specified
[ 1532.606667][T17611] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1532.670283][T17611] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1532.753082][T17611] bridge_slave_0: entered allmulticast mode
[ 1532.873624][T17611] bridge_slave_0: entered promiscuous mode
[ 1533.224371][T17611] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1533.282401][T17611] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1533.290624][T17611] bridge_slave_1: entered allmulticast mode
[ 1533.308695][T17611] bridge_slave_1: entered promiscuous mode
[ 1533.803920][T17611] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1533.837599][T17737] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2901'.
[ 1534.132481][T17611] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1536.018627][T17611] team0: Port device team_slave_0 added
[ 1536.219798][T17611] team0: Port device team_slave_1 added
[ 1536.584761][T17611] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1537.236206][T17611] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1537.262190][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1537.270146][T17611] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1537.281932][   T53] bridge_slave_1: left allmulticast mode
[ 1537.288921][   T53] bridge_slave_1: left promiscuous mode
[ 1537.295067][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1537.374891][   T53] bridge_slave_0: left allmulticast mode
[ 1537.411217][   T53] bridge_slave_0: left promiscuous mode
[ 1537.442536][   T53] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1537.789500][T10539] Bluetooth: (null): Invalid header checksum
[ 1537.802541][T10539] Bluetooth: (null): Invalid header checksum
[ 1537.898773][   T36] Bluetooth: (null): Invalid header checksum
[ 1538.009893][   T36] Bluetooth: (null): Invalid header checksum
[ 1538.120318][   T36] Bluetooth: (null): Invalid header checksum
[ 1538.227434][   T36] Bluetooth: (null): Invalid header checksum
[ 1538.317837][   T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1538.335543][   T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1538.345234][ T4515] Bluetooth: (null): Invalid header checksum
[ 1538.373568][   T53] bond0 (unregistering): Released all slaves
[ 1538.420723][T17611] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1538.438454][T17611] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1538.467572][T17611] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1539.409150][   T53] hsr_slave_0: left promiscuous mode
[ 1539.510067][   T53] hsr_slave_1: left promiscuous mode
[ 1539.582486][   T53] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1539.707642][   T53] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1541.634345][T17791] trusted_key: encrypted_key: insufficient parameters specified
[ 1542.351563][   T53] team0 (unregistering): Port device team_slave_1 removed
[ 1542.510109][   T53] team0 (unregistering): Port device team_slave_0 removed
[ 1543.093000][T17304] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[ 1543.807336][T17304] usb 1-1: Using ep0 maxpacket: 32
[ 1543.818930][T17304] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[ 1543.841965][T17304] usb 1-1: config 0 has no interface number 0
[ 1543.881559][T17304] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1543.891673][T17304] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1543.919223][T17304] usb 1-1: Product: syz
[ 1543.923448][T17304] usb 1-1: Manufacturer: syz
[ 1543.941946][T17304] usb 1-1: SerialNumber: syz
[ 1543.964651][T17304] usb 1-1: config 0 descriptor??
[ 1543.983718][T17304] smsc95xx v2.0.0
[ 1544.367678][T17611] hsr_slave_0: entered promiscuous mode
[ 1544.377570][T17611] hsr_slave_1: entered promiscuous mode
[ 1544.384558][T17611] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1544.392185][T17611] Cannot create hsr debugfs directory
[ 1545.134286][T17304] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[ 1545.179848][T17448] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1545.228452][T17448] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1545.569657][T17304] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1545.742994][T17304] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[ 1545.840672][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.107889][T17304] usb 1-1: USB disconnect, device number 15
[ 1546.258965][T17822] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2922'.
[ 1546.357230][T17448] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1546.632434][T17448] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1549.073423][T17856] trusted_key: encrypted_key: insufficient parameters specified
[ 1549.830259][T17448] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1550.099478][T17448] 8021q: adding VLAN 0 to HW filter on device team0
[ 1550.664706][T10539] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1550.671975][T10539] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1551.009199][T17306] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1551.016423][T17306] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1551.387985][T17611] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1551.430390][T17611] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1552.502676][T17611] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1552.641646][T17881] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2933'.
[ 1553.374607][T17611] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1553.903665][T17892] 9pnet_fd: Insufficient options for proto=fd
[ 1555.593571][T17611] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1555.653564][T17611] 8021q: adding VLAN 0 to HW filter on device team0
[ 1555.741650][T17448] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1555.784633][T17611] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1555.844890][T17611] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1555.913770][T10539] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1555.921066][T10539] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1556.906149][T10539] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1556.913351][T10539] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1557.210042][T17922] overlayfs: failed to resolve './file0': -2
[ 1557.645888][T17611] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1559.363669][T17953] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2944'.
[ 1559.908523][T17448] veth0_vlan: entered promiscuous mode
[ 1559.969220][T17448] veth1_vlan: entered promiscuous mode
[ 1560.109085][T17961] trusted_key: encrypted_key: insufficient parameters specified
[ 1560.372019][T17448] veth0_macvtap: entered promiscuous mode
[ 1560.418079][T17448] veth1_macvtap: entered promiscuous mode
[ 1560.507686][T17448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1560.519422][T17448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.537417][T17448] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1560.580076][T17611] veth0_vlan: entered promiscuous mode
[ 1560.607410][T17448] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1560.633811][T17448] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1560.670762][T17448] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1560.711714][T17448] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1560.742703][T17448] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1560.772114][T17448] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1560.807748][T17448] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1560.837219][T17611] veth1_vlan: entered promiscuous mode
[ 1561.249099][T17611] veth0_macvtap: entered promiscuous mode
[ 1561.262363][T10539] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1561.280249][T17611] veth1_macvtap: entered promiscuous mode
[ 1561.288396][T10539] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1561.447824][T17611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1562.161002][T17611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1562.194163][T17611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1562.214477][T17611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1562.230042][T17611] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1562.302245][T17611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1562.333429][T17611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1562.360545][T17611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1562.384157][T17611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1562.410256][T17611] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1562.434909][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1562.447524][T17611] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1562.464924][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1562.484141][T17611] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1562.515353][T17611] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1562.544178][T17611] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1562.951686][T10539] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1562.982083][T10539] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1563.089019][T10539] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1563.139703][T10539] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1565.326235][T18035] overlayfs: failed to resolve './file0': -2
[ 1568.531656][T14288] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1568.541107][T14288] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1568.568094][T14288] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1568.596043][T14288] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1568.603907][T14288] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1570.634407][T14288] Bluetooth: hci0: command tx timeout
[ 1572.717137][T14288] Bluetooth: hci0: command tx timeout
[ 1573.119831][T18063] chnl_net:caif_netlink_parms(): no params data found
[ 1573.538069][T18122] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1573.578595][T18122] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1573.798485][T17079] IPVS: starting estimator thread 0...
