last executing test programs:

47m35.299908315s ago: executing program 32 (id=322):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x1f, 0x3, &(0x7f0000000380)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', 0xffffffffffffffff, 0x0, 0x5895}, 0x18)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000540)={0x8, 0x0, 0x0, 'queue1\x00', 0x72})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)

47m26.894529551s ago: executing program 33 (id=378):
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x3, 0x90, [0x1, 0x9, 0x1, 0x0, 0x0, 0x4000000003c0], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYRESHEX]}, 0x8a)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000002480)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000000040)}, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000880)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev}, 0x1c)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='nfs4\x00', 0x0, &(0x7f00000001c0)='\x01')

45m34.632284181s ago: executing program 34 (id=1190):
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000240)={0x0, 0x4525, 0x0, 0x4, 0x12d}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000640)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x4000)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x28, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0xda1a0b6210925d15, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x22d2, 0x20, 0x0, 0x0, 0x0)

45m18.044485478s ago: executing program 35 (id=1254):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setuid(0xee01)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x35}}, 0x800}, 0x1c)

44m34.556753957s ago: executing program 36 (id=1487):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000500)='2', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='nv\x00', 0x3)
shutdown(r0, 0x1)

44m3.490011299s ago: executing program 37 (id=1663):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x5031, 0xffffffffffffffff, 0xc2dcc000)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
getdents64(r1, &(0x7f0000000100)=""/83, 0x53)

41m23.37218541s ago: executing program 38 (id=2644):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, 0x0, 0x8000)
mount$fuseblk(&(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

40m13.58709414s ago: executing program 39 (id=3096):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x2]}, 0x8, 0x80000)
readv(r1, &(0x7f0000000000)=[{&(0x7f0000000140)=""/128, 0x80}], 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x6)
signalfd4(r1, &(0x7f0000000040)={[0x7fffffffffffffff]}, 0x8, 0x0)

38m0.183560062s ago: executing program 40 (id=3826):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048801)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERY_INTVL={0xc, 0x21, 0x80}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x34041043}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

36m45.514808722s ago: executing program 41 (id=4093):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

35m39.940192864s ago: executing program 42 (id=4512):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
dup3(r1, r0, 0x0)
r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x936, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x47b6, 0x800000, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001040)={0x4c, 0x0, &(0x7f0000000ec0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})

33m41.526167686s ago: executing program 43 (id=5031):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000800)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x2, 0x1e}, @ptr={0x70742a85, 0x0, &(0x7f0000000580)=""/206, 0x14, 0x1, 0xffffffffffffffff}, @fda={0x66646185, 0x5, 0x1, 0x14}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})

28m57.684453986s ago: executing program 44 (id=5858):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, 0x0)
preadv(r2, 0x0, 0x0, 0x0, 0x4)
r3 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback, 0x3}, 0x31)
sendmmsg$inet6(r3, &(0x7f0000002940), 0x40000000000017d, 0x811)

27m29.108556422s ago: executing program 45 (id=6052):
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000640)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r2, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x1, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x3ff, 0x9, 0x0, 0x0, 0xffff, 0x3], [0x0, 0x8, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x8]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r3)
syz_usb_connect$hid(0xc, 0x3f, &(0x7f0000000200)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0xb69e9bf6105cfb28, 0x2133, 0x18, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x0, 0x2, 0x0, 0x64, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x2, 0x0, 0x1, {0x22, 0xee7}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0x0, 0x4}}, [{{0x9, 0x5, 0x2, 0x3, 0x400, 0x7, 0xb, 0x6}}]}}}]}}]}}, 0x0)

24m31.669161281s ago: executing program 46 (id=6398):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c)
pipe2$9p(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x2, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56551, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x6, 0x1002, 0x0, 0x2, 0xffffffff}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xfffffffd}}]}}}]}, 0x58}}, 0x20000000)
write$P9_RSETATTR(r3, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a)
splice(r2, 0x0, r0, 0x0, 0x20000000000002, 0x2)

17m25.317288594s ago: executing program 0 (id=6958):
socket$inet(0x2, 0x2, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
r4 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
r5 = add_key$user(&(0x7f0000006400), &(0x7f0000006c00)={'syz', 0x3}, &(0x7f0000000240)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b0204dc55ea62d43c809e0ed6e561eb1bcb4a046d00825a02a373c4cd08785e4e69234ffbff79f36d5949767ec9ab9342262268333a", 0x95, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r5}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}})

17m23.452382684s ago: executing program 0 (id=6959):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x48140, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000140), 0x12)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/35, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

17m21.424781534s ago: executing program 47 (id=6939):
close(0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106)
signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$sock_inet_udp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x3, 0x190}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r2, 0x5a00, 0xbc03, 0x6, 0x0, 0x0)

17m17.080106956s ago: executing program 0 (id=6967):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @link_local={0x17, 0x80, 0xc2, 0x6, 0x5}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "182325", 0x8, 0x2c, 0x0, @remote, @local, {[@routing={0x8, 0x0, 0x2, 0x21}]}}}}}, 0x0)

17m15.091013595s ago: executing program 0 (id=6969):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0x29, 0x7, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000000140)=0x200000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000002240)=ANY=[], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r1, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000000)={0x2, @pix={0x80000000, 0x0, 0x3136564e, 0x5, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x2}})

17m10.603988389s ago: executing program 0 (id=6975):
socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c010000190001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa4e220000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000104000000000000feffffffffffffff030000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000008400050020010000000000000000000000000000000000002b00000000000000000000000000000000000000000500000000000002000700000000000000000000000000e00000020000000000000000000000004000000033"], 0x13c}}, 0x20040880)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @random="a538ae464632", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1}, {0x11, 0x0, 0x0, @multicast1}}}}}, 0x0)

17m6.507295025s ago: executing program 0 (id=6977):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)

16m49.585934123s ago: executing program 48 (id=6977):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)

16m36.424329718s ago: executing program 1 (id=7003):
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0xf32}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

16m33.487389672s ago: executing program 1 (id=7004):
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x100)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r3, &(0x7f00000000c0)={0x1f, 0x7, @any, 0x73, 0x2}, 0xe)
connect$packet(r3, &(0x7f0000000200)={0x1f, 0xf8, 0x0, 0x1, 0xa, 0x6, @remote}, 0x14)

16m31.963027683s ago: executing program 1 (id=7008):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@loopback, 0x0, 0x8, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}}}, 0xb8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=ANY=[@ANYBLOB="a0000000210001002bbd7000fffffffffc0200000000000000000000000000006401010200000000000000000000000000000000000000020a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000050001100ac1414aa0000"], 0xa0}, 0x1, 0x0, 0x0, 0x44000}, 0x0)

16m28.086489222s ago: executing program 1 (id=7011):
socket$nl_route(0x10, 0x3, 0x0)
getsockopt(0xffffffffffffffff, 0x10000117, 0x2718, 0x0, &(0x7f0000000040))
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prctl$PR_MPX_DISABLE_MANAGEMENT(0x2c)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4138ae84, &(0x7f0000000c40)=@x86={0xab, 0xd, 0x18, 0x0, 0x100, 0x8, 0x7, 0x0, 0x40, 0x3, 0xc, 0xfd, 0x0, 0x1, 0xa, 0x8a, 0x7, 0x14, 0x33, '\x00', 0x8, 0x2})

16m23.982173161s ago: executing program 1 (id=7019):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept(r0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="120000000400000004000000a4"], 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000300), &(0x7f0000000000)=@tcp6=r2, 0x1}, 0x20)
recvmmsg(r2, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x12000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000000c0)='sys_exit\x00', r4}, 0x18)
accept4(r2, 0x0, 0x0, 0x80000)
chdir(0x0)

16m22.603767167s ago: executing program 1 (id=7022):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$audio(0xffffffffffffff9c, 0x0, 0x109842, 0x0)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x106f)

16m7.474423026s ago: executing program 49 (id=7022):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$audio(0xffffffffffffff9c, 0x0, 0x109842, 0x0)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x106f)

12m42.315155203s ago: executing program 9 (id=7233):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_create_resource$binfmt(&(0x7f0000000280)='./file0\x00')
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b00000008000000020000000400000005000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000b00), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000002}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r5}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0xd4}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

12m40.779271171s ago: executing program 9 (id=7234):
openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f00000001c0)='syzkaller\x00'}, 0x80)
socket$packet(0x11, 0x3, 0x300)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$ax25(0x3, 0x5, 0xcb)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
socket$inet(0x2, 0x3, 0x9)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x800000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYRES32=r0], 0x0, 0x8, 0x28, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0}, 0x94)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

12m39.078570977s ago: executing program 9 (id=7238):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xcc657405ba8b63ff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(0xffffffffffffffff, 0x2, 0x0, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(0xffffffffffffffff, 0x2, 0x0, 0x0)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000400)={0x1b, "5660359c3245d1c42317afad7d48ed510000000000000100", <r5=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r5, 0xc0383e04, &(0x7f0000000100)={""/32, 0x0, 0x0, 0x1, 0x0, &(0x7f00000001c0)=[{}]})

12m36.226172612s ago: executing program 9 (id=7241):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioperm(0x6, 0x88, 0x8)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, 0x0, 0x82}], 0x1, 0x0, 0x0, 0x1)

12m34.648537048s ago: executing program 9 (id=7244):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
capset(&(0x7f0000000000)={0x20080522}, 0x0)
setxattr$system_posix_acl(0x0, &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f0000000180)=0x12, 0x4)

12m23.786202591s ago: executing program 9 (id=7258):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x20, 0x4001c00)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
close_range(r5, 0xffffffffffffffff, 0x0)

12m7.39397734s ago: executing program 50 (id=7258):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x20, 0x4001c00)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
close_range(r5, 0xffffffffffffffff, 0x0)

11m51.037729592s ago: executing program 5 (id=7306):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
close(0x3)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in={{0x2, 0x4e21, @rand_addr=0x64010102}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000180)={0x5, 0xd, 0x2b, 0xef}, &(0x7f0000000100)=0x10)

11m47.056727839s ago: executing program 5 (id=7312):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$ppp(0xffffffffffffff9c, 0x0, 0x22d00, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r3, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r4, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x480c0}, 0x0)
accept4(r3, 0x0, 0x0, 0x400000000000000)

11m45.509585077s ago: executing program 5 (id=7313):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
creat(&(0x7f0000000080)='./file0/file1\x00', 0x90)
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000100)='./bus\x00', 0xe8)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
unlink(&(0x7f0000000100)='./file0/file1\x00')

11m44.109826906s ago: executing program 5 (id=7315):
syz_emit_ethernet(0x2a, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a0000000400"], 0x48)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000d84000)={0xa, 0x2, 0xfffffffc}, 0x1c)
sendto$inet6(r3, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c)
sendto$inet(0xffffffffffffffff, &(0x7f0000000080)="6719", 0x2, 0x20004810, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
syz_usb_connect$cdc_ecm(0x1, 0x4d, &(0x7f00000017c0)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}}}]}}]}}, 0x0)

11m38.610709197s ago: executing program 5 (id=7324):
socket$nl_xfrm(0x10, 0x3, 0x6)
setgroups(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
timer_create(0x3, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000022c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r4, &(0x7f0000002600)={0x0, 0x0, &(0x7f00000025c0)={&(0x7f0000000900)={0x24, r5, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@TIPC_NLA_LINK={0x10, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004000}, 0x4000000)

11m35.274222991s ago: executing program 5 (id=7328):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x9a974000)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r2, &(0x7f0000000040)=0x1c9, 0x12)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00')
lseek(r3, 0x36, 0x1)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x800000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
mremap(&(0x7f00003ef000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

11m18.229520256s ago: executing program 51 (id=7328):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x9a974000)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r2, &(0x7f0000000040)=0x1c9, 0x12)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00')
lseek(r3, 0x36, 0x1)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x800000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
mremap(&(0x7f00003ef000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

9m56.52082939s ago: executing program 2 (id=7442):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$radio(&(0x7f00000000c0), 0x2, 0x2)
preadv2(r3, &(0x7f0000000440)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x0)
openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mkdir(0x0, 0x0)

9m54.968257857s ago: executing program 2 (id=7444):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept(r0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="12000000040000"], 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000300), &(0x7f0000000000)=@tcp6=r2, 0x1}, 0x20)
recvmmsg(r2, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x12000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000000c0)='sys_exit\x00', r4}, 0x18)
accept4(r2, 0x0, 0x0, 0x80000)
chdir(0x0)

9m54.746751128s ago: executing program 2 (id=7446):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$UHID_CREATE(r0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000400), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x41}}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendfile(0xffffffffffffffff, r2, 0x0, 0x20000023893)

9m53.80784441s ago: executing program 2 (id=7449):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x80000)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x4660, 0x800, 0x3, 0x285}, &(0x7f00000004c0)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r2, 0x0, 0x0})
io_uring_enter(r3, 0x40f9, 0x217, 0xa5, 0x0, 0xf5)
socket(0x23, 0x5, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_usb_connect(0x1, 0x2d, 0x0, 0x0)

9m43.286031508s ago: executing program 2 (id=7463):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x84}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000040)=@name={0x1e, 0x2, 0xc5d116e9899720b9, {{0x42}}}, 0x10)
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
semctl$SEM_INFO(0x0, 0x4, 0x13, &(0x7f00000003c0)=""/34)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="400000000203010100000000000000ffffff7f000800034000000000080004400000000008000540"], 0x40}}, 0x0)

9m40.385209959s ago: executing program 2 (id=7466):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r1, 0x0, 0x4044040)
open_tree(0xffffffffffffffff, 0x0, 0x81801)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
getsockname(r2, 0x0, &(0x7f0000000200))
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x4008810)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket(0x10, 0x2, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_inet6_SIOCADDRT(r5, 0x890b, &(0x7f0000000780)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev={0xfe, 0x80, '\x00', 0x24}, @remote, 0x9, 0x0, 0x1, 0x100, 0x4, 0x2930310})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x80, 0xfffffffc, 0xdc67}})

9m24.315251667s ago: executing program 52 (id=7466):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r1, 0x0, 0x4044040)
open_tree(0xffffffffffffffff, 0x0, 0x81801)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
getsockname(r2, 0x0, &(0x7f0000000200))
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x4008810)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket(0x10, 0x2, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_inet6_SIOCADDRT(r5, 0x890b, &(0x7f0000000780)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev={0xfe, 0x80, '\x00', 0x24}, @remote, 0x9, 0x0, 0x1, 0x100, 0x4, 0x2930310})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x80, 0xfffffffc, 0xdc67}})

7m6.945913481s ago: executing program 3 (id=7625):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
accept(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
r4 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
connect$llc(r4, &(0x7f00000000c0)={0x1a, 0x0, 0x0, 0x3, 0x2, 0x10, @local}, 0x10)

7m4.89275151s ago: executing program 3 (id=7626):
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_io_uring_setup(0xdaf, &(0x7f0000000180)={0x0, 0x2, 0x13291, 0x0, 0x3b3}, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
creat(&(0x7f00000002c0)='./file0\x00', 0x6)
mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1)
mount$afs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x801, &(0x7f0000000300)={[{@dyn}], [{@smackfsdef={'smackfsdef', 0x3d, '&@$--}'}}]})
r3 = openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0))

7m3.291531268s ago: executing program 3 (id=7628):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRESHEX=r3, @ANYRESDEC=0x0])
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000100)={0x4, <r4=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r4, 0x4018aee1, &(0x7f0000000180)=@attr_arm64={0x0, 0x1, 0x1, 0x0})
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000480)={'wlan0\x00'})

7m1.364619548s ago: executing program 3 (id=7630):
bind$rds(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
close(0xffffffffffffffff)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000a00)={'wlan0\x00'})