[ 1574.015039][T18126] IPVS: using max 28 ests per chain, 67200 per kthread
[ 1574.103489][T17079] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1574.420189][T17079] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1574.452878][T17079] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1574.507899][T17079] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 2
[ 1574.810922][T14288] Bluetooth: hci0: command tx timeout
[ 1575.225790][T17079] usb 7-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1575.256573][T17079] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1575.268765][T17079] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1575.304596][T17079] usb 7-1: Product: syz
[ 1575.309286][T17079] usb 7-1: Manufacturer: syz
[ 1575.347176][T18063] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1575.378885][T17079] usb 7-1: SerialNumber: syz
[ 1575.403454][T18063] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1575.421580][T18063] bridge_slave_0: entered allmulticast mode
[ 1575.451449][T18063] bridge_slave_0: entered promiscuous mode
[ 1575.756396][T18124] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1575.780069][T18063] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1575.818179][T18063] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1575.839860][T18063] bridge_slave_1: entered allmulticast mode
[ 1575.848576][T18063] bridge_slave_1: entered promiscuous mode
[ 1576.041869][T18063] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1576.108811][T18063] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1576.280762][   T36] bridge_slave_1: left allmulticast mode
[ 1576.287479][   T36] bridge_slave_1: left promiscuous mode
[ 1576.293532][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1576.310433][   T36] bridge_slave_0: left allmulticast mode
[ 1576.317241][   T36] bridge_slave_0: left promiscuous mode
[ 1576.323146][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1576.433009][T18124] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1576.874315][T14288] Bluetooth: hci0: command tx timeout
[ 1577.863975][T17079] cdc_mbim 7-1:1.0: bind() failure
[ 1578.387578][T17079] cdc_ncm 7-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1578.512579][T17079] cdc_mbim 7-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1578.904278][T17079] usbtest 7-1:1.1: probe with driver usbtest failed with error -71
[ 1578.937918][T17079] usb 7-1: USB disconnect, device number 7
[ 1581.077109][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1581.095561][T18180] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns
[ 1581.115069][T18180] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1581.115821][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1581.173248][   T36] bond0 (unregistering): Released all slaves
[ 1581.222112][T18063] team0: Port device team_slave_0 added
[ 1581.833930][T18063] team0: Port device team_slave_1 added
[ 1581.858399][   T36] tipc: Left network mode
[ 1584.046427][T18063] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1584.053544][T18063] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1584.105062][T18063] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1584.120783][T18063] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1584.129657][T18063] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1584.156950][T18063] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1585.395600][T18063] hsr_slave_0: entered promiscuous mode
[ 1585.402310][T18063] hsr_slave_1: entered promiscuous mode
[ 1585.633183][T18063] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1585.656658][T18063] Cannot create hsr debugfs directory
[ 1588.431107][   T36] hsr_slave_0: left promiscuous mode
[ 1588.465641][   T36] hsr_slave_1: left promiscuous mode
[ 1588.534815][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1588.605281][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1590.297275][T18267] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1590.369244][T18267] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1592.763240][T18284] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1593.079966][   T36] team0 (unregistering): Port device team_slave_1 removed
[ 1593.661175][   T36] team0 (unregistering): Port device team_slave_0 removed
[ 1599.877533][T18320] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1599.888736][T18320] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1604.804811][T18063] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1604.845975][T18063] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1604.866067][T18063] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1605.099740][T18063] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1605.932427][T18063] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1605.998491][T18063] 8021q: adding VLAN 0 to HW filter on device team0
[ 1606.123264][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1606.130558][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1606.435353][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1606.442616][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1607.060506][T18395] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1607.072632][T18395] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1607.297399][T18397] netlink: 80 bytes leftover after parsing attributes in process `syz.7.3045'.
[ 1607.342953][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.376856][T18398] netlink: 80 bytes leftover after parsing attributes in process `syz.7.3045'.
[ 1607.943453][T17097] Bluetooth: hci2: unknown advertising packet type: 0x70
[ 1609.767350][ T5884] IPVS: starting estimator thread 0...
[ 1609.884174][T18421] IPVS: using max 25 ests per chain, 60000 per kthread
[ 1611.934825][T18443] ieee802154 phy0 wpan0: encryption failed: -22
[ 1612.590798][T18063] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1614.815313][T18460] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1614.826420][T18460] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1615.542836][T14288] Bluetooth: hci5: unknown advertising packet type: 0x70
[ 1616.513779][T18063] veth0_vlan: entered promiscuous mode
[ 1616.605541][T18063] veth1_vlan: entered promiscuous mode
[ 1617.542119][T18063] veth0_macvtap: entered promiscuous mode
[ 1617.662090][T18063] veth1_macvtap: entered promiscuous mode
[ 1618.360725][T18063] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1618.384206][T18063] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1618.395808][T18063] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1618.406755][T18063] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1618.417036][T18063] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1618.428838][T18063] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1618.476195][T18063] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1618.525992][T18063] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1619.236211][T18063] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1619.247910][T18063] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1619.258784][T18063] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1619.268942][T18063] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1619.279768][T18063] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1619.291585][T18063] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1619.306613][T18063] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1619.315487][T18063] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1619.541903][T18063] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1619.557043][T18063] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1619.958310][T11481] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1619.988422][T11481] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1620.069439][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1620.097318][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1622.524400][T18532] trusted_key: encrypted_key: insufficient parameters specified
[ 1624.361311][T17097] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1624.371893][T17097] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1624.381355][T17097] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1624.400692][T17097] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1624.420137][T17097] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1624.623903][ T5831] bond0: (slave syz_tun): Releasing backup interface
[ 1627.470049][ T5883] IPVS: starting estimator thread 0...
[ 1627.732970][T17097] Bluetooth: hci3: command tx timeout
[ 1627.874176][T18588] IPVS: using max 28 ests per chain, 67200 per kthread
[ 1629.756365][T14288] Bluetooth: hci3: command tx timeout
[ 1629.835230][T14288] Bluetooth: hci2: command 0x0406 tx timeout
[ 1630.415168][T18563] chnl_net:caif_netlink_parms(): no params data found
[ 1631.844293][T17097] Bluetooth: hci3: command tx timeout
[ 1633.844371][T18642] 9pnet: Could not find request transport: fd0xffffffffffffffff
[ 1633.914327][T17097] Bluetooth: hci3: command tx timeout
[ 1634.135539][T18644] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[ 1634.475200][T18563] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1634.484737][T18563] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1634.492056][T18563] bridge_slave_0: entered allmulticast mode
[ 1634.553858][T18563] bridge_slave_0: entered promiscuous mode
[ 1634.725162][T18563] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1634.732423][T18563] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1634.740295][T18563] bridge_slave_1: entered allmulticast mode
[ 1634.755128][T18563] bridge_slave_1: entered promiscuous mode
[ 1635.104206][ T5883] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 1635.430107][ T5883] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1635.468708][ T5883] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1635.481694][ T5883] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 2
[ 1635.493007][ T5883] usb 7-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1635.541470][ T5883] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1635.685982][ T5883] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1635.817205][ T5883] usb 7-1: Product: syz
[ 1635.879059][ T5883] usb 7-1: Manufacturer: syz
[ 1635.975295][ T5883] usb 7-1: SerialNumber: syz
[ 1636.686218][T18648] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1636.694506][T18563] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1637.324747][T18563] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1638.359476][ T5883] cdc_mbim 7-1:1.0: bind() failure
[ 1638.566303][ T5883] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found
[ 1638.573175][ T5883] cdc_ncm 7-1:1.1: bind() failure
[ 1638.591580][ T5883] usb 7-1: USB disconnect, device number 8
[ 1638.641566][T18563] team0: Port device team_slave_0 added
[ 1639.087697][T18689] 9pnet_fd: Insufficient options for proto=fd
[ 1640.515662][T18563] team0: Port device team_slave_1 added
[ 1642.824732][T18563] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1642.919413][T18563] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1642.991764][T18563] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1643.839597][T18563] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1643.895411][T18563] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1643.921327][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1643.934553][T18563] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1644.122581][ T6423] bridge_slave_1: left allmulticast mode
[ 1644.954126][ T6423] bridge_slave_1: left promiscuous mode
[ 1644.960350][ T6423] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1645.209117][ T6423] bridge_slave_0: left allmulticast mode
[ 1645.224421][ T6423] bridge_slave_0: left promiscuous mode
[ 1645.230259][ T6423] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1645.584339][ T9278] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1646.205712][T18741] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1646.350927][ T9278] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1646.398370][T18747] 9pnet_fd: Insufficient options for proto=fd
[ 1646.631546][ T9278] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1646.861872][ T9278] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 2
[ 1647.043243][ T9278] usb 5-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1647.086608][ T9278] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1647.281226][ T9278] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1647.304388][ T9278] usb 5-1: Product: syz
[ 1647.329724][ T9278] usb 5-1: Manufacturer: syz
[ 1647.351562][ T9278] usb 5-1: SerialNumber: syz
[ 1648.004485][T18734] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1649.671233][ T9278] cdc_mbim 5-1:1.0: bind() failure
[ 1649.683077][ T9278] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[ 1649.711375][ T9278] cdc_ncm 5-1:1.1: bind() failure
[ 1649.849593][ T9278] usb 5-1: USB disconnect, device number 22
[ 1652.443344][ T6423] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1652.466274][ T6423] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1652.490453][ T6423] bond0 (unregistering): Released all slaves
[ 1657.235374][T18563] hsr_slave_0: entered promiscuous mode
[ 1657.254184][T18563] hsr_slave_1: entered promiscuous mode
[ 1657.260723][T18563] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1657.268396][T18563] Cannot create hsr debugfs directory
[ 1657.274357][ T6423] tipc: Left network mode
[ 1659.124240][ T5884] IPVS: starting estimator thread 0...