6m59.914956864s ago: executing program 3 (id=7632):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x8000)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x4)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
getgroups(0x2, &(0x7f0000001080)=[0xee01, <r4=>0xffffffffffffffff])
keyctl$chown(0x4, r3, 0xee01, r4)
keyctl$setperm(0x5, r3, 0x30925)
keyctl$KEYCTL_MOVE(0x3, r3, 0x0, 0x0, 0x0)

6m57.216308739s ago: executing program 3 (id=7634):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000340)=ANY=[@ANYBLOB="f0000000100013070000000000000000fc020000000000000000000000000000fe8000000000000000000000000000100004000000000000000000202c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe"], 0xf0}, 0x1, 0xe}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)

6m41.178438813s ago: executing program 53 (id=7634):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000340)=ANY=[@ANYBLOB="f0000000100013070000000000000000fc020000000000000000000000000000fe8000000000000000000000000000100004000000000000000000202c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe"], 0xf0}, 0x1, 0xe}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)

4m21.400028638s ago: executing program 4 (id=7695):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x3, &(0x7f0000000000)=0x1, 0x4)
bind$inet6(r4, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
connect$inet6(r4, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000001c0)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)

4m20.176911384s ago: executing program 4 (id=7696):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x401)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x0, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000380)={0x1, 0x0, 0x0, &(0x7f0000000280)=""/233, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x0, 0x1, 0x0, &(0x7f0000000700)=""/88, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000005c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000)
write$eventfd(r1, &(0x7f0000000080)=0xfffffffffffffffe, 0x8)
openat$audio(0xffffffffffffff9c, 0x0, 0x88602, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000002000)=""/102400, 0x19000)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x2, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000020100000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000011000000bf09000000000000550901000074f696e500000000000000180100002020702500000000002020207baaf8ff00000000bda100000000000027010000f8ffffffb702000008000000b7030000000000002500000006000000be91000000000000b502ecffffff00008500000005000000b70000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, 0x0, 0x0, 0x9, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)

4m17.246147939s ago: executing program 8 (id=7700):
r0 = io_uring_setup(0x2e34, &(0x7f0000000180))
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
sendmsg$tipc(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1}, 0x1}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xc084}, 0x24000080)
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="1500000065ffff0480000008003950323030307a92ab"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r5, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r6 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
write$UHID_INPUT(r6, &(0x7f0000000540)={0x8, {"1a17924ab218eacb15a3fccf929e2dd2497903c1f853d95b995c65e99449ff953fa11c7723b2149ecdaa7f833f60e13b19a66e963f7e8da4297ebbfdda5b36fb4d01bd02e6c652dc4d99e2cb82c2a1d4a45e4c89ba9994e82f854bbc34a40b3a58aa256c9b4512fbf91b9846446c4909e4ec53982e7d7fd11ee0bdeab0bb4c469c9665dde8cb58f0ca148223b6cc4e2f306cfbeccedec8db5212f2fc4e14f836c68bdace4db1afbde9d463e5ac24567925b5fdf0e3af1a52dbd7669fe9227302c8f635bc2ddbf5bd7dccd7b92a9bd5c7363375a57851c2bc72509f2005f138f5a59cf85e9ddb1c972c89d50806e8941b7059cd3eca77527a7f20af70841b4d6f026614bdbb276a6814cc74d91856b968c5fdb52674d892a90d01ab91841b6811def78bdac9bc6f9df2598569fbdfef75079832b2750801dc83fd1987713c61136ac9e5f2f7e67f302109bb9a7fea75290b506a89a19d7e0e472937a8c9ecfe16ef6eb88c7a88a060756196d55d6a3d3f7cdf9915d22b6b3af69ec55017b821ec0621e8a59414efc2b46977a85846b53ae75a350947afcafbdef7233cc371bc2a6f29c0315b352ac2741c81df534303ddb30a4408db5679d05d245259c245c9d7f861711cc287cfd0462b948512623b921060386c587fd166df29e71ecfc8ed90031e95b2af1406b5ae73f6084e39e88194e3d37dc801982656b5b66342d74100f9f5b8c94c1e91b626bbf426a07b4be91dbdb76a6e40d0b788f89359e462e69bc4499fd4f9aa1e7f0c3f73a996b6ecef606c7651286e1f18a6823eed7191cd542057eaaf09aa32e8ce370c09050278b85fd359b8ca23e66e9d294ec57b3ddd90409d9b1ca28c6993b244f8ca46f6bf478ff22fb1df53e33abdda4b2b1e5cff7de19957bdc8e7ca39e4762204b1f9f33b9375b7282422b91841706751038e42023ba45c1cd0998c1794c1c2a5ff65466189bbb27bcbf01e5a48bfd8b6845f7d5c87d977df4ded5273ebf56b96c50b4eadc44bfaa0994259eeb1031644415fa9d729753d2138b06f9b7b624d9eeb1ef71dfdff0b639078f058c7a070451c4670af0c6eb1202f77be82faba9b6287995066b5f7e59b7967706d8d8c5bde48137e13df537ae54664fe4e8460b1bdf5b92a1dcf39ee1726bc6690d0ac5f799bcfab918c59cb132c45054ba17b8a44d505ad3eaeee95b4275b25b2087da8902552727a1e739014df348cfa3a1102661c35a6a38df6c410f5343577955dd57de5af089e3f1bcdf96d4ef1d5944243470b0ed10616144cccc5cac44e36fefd9441120c5d047867af0ea353da21fc0ae73b78b84d53a62efeb94ea8d441cc698c92fd7b36cf41472d036c5093bbdf943620c29ffa3b21ef4a0bb9274912b046834ee6f855ceadf18fb488040d5829ab6e8bf69a90315f7f84d002ac4e929e9f1010a8486746bd316799ba3a65744980c388202324ba50768c77a8481ba74d135da7507048c82714a8234837b69922126e4084a68f7418bfd26417cade786c7f8185e2492e3b64eb9d2c2c721504c7b4aeb383503f745fd69315c56b5b0158decd1b1606a63366b7e2d2b9124b6efca4480c703c8f37d6ddff55b0ec15f2ce6be6c902d06aec2ccabeba13b442b608076c33d19e690ab66cf6678d679758d22fb5d8d963f25d00c45576f8b2938543080297b9cb6c305e3131d2f412f00370c285251909f8ebefc3d18a23e25a183997b08251450b29fff32781e6a70e6e070ab3921f3f809392deb732d6f30cc034b5f77d41218bca86d515b16da0457dbf7aaefdcef9d5358e7b4f1e5d1a410f55449e765609d122f938fd57b71482244dff0523067cabfd322fc47aca1c331112e3d969f5fe3594c3c7adea7c36e9b9af6754cdea5ccf05b139f783d4b24540c50a6a9f7dff472d47c87c151d8439b5740cd1f423335dae2680050bd44766159cba66666b7dbc9e190130494327a0d8c9dbed5c8b831ce2b2bb236353ff7175a48b61a0f3209fa3db44f07a21a485ef1682a33cdf632ac2d6ca993b6cd90913e31704bb851711e1f2b5ebb19baaba102dd42d550933e9dfc17311665fef4d0206d7debbcbbd97efafffb905bf9a77b8eeb67d5f8bef8526f6f8607672bb3c50b14e16c264265594e05fa481f724290abdc9f60a899f26033236e3b90548c24288a7b627b51c4d7c638c359ec6325b0d79e1d69cf18cd9136a263b6aa84ad062b9831fc7c201b7ccec7d3b7ea2132ee4579632bf614bcde285527c36ef8a8e12651ef34a677a8d2f84360afa2f2245e4e0d61a12e8e446045fae61375082f983363795f11848edad24b3f7ae53f0eeb329fa62b6d7b446e3b2c1257981f9c0c3ea371c71021af834a285203b2e3177ddf5251044ea215c048f78701dec36a94ca3c435278d1fd889996adf5ea7c8db62f2b1331bc22c4b7798d587a5c4e619b7b576e19d92996bc0bdc0c8c15374e11b6eeda0e18b35aac4b96db9cdba025080bf5bea4ffdf4fa3c93ec5feede0a140f7f6727ef255783565935d59d348aaa6d12c060afd5f6d084346309d8cbf54b33050ecccf30ae083c4034165880214a94a5296427e2fcb6d90692a82212b6b8d86c6d163f0643944aaba4af1171aed463994f1374e1ec1654b89b04e9d635074e8d131bc2443daf1caad455671470329a287f4c711cb907403d5c05184cd3a647823b5b9c6dc4451fdde92dc1cb87010197026458b40d4809ab60aca1af6bb3702a3e0506cdd21faa6d9909f4ed74723de75fc48d44314fa3cc0c8e8ea226ec1d5875b9595aeacdff0a9f75b4a60dde781c58179f997ecb6479c91ecacc65bfe293a2d26c21ae7c1d7be1241cc1c4ea86a6cf8d93012bd98508aae8db723ff167026298cab227b7d0062c27ccc8e81df7268423ad063638760b44e77147ee9bd84140166ae2bfd592f845ca68c719f7520ae3c9988cc89db73bf93ad6f2f7d9394b2288f0176723acd167081ade4e066a26832f7b655cd874aa5026a7369bb9912c90599d1407f0488a9c540a31997890f5433bd1df91ba13a9e0721c9a707eac7cff1c3efef6cd716779c7ad631c3560caa2031d9d2591329c1867d0d5f96b5897cac2c6a381f0ce5c27969c2b3e7d188e1e896d815b01a3e177933817325953140272ad718a36ae522d43de109ba92255ee66d2a14897f2b2014dc9a495c108727e0eef54df617e269e43a0c48d28a91aaf14d58719e21ea39c1c534e39a1dfabb61377b55d2f69fe79c7d5111b8b952c388925ea8ab1503ae68bce95a34a10a85aa0e5da52add14b93eaac5861a6504e23dda8034e809253c1071ddda934663faac454cd378c5725f5c6f4d943779994357185e512a4b6993156e624f25d86d24e7254d3e9b231aa80ed5a32e108cb528d402f93e58c25ac937420ff7dcd7d9ec2126c7fe7cefa47c038f23de40523d5e026fe3bb4cfd3040f9bd9631cf5a2cde1e20a6032703cd64c2ad97ea95d05a7aa3ea3b3b9d5a86961116dd1338c0a2caae0ceab3178ac7736dfa8a949cd81d261748e6678cb730b57468fb2b7e22c5eb08ad496e76775dce0c31950a596580ad7d6c3fd9ce90dded340f20b77fe53e81fb6e2a7a6c450b8ac9009c7c077893f704457a90401fb758c0769fbfd38e40ae692e410b889bbf0b09a32dc731b6768c0fa3963a5b6279b6a5db611174339f3218fff567f6cfb7377ddc8e2c730da35cc3ec680a6bc95010dd03834caab7afb2c0023ad9ce3aae3c0fd1ece42ea840bf5fc798a0b5fbe7692f13549cdba4a0b68f722ef6877856a76fc3c39f7cfd760675a9f341d9f09f381972be9171e50455ed13e665e61a03b0c2a79276a871c25fc5c486639a71a8dfdf36174373b8995014752aba3026045be6b43074ac3824d687bbf5f6544228cea52791828f54980ee9f728534ea32edd205aaace717adcf61ce28f92719048d44b09812bcfd2d22cc9d7a45ed6b4634756f6b3189908c71728c373ea94aa5c74ce4a73c20138b8cb21db6e2dfb35329b86b1805a5208dd370b8342ca8aa3cbd3e7a3ec79d7b8ee677b04e19c524ddc6de0b22443ac15de908f61719399d0f9890ca2b0283a7db914944f424af10ba0ec9e3e253c060d7b28552eaae5eed1e906f8f93c2195293deabdad6cb38ddab51603e4a96ef1e086de911fb716ffbca467294d9e66e5d0f8225bc28d6c074c4ffba76706f61b0b386b7e4b6500a15fad291f34f6c84f1596a97512f31196a529a7a5725437c038e17d531da3838c8aef3bade6bc1d4c7624560d4fba72e5f8be2c5dc905e1e4bcb2aa7eddb275408ef4288ac69c7a18ae58fb26c2f5a6964f051b81d2e426fc2a5d8617050341b96d5a746e3419fbe94bd3752403868b655c2dba6f48ef109a2e6ec0041842fae52bfab70481ecfe8d27f3d5e444f1b941d871c8057cbe35df68665bc3aadea02d203b106d1179a428daa7d9fea9dbddd8955bb289a92ec790de74cd6a1edf925ab85471633dedf8ba46abe456963a2381addce2aa16c06dd80bb54d8e53d7c82607916af175061da29122afde8687add6b6f42233b76a1164893dcc1ec3dcf935576d2d0f3ab3b1adbace086da915234b4f9bad0afc2915608fc4f6611dc3b91d7e0e48cb0a0f3fdc70ef70ef82043afbd3325f0f6186390ab28ca9f0009184637530d79f0c5a77c6e912afbe6533988f543fc6c02d3d44fbdb0e2ebfad2680184f1ed451991667df958a71fb41cf4367bdb931389ea8b6340e225b312a09dadd8e2ac2d200db6e75323d48c73c6b819e13f92b01bf405e796a2e10b863e773598abcbcc196987e18b19530337809b56480778207103a12acfff1c0ad62846088251a1a0d0d6b300059a99698c84ccac78d53eb32e3984001978db7679960b4d75d71b49696909826c66320526fe02a060265821d15b8b2337121a201402a118ec03ff0d4f3dfa48f2dadd20b510ecdf4e6440b5b2466b9bf28e32327189f0405245694a6371dbe4eae7a8293cdc15193c284123d64690120634f808096a8f3f7a04a5bac9dd86c09f2e4e87c7d7c98d0b370e84ea5f265730f5480eb1375d4f82c7d4efbb6e58c5a92848331b2becd2531f6c456b5d0e690b102dd8faec55bde56f95727f4abf52c58543faaeb9cefd39bba788bd7e2b02b27ecbc1679a1ac00823c83e1ae29690cd25544d3ae0a8db25e963e9fb5bd94987637ac3546b9b312bf04d5c6211c135e806525d423fde9ccb5ef7962ec1e056e6f29adaeebb331f6c234586d1fe21577f56d620c6942a29d4915772144cc60008d1236db21100d5a3112c29396b9e18cdb5b104bed2df2b6ea72c9aa03bb6082f3eb07f0eae359864967a749492d21005b0d39c9613c20b1e21700ab66a4f5ca03ec08d67b95f759252d758743820ba243032e1708447fbaebc27e1316af4cf547cef3ac4966a1f04dd07012f257a0204107c23a0046b12493d9784b24dc561c1f88e591056bcc3b338ab1de65e5ad578021f26f93e9b12f00b5f8c8ae2db6b7b8f254303c7ff06514735974e65fb9a93dc79b115a12310040490ca11ef315340af104e20a2e22dcd132f7d7a61d9d3a12e832ee048a2170dbe03d747ed7402180eb964fde0ecb77e778b18a4e5a83479bb7e0ea0a7d5145ffed4607bd7e6b8f961625d5e3dcac2d4a05e71dc9c2e52195bd55aed4e6749dc1c329e2cda966d18e9bf882c05db627c1047fc71533bbba2c8a83d04db5bad6da349a9ad1992eb88e0274d32a16137e2396ad973c0ecbbc2d243e68b6959bf9b", 0x1000}}, 0x1006)
umount2(&(0x7f0000000540)='.\x00', 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)

4m17.090086986s ago: executing program 4 (id=7701):
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r4 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r4, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
r5 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000280))
close_range(r3, 0xffffffffffffffff, 0x0)

4m15.075406485s ago: executing program 4 (id=7702):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x1c0)
r0 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000200)={0x100, r1}, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0/file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000280)={0x100, r2}, 0x0)
close(r2)
close(r1)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x100, r3}, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
landlock_restrict_self(r0, 0x0)
close(r0)
mknodat(0xffffffffffffff9c, &(0x7f0000000380)='./file1/file0\x00', 0x81c0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000003c0)='./file2\x00', 0x81c0, 0x0)

4m14.657747815s ago: executing program 8 (id=7704):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xb, 0x0, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500010006200000050005000a00000005000400000000000900020073797a310000000011000300686173683a69702c6d61726b"], 0x4c}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x4c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @local}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}}, 0x4000080)

4m13.648724923s ago: executing program 4 (id=7706):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$6lowpan_control(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000100)={'syz0\x00', {0x0, 0x2, 0x0, 0xb03}, 0x2b, [0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x6, 0x0, 0x0, 0x800, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4000000, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffe, 0x0, 0x0, 0x0, 0x3, 0x0, 0x401, 0x0, 0x0, 0x4, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x0, 0x0, 0xffffffff], [0x2, 0x2, 0x0, 0x0, 0x10000000, 0x800000, 0x0, 0x44a, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1409, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x180d, 0x0, 0x1, 0x0, 0x0, 0xf, 0x0, 0x0, 0x58000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x4, 0x0, 0x3, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x9], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0xfffffff6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffe04, 0x0, 0xb0d, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x80001, 0x0, 0x3, 0x7f, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0xef86, 0x0, 0x0, 0x0, 0x800]}, 0x45c)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
write$FUSE_DIRENTPLUS(r3, 0x0, 0xb0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x20842, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

4m12.110928222s ago: executing program 8 (id=7707):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[], 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, 0x0)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r4, 0x4c80, 0x7000000)

4m10.806002092s ago: executing program 8 (id=7709):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
symlink(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000280)='./bus\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000004}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x1e8629867d7bdaee, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
fstatfs(0xffffffffffffffff, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

4m10.511881142s ago: executing program 4 (id=7710):
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080))
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x136)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
fcntl$getown(0xffffffffffffffff, 0x9)
writev(r0, &(0x7f0000000840)=[{0x0}], 0x1)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000d40)={0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="310325bd7000fadbdf250b00000008000300", @ANYRES32=r5, @ANYBLOB="8aa7b2d6ddaf7f971ce452e9db257a75501bfede3aa1f0158f427c8f22d6aebe7ba9a13ab23475f1f156"], 0x1c}, 0x1, 0x0, 0x0, 0x24048800}, 0x4000000)

4m7.291766696s ago: executing program 8 (id=7711):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
capset(&(0x7f0000000000)={0x20080522}, 0x0)
setxattr$system_posix_acl(0x0, &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000180)=0x12, 0x4)

4m4.420607088s ago: executing program 8 (id=7713):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x25, &(0x7f00000000c0))
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f0000000000)={0x1})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x26, &(0x7f0000000000)={0x1})
close(r3)

3m53.905460501s ago: executing program 54 (id=7710):
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080))
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x136)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
fcntl$getown(0xffffffffffffffff, 0x9)
writev(r0, &(0x7f0000000840)=[{0x0}], 0x1)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000d40)={0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="310325bd7000fadbdf250b00000008000300", @ANYRES32=r5, @ANYBLOB="8aa7b2d6ddaf7f971ce452e9db257a75501bfede3aa1f0158f427c8f22d6aebe7ba9a13ab23475f1f156"], 0x1c}, 0x1, 0x0, 0x0, 0x24048800}, 0x4000000)

3m48.487082731s ago: executing program 55 (id=7713):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x25, &(0x7f00000000c0))
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x26, &(0x7f0000000000)={0x1})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x26, &(0x7f0000000000)={0x1})
close(r3)

41.626285561s ago: executing program 6 (id=7909):
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f000001aa40)=""/102400, 0x19000)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$cont(0x20, r0, 0x9, 0x3)
ptrace$getregs(0xc, r0, 0x21aa, &(0x7f0000000000)=""/56)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi3\x00', 0x48081, 0x0)
r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, &(0x7f00000000c0)={'dt2801\x00', [0x4f27, 0x2, 0x10000, 0x4, 0x4, 0x0, 0x8, 0x7, 0xa, 0x0, 0x2, 0x1, 0xff6b, 0x800, 0xfffffffe, 0xb4c, 0xffffffff, 0x1a449, 0x3, 0x40000003, 0x89, 0xcaa7, 0x0, 0x20001e58, 0xb, 0xe69, 0x3c, 0x8, 0x65c, 0xfffffffd, 0xfffffff8]})
pwrite64(r2, 0x0, 0x0, 0x5)
syz_open_procfs(0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x12)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0xfffffffffffffffc)

39.359922044s ago: executing program 6 (id=7911):
ioperm(0x4, 0x1, 0x2)
keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
fsopen(0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18)

37.004933642s ago: executing program 6 (id=7914):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$unlink(0x9, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x0)
unshare(0x2040400)
r4 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x1f0, 0x0)
mq_timedsend(r4, 0x0, 0x2000, 0x6, 0x0)

35.080434974s ago: executing program 6 (id=7915):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000180)={0x0, <r1=>0x0})
sched_setscheduler(r1, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00 \x00~\x00'], 0x14}}, 0x4000054)

21.431186943s ago: executing program 6 (id=7925):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r4}, &(0x7f0000000180)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4e00ab6de6b45"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='io_uring_queue_async_work\x00', r8, 0x0, 0x4}, 0x18)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r5, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r9 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x16b601, 0x0)
write$sequencer(r9, &(0x7f0000000240)=ANY=[@ANYBLOB="0293"], 0x9)
ioctl$SNDCTL_SEQ_SYNC(r9, 0x5101)

19.541787507s ago: executing program 6 (id=7926):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x3000d041)
socket$netlink(0x10, 0x3, 0x8000000004)
accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200), 0x0)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0xfe, 0x0, 0x7ffffffe}]})
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
r4 = open(&(0x7f0000000300)='./file1\x00', 0x14b042, 0xc4)
ftruncate(r4, 0x2007ffb)
sendfile(r4, r4, 0x0, 0x1000000201005)

14.125926333s ago: executing program 7 (id=7931):
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1f, 0x0, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(0x0, 0x7, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
r3 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0)
r4 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r4, 0xc0405665, &(0x7f0000000080)={0xf, 0x2, 0x1, 0x20, 0x2, 0x9, 0x2})
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r3)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xb7, 0x9e, 0x69, 0x8, 0x2040, 0xd300, 0x16b3, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xf6, 0x0, 0x0, 0x65, 0x80, 0xca}}]}}]}}, 0x0)

6.881398365s ago: executing program 7 (id=7932):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0xc)
r5 = openat$cgroup_procs(r4, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0)
open_by_handle_at(r5, &(0x7f0000000100)=ANY=[@ANYBLOB="0c0000000100010004"], 0x408100)

5.304652237s ago: executing program 7 (id=7933):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x400000, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000300)=@gcm_256={{0x303}, "fffffffffffffff9", "241ac1eb797f3647a51ed8fb51ee710f00214de279c9b7e07a696756a31d83d7", "f8a2e06d", "00000400000100"}, 0x38)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000000), 0xffffff6a)
sendfile(r0, r5, 0x0, 0xffffffff004)

3.587979621s ago: executing program 56 (id=7926):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x3000d041)
socket$netlink(0x10, 0x3, 0x8000000004)
accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000200), 0x0)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0xfe, 0x0, 0x7ffffffe}]})
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
r4 = open(&(0x7f0000000300)='./file1\x00', 0x14b042, 0xc4)
ftruncate(r4, 0x2007ffb)
sendfile(r4, r4, 0x0, 0x1000000201005)

3.577333855s ago: executing program 7 (id=7935):
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180f0000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x402000, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r4, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r4, 0x84, 0x19, &(0x7f0000000040)={0x0, 0x200}, 0x8)

1.614711646s ago: executing program 7 (id=7936):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0x100, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0x7, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x3, 0x7, 0x9, 0x7a18fde9, 0x9, 0xf12, 0x4, 0x3, 0x378, 0x350bae1a, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xd4f, 0x7, 0xf2, 0x10, 0x5, 0x8, 0x10001, 0x401, 0x80000000, 0x2401, 0x2, 0x1, 0x0, 0xff, 0x4, 0x4, 0x3, 0x0, 0xfffffffe, 0x40000000, 0x80000000, 0x7fff, 0x7, 0x3, 0xa, 0x0, 0x10000, 0x401, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x1, 0xb6, 0x24, 0xcb, 0x5, 0x7f, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xff, 0x5cb5, 0xfffffffe, 0x401, 0xedf4, 0x4, 0x93de, 0x6, 0xfffffffe, 0x8001, 0x0, 0x10003, 0x8, 0x1, 0x32, 0x98, 0x7f, 0x2, 0x401, 0x2, 0x2, 0x4680, 0x7, 0xe665, 0x3c6e, 0x3, 0x40, 0x80, 0x4b, 0x8000, 0x2, 0xb, 0x6, 0x4fa4, 0x80000002, 0x1, 0xb, 0x0, 0xfffffffa, 0x3, 0x9, 0xfa, 0x101, 0x4, 0x40, 0xa, 0x1b, 0x1ff, 0x7ff, 0x2, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0x1, 0x3, 0xa0, 0xf, 0x1ff, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x9, 0x1, 0xf1a, 0x664, 0x4, 0x9, 0x9, 0x2, 0x4, 0xfffffffd, 0x10, 0x0, 0x2, 0x10000, 0x1, 0x9, 0xf7a, 0xc6, 0x1, 0x4, 0x6, 0x0, 0x6, 0x8, 0x8, 0x68, 0x7, 0x1, 0x5, 0x3, 0x9a3f, 0x400000, 0xfffffffe, 0x80000067, 0xffffff7e, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0x2, 0x40, 0x1c, 0x80, 0xb5f8, 0x8bc, 0x3, 0x101, 0x5, 0x63, 0x4, 0x8001, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7fffffff, 0x73, 0x7, 0x8, 0x401, 0x400, 0x40, 0x0, 0x0, 0x0, 0x546c, 0x0, 0x5aa, 0x7fff, 0x7, 0x4, 0x8, 0x6688, 0x45e3, 0x5, 0x7, 0x1, 0x5, 0x2, 0x0, 0x1, 0x2, 0x3, 0x4, 0xce, 0xf, 0x0, 0x1, 0x667, 0x3, 0x0, 0x9, 0x9, 0x37d, 0x10001, 0xc, 0x1, 0xc, 0x2, 0x6, 0x4, 0x6, 0x1, 0x9, 0x6, 0xfffffffa, 0x3, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0x7, 0x34ea, 0xc, 0x0, 0x80000001, 0x8, 0x8000, 0x3a, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x10000, 0x4, 0xffff, 0xe, 0x89, 0x1, 0x7, 0x5, 0x73, 0x1, 0x9, 0x4, 0x1, 0x9, 0x0, 0x8, 0x0, 0x2, 0x80000004, 0x29, 0x9, 0x0, 0x4, 0x4, 0x101, 0x1, 0x4, 0x5, 0x4, 0x10001, 0xf, 0x9, 0x100, 0x4, 0x59b, 0x7, 0x8, 0x9, 0x3, 0x2, 0x4, 0xbf, 0x0, 0x8, 0x40, 0xd3, 0x7, 0x1, 0x89aa, 0x8, 0x0, 0xf0ce, 0x4, 0x1, 0x0, 0x2, 0xc6, 0x1000, 0x1, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x3, 0x9, 0x5, 0xffffffff, 0xbe, 0x4fe, 0x7, 0x0, 0xffffffff, 0x0, 0x3d6, 0x0, 0xc, 0x6, 0x7, 0xfffffeff, 0x4, 0x2, 0x7fff, 0x101, 0x7, 0x6, 0x706, 0x2, 0x49, 0x10, 0xfffffff7, 0xfffff772, 0x6, 0x80000000, 0x5, 0x1, 0xa9c, 0x9, 0x9, 0x1, 0x2, 0x5, 0x1000, 0x5, 0x1ff, 0x9, 0x3, 0x3, 0x10001, 0xffff0000, 0xf, 0x1, 0xffffa5ba, 0xffffa9b4, 0x1, 0x4, 0x5, 0x3, 0x4b5f, 0x6, 0x9, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0xc90, 0x1, 0x7, 0x8, 0x1, 0x10000, 0x57dc, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0x5, 0x5, 0x4, 0x100fff, 0x9, 0x10, 0xfffffffd, 0x4, 0xc2, 0x400, 0x4, 0x2, 0x80000000, 0xd, 0x3, 0x1, 0x0, 0x5, 0xb6, 0x101, 0x401, 0x2, 0x7, 0xc, 0x6623258, 0xf2, 0x741, 0xae6, 0x9, 0xffffa0ae, 0x100, 0x6, 0x2, 0x8, 0x9, 0x1, 0x7f, 0x0, 0x9, 0xb, 0x800, 0x4, 0x3ff, 0x5, 0x7, 0x7, 0x8, 0xfe, 0x7f, 0x9, 0x4, 0x2, 0x20000000, 0x2, 0x8000, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0x8000001, 0x0, 0xfbf, 0xfe, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xfff, 0x100, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x6, 0x4b15, 0x10000, 0x1, 0x9, 0x1, 0xd, 0x9, 0x8, 0xfffffe01, 0x1, 0x6, 0x0, 0x7, 0x10001, 0x1, 0x7, 0x1, 0x5, 0x6, 0xffffc487, 0x200, 0x10001, 0x37c, 0x7, 0x6, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x8, 0xe, 0x0, 0x402, 0x4, 0x80000000, 0xb46d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0x9, 0x3, 0xffffffff, 0x9, 0x7, 0x6, 0x8, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x25, 0x0, 0x7, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x80000001, 0x0, 0x80, 0x8, 0x6, 0x0, 0xa95a, 0xff, 0x5, 0x2, 0x2, 0x4, 0x10000, 0x80000001, 0x5, 0x8001, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0xffff, 0x80, 0xfea5, 0x7fff, 0x7, 0x7, 0x902, 0x7485, 0x9, 0x8, 0x0, 0x5, 0xf, 0x5, 0xe, 0x8, 0x1000, 0x3, 0x7, 0x382d, 0x9, 0xcad, 0x9, 0x0, 0x2, 0x9, 0x6, 0x20000a4, 0xe0, 0xfffffffb, 0x5, 0xffffffff, 0x2, 0x7, 0xa05a, 0x0, 0x0, 0x0, 0x35, 0x8, 0x1, 0x1, 0x30, 0xffffff7e, 0x1, 0x2, 0x4000009, 0x3, 0x7, 0x80000008, 0x8, 0x4000, 0x1, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x43, 0x3, 0x9, 0x5, 0x80000000, 0x9, 0x0, 0x5, 0x81, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x2, 0x5, 0x1, 0x9, 0x7, 0x2c1, 0x9e95, 0x2, 0xf90, 0x30c8, 0x2, 0x38a0, 0x7b, 0x0, 0x8, 0x9, 0x6, 0x9, 0x9, 0x8, 0x5, 0x8, 0x1ff, 0x7fff, 0x3, 0x2, 0x8, 0x2b, 0x200006, 0x4, 0x7, 0x2, 0xfb4, 0xbf8, 0x7, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0x3, 0x6ae574d2, 0x6, 0xfffffe00, 0x1000, 0x6, 0x92, 0x3, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x9, 0x1, 0x6, 0x1, 0xff, 0x100, 0x4, 0x2, 0x6, 0x80000000, 0x0, 0x100a, 0x7fffffff, 0x7fff, 0x2, 0xfffffff8, 0x2, 0x9af, 0x7, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x40, 0x0, 0x6, 0x7fffffff, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x5, 0x6, 0x1, 0xb, 0x1000000e, 0x40000005, 0x1, 0xfe7, 0xfffffffc, 0x8, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xd, 0x3, 0x4, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x6, 0xa2ab, 0xf28c, 0x30, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0x0, 0x924, 0x6, 0x100, 0x1, 0x5, 0xffff351b, 0x8, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x4, 0x1, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x2, 0x7, 0x3, 0x9, 0xc9, 0x1, 0x1, 0x1, 0xfffffff7, 0x0, 0x5, 0x5, 0x6, 0x400, 0x51, 0x3, 0xefb, 0xb8, 0x8, 0x5, 0xfffffff7, 0x7, 0x7, 0x5, 0x6330, 0x0, 0x6, 0xea, 0x0, 0xfff, 0x809, 0x6, 0x0, 0x6, 0xffff, 0xfffffffa, 0x3, 0x0, 0x1, 0x6, 0xfffffc00, 0x5, 0x7, 0x2ec, 0x9, 0x6, 0x3ff, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x99, 0x3, 0xe, 0x1, 0x1, 0xc, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0x5, 0x3, 0x9, 0x2, 0x80000001, 0x54, 0x400, 0x1, 0x8, 0xa, 0x9, 0xc0, 0x3, 0x72, 0x80, 0x1000, 0x5, 0x800, 0x6, 0xd19, 0x3, 0x93c, 0x6, 0x0, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0x5, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xfffffff8, 0xffff, 0xfffffff9, 0x9, 0x9, 0x62, 0x8, 0x1, 0xfffffffb, 0x1af88, 0x2, 0x9, 0x7, 0x0, 0x7, 0xfff, 0x10000, 0x40, 0x8, 0x7, 0x2b, 0x5, 0x10, 0x5, 0x200, 0x7fff, 0x6, 0x3, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x7, 0x7ff, 0x0, 0x1, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x8, 0x6, 0xe, 0x3, 0x80000001, 0x0, 0x8, 0x8, 0x7, 0xdd, 0x8, 0x89, 0x0, 0x100, 0x1, 0x9, 0xe75, 0x400, 0x1, 0x3, 0x200, 0xe9ab, 0xfffffff8, 0x51, 0x13, 0x2, 0x2, 0x43, 0x3ff, 0x0, 0x7, 0x9, 0x3, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xfff, 0x5, 0x8]})
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r4, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @loopback={0x300}, @local, {[], {{0xfffc, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