[ 1659.234473][T18820] IPVS: using max 25 ests per chain, 60000 per kthread
[ 1659.398861][T17079] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 1659.604419][ T5884] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[ 1659.719156][T17079] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1659.761158][T17079] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1659.787115][ T5884] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1659.832536][T17079] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 2
[ 1659.846579][ T5884] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1659.893398][T17079] usb 7-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1659.927697][ T5884] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 2
[ 1659.971942][ T5884] usb 8-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1659.999406][T17079] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1660.038831][T17079] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1660.062283][T17079] usb 7-1: Product: syz
[ 1660.069822][ T5884] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1660.090110][T17079] usb 7-1: Manufacturer: syz
[ 1660.100784][ T5884] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1660.111904][T17079] usb 7-1: SerialNumber: syz
[ 1660.122577][ T5884] usb 8-1: Product: syz
[ 1660.261451][ T5884] usb 8-1: Manufacturer: syz
[ 1660.286258][ T5884] usb 8-1: SerialNumber: syz
[ 1660.477102][T18812] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1660.499296][ T6423] hsr_slave_0: left promiscuous mode
[ 1660.520650][ T6423] hsr_slave_1: left promiscuous mode
[ 1660.529508][ T6423] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1660.539032][ T6423] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1660.589346][T18817] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22
[ 1662.204426][T17079] cdc_mbim 7-1:1.0: bind() failure
[ 1662.381586][ T5884] cdc_mbim 8-1:1.0: bind() failure
[ 1662.448552][ T5884] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found
[ 1662.458744][T17079] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found
[ 1662.507176][T17079] cdc_ncm 7-1:1.1: bind() failure
[ 1662.534589][ T5884] cdc_ncm 8-1:1.1: bind() failure
[ 1662.590085][T17079] usb 7-1: USB disconnect, device number 9
[ 1662.664144][ T5884] usb 8-1: USB disconnect, device number 2
[ 1668.018397][ T6423] team0 (unregistering): Port device team_slave_1 removed
[ 1668.364360][T18879] trusted_key: encrypted_key: insufficient parameters specified
[ 1668.792168][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1669.451107][ T6423] team0 (unregistering): Port device team_slave_0 removed
[ 1671.115991][T17097] Bluetooth: hci4: command 0x0406 tx timeout
[ 1672.688617][T18923] overlayfs: conflicting lowerdir path
[ 1674.839431][T18939] trusted_key: encrypted_key: insufficient parameters specified
[ 1677.885293][ T5884] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[ 1677.955475][ T6423] IPVS: stop unused estimator thread 0...
[ 1678.564686][ T5884] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1678.762679][ T5884] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1678.780434][ T5884] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 2
[ 1678.790638][ T5884] usb 5-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1678.807841][ T5884] usb 5-1: string descriptor 0 read error: -71
[ 1678.817248][ T5884] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1678.826784][ T5884] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1678.864403][ T5884] usb 5-1: can't set config #1, error -71
[ 1678.890002][ T5884] usb 5-1: USB disconnect, device number 23
[ 1679.014440][T18563] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1679.521004][T18983] 9pnet_fd: Insufficient options for proto=fd
[ 1679.753980][T18563] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1680.295600][T18563] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1680.371322][T18989] trusted_key: encrypted_key: insufficient parameters specified
[ 1680.410326][T18563] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1681.840419][T18563] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1682.001150][T18563] 8021q: adding VLAN 0 to HW filter on device team0
[ 1683.039732][T17306] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1683.046988][T17306] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1683.238323][T17306] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1683.245544][T17306] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1685.971033][T19042] 9pnet_fd: Insufficient options for proto=fd
[ 1686.571632][T19045] trusted_key: encrypted_key: insufficient parameters specified
[ 1688.445173][T17097] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1688.455953][T17097] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1688.464372][T17097] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1688.475261][T17097] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1688.483468][T17097] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1688.990420][T19065] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1689.001619][T19065] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1692.125293][T17097] Bluetooth: hci1: command tx timeout
[ 1694.154139][T17097] Bluetooth: hci1: command tx timeout
[ 1694.907379][T19094] 9pnet_fd: Insufficient options for proto=fd
[ 1696.631651][T17097] Bluetooth: hci1: command tx timeout
[ 1696.997598][T19114] 9pnet_fd: Insufficient options for proto=fd
[ 1698.249361][T19126] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1698.260821][T19126] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1698.714876][T14288] Bluetooth: hci1: command tx timeout
[ 1700.468183][T19060] chnl_net:caif_netlink_parms(): no params data found
[ 1700.512713][T11481] bridge_slave_1: left allmulticast mode
[ 1700.529328][T11481] bridge_slave_1: left promiscuous mode
[ 1700.570193][T11481] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1700.800477][T11481] bridge_slave_0: left allmulticast mode
[ 1700.880118][T11481] bridge_slave_0: left promiscuous mode
[ 1700.976802][T11481] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1704.453761][T19163] 9pnet_fd: Insufficient options for proto=fd
[ 1706.368019][T19175] 9pnet_fd: Insufficient options for proto=fd
[ 1709.762339][T11481] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1709.792713][T11481] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1709.819006][T11481] bond0 (unregistering): Released all slaves
[ 1710.288382][T16920] Bluetooth: (null): Invalid header checksum
[ 1710.497819][T16920] Bluetooth: (null): Invalid header checksum
[ 1711.297834][T19220] 9pnet_fd: Insufficient options for proto=fd
[ 1711.833705][T11481] hsr_slave_0: left promiscuous mode
[ 1711.870268][T11481] hsr_slave_1: left promiscuous mode
[ 1711.881145][T11481] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1711.900981][T11481] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1712.948766][T11481] team0 (unregistering): Port device team_slave_1 removed
[ 1713.836675][T11481] team0 (unregistering): Port device team_slave_0 removed
[ 1715.886701][   T36] Bluetooth: (null): Invalid header checksum
[ 1715.893929][   T36] Bluetooth: (null): Invalid header checksum
[ 1716.152528][   T12] Bluetooth: (null): Invalid header checksum
[ 1716.188546][   T12] Bluetooth: (null): Invalid header checksum
[ 1717.983181][T19060] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1718.214216][T19060] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1718.221532][T19060] bridge_slave_0: entered allmulticast mode
[ 1718.233660][T19060] bridge_slave_0: entered promiscuous mode
[ 1718.306807][T19284] netlink: 36 bytes leftover after parsing attributes in process `syz.8.3238'.
[ 1718.316223][T19284] netlink: 36 bytes leftover after parsing attributes in process `syz.8.3238'.
[ 1718.319429][T19060] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1718.361479][T19060] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1718.436476][T19060] bridge_slave_1: entered allmulticast mode
[ 1718.443255][T19286] process 'syz.8.3238' launched './file0' with NULL argv: empty string added
[ 1718.460991][T19060] bridge_slave_1: entered promiscuous mode
[ 1719.678935][T19060] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1719.901615][T19060] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1722.025407][T19060] team0: Port device team_slave_0 added
[ 1722.734539][T19060] team0: Port device team_slave_1 added
[ 1723.232128][T19060] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1723.253272][T19060] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1723.423352][T19060] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1723.764822][T19324] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3247'.
[ 1723.910071][T19324] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3247'.
[ 1723.936887][T19060] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1723.947144][T19060] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1723.977271][T19060] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1724.169168][T19060] hsr_slave_0: entered promiscuous mode
[ 1724.176257][T19060] hsr_slave_1: entered promiscuous mode
[ 1724.183263][T19060] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1724.196718][T19060] Cannot create hsr debugfs directory
[ 1728.935667][T19381] 9pnet_fd: Insufficient options for proto=fd
[ 1730.161423][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.596272][T19060] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1730.722474][T19060] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1730.777818][T19060] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1730.869864][T19060] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1731.937924][ T5883] IPVS: starting estimator thread 0...
[ 1732.044253][T19417] IPVS: using max 24 ests per chain, 57600 per kthread
[ 1732.257928][T19060] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1732.604826][T17740] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1733.249929][T17740] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1733.300483][T19432] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3265'.
[ 1733.409408][T17740] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1733.569264][T19060] 8021q: adding VLAN 0 to HW filter on device team0
[ 1733.644916][T17740] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 2
[ 1733.719528][  T991] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1733.726765][  T991] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1733.760281][T17740] usb 9-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1734.002166][T17740] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1734.611990][T17306] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1734.619185][T17306] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1734.673029][T17740] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1734.742495][T17740] usb 9-1: Product: syz
[ 1734.785065][T17740] usb 9-1: Manufacturer: syz
[ 1734.789730][T17740] usb 9-1: SerialNumber: syz
[ 1735.872630][T17740] usb 9-1: can't set config #1, error -71
[ 1735.884186][T17740] usb 9-1: USB disconnect, device number 2
[ 1736.035552][T19451] 9pnet_fd: Insufficient options for proto=fd
[ 1739.883421][T19060] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1740.218795][T19060] veth0_vlan: entered promiscuous mode
[ 1741.078471][T19060] veth1_vlan: entered promiscuous mode
[ 1742.256940][T19060] veth0_macvtap: entered promiscuous mode
[ 1742.290577][T19060] veth1_macvtap: entered promiscuous mode
[ 1743.294275][T19060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1743.365213][T19060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1743.413605][T19060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1743.479166][T19060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1743.496756][T19060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1743.507318][T19060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1743.517359][T19060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1743.544560][T19060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1743.565982][T19060] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1746.182780][T19553] overlayfs: overlapping lowerdir path
[ 1746.733054][T19556] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1747.594069][T17021] Bluetooth: hci0: command 0x0406 tx timeout
[ 1748.361251][T17021] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1748.372898][T17021] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1748.383725][T17021] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1748.395278][T17021] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1748.406318][T17021] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1750.599421][T17097] Bluetooth: hci3: command tx timeout
[ 1753.532159][T17097] Bluetooth: hci3: command tx timeout
[ 1755.598543][T17097] Bluetooth: hci3: command tx timeout
[ 1755.855504][T19625] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3305'.
[ 1755.864861][T19625] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3305'.
[ 1755.883002][T19567] chnl_net:caif_netlink_parms(): no params data found
[ 1757.984113][T17097] Bluetooth: hci3: command tx timeout
[ 1759.913913][T19679] 9pnet_fd: Insufficient options for proto=fd
[ 1760.573105][T19682] overlayfs: overlapping lowerdir path
[ 1760.812502][T19682] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1761.371581][T19567] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1761.391833][T19567] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1761.406596][T19567] bridge_slave_0: entered allmulticast mode
[ 1761.426139][T19567] bridge_slave_0: entered promiscuous mode
[ 1761.475121][T19567] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1761.508622][T19567] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1761.610666][T19567] bridge_slave_1: entered allmulticast mode
[ 1761.639207][T19567] bridge_slave_1: entered promiscuous mode
[ 1761.791129][T19697] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3318'.