0s ago: executing program 7 (id=7937):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0xba, 0x2)
bind$tipc(0xffffffffffffffff, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
openat$autofs(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r1, 0x90004)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, &(0x7f0000000040)={0x3ffffffffffffe96, &(0x7f0000000000)=[{0x2000, 0x5}]})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000140)={0x0, 0x3, 0x4, {0x0, @pix_mp={0x3ff, 0x2, 0x30314247, 0x6, 0xa, [{0x9, 0xff}, {0x10000, 0x1}, {0x9, 0x7}, {0x101}, {0x6, 0x8001}, {0x3, 0xe}, {0x5, 0xe}, {0x5, 0x4}], 0xe, 0xcc, 0x6, 0x1, 0x4}}})

kernel console output (not intermixed with test programs):

d on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2195.571889][T27441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2195.573930][T27447] chnl_net:caif_netlink_parms(): no params data found
[ 2195.591205][T26134] Bluetooth: hci2: command tx timeout
[ 2195.696205][T27441] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2195.696223][T27441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2195.696250][T27441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2196.140292][T27441] hsr_slave_0: entered promiscuous mode
[ 2196.142435][T27441] hsr_slave_1: entered promiscuous mode
[ 2196.143523][T27441] debugfs: 'hsr0' already exists in 'hsr'
[ 2196.143549][T27441] Cannot create hsr debugfs directory
[ 2196.683182][T27447] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2196.683410][T27447] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2196.683664][T27447] bridge_slave_0: entered allmulticast mode
[ 2196.686685][T27447] bridge_slave_0: entered promiscuous mode
[ 2196.787458][T27447] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2196.787625][T27447] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2196.787912][T27447] bridge_slave_1: entered allmulticast mode
[ 2196.792479][T27447] bridge_slave_1: entered promiscuous mode
[ 2197.059458][T27447] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2197.093494][T27447] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2197.521745][T27424] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 2197.552130][T27447] team0: Port device team_slave_0 added
[ 2197.610728][T27424] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 2197.640991][T27447] team0: Port device team_slave_1 added
[ 2197.680369][T27424] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 2197.825494][T27424] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 2197.983778][T27447] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2197.983799][T27447] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2197.983832][T27447] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2198.065374][T27447] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2198.065395][T27447] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2198.065429][T27447] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2198.470154][T27447] hsr_slave_0: entered promiscuous mode
[ 2198.471611][T27447] hsr_slave_1: entered promiscuous mode
[ 2198.472624][T27447] debugfs: 'hsr0' already exists in 'hsr'
[ 2198.472652][T27447] Cannot create hsr debugfs directory
[ 2198.541589][T27441] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2198.711815][T27441] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2198.747596][T27441] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2198.900216][T27441] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2199.803100][T27424] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2199.921561][T27424] 8021q: adding VLAN 0 to HW filter on device team0
[ 2199.950180][T26717] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2199.950824][T26717] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2199.986865][T12803] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2199.986990][T12803] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2200.018442][T27441] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2200.161276][T27441] 8021q: adding VLAN 0 to HW filter on device team0
[ 2200.241354][T26718] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2200.241563][T26718] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2200.388013][T23046] bridge_slave_1: left allmulticast mode
[ 2200.388065][T23046] bridge_slave_1: left promiscuous mode
[ 2200.388352][T23046] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2200.449937][T23046] bridge_slave_0: left allmulticast mode
[ 2200.449981][T23046] bridge_slave_0: left promiscuous mode
[ 2200.450199][T23046] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2200.514142][T23046] bridge_slave_1: left allmulticast mode
[ 2200.514169][T23046] bridge_slave_1: left promiscuous mode
[ 2200.514343][T23046] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2200.600575][T23046] bridge_slave_0: left allmulticast mode
[ 2200.600611][T23046] bridge_slave_0: left promiscuous mode
[ 2200.600892][T23046] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2201.015454][T23046] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2201.099304][T23046] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2201.184860][T23046] bond0 (unregistering): Released all slaves
[ 2201.479080][T23046] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2201.559130][T23046] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2201.625893][T23046] bond0 (unregistering): Released all slaves
[ 2201.741025][T26718] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2201.741180][T26718] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2202.707862][T23046] hsr_slave_0: left promiscuous mode
[ 2202.747648][T23046] hsr_slave_1: left promiscuous mode
[ 2202.749884][T23046] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2202.803190][T23046] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2202.967952][T23046] hsr_slave_0: left promiscuous mode
[ 2202.987555][T23046] hsr_slave_1: left promiscuous mode
[ 2202.988650][T23046] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2203.050283][T23046] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2203.927746][T23046] team0 (unregistering): Port device team_slave_1 removed
[ 2204.117615][T23046] team0 (unregistering): Port device team_slave_0 removed
[ 2205.606957][T23046] team0 (unregistering): Port device team_slave_1 removed
[ 2205.778103][T23046] team0 (unregistering): Port device team_slave_0 removed
[ 2206.651902][T27424] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2206.888225][T27441] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2207.325704][T27447] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2207.435340][T27447] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2207.502815][T27447] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2207.648487][T27447] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2207.963633][T27424] veth0_vlan: entered promiscuous mode
[ 2208.036097][T27441] veth0_vlan: entered promiscuous mode
[ 2208.050991][T27424] veth1_vlan: entered promiscuous mode
[ 2208.105652][T27441] veth1_vlan: entered promiscuous mode
[ 2208.296124][T27424] veth0_macvtap: entered promiscuous mode
[ 2208.298266][T27441] veth0_macvtap: entered promiscuous mode
[ 2208.323453][T27424] veth1_macvtap: entered promiscuous mode
[ 2208.330900][T27441] veth1_macvtap: entered promiscuous mode
[ 2208.343927][T27447] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2208.426553][T27424] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2208.502122][T27441] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2208.515740][T27424] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2208.519670][T27447] 8021q: adding VLAN 0 to HW filter on device team0
[ 2208.554260][T27441] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2208.606063][T26717] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2208.606241][T26717] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2208.622020][T12803] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2208.649457][T12803] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2208.663128][T12803] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2208.670211][T12803] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2208.690898][T12803] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2208.691240][T12803] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2208.693443][T23034] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2208.737821][T23034] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2208.775887][T23034] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2208.819104][T23034] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2209.467963][T26716] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2209.467986][T26716] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2209.539114][T23055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2209.539139][T23055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2209.626443][ T1472] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2209.626461][ T1472] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2209.722294][T26719] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2209.722315][T26719] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2214.252524][T27447] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2218.299295][T27447] veth0_vlan: entered promiscuous mode
[ 2219.106353][T27447] veth1_vlan: entered promiscuous mode
[ 2219.445049][T27447] veth0_macvtap: entered promiscuous mode
[ 2219.567014][T27447] veth1_macvtap: entered promiscuous mode
[ 2221.576132][T27447] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2222.262613][T27447] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2223.390299][ T1472] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2223.390359][ T1472] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2223.390401][ T1472] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2223.391778][ T1472] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2225.625204][   T38] audit: type=1326 audit(2000001359.806:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27569 comm="syz.4.7195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2ee7ebe9 code=0x7ffc0000
[ 2225.625263][   T38] audit: type=1326 audit(2000001359.806:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27569 comm="syz.4.7195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2ee7ebe9 code=0x7ffc0000
[ 2225.628415][   T38] audit: type=1326 audit(2000001360.226:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27569 comm="syz.4.7195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f6a2ee7ebe9 code=0x7ffc0000
[ 2225.628555][   T38] audit: type=1326 audit(2000001360.226:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27569 comm="syz.4.7195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2ee7ebe9 code=0x7ffc0000
[ 2225.628734][   T38] audit: type=1326 audit(2000001360.226:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27569 comm="syz.4.7195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2ee7ebe9 code=0x7ffc0000
[ 2225.629154][   T38] audit: type=1326 audit(2000001360.226:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27569 comm="syz.4.7195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6a2ee7d550 code=0x7ffc0000
[ 2225.995017][   T38] audit: type=1326 audit(2000001360.557:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27569 comm="syz.4.7195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2ee7ebe9 code=0x7ffc0000
[ 2225.995086][   T38] audit: type=1326 audit(2000001360.557:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=27569 comm="syz.4.7195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2ee7ebe9 code=0x7ffc0000
[ 2227.265903][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2227.265980][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2229.704242][T23042] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2229.704268][T23042] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2232.076114][ T1472] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2232.076139][ T1472] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2234.890850][T27617] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7207'.
[ 2236.014967][T27629] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2254.593425][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2254.818550][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2255.259576][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2255.503704][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2255.775011][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2256.203969][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2256.263463][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2256.444432][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2257.058948][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2257.126343][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2257.987711][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2258.426430][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2258.815437][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2259.417792][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2259.746745][T27760] kvm: kvm [27759]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4000
[ 2259.746899][T27760] kvm: kvm [27759]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[ 2259.838718][T27760] kvm: kvm [27759]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x0
[ 2259.846610][T27760] kvm: kvm [27759]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x4000
[ 2259.895377][T27760] kvm: kvm [27759]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x4000
[ 2259.895543][T27760] kvm: kvm [27759]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x4000
[ 2263.187563][T27788] hub 9-0:1.0: USB hub found
[ 2263.454826][T27788] hub 9-0:1.0: 1 port detected
[ 2278.412263][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2278.800199][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2279.501363][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2279.773822][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2280.028875][T27864] Bluetooth: hci3: command 0x0406 tx timeout
[ 2280.382936][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2280.797665][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2281.040704][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2281.069763][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2281.095715][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2281.157991][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2281.181178][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2281.214505][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2281.294085][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2281.773483][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2282.011037][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2282.117165][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2282.772590][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2289.672291][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2289.672379][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2290.056695][T27941] tipc: Failed to remove unknown binding: 66,1,1/0:3057826381/3057826383
[ 2290.110366][T27943] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2290.110407][T27947] tipc: Failed to remove unknown binding: 66,1,1/0:3057826381/3057826383
[ 2290.110436][T27947] tipc: Failed to remove unknown binding: 66,1,1/0:3057826381/3057826383
[ 2290.133907][T27943] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2290.140938][T27943] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2290.174245][T27943] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2290.176371][T27943] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2290.184067][T27943] Bluetooth: hci1: command 0x0406 tx timeout
[ 2292.846441][T26134] Bluetooth: hci5: command tx timeout
[ 2294.901487][T26134] Bluetooth: hci5: command tx timeout
[ 2294.905764][T27976] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[ 2294.905790][T27976] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 2294.905896][T27976] vhci_hcd vhci_hcd.0: Device attached
[ 2295.000923][T27976] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(7)
[ 2295.000966][T27976] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 2295.001024][T27976] vhci_hcd vhci_hcd.0: Device attached
[ 2295.081451][T22394] vhci_hcd: vhci_device speed not set
[ 2295.151265][T22394] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[ 2295.223005][T27983] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(10)
[ 2295.250700][T27983] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 2295.250823][T27983] vhci_hcd vhci_hcd.0: Device attached
[ 2295.262570][T27976] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 2295.665284][T27989] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 2295.665315][T27989] overlayfs: failed to set xattr on upper
[ 2295.665324][T27989] overlayfs: ...falling back to redirect_dir=nofollow.
[ 2295.665333][T27989] overlayfs: ...falling back to index=off.
[ 2295.665341][T27989] overlayfs: ...falling back to uuid=null.
[ 2296.579679][T27976] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 2296.773039][T27983] vhci_hcd vhci_hcd.0: pdev(4) rhport(5) sockfd(16)
[ 2296.773061][T27983] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 2296.773135][T27983] vhci_hcd vhci_hcd.0: Device attached
[ 2296.773824][T27991] vhci_hcd vhci_hcd.0: pdev(4) rhport(6) sockfd(19)
[ 2296.773839][T27991] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 2296.774166][T27991] vhci_hcd vhci_hcd.0: Device attached
[ 2296.839983][T27994] vhci_hcd: connection closed
[ 2296.845461][T27992] vhci_hcd: connection closed
[ 2296.847605][T27986] vhci_hcd: connection closed
[ 2296.848406][T27980] vhci_hcd: connection closed
[ 2296.848448][T27977] vhci_hcd: connection reset by peer
[ 2297.080504][T26134] Bluetooth: hci5: command tx timeout
[ 2297.107377][T12793] vhci_hcd: stop threads
[ 2297.107398][T12793] vhci_hcd: release socket
[ 2297.107481][T12793] vhci_hcd: disconnect device
[ 2297.107927][T12793] vhci_hcd: stop threads
[ 2297.107938][T12793] vhci_hcd: release socket
[ 2297.108005][T12793] vhci_hcd: disconnect device
[ 2297.979356][T12793] vhci_hcd: stop threads
[ 2297.979380][T12793] vhci_hcd: release socket
[ 2297.979457][T12793] vhci_hcd: disconnect device
[ 2297.980788][T12793] vhci_hcd: stop threads
[ 2297.980799][T12793] vhci_hcd: release socket
[ 2297.980874][T12793] vhci_hcd: disconnect device
[ 2297.981244][T12793] vhci_hcd: stop threads
[ 2297.981256][T12793] vhci_hcd: release socket
[ 2297.981322][T12793] vhci_hcd: disconnect device
[ 2299.255051][T26134] Bluetooth: hci5: command tx timeout
[ 2300.802299][T22394] vhci_hcd: vhci_device speed not set
[ 2308.769672][ T3115] libceph: connect (1)[c::]:6789 error -101
[ 2308.769947][ T3115] libceph: mon0 (1)[c::]:6789 connect error
[ 2308.920125][ T3115] libceph: connect (1)[c::]:6789 error -101
[ 2308.920277][ T3115] libceph: mon0 (1)[c::]:6789 connect error
[ 2309.321451][T26425] libceph: connect (1)[c::]:6789 error -101
[ 2309.321607][T26425] libceph: mon0 (1)[c::]:6789 connect error
[ 2310.157478][ T3115] libceph: connect (1)[c::]:6789 error -101
[ 2310.157646][ T3115] libceph: mon0 (1)[c::]:6789 connect error
[ 2310.279098][T28056] ceph: No mds server is up or the cluster is laggy
[ 2310.696181][T12791] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2310.775605][T26134] Bluetooth: hci2: command 0x0406 tx timeout
[ 2310.927164][T27942] chnl_net:caif_netlink_parms(): no params data found
[ 2320.563303][T12791] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2321.345618][T28110] nlmon0: Master is either lo or non-ether device
[ 2330.141398][T12791] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2330.573835][T28180] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7341'.
[ 2331.995984][T27942] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2331.996100][T27942] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2331.996316][T27942] bridge_slave_0: entered allmulticast mode
[ 2332.000659][T27942] bridge_slave_0: entered promiscuous mode
[ 2332.071247][T27942] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2332.071382][T27942] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2332.071643][T27942] bridge_slave_1: entered allmulticast mode
[ 2332.085187][T27942] bridge_slave_1: entered promiscuous mode
[ 2338.614466][T12791] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2339.162083][T27942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2339.187929][T27942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2339.721656][T26134] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2339.843490][T26134] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2339.871847][T26134] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2339.921944][T26134] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2339.941736][T26134] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2344.699690][T27864] Bluetooth: hci3: command tx timeout
[ 2345.578096][T28244] overlayfs: failed to clone upperpath