[ 1764.491188][T19567] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1764.538926][T19567] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1765.901366][T19567] team0: Port device team_slave_0 added
[ 1765.911037][T19567] team0: Port device team_slave_1 added
[ 1768.122384][T19742] overlayfs: overlapping lowerdir path
[ 1768.233837][T19743] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1768.826377][T19567] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1768.833376][T19567] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1768.972025][T19567] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1769.070766][T19567] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1769.082558][T19567] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1769.220337][T19567] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1769.551183][T17097] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[ 1769.561188][T17097] CPU: 1 UID: 0 PID: 17097 Comm: kworker/u9:3 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) 
[ 1769.561221][T17097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1769.561237][T17097] Workqueue: hci2 hci_rx_work
[ 1769.561292][T17097] Call Trace:
[ 1769.561303][T17097]  <TASK>
[ 1769.561314][T17097]  dump_stack_lvl+0x241/0x360
[ 1769.561351][T17097]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1769.561389][T17097]  ? __wake_up_klogd+0xcc/0x110
[ 1769.561423][T17097]  sysfs_create_dir_ns+0x2fd/0x3f0
[ 1769.561453][T17097]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1769.561490][T17097]  kobject_add_internal+0x435/0x8d0
[ 1769.561527][T17097]  kobject_add+0x15b/0x230
[ 1769.561552][T17097]  ? preempt_schedule_thunk+0x16/0x30
[ 1769.561574][T17097]  ? device_add+0x3e7/0xbf0
[ 1769.561596][T17097]  ? __pfx_kobject_add+0x10/0x10
[ 1769.561622][T17097]  ? _raw_spin_unlock+0x3e/0x50
[ 1769.561656][T17097]  ? get_device_parent+0x165/0x410
[ 1769.561683][T17097]  device_add+0x4e5/0xbf0
[ 1769.561714][T17097]  hci_conn_add_sysfs+0xe8/0x200
[ 1769.561745][T17097]  le_conn_complete_evt+0xc6e/0x12a0
[ 1769.561782][T17097]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1769.561801][T17097]  ? __mutex_unlock_slowpath+0x229/0x800
[ 1769.561830][T17097]  ? __skb_clone+0x5c/0x6d0
[ 1769.561854][T17097]  ? skb_pull_data+0x112/0x230
[ 1769.561884][T17097]  hci_le_conn_complete_evt+0x18c/0x420
[ 1769.561928][T17097]  hci_event_packet+0xa5c/0x1550
[ 1769.561963][T17097]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1769.562003][T17097]  ? __pfx_hci_event_packet+0x10/0x10
[ 1769.562041][T17097]  ? kcov_remote_start+0x2e/0x7d0
[ 1769.562070][T17097]  ? hci_send_to_monitor+0xdc/0x530
[ 1769.562095][T17097]  hci_rx_work+0x3f3/0xdb0
[ 1769.562139][T17097]  ? process_scheduled_works+0x9cb/0x18e0
[ 1769.562175][T17097]  process_scheduled_works+0xac3/0x18e0
[ 1769.562241][T17097]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1769.562284][T17097]  ? assign_work+0x367/0x3d0
[ 1769.562321][T17097]  worker_thread+0x870/0xd50
[ 1769.562372][T17097]  ? __kthread_parkme+0x1a8/0x200
[ 1769.562409][T17097]  ? __pfx_worker_thread+0x10/0x10
[ 1769.562441][T17097]  kthread+0x7b7/0x940
[ 1769.562479][T17097]  ? __pfx_worker_thread+0x10/0x10
[ 1769.562511][T17097]  ? __pfx_kthread+0x10/0x10
[ 1769.562530][T17097]  ? __pfx_kthread+0x10/0x10
[ 1769.562551][T17097]  ? __pfx_kthread+0x10/0x10
[ 1769.562572][T17097]  ? __pfx_kthread+0x10/0x10
[ 1769.562593][T17097]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1769.562622][T17097]  ? lockdep_hardirqs_on+0x9d/0x150
[ 1769.562642][T17097]  ? __pfx_kthread+0x10/0x10
[ 1769.562666][T17097]  ret_from_fork+0x4b/0x80
[ 1769.562683][T17097]  ? __pfx_kthread+0x10/0x10
[ 1769.562706][T17097]  ret_from_fork_asm+0x1a/0x30
[ 1769.562754][T17097]  </TASK>
[ 1769.563545][T17097] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1770.027528][T17097] Bluetooth: hci2: failed to register connection device
[ 1771.101378][T19567] hsr_slave_0: entered promiscuous mode
[ 1771.407949][T19567] hsr_slave_1: entered promiscuous mode
[ 1772.355480][T19567] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1772.369251][T19567] Cannot create hsr debugfs directory
[ 1773.006042][T19779] macvtap5: entered allmulticast mode
[ 1773.650201][   T13] bridge_slave_1: left allmulticast mode
[ 1774.372394][   T13] bridge_slave_1: left promiscuous mode
[ 1774.426994][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1774.643430][   T13] bridge_slave_0: left allmulticast mode
[ 1774.659054][   T13] bridge_slave_0: left promiscuous mode
[ 1774.682367][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1778.245418][T19820] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1780.247898][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1780.277554][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1780.301317][   T13] bond0 (unregistering): Released all slaves
[ 1780.554774][T19835] overlayfs: conflicting lowerdir path
[ 1780.649601][   T13] hsr_slave_0: left promiscuous mode
[ 1780.713249][   T13] hsr_slave_1: left promiscuous mode
[ 1780.779191][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1780.827787][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1780.850364][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1780.917028][   T13] veth1_macvtap: left promiscuous mode
[ 1780.923892][   T13] veth0_macvtap: left promiscuous mode
[ 1780.940386][   T13] veth1_vlan: left promiscuous mode
[ 1780.954395][   T13] veth0_vlan: left promiscuous mode
[ 1780.988489][   T30] audit: type=1326 audit(1745135495.821:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19839 comm="syz.4.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcffed8e169 code=0x7ffc0000
[ 1781.238529][   T30] audit: type=1326 audit(1745135495.821:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19839 comm="syz.4.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fcffed8e169 code=0x7ffc0000
[ 1781.295739][   T30] audit: type=1326 audit(1745135495.821:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19839 comm="syz.4.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcffed8e169 code=0x7ffc0000
[ 1781.318039][   T30] audit: type=1326 audit(1745135495.821:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19839 comm="syz.4.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fcffed8e169 code=0x7ffc0000
[ 1781.374642][   T30] audit: type=1326 audit(1745135495.821:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19839 comm="syz.4.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcffed2a359 code=0x7ffc0000
[ 1781.442483][   T30] audit: type=1326 audit(1745135495.821:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19839 comm="syz.4.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcffed2a359 code=0x7ffc0000
[ 1781.474630][   T30] audit: type=1326 audit(1745135495.821:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19839 comm="syz.4.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcffed2a359 code=0x7ffc0000
[ 1781.500740][   T30] audit: type=1326 audit(1745135495.821:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19839 comm="syz.4.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcffed2a359 code=0x7ffc0000
[ 1781.526888][   T30] audit: type=1326 audit(1745135495.821:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19839 comm="syz.4.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcffed2a359 code=0x7ffc0000
[ 1781.560297][   T30] audit: type=1326 audit(1745135495.821:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19839 comm="syz.4.3351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcffed2a359 code=0x7ffc0000
[ 1784.531659][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 1784.749264][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 1784.958404][T19862] x_tables: duplicate underflow at hook 1
[ 1785.235882][T17097] Bluetooth: hci5: unexpected event for opcode 0x2035
[ 1789.534390][T17097] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[ 1789.545175][T17097] Bluetooth: hci5: Injecting HCI hardware error event
[ 1789.573848][T17021] Bluetooth: hci5: hardware error 0x00
[ 1791.601762][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1792.999414][T17021] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[ 1798.178727][T19567] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1799.303631][T19567] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1799.374049][T19567] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1799.523671][T19567] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1802.675333][T19567] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1802.702612][T19567] 8021q: adding VLAN 0 to HW filter on device team0
[ 1802.729236][  T991] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1802.736556][  T991] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1802.828991][ T6423] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1802.836231][ T6423] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1805.622260][T20019] overlayfs: conflicting lowerdir path
[ 1806.765018][T17097] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1806.775024][T17097] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1806.784223][T17097] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1806.801334][T17097] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1806.810897][T17097] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1808.875861][T17097] Bluetooth: hci1: command tx timeout
[ 1809.892273][T20067] trusted_key: encrypted_key: insufficient parameters specified
[ 1811.046990][T20081] overlayfs: missing 'lowerdir'
[ 1811.055658][T17097] Bluetooth: hci1: command tx timeout
[ 1811.114032][T20081] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1811.424754][T20078] macvtap1: entered allmulticast mode
[ 1811.430283][T20078] veth0_macvtap: entered allmulticast mode
[ 1811.961599][T20030] chnl_net:caif_netlink_parms(): no params data found
[ 1813.115383][T17021] Bluetooth: hci1: command tx timeout
[ 1813.651707][T19853] bridge_slave_1: left allmulticast mode
[ 1813.676474][T19853] bridge_slave_1: left promiscuous mode
[ 1813.714681][T19853] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1813.757189][T19853] bridge_slave_0: left allmulticast mode
[ 1813.762970][T19853] bridge_slave_0: left promiscuous mode
[ 1813.798370][T19853] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1815.204175][T17021] Bluetooth: hci1: command tx timeout
[ 1817.688032][T19853] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1817.785690][T19853] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1817.803207][T19853] bond0 (unregistering): Released all slaves
[ 1817.831617][T20113] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3411'.
[ 1817.888948][T20137] tipc: Started in network mode
[ 1817.893878][T20137] tipc: Node identity 7f000001, cluster identity 4711
[ 1817.905655][T20137] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1817.920317][T20142] macvtap2: entered allmulticast mode
[ 1818.050140][T20030] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1818.058452][T20030] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1818.065857][T20030] bridge_slave_0: entered allmulticast mode
[ 1818.074725][T20030] bridge_slave_0: entered promiscuous mode
[ 1818.480629][T20030] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1818.514195][T20030] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1818.522505][T20030] bridge_slave_1: entered allmulticast mode
[ 1818.567994][T20155] overlayfs: failed to resolve './file1': -2
[ 1818.606889][T20030] bridge_slave_1: entered promiscuous mode
[ 1819.143140][T19285] tipc: Node number set to 2130706433
[ 1819.551002][T19853] hsr_slave_0: left promiscuous mode
[ 1819.583555][T19853] hsr_slave_1: left promiscuous mode
[ 1819.602518][T19853] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1819.648210][T19853] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1821.643649][T19853] team0 (unregistering): Port device team_slave_1 removed
[ 1822.338902][T19853] team0 (unregistering): Port device team_slave_0 removed
[ 1823.384453][T20207] overlayfs: failed to resolve './file1': -2
[ 1825.321026][T20221] overlayfs: conflicting lowerdir path
[ 1826.229721][T20030] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1826.389262][T20030] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1826.640670][T20030] team0: Port device team_slave_0 added
[ 1826.697944][T20030] team0: Port device team_slave_1 added
[ 1826.964669][T20239] trusted_key: encrypted_key: insufficient parameters specified
[ 1828.248202][T20030] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1828.308146][T20030] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1828.912307][T20030] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1828.947290][T20030] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1828.956450][T20030] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1828.983553][T20030] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1830.420949][T20254] macvtap3: entered allmulticast mode
[ 1830.520505][T20030] hsr_slave_0: entered promiscuous mode
[ 1830.578914][T20030] hsr_slave_1: entered promiscuous mode
[ 1830.630348][T20030] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1830.635328][T20258] overlayfs: failed to resolve './file1': -2
[ 1830.657636][T20030] Cannot create hsr debugfs directory
[ 1833.224238][T20298] trusted_key: encrypted_key: insufficient parameters specified
[ 1836.292007][T20315] overlayfs: failed to resolve './file1': -2
[ 1836.630415][T20319] macvtap1: entered allmulticast mode
[ 1836.636207][T20319] veth0_macvtap: entered allmulticast mode
[ 1837.787395][T20332] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3460'.
[ 1838.465943][T20332] netdevsim netdevsim8 netdevsim0: entered promiscuous mode
[ 1838.869710][T20342] trusted_key: encrypted_key: insufficient parameters specified
[ 1839.964045][T17740] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1840.691542][T20030] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1840.777939][T20030] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1840.852548][T17740] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1841.105956][T17740] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1841.373296][T17740] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1841.532040][T17740] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1841.889204][T17740] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1842.214470][T17740] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1842.223587][T17740] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1842.231764][T17740] usb 9-1: Product: syz
[ 1842.240000][T17740] usb 9-1: Manufacturer: syz
[ 1842.263484][T20030] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1842.287405][T17740] cdc_wdm 9-1:1.0: skipping garbage
[ 1842.310679][T20030] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1842.313018][T17740] cdc_wdm 9-1:1.0: skipping garbage
[ 1842.348874][T17740] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[ 1842.361484][T17740] cdc_wdm 9-1:1.0: Unknown control protocol
[ 1842.730007][T20030] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1842.815766][T20030] 8021q: adding VLAN 0 to HW filter on device team0
[ 1842.882092][    C0] cdc_wdm 9-1:1.0: nonzero urb status received: -EPIPE
[ 1842.940669][ T4515] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1842.947962][ T4515] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1843.250726][ T5913] usb 9-1: USB disconnect, device number 3
[ 1843.583482][ T4515] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1843.590778][ T4515] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1843.744893][T20396] trusted_key: encrypted_key: insufficient parameters specified
[ 1844.040900][T20030] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1845.952617][T20030] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1846.935771][T20030] veth0_vlan: entered promiscuous mode
[ 1847.085274][T20030] veth1_vlan: entered promiscuous mode
[ 1847.219312][T20030] veth0_macvtap: entered promiscuous mode
[ 1847.248664][T20030] veth1_macvtap: entered promiscuous mode
[ 1847.330043][T20030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1847.374018][T20030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1847.404190][T20030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1847.439744][T20030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1847.473985][T20030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1847.504357][T20030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1847.534488][T20030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1847.574080][T20030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1847.602347][T20030] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1847.647901][T20030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1847.689013][T20030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1847.723113][T20030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1847.765692][T20030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1847.793998][T20030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1847.844103][T20030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1847.864808][T20030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1847.894321][T20030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1847.965606][T20030] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1848.032240][T20030] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1848.065443][T20030] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1848.108620][T20030] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1848.158998][T20030] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1849.513360][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1849.629422][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1849.671281][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1849.692961][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1850.644407][T20456] : entered promiscuous mode
[ 1853.040683][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.076595][T17079] IPVS: starting estimator thread 0...
[ 1853.374311][T20482] IPVS: using max 30 ests per chain, 72000 per kthread
[ 1855.984998][T17079] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1862.384311][T19285] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 1862.554432][T19285] usb 5-1: Using ep0 maxpacket: 32
[ 1863.254737][T19285] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 1863.262811][T19285] usb 5-1: config 0 has no interface number 0
[ 1863.293797][T19285] usb 5-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[ 1863.303211][T19285] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1863.427146][T19285] usb 5-1: Product: syz
[ 1863.431378][T19285] usb 5-1: Manufacturer: syz
[ 1863.436349][T19285] usb 5-1: SerialNumber: syz
[ 1863.449789][T19285] usb 5-1: config 0 descriptor??
[ 1863.458443][T19285] usb 5-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[ 1863.473185][T19285] usb 5-1: selecting invalid altsetting 1
[ 1863.480168][T19285] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[ 1863.495780][T19285] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1863.514537][T19285] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[ 1863.523169][T19285] usb 5-1: media controller created
[ 1863.831533][T20554] : entered promiscuous mode
[ 1864.340527][T19285] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1864.386533][T19285] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[ 1864.396128][T19285] zl10353_read_register: readreg error (reg=127, ret==-32)
[ 1865.548644][T19285] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[ 1866.089231][T19285] usb 1-1: config 0 has an invalid interface number: 95 but max is 0
[ 1866.209380][T19285] usb 1-1: config 0 has no interface number 0
[ 1866.383618][T19285] usb 1-1: config 0 interface 95 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 8
[ 1866.647801][T19285] usb 1-1: New USB device found, idVendor=7725, idProduct=b0a8, bcdDevice= 7.46
[ 1866.702664][T19285] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1866.724945][ T5913] usb 5-1: USB disconnect, device number 25
[ 1866.774267][T19285] usb 1-1: Product: syz
[ 1866.802463][T19285] usb 1-1: Manufacturer: syz
[ 1866.815173][T19285] usb 1-1: SerialNumber: syz
[ 1866.949965][T19285] usb 1-1: config 0 descriptor??
[ 1867.116404][T20580] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3520'.