[ 2346.725607][T27864] Bluetooth: hci3: command tx timeout
[ 2348.794557][T27864] Bluetooth: hci3: command tx timeout
[ 2349.560798][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2349.560885][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2350.886077][T27864] Bluetooth: hci3: command tx timeout
[ 2354.151953][T12791] bridge_slave_1: left allmulticast mode
[ 2354.151990][T12791] bridge_slave_1: left promiscuous mode
[ 2354.152254][T12791] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2357.003785][T26134] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2357.060625][T26134] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2357.067108][T26134] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2357.069411][T26134] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2357.108794][T26134] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2357.184294][T12791] bridge_slave_0: left allmulticast mode
[ 2357.184333][T12791] bridge_slave_0: left promiscuous mode
[ 2357.184628][T12791] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2360.258778][T26134] Bluetooth: hci4: command tx timeout
[ 2362.517424][T27864] Bluetooth: hci4: command tx timeout
[ 2363.629996][T26134] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 2364.801075][T26134] Bluetooth: hci4: command tx timeout
[ 2367.544782][T26134] Bluetooth: hci4: command tx timeout
[ 2376.436801][   T38] audit: type=1804 audit(2000001511.112:447): pid=28382 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.7392" name="file0" dev="tmpfs" ino=6603 res=1 errno=0
[ 2381.446792][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2381.598276][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2381.640774][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2381.789646][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2381.832277][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2382.985450][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2383.065806][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2383.217401][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2384.971632][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2385.243958][T12791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2385.953233][T12791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2385.998501][T12791] bond0 (unregistering): Released all slaves
[ 2401.648652][T27864] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2402.539732][T27864] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2402.562471][T27864] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2402.566202][T27864] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2402.587653][T27864] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2404.265478][T12791] hsr_slave_0: left promiscuous mode
[ 2404.350320][T12791] hsr_slave_1: left promiscuous mode
[ 2404.351834][T12791] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2404.351857][T12791] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2405.174872][T26134] Bluetooth: hci5: command tx timeout
[ 2405.208632][T12791] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2405.208674][T12791] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2405.698807][T12791] veth1_macvtap: left promiscuous mode
[ 2405.698938][T12791] veth0_macvtap: left promiscuous mode
[ 2405.699252][T12791] veth1_vlan: left promiscuous mode
[ 2405.699485][T12791] veth0_vlan: left promiscuous mode
[ 2407.607004][T27864] Bluetooth: hci5: command tx timeout
[ 2409.837837][T27864] Bluetooth: hci5: command tx timeout
[ 2410.977359][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2410.977443][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2411.006401][T28540] libceph: resolve '4..' (ret=-3): failed
[ 2411.607821][T28549] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7432'.
[ 2411.883085][T27864] Bluetooth: hci5: command tx timeout
[ 2412.079748][T26134] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2412.116858][T26134] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2412.124785][T26134] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2412.140535][T26134] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2412.928253][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2413.066042][T26134] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2413.277686][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2413.590807][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2413.842065][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2414.137983][T28572] netlink: 52 bytes leftover after parsing attributes in process `syz.2.7437'.
[ 2414.138112][T28572] netlink: 52 bytes leftover after parsing attributes in process `syz.2.7437'.
[ 2414.500135][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2414.551963][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2414.878754][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2415.040816][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2415.301437][T27864] Bluetooth: hci3: command tx timeout
[ 2415.499949][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2415.558961][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2416.504427][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2417.511414][T27864] Bluetooth: hci3: command tx timeout
[ 2418.014015][T28589] netlink: zone id is out of range
[ 2418.014031][T28589] netlink: zone id is out of range
[ 2418.014041][T28589] netlink: zone id is out of range
[ 2418.014050][T28589] netlink: zone id is out of range
[ 2418.014059][T28589] netlink: zone id is out of range
[ 2418.014068][T28589] netlink: zone id is out of range
[ 2418.014077][T28589] netlink: zone id is out of range
[ 2418.014086][T28589] netlink: zone id is out of range
[ 2418.014095][T28589] netlink: zone id is out of range
[ 2418.014104][T28589] netlink: zone id is out of range
[ 2419.179338][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2419.320117][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2419.577520][T27864] Bluetooth: hci3: command tx timeout
[ 2420.510168][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2420.712296][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2420.832591][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2420.944179][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2421.224733][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2421.514681][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2421.864331][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2422.096677][T27864] Bluetooth: hci3: command tx timeout
[ 2422.140664][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2422.280709][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2422.351745][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2422.415952][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2422.514421][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2422.653768][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2422.791333][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2423.144694][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2427.696357][T28651] overlayfs: failed to clone upperpath
[ 2428.364764][T26344] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 2428.614516][T26344] usb 5-1: Using ep0 maxpacket: 32
[ 2428.617241][T26344] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2428.617267][T26344] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 2428.617333][T26344] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 2428.617373][T26344] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 2428.617405][T26344] usb 5-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[ 2428.617426][T26344] usb 5-1: config 1 interface 1 has no altsetting 0
[ 2428.620615][T26344] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2428.620644][T26344] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2428.620665][T26344] usb 5-1: Product: syz
[ 2428.620681][T26344] usb 5-1: Manufacturer: syz
[ 2428.620696][T26344] usb 5-1: SerialNumber: syz
[ 2432.641487][T26344] usb 5-1: 0:2 : does not exist
[ 2432.827789][T26344] usb 5-1: USB disconnect, device number 25
[ 2433.011920][T28668] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7463'.
[ 2433.881877][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2434.187106][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2434.469148][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2435.185226][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2435.247614][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2435.436292][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2435.653649][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2435.672183][T12791] team0 (unregistering): Port device team_slave_1 removed
[ 2435.707447][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2435.991223][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2436.093729][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2436.335611][T12791] team0 (unregistering): Port device team_slave_0 removed
[ 2436.809802][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2436.992820][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2437.532456][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2437.764291][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2437.826099][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2438.078282][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2438.125028][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2438.474799][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2438.588322][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2439.059368][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2443.503467][T28710] netlink: 'syz.3.7474': attribute type 3 has an invalid length.
[ 2443.503543][T28710] netlink: 'syz.3.7474': attribute type 1 has an invalid length.
[ 2443.503621][T28710] netlink: 191264 bytes leftover after parsing attributes in process `syz.3.7474'.
[ 2445.773337][T28711] tty tty1: ldisc open failed (-12), clearing slot 0
[ 2453.111254][T26134] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 2453.142326][T26134] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 2453.145389][T26134] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 2453.147773][T26134] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 2453.149824][T26134] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 2454.242384][T28741] tty tty3: ldisc open failed (-12), clearing slot 2
[ 2455.783331][T26134] Bluetooth: hci6: command tx timeout
[ 2458.303921][T26134] Bluetooth: hci6: command tx timeout
[ 2460.368291][T26134] Bluetooth: hci6: command tx timeout
[ 2462.857291][T26134] Bluetooth: hci6: command tx timeout
[ 2464.378176][T27864] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2464.394658][T27864] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2464.399973][T27864] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2464.402879][T27864] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2464.405111][T27864] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2466.778449][T26134] Bluetooth: hci2: command tx timeout
[ 2468.325760][T28557] chnl_net:caif_netlink_parms(): no params data found
[ 2469.863813][T26134] Bluetooth: hci2: command tx timeout
[ 2473.186086][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2473.186200][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2473.190825][T27864] Bluetooth: hci2: command tx timeout
[ 2475.211299][T26134] Bluetooth: hci2: command tx timeout
[ 2475.267620][T27864] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2475.279704][T27864] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2475.310063][T27864] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2475.312318][T27864] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2475.321338][T27864] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2476.699385][T28738] chnl_net:caif_netlink_parms(): no params data found
[ 2477.483568][T27864] Bluetooth: hci4: command tx timeout
[ 2480.640756][T27864] Bluetooth: hci4: command tx timeout
[ 2480.749989][T12791] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2482.224945][T12791] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2482.647630][T27864] Bluetooth: hci4: command tx timeout
[ 2484.426245][T12791] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2485.379172][   T38] audit: type=1326 audit(2000001620.076:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=28870 comm="syz.3.7511" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff221bbebe9 code=0x0
[ 2486.563380][T27864] Bluetooth: hci4: command tx timeout
[ 2488.321488][T28783] chnl_net:caif_netlink_parms(): no params data found
[ 2490.058130][T12791] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2491.160475][T28738] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2491.160621][T28738] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2491.160877][T28738] bridge_slave_0: entered allmulticast mode
[ 2491.164760][T28738] bridge_slave_0: entered promiscuous mode
[ 2491.282847][T28738] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2491.287567][T28738] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2491.287943][T28738] bridge_slave_1: entered allmulticast mode
[ 2491.312362][T28738] bridge_slave_1: entered promiscuous mode
[ 2493.494955][T28918] libceph: resolve '4..' (ret=-3): failed
[ 2493.514875][T28738] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2493.806444][T28738] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2497.407162][T28738] team0: Port device team_slave_0 added
[ 2497.407831][T28783] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2497.408037][T28783] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2497.442906][T28783] bridge_slave_0: entered allmulticast mode
[ 2497.505476][T28941] o2cb: This node has not been configured.
[ 2497.505520][T28941] o2cb: Cluster check failed. Fix errors before retrying.
[ 2497.505779][T28941] (syz.3.7524,28941,0):user_dlm_register:674 ERROR: status = -22
[ 2497.505835][T28941] (syz.3.7524,28941,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[ 2497.781927][T28783] bridge_slave_0: entered promiscuous mode
[ 2498.274129][T28738] team0: Port device team_slave_1 added
[ 2498.275082][T28783] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2498.275214][T28783] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2498.275433][T28783] bridge_slave_1: entered allmulticast mode
[ 2498.278451][T28783] bridge_slave_1: entered promiscuous mode
[ 2499.852006][T28738] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2499.852024][T28738] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2499.852051][T28738] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2499.899207][T28783] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2499.900458][T28738] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2499.900475][T28738] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2499.900505][T28738] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2499.965559][T28783] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2501.702020][T12791] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2503.107801][T28966] Invalid source name
[ 2505.834730][T12791] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2506.751105][T28783] team0: Port device team_slave_0 added
[ 2507.086856][T28783] team0: Port device team_slave_1 added
[ 2507.122291][T28738] hsr_slave_0: entered promiscuous mode
[ 2507.128033][T28738] hsr_slave_1: entered promiscuous mode
[ 2507.134767][T28738] debugfs: 'hsr0' already exists in 'hsr'
[ 2507.134798][T28738] Cannot create hsr debugfs directory
[ 2508.832684][T12791] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2510.186524][T28783] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2510.186544][T28783] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2510.186576][T28783] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2512.939973][T12791] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2513.983257][T28783] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2513.983278][T28783] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2513.983312][T28783] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2513.984309][T28827] chnl_net:caif_netlink_parms(): no params data found
[ 2514.450130][T26134] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2514.491590][T26134] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2514.532093][T26134] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2514.567804][T26134] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2514.581437][T26134] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2516.866090][T27864] Bluetooth: hci3: command tx timeout
[ 2517.661242][T28783] hsr_slave_0: entered promiscuous mode
[ 2517.772013][T28783] hsr_slave_1: entered promiscuous mode
[ 2517.851670][T28783] debugfs: 'hsr0' already exists in 'hsr'
[ 2517.851739][T28783] Cannot create hsr debugfs directory
[ 2519.103254][T27864] Bluetooth: hci3: command tx timeout
[ 2521.198559][T28827] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2521.198713][T28827] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2521.199021][T28827] bridge_slave_0: entered allmulticast mode
[ 2521.209461][T28827] bridge_slave_0: entered promiscuous mode
[ 2521.273072][T27864] Bluetooth: hci3: command tx timeout
[ 2521.308599][T28827] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2521.308739][T28827] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2521.309068][T28827] bridge_slave_1: entered allmulticast mode
[ 2521.337086][T28827] bridge_slave_1: entered promiscuous mode
[ 2523.775713][T27864] Bluetooth: hci3: command tx timeout
[ 2524.048097][T26134] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2524.115247][T26134] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2524.127344][T26134] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2524.133917][T26134] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2524.156829][T26134] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2526.685434][T26134] Bluetooth: hci5: command tx timeout
[ 2527.189169][T28827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2527.276508][T28827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2527.453998][T12791] bridge_slave_1: left allmulticast mode
[ 2527.454036][T12791] bridge_slave_1: left promiscuous mode
[ 2527.454310][T12791] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2527.531106][T12791] bridge_slave_0: left allmulticast mode
[ 2527.531140][T12791] bridge_slave_0: left promiscuous mode
[ 2527.531402][T12791] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2527.653983][T12791] bridge_slave_1: left allmulticast mode
[ 2527.654020][T12791] bridge_slave_1: left promiscuous mode
[ 2527.654277][T12791] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2527.756534][T12791] bridge_slave_0: left allmulticast mode
[ 2527.756569][T12791] bridge_slave_0: left promiscuous mode
[ 2527.756862][T12791] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2527.879559][T12791] bridge_slave_1: left allmulticast mode
[ 2527.879597][T12791] bridge_slave_1: left promiscuous mode
[ 2527.879886][T12791] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2527.986388][T12791] bridge_slave_0: left allmulticast mode
[ 2527.986422][T12791] bridge_slave_0: left promiscuous mode
[ 2527.986673][T12791] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2529.087751][T27864] Bluetooth: hci5: command tx timeout
[ 2529.120236][T29092] ceph: No mds server is up or the cluster is laggy
[ 2531.118614][T27864] Bluetooth: hci5: command tx timeout
[ 2531.480916][T26134] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2532.163038][T26134] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2532.166946][T26134] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2532.170500][T26134] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2532.171308][T26134] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2533.887166][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2533.887241][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2533.891700][T27864] Bluetooth: hci5: command tx timeout
[ 2534.301616][T27864] Bluetooth: hci2: command tx timeout
[ 2536.380723][T27864] Bluetooth: hci2: command tx timeout
[ 2538.719540][T27864] Bluetooth: hci2: command tx timeout
[ 2541.006148][T27864] Bluetooth: hci2: command tx timeout
[ 2548.680803][T29168] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7580'.
[ 2549.392843][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2549.550446][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2549.724350][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2550.869108][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2550.969276][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2552.303926][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2552.390241][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2552.531868][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2553.013499][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2553.126250][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2553.284374][T12791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2553.355344][T12791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2553.437527][T12791] bond0 (unregistering): Released all slaves
[ 2553.865513][T12791] bond0 (unregistering): Released all slaves
[ 2554.182616][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2554.330920][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2554.395318][T29196] net_ratelimit: 165 callbacks suppressed
[ 2554.395339][T29196] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 2554.452799][T12791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2554.772553][T12791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2555.223739][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2555.253112][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2555.736214][T12791] bond0 (unregistering): Released all slaves
[ 2555.835695][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2561.990119][   T38] audit: type=1326 audit(2000001696.765:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29225 comm="syz.3.7596" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff221bbebe9 code=0x0
[ 2564.117557][T12791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2564.187664][T12791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2564.220988][T12791] bond0 (unregistering): Released all slaves
[ 2569.094083][T29262] overlayfs: failed to clone upperpath
[ 2575.683332][T26134] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2575.703945][T26134] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2575.707926][T26134] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2575.710327][T26134] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2575.713461][T26134] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2576.420002][T29079] chnl_net:caif_netlink_parms(): no params data found
[ 2578.889821][T27864] Bluetooth: hci4: command tx timeout
[ 2580.928493][T27864] Bluetooth: hci4: command tx timeout
[ 2582.881939][T29113] chnl_net:caif_netlink_parms(): no params data found
[ 2582.997843][T27864] Bluetooth: hci4: command tx timeout
[ 2585.376106][T26134] Bluetooth: hci4: command tx timeout
[ 2586.401841][T24307] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2586.822484][   T38] audit: type=1326 audit(2000001721.377:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29330 comm="syz.4.7623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2ee7ebe9 code=0x7ffc0000
[ 2586.822545][   T38] audit: type=1326 audit(2000001721.377:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29330 comm="syz.4.7623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2ee7ebe9 code=0x7ffc0000
[ 2586.976796][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2587.065550][T24307] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2587.109564][T24307] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2587.110986][T24307] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2587.112029][T24307] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2587.188056][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2587.466052][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2587.725770][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2588.742079][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2589.259063][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2589.272708][T24307] Bluetooth: hci3: command tx timeout
[ 2589.452003][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2590.254147][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2590.298598][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2590.407712][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2590.627612][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2590.882583][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2590.936253][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2591.318710][T24307] Bluetooth: hci3: command tx timeout
[ 2591.859362][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2591.883913][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2592.439693][T29113] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg1": -EINTR
[ 2593.207997][T12791] hsr_slave_0: left promiscuous mode
[ 2593.252235][T12791] hsr_slave_1: left promiscuous mode
[ 2593.261100][T12791] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2593.894164][T12791] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2593.897061][T24307] Bluetooth: hci3: command tx timeout
[ 2594.131013][T12791] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2594.131047][T12791] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2594.318772][T26134] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2594.345346][T26134] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2594.347184][T26134] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2594.348584][T26134] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2594.349633][T26134] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2596.568827][T26134] Bluetooth: hci5: command tx timeout
[ 2596.946362][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2596.946459][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2596.960361][T12791] hsr_slave_0: left promiscuous mode
[ 2596.994193][T26134] Bluetooth: hci3: command tx timeout
[ 2598.114189][T12791] hsr_slave_1: left promiscuous mode
[ 2598.115727][T12791] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2598.115756][T12791] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2598.311657][T12791] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2598.311692][T12791] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2598.589363][T26134] Bluetooth: hci5: command tx timeout
[ 2599.203237][T29399] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7636'.
[ 2604.864139][T26134] Bluetooth: hci5: command tx timeout
[ 2605.963756][T12791] veth1_macvtap: left promiscuous mode
[ 2605.963882][T12791] veth0_macvtap: left promiscuous mode
[ 2605.964173][T12791] veth1_vlan: left promiscuous mode
[ 2605.964389][T12791] veth0_vlan: left promiscuous mode
[ 2606.246081][T12791] veth1_macvtap: left promiscuous mode
[ 2606.246160][T12791] veth0_macvtap: left promiscuous mode
[ 2606.246342][T12791] veth1_vlan: left promiscuous mode
[ 2606.246468][T12791] veth0_vlan: left promiscuous mode
[ 2611.215010][T26134] Bluetooth: hci5: command tx timeout
[ 2614.614233][T24307] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2614.664802][T24307] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2614.683112][T24307] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2614.710036][T24307] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2614.722807][T24307] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2617.214790][T24307] Bluetooth: hci2: command tx timeout
[ 2619.219288][T24307] Bluetooth: hci2: command tx timeout
[ 2621.299348][T24307] Bluetooth: hci2: command tx timeout
[ 2623.467258][T24307] Bluetooth: hci2: command tx timeout
[ 2633.542697][T12791] team0 (unregistering): Port device team_slave_1 removed
[ 2633.949466][T26134] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2633.974275][T26134] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2633.979397][T26134] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2634.004451][T26134] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2634.052617][T26134] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2634.132652][T12791] team0 (unregistering): Port device team_slave_0 removed
[ 2636.174417][T24307] Bluetooth: hci0: command tx timeout
[ 2637.764973][T29497] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.7657'.
[ 2638.701466][T24307] Bluetooth: hci0: command tx timeout
[ 2640.732222][T24307] Bluetooth: hci0: command tx timeout
[ 2643.648229][T24307] Bluetooth: hci0: command tx timeout
[ 2644.636340][T26369] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[ 2644.771111][T24307] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 2644.801525][T26369] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2644.801593][T26369] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 2644.801620][T26369] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2644.814098][T24307] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 2644.828126][T26369] usb 5-1: config 0 descriptor??
[ 2644.835595][T26369] pwc: Askey VC010 type 2 USB webcam detected.
[ 2644.841245][T24307] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 2644.871353][T24307] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 2644.878659][T24307] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 2645.240964][T26369] pwc: recv_control_msg error -32 req 02 val 2b00
[ 2645.242197][T26369] pwc: recv_control_msg error -32 req 02 val 2700
[ 2645.243183][T26369] pwc: recv_control_msg error -32 req 02 val 2c00
[ 2645.244018][T26369] pwc: recv_control_msg error -32 req 04 val 1000
[ 2645.245044][T26369] pwc: recv_control_msg error -32 req 04 val 1300
[ 2645.248339][T26369] pwc: recv_control_msg error -32 req 04 val 1400
[ 2645.249755][T26369] pwc: recv_control_msg error -32 req 02 val 2000
[ 2645.471181][T26369] pwc: recv_control_msg error -32 req 04 val 1500
[ 2645.471909][T26369] pwc: recv_control_msg error -32 req 02 val 2500
[ 2645.472894][T26369] pwc: recv_control_msg error -32 req 02 val 2400
[ 2645.473879][T26369] pwc: recv_control_msg error -32 req 02 val 2600
[ 2645.474883][T26369] pwc: recv_control_msg error -32 req 02 val 2900
[ 2645.475960][T26369] pwc: recv_control_msg error -32 req 02 val 2800
[ 2645.479045][T26369] pwc: recv_control_msg error -32 req 04 val 1100
[ 2645.484833][T26369] pwc: Registered as video103.
[ 2645.489407][T26369] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input49
[ 2645.711166][T22394] usb 5-1: USB disconnect, device number 26
[ 2646.335151][T29518] Bluetooth: MGMT ver 1.23
[ 2647.641041][T24307] Bluetooth: hci6: command tx timeout
[ 2648.710288][T29531] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[ 2648.711890][T29531] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[ 2649.684161][T24307] Bluetooth: hci6: command tx timeout
[ 2651.811428][T24307] Bluetooth: hci6: command tx timeout
[ 2653.932789][T24307] Bluetooth: hci6: command tx timeout
[ 2655.095873][T26134] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 2655.152244][T12791] team0 (unregistering): Port device team_slave_1 removed
[ 2655.248397][T26134] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 2655.254197][T26134] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 2655.268462][T26134] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 2655.269402][T26134] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 2655.923063][T12791] team0 (unregistering): Port device team_slave_0 removed
[ 2657.390527][T24307] Bluetooth: hci7: command tx timeout
[ 2659.452566][T24307] Bluetooth: hci7: command tx timeout
[ 2661.597972][T24307] Bluetooth: hci7: command tx timeout
[ 2661.696693][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2661.696772][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2663.134521][T29579] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(11)
[ 2663.134627][T29579] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 2663.137994][T29579] vhci_hcd vhci_hcd.0: Device attached
[ 2663.374945][T29577] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[ 2663.375037][T29577] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 2663.377095][T29577] vhci_hcd vhci_hcd.0: Device attached
[ 2663.786824][T24307] Bluetooth: hci7: command tx timeout
[ 2663.814058][T29578] vhci_hcd: connection closed
[ 2663.814466][T29581] vhci_hcd: connection closed
[ 2663.821032][T28284] vhci_hcd: stop threads
[ 2663.821049][T28284] vhci_hcd: release socket
[ 2663.846701][T28284] vhci_hcd: disconnect device
[ 2663.880116][T28284] vhci_hcd: stop threads
[ 2663.880138][T28284] vhci_hcd: release socket
[ 2663.880214][T28284] vhci_hcd: disconnect device
[ 2672.570796][T29481] chnl_net:caif_netlink_parms(): no params data found
[ 2672.625026][T29418] chnl_net:caif_netlink_parms(): no params data found
[ 2672.664594][T29549] chnl_net:caif_netlink_parms(): no params data found
[ 2673.104532][T29515] chnl_net:caif_netlink_parms(): no params data found
[ 2674.683772][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2674.946690][T24307] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2674.963477][T24307] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2674.965368][T24307] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2674.966728][T24307] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2674.967575][T24307] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2675.054118][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2675.253602][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2675.375048][T29642] usb usb1: usbfs: process 29642 (syz.4.7688) did not claim interface 0 before use
[ 2675.389388][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2676.068511][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2676.118502][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2676.175571][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2676.501028][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2676.837460][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2677.043564][T26134] Bluetooth: hci3: command tx timeout
[ 2677.126601][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2677.688014][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2678.626876][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2678.833431][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2679.109470][T26134] Bluetooth: hci3: command tx timeout
[ 2679.213197][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2679.269728][T29481] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2679.269964][T29481] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2679.270316][T29481] bridge_slave_0: entered allmulticast mode
[ 2679.273197][T29481] bridge_slave_0: entered promiscuous mode
[ 2679.835759][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2680.075471][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2680.120761][T29481] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2680.120905][T29481] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2680.121125][T29481] bridge_slave_1: entered allmulticast mode
[ 2680.124041][T29481] bridge_slave_1: entered promiscuous mode
[ 2680.245003][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2680.413807][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2680.473028][T29549] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2680.473174][T29549] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2680.473421][T29549] bridge_slave_0: entered allmulticast mode
[ 2680.476117][T29549] bridge_slave_0: entered promiscuous mode
[ 2680.589809][T29549] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2680.589959][T29549] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2680.590231][T29549] bridge_slave_1: entered allmulticast mode
[ 2680.593007][T29549] bridge_slave_1: entered promiscuous mode
[ 2680.753343][T29481] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2680.915623][T29481] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2680.927771][T29515] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2680.928992][T29515] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2680.929321][T29515] bridge_slave_0: entered allmulticast mode
[ 2680.932675][T29515] bridge_slave_0: entered promiscuous mode
[ 2680.966923][T29549] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2681.086240][T29515] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2681.086372][T29515] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2681.086647][T29515] bridge_slave_1: entered allmulticast mode
[ 2681.091187][T29515] bridge_slave_1: entered promiscuous mode
[ 2681.096747][T29549] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2681.198353][T26134] Bluetooth: hci3: command tx timeout
[ 2681.382156][T29481] team0: Port device team_slave_0 added
[ 2681.613118][T29481] team0: Port device team_slave_1 added
[ 2681.784708][T29515] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2681.802293][T29549] team0: Port device team_slave_0 added
[ 2681.914272][T29515] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2681.916652][T29549] team0: Port device team_slave_1 added
[ 2682.190957][T29481] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2682.190974][T29481] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2682.191002][T29481] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2682.369773][T29481] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2682.369794][T29481] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2682.369826][T29481] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2682.385762][T29515] team0: Port device team_slave_0 added
[ 2682.393882][T29549] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2682.393903][T29549] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2682.393936][T29549] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2682.427768][T29549] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2682.427806][T29549] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2682.427843][T29549] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2682.433206][T29515] team0: Port device team_slave_1 added
[ 2682.722802][T29515] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2682.722822][T29515] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2682.722849][T29515] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2682.990589][T29515] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2682.990608][T29515] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2682.990636][T29515] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2683.164516][T29481] hsr_slave_0: entered promiscuous mode
[ 2683.166024][T29481] hsr_slave_1: entered promiscuous mode
[ 2683.167767][T29481] debugfs: 'hsr0' already exists in 'hsr'
[ 2683.167796][T29481] Cannot create hsr debugfs directory
[ 2683.201269][T29549] hsr_slave_0: entered promiscuous mode
[ 2683.202666][T29549] hsr_slave_1: entered promiscuous mode
[ 2683.203825][T29549] debugfs: 'hsr0' already exists in 'hsr'
[ 2683.203860][T29549] Cannot create hsr debugfs directory
[ 2683.267187][T26134] Bluetooth: hci3: command tx timeout
[ 2684.131077][T29515] hsr_slave_0: entered promiscuous mode
[ 2684.132526][T29515] hsr_slave_1: entered promiscuous mode
[ 2684.133438][T29515] debugfs: 'hsr0' already exists in 'hsr'
[ 2684.133463][T29515] Cannot create hsr debugfs directory
[ 2684.982297][T12791] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2685.173409][T29639] chnl_net:caif_netlink_parms(): no params data found
[ 2685.393837][T12791] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2685.911843][T12791] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2686.172589][T12791] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2686.719171][T29639] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2686.719321][T29639] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2686.719582][T29639] bridge_slave_0: entered allmulticast mode
[ 2686.736555][T29639] bridge_slave_0: entered promiscuous mode
[ 2686.867114][T29639] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2686.867343][T29639] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2686.867674][T29639] bridge_slave_1: entered allmulticast mode
[ 2686.870719][T29639] bridge_slave_1: entered promiscuous mode
[ 2687.205593][T29639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2687.319673][T29639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2687.579995][T29639] team0: Port device team_slave_0 added
[ 2687.583751][T29639] team0: Port device team_slave_1 added
[ 2687.723133][T12791] bridge_slave_1: left allmulticast mode
[ 2687.723171][T12791] bridge_slave_1: left promiscuous mode
[ 2687.723497][T12791] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2687.776592][T12791] bridge_slave_0: left allmulticast mode
[ 2687.776626][T12791] bridge_slave_0: left promiscuous mode
[ 2687.776895][T12791] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2687.869730][T12791] bridge_slave_1: left allmulticast mode
[ 2687.869768][T12791] bridge_slave_1: left promiscuous mode
[ 2687.870072][T12791] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2687.926621][T12791] bridge_slave_0: left allmulticast mode
[ 2687.926658][T12791] bridge_slave_0: left promiscuous mode
[ 2687.926940][T12791] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2688.000898][T12791] bridge_slave_1: left allmulticast mode
[ 2688.000937][T12791] bridge_slave_1: left promiscuous mode
[ 2688.001237][T12791] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2688.076570][T12791] bridge_slave_0: left allmulticast mode
[ 2688.076606][T12791] bridge_slave_0: left promiscuous mode
[ 2688.076865][T12791] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2688.615827][T12791] bond0 (unregistering): Released all slaves
[ 2691.508749][T12791] bond0 (unregistering): Released all slaves
[ 2691.534561][T12791] bond1 (unregistering): Released all slaves