[ 1867.168000][T20565] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1870.554749][T19285] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1870.646776][T19285] usb 1-1: MIDIStreaming interface descriptor not found
[ 1871.070072][T19285] usb 1-1: USB disconnect, device number 16
[ 1872.279813][T20592] udevd[20592]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.95/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1874.774532][ T5910] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[ 1874.944218][ T5910] usb 1-1: Using ep0 maxpacket: 8
[ 1875.063220][ T5910] usb 1-1: config 0 has an invalid interface number: 163 but max is 0
[ 1875.093735][ T5910] usb 1-1: config 0 has no interface number 0
[ 1875.129674][ T5910] usb 1-1: config 0 interface 163 altsetting 0 endpoint 0xA has invalid maxpacket 27776, setting to 64
[ 1875.170508][ T5910] usb 1-1: config 0 interface 163 altsetting 0 endpoint 0xB has invalid maxpacket 1024, setting to 64
[ 1875.224119][ T5910] usb 1-1: New USB device found, idVendor=0763, idProduct=1031, bcdDevice= 1.01
[ 1875.666355][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1875.867835][ T5910] usb 1-1: Product: syz
[ 1875.906354][ T5910] usb 1-1: Manufacturer: syz
[ 1875.949400][ T5910] usb 1-1: SerialNumber: syz
[ 1876.194179][ T5910] usb 1-1: config 0 descriptor??
[ 1876.381379][ T5910] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1876.458399][T20630] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3536'.
[ 1877.495731][ T5910] usb 1-1: USB disconnect, device number 17
[ 1878.809788][T20353] udevd[20353]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.163/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1879.115060][T20664] 9pnet_fd: Insufficient options for proto=fd
[ 1880.384632][T20681] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3550'.
[ 1884.793629][T20719] netlink: 'syz.8.3561': attribute type 23 has an invalid length.
[ 1888.016177][T20734] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3565'.
[ 1892.212375][T20768] netlink: 204 bytes leftover after parsing attributes in process `syz.6.3574'.
[ 1892.221867][T20768] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3574'.
[ 1893.034913][ T9812] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[ 1893.764871][ T9812] usb 1-1: Using ep0 maxpacket: 32
[ 1893.776612][T20776] Bluetooth: MGMT ver 1.23
[ 1893.814295][ T9812] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1893.824006][ T9812] usb 1-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1893.833084][ T9812] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1894.082039][ T9812] usb 1-1: Product: syz
[ 1894.174392][ T9812] usb 1-1: Manufacturer: syz
[ 1894.248159][ T9812] usb 1-1: SerialNumber: syz
[ 1894.385734][ T9812] usb 1-1: config 0 descriptor??
[ 1895.080634][ T9812] gs_usb 1-1:0.0: Configuring for 1 interfaces
[ 1895.569987][T20790] page: refcount:3 mapcount:0 mapping:ffff88802386e478 index:0x2 pfn:0x326be
[ 1895.578988][T20790] memcg:ffff88802f47e000
[ 1895.583294][T20790] aops:def_blk_aops ino:fa00000
[ 1895.588306][T20790] flags: 0xfff00000000139(locked|uptodate|dirty|lru|active|node=0|zone=1|lastcpupid=0x7ff)
[ 1895.598429][T20790] raw: 00fff00000000139 ffffea0000c9afc8 ffff888024bff878 ffff88802386e478
[ 1895.607395][T20790] raw: 0000000000000002 0000000000000000 00000003ffffffff ffff88802f47e000
[ 1895.616167][T20790] page dumped because: VM_BUG_ON_FOLIO(!folio_contains(folio, index))
[ 1895.625700][T20790] page_owner tracks the page as allocated
[ 1895.631500][T20790] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 20789, tgid 20789 (syz.6.3582), ts 1895369973798, free_ts 1895147105911
[ 1895.652876][T20790]  post_alloc_hook+0x1f4/0x240
[ 1895.657748][T20790]  get_page_from_freelist+0x360d/0x37b0
[ 1895.663359][T20790]  __alloc_frozen_pages_noprof+0x211/0x5b0
[ 1895.669325][T20790]  alloc_pages_mpol+0x339/0x690
[ 1895.674291][T20790]  alloc_pages_noprof+0x121/0x190
[ 1895.679389][T20790]  folio_alloc_noprof+0x1e/0x30
[ 1895.684368][T20790]  filemap_alloc_folio_noprof+0xe4/0x550
[ 1895.690100][T20790]  page_cache_ra_order+0x5f5/0xca0
[ 1895.695338][T20790]  do_sync_mmap_readahead+0x3e6/0x6c0
[ 1895.700807][T20790]  filemap_fault+0x763/0x13d0
[ 1895.705735][T20790]  __do_fault+0x135/0x390
[ 1895.710151][T20790]  handle_pte_fault+0xfcc/0x61c0
[ 1895.715177][T20790]  handle_mm_fault+0x1030/0x1aa0
[ 1895.720195][T20790]  exc_page_fault+0x45b/0x920
[ 1895.724993][T20790]  asm_exc_page_fault+0x26/0x30
[ 1895.731129][T20790] page last free pid 20649 tgid 20649 stack trace:
[ 1895.737777][T20790]  __free_frozen_pages+0xddf/0x10a0
[ 1895.743161][T20790]  __slab_free+0x2c6/0x390
[ 1895.747685][T20790]  qlist_free_all+0x9a/0x140
[ 1895.752347][T20790]  kasan_quarantine_reduce+0x14f/0x170
[ 1895.757953][T20790]  __kasan_slab_alloc+0x23/0x80
[ 1895.762864][T20790]  kmem_cache_alloc_noprof+0x1e1/0x390
[ 1895.768460][T20790]  getname_flags+0xb7/0x530
[ 1895.773091][T20790]  user_path_at+0x24/0x60
[ 1895.777504][T20790]  do_utimes+0x120/0x290
[ 1895.781839][T20790]  __x64_sys_utimensat+0x151/0x250
[ 1895.787072][T20790]  do_syscall_64+0xf3/0x210
[ 1895.791663][T20790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1895.797846][T20790] ------------[ cut here ]------------
[ 1895.803393][T20790] kernel BUG at mm/filemap.c:3433!