[ 2692.764013][T24307] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2692.774154][T24307] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2692.800490][T24307] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2692.801799][T24307] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2692.802907][T24307] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2692.873715][T12791] bond2 (unregistering): (slave vlan2): Releasing active interface
[ 2692.918176][T12791] bond2 (unregistering): Released all slaves
[ 2693.090756][T12791] bond0 (unregistering): Released all slaves
[ 2693.270756][T12791] bond0 (unregistering): Released all slaves
[ 2693.443403][T12791] bond0 (unregistering): Released all slaves
[ 2693.653710][T12791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2693.734332][T12791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2693.795988][T12791] bond0 (unregistering): Released all slaves
[ 2694.066580][T12791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2694.142549][T12791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2694.206264][T12791] bond0 (unregistering): Released all slaves
[ 2694.512281][T12791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2694.572752][T12791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2694.646042][T12791] bond0 (unregistering): Released all slaves
[ 2694.832253][T12791] bond0 (unregistering): Released all slaves
[ 2694.871367][T26134] Bluetooth: hci2: command tx timeout
[ 2695.301491][T29639] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2695.301511][T29639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2695.301542][T29639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2695.304342][T29639] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2695.304357][T29639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2695.304384][T29639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2695.859058][T12791] tipc: Left network mode
[ 2695.873985][T29639] hsr_slave_0: entered promiscuous mode
[ 2695.875125][T29639] hsr_slave_1: entered promiscuous mode
[ 2695.875859][T29639] debugfs: 'hsr0' already exists in 'hsr'
[ 2695.875878][T29639] Cannot create hsr debugfs directory
[ 2696.940229][T26134] Bluetooth: hci2: command tx timeout
[ 2697.437618][T29515] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2698.270060][T29515] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2698.537603][T29515] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2699.021046][T26134] Bluetooth: hci2: command tx timeout
[ 2699.055374][T29515] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2699.121608][T29667] chnl_net:caif_netlink_parms(): no params data found
[ 2699.299380][T12791] hsr_slave_0: left promiscuous mode
[ 2699.329203][T12791] hsr_slave_1: left promiscuous mode
[ 2699.369607][T12791] hsr_slave_0: left promiscuous mode
[ 2699.389189][T12791] hsr_slave_1: left promiscuous mode
[ 2699.390276][T12791] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2699.442326][T12791] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2699.499904][T12791] hsr_slave_0: left promiscuous mode
[ 2699.539275][T12791] hsr_slave_1: left promiscuous mode
[ 2699.541642][T12791] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2699.562504][T12791] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2699.647285][T12791] veth1_macvtap: left promiscuous mode
[ 2699.647392][T12791] veth0_macvtap: left allmulticast mode
[ 2699.647442][T12791] veth0_macvtap: left promiscuous mode
[ 2699.647768][T12791] veth1_vlan: left promiscuous mode
[ 2699.647986][T12791] veth0_vlan: left promiscuous mode
[ 2701.118997][T26134] Bluetooth: hci2: command tx timeout
[ 2705.677626][T24307] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2705.710349][T24307] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2705.712115][T24307] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2705.714424][T24307] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2705.715227][T24307] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2707.924681][T26134] Bluetooth: hci4: command tx timeout
[ 2708.665459][T12791] team0 (unregistering): Port device team_slave_1 removed
[ 2708.838439][T12791] team0 (unregistering): Port device team_slave_0 removed
[ 2709.976484][T26134] Bluetooth: hci4: command tx timeout
[ 2710.074499][T12791] team0 (unregistering): Port device team_slave_1 removed
[ 2710.264491][T12791] team0 (unregistering): Port device team_slave_0 removed
[ 2711.710300][T29667] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2711.710457][T29667] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2711.710727][T29667] bridge_slave_0: entered allmulticast mode
[ 2711.723616][T29667] bridge_slave_0: entered promiscuous mode
[ 2711.881569][T29667] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2711.881826][T29667] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2711.882061][T29667] bridge_slave_1: entered allmulticast mode
[ 2711.886656][T29667] bridge_slave_1: entered promiscuous mode
[ 2712.052783][T26134] Bluetooth: hci4: command tx timeout
[ 2712.491288][T29667] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2712.525023][T29667] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2712.901754][T29667] team0: Port device team_slave_0 added
[ 2712.943265][T29667] team0: Port device team_slave_1 added
[ 2713.373849][T29667] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2713.373868][T29667] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2713.373897][T29667] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2713.396792][T29667] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2713.396810][T29667] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2713.396841][T29667] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2714.131758][T26134] Bluetooth: hci4: command tx timeout
[ 2714.354201][T29667] hsr_slave_0: entered promiscuous mode
[ 2714.355457][T29667] hsr_slave_1: entered promiscuous mode
[ 2714.356240][T29667] debugfs: 'hsr0' already exists in 'hsr'
[ 2714.356261][T29667] Cannot create hsr debugfs directory
[ 2715.066407][T29673] chnl_net:caif_netlink_parms(): no params data found
[ 2715.328827][T24307] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2715.395369][T24307] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2715.408187][T24307] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2715.410491][T24307] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2715.427612][T24307] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2716.644052][T29673] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2716.644181][T29673] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2716.644744][T29673] bridge_slave_0: entered allmulticast mode
[ 2716.647477][T29673] bridge_slave_0: entered promiscuous mode
[ 2716.763996][T29673] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2716.764133][T29673] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2716.764365][T29673] bridge_slave_1: entered allmulticast mode
[ 2716.767112][T29673] bridge_slave_1: entered promiscuous mode
[ 2717.265962][T29673] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2717.289537][T29673] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2717.570121][T24307] Bluetooth: hci0: command tx timeout
[ 2717.813363][T29673] team0: Port device team_slave_0 added
[ 2717.836549][T29673] team0: Port device team_slave_1 added
[ 2718.176771][T29673] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2718.176790][T29673] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2718.176819][T29673] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2718.241568][T29673] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2718.241588][T29673] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2718.241632][T29673] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2719.026331][T29673] hsr_slave_0: entered promiscuous mode
[ 2719.035886][T29673] hsr_slave_1: entered promiscuous mode
[ 2719.045385][T29673] debugfs: 'hsr0' already exists in 'hsr'
[ 2719.045417][T29673] Cannot create hsr debugfs directory
[ 2719.274288][T29682] chnl_net:caif_netlink_parms(): no params data found
[ 2719.596414][T12791] IPVS: stop unused estimator thread 0...
[ 2719.649003][T24307] Bluetooth: hci0: command tx timeout
[ 2719.772314][T29639] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 2719.920102][T29639] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 2720.037230][T29639] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 2720.151539][T29682] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2720.151753][T29682] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2720.151999][T29682] bridge_slave_0: entered allmulticast mode
[ 2720.154703][T29682] bridge_slave_0: entered promiscuous mode
[ 2720.232186][T29639] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 2720.268131][T29682] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2720.268304][T29682] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2720.268873][T29682] bridge_slave_1: entered allmulticast mode
[ 2720.271799][T29682] bridge_slave_1: entered promiscuous mode
[ 2720.523659][T29682] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2720.547310][T29682] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2720.882955][T29682] team0: Port device team_slave_0 added
[ 2720.884811][T29667] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 2721.025572][T29682] team0: Port device team_slave_1 added
[ 2721.026128][T29667] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 2721.220161][T29667] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 2721.419949][T29667] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 2721.609838][T29682] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2721.609859][T29682] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2721.609890][T29682] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2721.728058][T24307] Bluetooth: hci0: command tx timeout
[ 2721.764370][T29682] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2721.764389][T29682] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2721.764418][T29682] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2722.220781][T29682] hsr_slave_0: entered promiscuous mode
[ 2722.222208][T29682] hsr_slave_1: entered promiscuous mode
[ 2722.223190][T29682] debugfs: 'hsr0' already exists in 'hsr'
[ 2722.223214][T29682] Cannot create hsr debugfs directory
[ 2722.247620][T29673] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 2722.295012][T29673] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 2722.395337][T29673] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 2722.542903][T29673] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 2723.096902][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2723.097329][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2723.252357][T12791] bridge_slave_1: left allmulticast mode
[ 2723.252393][T12791] bridge_slave_1: left promiscuous mode
[ 2723.252645][T12791] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2723.328584][T12791] bridge_slave_0: left allmulticast mode
[ 2723.328619][T12791] bridge_slave_0: left promiscuous mode
[ 2723.328967][T12791] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2723.404028][T12791] bridge_slave_1: left allmulticast mode
[ 2723.404068][T12791] bridge_slave_1: left promiscuous mode
[ 2723.404364][T12791] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2723.459099][T12791] bridge_slave_0: left allmulticast mode
[ 2723.459137][T12791] bridge_slave_0: left promiscuous mode
[ 2723.459415][T12791] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2723.542377][T12791] bridge_slave_1: left allmulticast mode
[ 2723.542413][T12791] bridge_slave_1: left promiscuous mode
[ 2723.542660][T12791] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2723.608996][T12791] bridge_slave_0: left allmulticast mode
[ 2723.609035][T12791] bridge_slave_0: left promiscuous mode
[ 2723.609341][T12791] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2723.806872][T24307] Bluetooth: hci0: command tx timeout
[ 2724.020533][T12791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2724.097553][T12791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2724.162014][T12791] bond0 (unregistering): Released all slaves
[ 2724.457731][T12791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2724.537501][T12791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2724.622385][T12791] bond0 (unregistering): Released all slaves
[ 2724.907292][T12791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2724.997508][T12791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2725.073456][T12791] bond0 (unregistering): Released all slaves
[ 2725.471320][T29639] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2725.738320][T29667] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2725.801258][T29639] 8021q: adding VLAN 0 to HW filter on device team0
[ 2726.044757][T28499] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2726.044975][T28499] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2726.080526][T29667] 8021q: adding VLAN 0 to HW filter on device team0
[ 2726.298537][T12791] hsr_slave_0: left promiscuous mode
[ 2726.345934][T12791] hsr_slave_1: left promiscuous mode
[ 2726.347059][T12791] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2726.370340][T12791] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2726.535816][T12791] hsr_slave_0: left promiscuous mode
[ 2726.575614][T12791] hsr_slave_1: left promiscuous mode
[ 2726.577806][T12791] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2726.607286][T12791] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2726.785490][T12791] hsr_slave_0: left promiscuous mode
[ 2726.805472][T12791] hsr_slave_1: left promiscuous mode
[ 2726.806443][T12791] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2726.857533][T12791] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2727.775634][T12791] team0 (unregistering): Port device team_slave_1 removed
[ 2727.947661][T12791] team0 (unregistering): Port device team_slave_0 removed
[ 2729.485786][T12791] team0 (unregistering): Port device team_slave_1 removed
[ 2729.684638][T12791] team0 (unregistering): Port device team_slave_0 removed
[ 2731.293931][T12791] team0 (unregistering): Port device team_slave_1 removed
[ 2731.475623][T12791] team0 (unregistering): Port device team_slave_0 removed
[ 2732.419927][T23046] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2732.420211][T23046] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2732.448283][ T1472] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2732.448428][ T1472] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2732.556387][T23046] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2732.556542][T23046] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2732.648359][T29673] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2733.086011][T29673] 8021q: adding VLAN 0 to HW filter on device team0
[ 2733.264741][T26717] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2733.264946][T26717] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2733.307916][T29667] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 2733.366071][T26717] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2733.367476][T26717] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2733.392000][T29682] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 2733.455735][T29682] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 2733.518541][T29682] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 2733.755411][T29682] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 2734.466345][T29667] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2734.513738][T26134] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2734.545433][T26134] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2734.558565][T26134] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2734.637048][T26134] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2734.639804][T26134] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2735.638457][T29682] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2735.801267][T29667] veth0_vlan: entered promiscuous mode
[ 2735.945323][T29673] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2736.014923][T29682] 8021q: adding VLAN 0 to HW filter on device team0
[ 2736.084624][T29667] veth1_vlan: entered promiscuous mode
[ 2736.133034][T26717] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2736.134751][T26717] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2736.181821][T29728] chnl_net:caif_netlink_parms(): no params data found
[ 2736.270916][T28499] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2736.271077][T28499] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2736.831123][T29728] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2736.831362][T29728] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2736.831622][T29728] bridge_slave_0: entered allmulticast mode
[ 2736.834379][T29728] bridge_slave_0: entered promiscuous mode
[ 2736.840635][T24307] Bluetooth: hci5: command tx timeout
[ 2737.143647][T29728] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2737.143830][T29728] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2737.144061][T29728] bridge_slave_1: entered allmulticast mode
[ 2737.146751][T29728] bridge_slave_1: entered promiscuous mode
[ 2737.376082][T29667] veth0_macvtap: entered promiscuous mode
[ 2737.534884][T29728] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2737.562253][T29728] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2737.658029][T29667] veth1_macvtap: entered promiscuous mode
[ 2737.962100][T29728] team0: Port device team_slave_0 added
[ 2737.972134][T29728] team0: Port device team_slave_1 added
[ 2738.483345][T29728] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2738.483364][T29728] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2738.483395][T29728] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2738.543487][T29728] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2738.543503][T29728] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2738.543527][T29728] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2738.546457][T29673] veth0_vlan: entered promiscuous mode
[ 2738.597242][T29667] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2738.753185][T29667] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2738.874383][T29673] veth1_vlan: entered promiscuous mode
[ 2738.897602][T29728] hsr_slave_0: entered promiscuous mode
[ 2738.900089][T29728] hsr_slave_1: entered promiscuous mode
[ 2738.901275][T29728] debugfs: 'hsr0' already exists in 'hsr'
[ 2738.901304][T29728] Cannot create hsr debugfs directory
[ 2738.918274][T28499] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2738.920240][T24307] Bluetooth: hci5: command tx timeout
[ 2738.925248][T28499] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2738.943649][T28499] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2738.948546][T28499] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2739.559343][T29682] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2739.917841][T12791] bridge_slave_1: left allmulticast mode
[ 2739.917878][T12791] bridge_slave_1: left promiscuous mode
[ 2739.918155][T12791] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2739.991571][T12791] bridge_slave_0: left allmulticast mode
[ 2739.991604][T12791] bridge_slave_0: left promiscuous mode
[ 2739.991856][T12791] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2741.018854][T24307] Bluetooth: hci5: command tx timeout
[ 2742.233735][T12791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2742.308486][T12791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2742.342803][T12791] bond0 (unregistering): Released all slaves
[ 2742.510493][T29673] veth0_macvtap: entered promiscuous mode
[ 2742.562450][T28501] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2742.562473][T28501] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2742.806549][T29673] veth1_macvtap: entered promiscuous mode
[ 2742.937493][T12791] hsr_slave_0: left promiscuous mode
[ 2742.987536][T12791] hsr_slave_1: left promiscuous mode
[ 2742.988510][T12791] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2743.010636][T12791] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2743.077493][T24307] Bluetooth: hci5: command tx timeout
[ 2744.327372][T12791] team0 (unregistering): Port device team_slave_1 removed
[ 2744.629177][T12791] team0 (unregistering): Port device team_slave_0 removed
[ 2747.624326][T28505] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2747.624349][T28505] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2747.727605][T29673] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2747.912413][T29673] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2748.027563][T26718] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2748.312697][T26718] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2748.858410][T29682] veth0_vlan: entered promiscuous mode
[ 2748.859682][T26718] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2751.032099][T26715] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2752.713507][T29682] veth1_vlan: entered promiscuous mode
[ 2756.480392][T26718] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2756.480416][T26718] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2756.720596][T29682] veth0_macvtap: entered promiscuous mode