[ 1895.808659][T20790] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[ 1895.814935][T20790] CPU: 1 UID: 0 PID: 20790 Comm: syz.6.3582 Not tainted 6.15.0-rc2-syzkaller-00471-g119009db2674 #0 PREEMPT(full) 
[ 1895.827205][T20790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1895.837278][T20790] RIP: 0010:filemap_fault+0x1360/0x13d0
[ 1895.842864][T20790] Code: c4 ff 48 8b 3c 24 48 c7 c6 40 0e 54 8c e8 a8 f9 0e 00 90 0f 0b e8 20 e7 c4 ff 48 89 df 48 c7 c6 c0 07 54 8c e8 91 f9 0e 00 90 <0f> 0b e8 09 e7 c4 ff 48 8b 3c 24 48 c7 c6 40 0e 54 8c e8 79 f9 0e
[ 1895.862515][T20790] RSP: 0018:ffffc90005257120 EFLAGS: 00010246
[ 1895.868636][T20790] RAX: fa7133edd9567b00 RBX: ffffea0000c9af80 RCX: 0000000000000000
[ 1895.876666][T20790] RDX: ffffc9001c659000 RSI: ffffffff8e4c7ff1 RDI: ffffffff8ca0e180
[ 1895.884666][T20790] RBP: ffffc90005257258 R08: ffffffff82363556 R09: fffffbfff1d7a960
[ 1895.892670][T20790] R10: dffffc0000000000 R11: fffffbfff1d7a960 R12: ffff88802386e478
[ 1895.900699][T20790] R13: 1ffffd40001935f1 R14: dffffc0000000000 R15: ffffea0000c9af88
[ 1895.908683][T20790] FS:  00007f10a98756c0(0000) GS:ffff8881250cf000(0000) knlGS:0000000000000000
[ 1895.917635][T20790] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1895.924231][T20790] CR2: 0000200000001e7b CR3: 0000000061690000 CR4: 00000000003526f0
[ 1895.932223][T20790] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1895.940215][T20790] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1895.948440][T20790] Call Trace:
[ 1895.951733][T20790]  <TASK>
[ 1895.954672][T20790]  ? __pfx_filemap_fault+0x10/0x10
[ 1895.959863][T20790]  __do_fault+0x135/0x390
[ 1895.964247][T20790]  handle_pte_fault+0x3f0c/0x61c0
[ 1895.969307][T20790]  ? handle_pte_fault+0x2b0a/0x61c0
[ 1895.974537][T20790]  ? trace_irq_enable+0x2c/0x120
[ 1895.979503][T20790]  ? __pfx_handle_pte_fault+0x10/0x10
[ 1895.984906][T20790]  ? rcu_is_watching+0x15/0xb0
[ 1895.989694][T20790]  ? trace_sched_exit_tp+0x3c/0x120
[ 1895.994994][T20790]  ? rcu_is_watching+0x15/0xb0
[ 1895.999783][T20790]  ? __switch_to+0xe97/0x1c30
[ 1896.004501][T20790]  ? irqentry_exit+0x63/0x90
[ 1896.009108][T20790]  ? lockdep_hardirqs_on+0x9d/0x150
[ 1896.014339][T20790]  handle_mm_fault+0x1030/0x1aa0
[ 1896.019320][T20790]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1896.024664][T20790]  ? lock_mm_and_find_vma+0x9c/0x2f0
[ 1896.030072][T20790]  exc_page_fault+0x2bb/0x920
[ 1896.034789][T20790]  asm_exc_page_fault+0x26/0x30
[ 1896.039656][T20790] RIP: 0010:rep_movs_alternative+0xf/0x90
[ 1896.045418][T20790] Code: c4 10 c3 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e
[ 1896.065052][T20790] RSP: 0018:ffffc90005257930 EFLAGS: 00050202
[ 1896.071147][T20790] RAX: 00007ffffffff001 RBX: 0000200000001e7b RCX: 0000000000000001
[ 1896.079137][T20790] RDX: 0000000000000001 RSI: 0000200000001e7b RDI: ffff88807b73abbb
[ 1896.087129][T20790] RBP: 0000000000000001 R08: ffff88807b73abbb R09: 1ffff1100f6e7577
[ 1896.095113][T20790] R10: dffffc0000000000 R11: ffffed100f6e7578 R12: ffff88807b73abbb
[ 1896.103093][T20790] R13: 1ffff1100d686987 R14: ffff88807b73abbb R15: 0000000000000001
[ 1896.111088][T20790]  _copy_from_user+0x7b/0xb0
[ 1896.115711][T20790]  snd_rawmidi_kernel_write1+0x390/0x620
[ 1896.121373][T20790]  snd_rawmidi_write+0x5f2/0xc00
[ 1896.126341][T20790]  ? __pfx_snd_rawmidi_write+0x10/0x10
[ 1896.131856][T20790]  ? __pfx_default_wake_function+0x10/0x10
[ 1896.137682][T20790]  ? bpf_lsm_file_permission+0x9/0x10
[ 1896.143075][T20790]  ? rw_verify_area+0x246/0x630
[ 1896.147963][T20790]  vfs_writev+0x5ba/0xbc0
[ 1896.152313][T20790]  ? __pfx_snd_rawmidi_write+0x10/0x10
[ 1896.157792][T20790]  ? __pfx_vfs_writev+0x10/0x10
[ 1896.162682][T20790]  ? __fget_files+0x2a/0x420
[ 1896.167335][T20790]  ? __fget_files+0x39d/0x420
[ 1896.172040][T20790]  ? __fget_files+0x2a/0x420
[ 1896.176653][T20790]  do_writev+0x1b8/0x360
[ 1896.180930][T20790]  ? __pfx_do_writev+0x10/0x10
[ 1896.185728][T20790]  ? do_syscall_64+0xb6/0x210
[ 1896.190447][T20790]  do_syscall_64+0xf3/0x210
[ 1896.194975][T20790]  ? clear_bhb_loop+0x45/0xa0
[ 1896.199686][T20790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1896.205617][T20790] RIP: 0033:0x7f10a898e169
[ 1896.210066][T20790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1896.229772][T20790] RSP: 002b:00007f10a9875038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1896.238226][T20790] RAX: ffffffffffffffda RBX: 00007f10a8bb5fa0 RCX: 00007f10a898e169
[ 1896.246216][T20790] RDX: 0000000000000002 RSI: 0000200000000840 RDI: 0000000000000006
[ 1896.254204][T20790] RBP: 00007f10a8a10a68 R08: 0000000000000000 R09: 0000000000000000
[ 1896.262185][T20790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1896.270166][T20790] R13: 0000000000000000 R14: 00007f10a8bb5fa0 R15: 00007fff2751b4a8
[ 1896.278161][T20790]  </TASK>
[ 1896.281187][T20790] Modules linked in:
[ 1896.289180][T20790] ---[ end trace 0000000000000000 ]---
[ 1896.294781][T20790] RIP: 0010:filemap_fault+0x1360/0x13d0
[ 1896.300397][T20790] Code: c4 ff 48 8b 3c 24 48 c7 c6 40 0e 54 8c e8 a8 f9 0e 00 90 0f 0b e8 20 e7 c4 ff 48 89 df 48 c7 c6 c0 07 54 8c e8 91 f9 0e 00 90 <0f> 0b e8 09 e7 c4 ff 48 8b 3c 24 48 c7 c6 40 0e 54 8c e8 79 f9 0e
[ 1896.320179][T20790] RSP: 0018:ffffc90005257120 EFLAGS: 00010246
[ 1896.326316][T20790] RAX: fa7133edd9567b00 RBX: ffffea0000c9af80 RCX: 0000000000000000
[ 1896.334381][T20790] RDX: ffffc9001c659000 RSI: ffffffff8e4c7ff1 RDI: ffffffff8ca0e180
[ 1896.343201][T20790] RBP: ffffc90005257258 R08: ffffffff82363556 R09: fffffbfff1d7a960
[ 1896.351273][T20790] R10: dffffc0000000000 R11: fffffbfff1d7a960 R12: ffff88802386e478
[ 1896.359354][T20790] R13: 1ffffd40001935f1 R14: dffffc0000000000 R15: ffffea0000c9af88
[ 1896.367406][T20790] FS:  00007f10a98756c0(0000) GS:ffff8881250cf000(0000) knlGS:0000000000000000
[ 1896.376419][T20790] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1896.383065][T20790] CR2: 0000200000001e7b CR3: 0000000061690000 CR4: 00000000003526f0
[ 1896.391098][T20790] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1896.399197][T20790] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1896.407285][T20790] Kernel panic - not syncing: Fatal exception
[ 1896.413722][T20790] Kernel Offset: disabled
[ 1896.418057][T20790] Rebooting in 86400 seconds..