[ 2756.950766][T29682] veth1_macvtap: entered promiscuous mode
[ 2756.981946][T26718] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2756.981963][T26718] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2757.107993][T29728] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 2757.162713][T29728] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 2757.330147][T29728] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 2759.181865][T29682] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2759.227760][T29728] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 2759.330379][T29682] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2759.410329][T26717] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2759.415484][T26717] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2759.436872][T26717] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2759.584640][T26717] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2763.707288][T26718] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2763.707311][T26718] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2764.944711][T29855] overlayfs: failed to resolve './bus': -40
[ 2768.211676][T28503] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2768.211700][T28503] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2768.460554][T29728] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2768.848687][T29728] 8021q: adding VLAN 0 to HW filter on device team0
[ 2769.709191][T12791] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2769.715024][T12791] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2770.014156][T23044] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2770.014334][T23044] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2785.559343][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2785.559426][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2787.777650][T29728] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2788.779652][T26134] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2789.718452][T26134] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2789.758484][T26134] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2789.760268][T26134] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2789.761238][T26134] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2792.608645][T29728] veth0_vlan: entered promiscuous mode
[ 2793.258105][T27864] Bluetooth: hci3: command tx timeout
[ 2793.665016][T29728] veth1_vlan: entered promiscuous mode
[ 2795.372171][T27864] Bluetooth: hci3: command tx timeout
[ 2795.605059][T24307] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2795.663839][T24307] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2795.937959][T24307] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2795.980254][T24307] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2796.479913][T24307] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2796.768414][T24307] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2796.806849][T24307] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2796.808759][T24307] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2796.869977][T24307] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2796.889017][T24307] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2797.474962][T27864] Bluetooth: hci3: command tx timeout
[ 2798.789947][T27864] Bluetooth: hci2: command tx timeout
[ 2798.969187][T27864] Bluetooth: hci1: command tx timeout
[ 2799.654293][T27864] Bluetooth: hci3: command tx timeout
[ 2800.808733][T27864] Bluetooth: hci2: command tx timeout
[ 2801.250554][T27864] Bluetooth: hci1: command tx timeout
[ 2803.083832][T27864] Bluetooth: hci2: command tx timeout
[ 2803.287020][T27864] Bluetooth: hci1: command tx timeout
[ 2805.225191][T27864] Bluetooth: hci2: command tx timeout
[ 2805.365932][T27864] Bluetooth: hci1: command tx timeout
[ 2809.037691][T26715] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2809.261058][T29922] chnl_net:caif_netlink_parms(): no params data found
[ 2811.527440][T30016] genirq: Flags mismatch irq 5. 00202000 (pcl816) vs. 00202000 (pcl812)
[ 2813.226065][T30027] 9pnet_fd: p9_fd_create_tcp (30027): problem connecting socket to 127.0.0.1
[ 2815.169840][T30027] 9pnet_fd: p9_fd_create_tcp (30027): problem connecting socket to 127.0.0.1
[ 2815.266277][T26715] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2816.019059][T26715] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2816.083779][T29922] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2816.083965][T29922] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2816.084188][T29922] bridge_slave_0: entered allmulticast mode
[ 2816.089275][T29922] bridge_slave_0: entered promiscuous mode
[ 2816.114266][T29922] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2816.114430][T29922] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2816.114726][T29922] bridge_slave_1: entered allmulticast mode
[ 2816.129421][T29922] bridge_slave_1: entered promiscuous mode
[ 2818.125505][T26715] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2818.176940][T29922] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2818.301918][T29922] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2819.754794][T29922] team0: Port device team_slave_0 added
[ 2820.473681][T22394] Process accounting resumed
[ 2820.641439][T29922] team0: Port device team_slave_1 added
[ 2823.119197][T29922] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2823.119219][T29922] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2823.119252][T29922] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2823.300092][T30074] ieee802154 phy0 wpan0: encryption failed: -22
[ 2823.321977][T29922] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2823.321993][T29922] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2823.322020][T29922] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2823.322926][T29955] chnl_net:caif_netlink_parms(): no params data found
[ 2823.977512][T29949] chnl_net:caif_netlink_parms(): no params data found
[ 2825.328755][T29922] hsr_slave_0: entered promiscuous mode
[ 2825.330374][T29922] hsr_slave_1: entered promiscuous mode
[ 2825.331398][T29922] debugfs: 'hsr0' already exists in 'hsr'
[ 2825.331425][T29922] Cannot create hsr debugfs directory
[ 2825.371079][T26715] bridge_slave_1: left allmulticast mode
[ 2825.371111][T26715] bridge_slave_1: left promiscuous mode
[ 2825.371394][T26715] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2825.628129][T26715] bridge_slave_0: left allmulticast mode
[ 2825.628166][T26715] bridge_slave_0: left promiscuous mode
[ 2825.628470][T26715] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2831.676679][T30115] syz.7.7767 (30115): /proc/30108/oom_adj is deprecated, please use /proc/30108/oom_score_adj instead.
[ 2832.748138][T30119] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7769'.
[ 2832.917860][T27864] Bluetooth: hci4: command 0x0406 tx timeout
[ 2837.831206][T24307] Bluetooth: hci0: command 0x0406 tx timeout
[ 2838.249778][T26344] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[ 2838.689467][T26344] usb 7-1: Using ep0 maxpacket: 32
[ 2838.692304][T26344] usb 7-1: config index 0 descriptor too short (expected 156, got 27)
[ 2838.692357][T26344] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[ 2838.692402][T26344] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 2838.692433][T26344] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[ 2838.692465][T26344] usb 7-1: config 0 interface 0 has no altsetting 0
[ 2838.695457][T26344] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 2838.695485][T26344] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 2838.695506][T26344] usb 7-1: Product: syz
[ 2838.695521][T26344] usb 7-1: Manufacturer: syz
[ 2838.695535][T26344] usb 7-1: SerialNumber: syz
[ 2838.729340][T26344] usb 7-1: config 0 descriptor??
[ 2838.735369][T26344] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 2838.771954][T26344] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 2841.418660][T29711] usb 7-1: USB disconnect, device number 31
[ 2841.439727][T29711] ldusb 7-1:0.0: LD USB Device #0 now disconnected
[ 2843.028233][T26715] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2843.299876][T26134] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2843.360506][T26134] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2843.374813][T26134] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2844.331381][T26134] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2844.332382][T26134] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2844.558790][T26715] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2844.625949][T26715] bond0 (unregistering): Released all slaves
[ 2846.436118][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2846.441206][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2846.465974][T26134] Bluetooth: hci5: command tx timeout
[ 2848.544325][T26134] Bluetooth: hci5: command tx timeout
[ 2850.430983][T27864] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2850.712530][T27864] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2850.842753][T27864] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2850.898260][T27864] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2851.352994][T27864] Bluetooth: hci5: command tx timeout
[ 2851.447395][T27864] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2853.110506][T30182] IPVS: starting estimator thread 0...
[ 2853.202191][T30205] IPVS: using max 7 ests per chain, 16800 per kthread
[ 2853.511985][T27864] Bluetooth: hci3: command tx timeout
[ 2853.673672][T27864] Bluetooth: hci5: command tx timeout
[ 2855.032302][T29955] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2855.032438][T29955] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2855.032733][T29955] bridge_slave_0: entered allmulticast mode
[ 2855.035462][T29955] bridge_slave_0: entered promiscuous mode
[ 2855.580853][T27864] Bluetooth: hci3: command tx timeout
[ 2857.678574][T27864] Bluetooth: hci3: command tx timeout
[ 2859.125920][   T38] audit: type=1326 audit(2000001993.453:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=30229 comm="syz.7.7798" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd1cf58ebe9 code=0x0
[ 2859.402098][T27864] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2859.448130][T27864] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2859.473282][T27864] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2859.489871][T27864] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2859.490726][T27864] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2859.566067][T30244] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7799'.
[ 2859.566090][T30244] netlink: 16 bytes leftover after parsing attributes in process `syz.6.7799'.
[ 2859.566109][T30244] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7799'.
[ 2859.566150][T30244] netlink: 36 bytes leftover after parsing attributes in process `syz.6.7799'.
[ 2859.795703][T27864] Bluetooth: hci3: command tx timeout
[ 2861.912278][T27864] Bluetooth: hci2: command tx timeout
[ 2863.769351][T26715] hsr_slave_0: left promiscuous mode
[ 2863.806814][T26715] hsr_slave_1: left promiscuous mode
[ 2863.807746][T26715] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2863.807776][T26715] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2864.138524][T27864] Bluetooth: hci2: command tx timeout
[ 2864.153944][T26715] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2864.153976][T26715] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2865.110545][T26715] veth1_macvtap: left promiscuous mode
[ 2865.110672][T26715] veth0_macvtap: left promiscuous mode
[ 2865.110974][T26715] veth1_vlan: left promiscuous mode
[ 2865.115579][T26715] veth0_vlan: left promiscuous mode
[ 2866.998526][T27864] Bluetooth: hci2: command tx timeout
[ 2869.079549][T27864] Bluetooth: hci2: command tx timeout
[ 2882.878338][T26715] team0 (unregistering): Port device team_slave_1 removed
[ 2883.151943][T26715] team0 (unregistering): Port device team_slave_0 removed
[ 2894.262250][T30196] chnl_net:caif_netlink_parms(): no params data found
[ 2894.300457][T30164] chnl_net:caif_netlink_parms(): no params data found
[ 2897.141819][T30401] random: crng reseeded on system resumption
[ 2902.027986][T30239] chnl_net:caif_netlink_parms(): no params data found
[ 2902.076703][T30196] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2902.076824][T30196] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2902.077095][T30196] bridge_slave_0: entered allmulticast mode
[ 2902.079576][T30196] bridge_slave_0: entered promiscuous mode
[ 2902.214345][T30196] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2902.215047][T30196] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2902.215341][T30196] bridge_slave_1: entered allmulticast mode
[ 2902.239727][T30196] bridge_slave_1: entered promiscuous mode
[ 2904.281121][T30196] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2904.524644][T30196] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2905.541927][T27864] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2905.566788][T27864] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2905.568741][T27864] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2905.817887][T27864] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2905.818537][T27864] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2906.851679][T30196] team0: Port device team_slave_0 added
[ 2906.855970][T30239] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2906.856123][T30239] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2906.858613][T30239] bridge_slave_0: entered allmulticast mode
[ 2907.398911][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2907.399016][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2907.727561][T30239] bridge_slave_0: entered promiscuous mode
[ 2908.157049][T26134] Bluetooth: hci1: command tx timeout
[ 2908.165096][T30196] team0: Port device team_slave_1 added
[ 2908.219697][T30239] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2908.219824][T30239] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2908.220008][T30239] bridge_slave_1: entered allmulticast mode
[ 2908.253499][T30239] bridge_slave_1: entered promiscuous mode
[ 2908.639624][T30462] random: crng reseeded on system resumption
[ 2910.155966][T27864] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2910.170516][T27864] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2910.186944][T27864] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2910.189285][T27864] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2910.195026][T30168] Bluetooth: hci1: command tx timeout
[ 2910.233687][T30168] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2912.272472][T26134] Bluetooth: hci1: command tx timeout
[ 2912.366846][T26134] Bluetooth: hci5: command tx timeout
[ 2914.366514][T26134] Bluetooth: hci1: command tx timeout
[ 2914.432103][T26134] Bluetooth: hci5: command tx timeout
[ 2914.499758][T30239] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2916.121133][T30493] netlink: 408 bytes leftover after parsing attributes in process `syz.6.7852'.
[ 2916.121161][T30493] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7852'.
[ 2917.008225][T26134] Bluetooth: hci5: command tx timeout
[ 2917.284770][T30239] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2919.069766][T26134] Bluetooth: hci5: command tx timeout
[ 2920.719962][T30168] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2920.811604][T30168] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2920.983043][T30168] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2921.039328][T30168] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2921.040199][T30168] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2924.826271][T30168] Bluetooth: hci3: command tx timeout
[ 2926.905703][T30168] Bluetooth: hci3: command tx timeout
[ 2927.083100][T30538] tipc: Started in network mode
[ 2927.083137][T30538] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[ 2927.083631][T30538] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[ 2927.108328][T30538] tipc: Enabled bearer <udp:syz0>, priority 10
[ 2928.200977][T22394] tipc: Node number set to 1
[ 2928.984777][T30168] Bluetooth: hci3: command tx timeout
[ 2931.063090][T30168] Bluetooth: hci3: command tx timeout
[ 2931.378723][T30446] chnl_net:caif_netlink_parms(): no params data found
[ 2938.843517][T30464] chnl_net:caif_netlink_parms(): no params data found
[ 2940.319532][T30446] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2940.319694][T30446] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2940.319952][T30446] bridge_slave_0: entered allmulticast mode
[ 2940.330583][T30446] bridge_slave_0: entered promiscuous mode
[ 2940.442532][T30446] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2940.442693][T30446] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2940.443006][T30446] bridge_slave_1: entered allmulticast mode
[ 2940.445254][T30446] bridge_slave_1: entered promiscuous mode
[ 2942.948466][T26715] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2944.586666][T30628] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 2944.586720][T30628] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 2948.462988][T26715] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2948.707689][T30446] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2949.896996][T30446] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2951.831450][T26715] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2954.052627][T30464] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2954.052755][T30464] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2954.052983][T30464] bridge_slave_0: entered allmulticast mode
[ 2954.055659][T30464] bridge_slave_0: entered promiscuous mode
[ 2954.346571][T26715] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2954.406814][T30446] team0: Port device team_slave_0 added
[ 2954.407430][T30512] chnl_net:caif_netlink_parms(): no params data found
[ 2954.426388][T30464] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2954.426532][T30464] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2954.426809][T30464] bridge_slave_1: entered allmulticast mode
[ 2954.429536][T30464] bridge_slave_1: entered promiscuous mode
[ 2954.442715][T30446] team0: Port device team_slave_1 added
[ 2957.655053][T30464] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2957.656797][T30446] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2957.656809][T30446] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2957.656831][T30446] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2957.785605][T30464] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2957.786544][T30446] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2957.786559][T30446] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2957.786590][T30446] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2958.708172][T30464] team0: Port device team_slave_0 added
[ 2962.460477][T30464] team0: Port device team_slave_1 added
[ 2962.537867][T30512] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2962.537967][T30512] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2962.538232][T30512] bridge_slave_0: entered allmulticast mode
[ 2962.540266][T30512] bridge_slave_0: entered promiscuous mode
[ 2963.085932][T30512] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2963.086103][T30512] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2963.086407][T30512] bridge_slave_1: entered allmulticast mode
[ 2963.089514][T30512] bridge_slave_1: entered promiscuous mode
[ 2964.014885][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2965.101277][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2965.297907][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2966.576145][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2966.880999][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2967.841073][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2967.935848][T30464] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2967.935865][T30464] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2967.935894][T30464] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2968.966509][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2968.966899][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2969.010436][T30464] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2969.010456][T30464] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2969.010488][T30464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2969.072160][T30512] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2969.129275][T30512] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2970.408581][T26134] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2970.437764][T26134] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2970.454098][T26134] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2970.461537][T26134] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2970.462403][T26134] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2970.615648][T26715] bridge_slave_0: left allmulticast mode
[ 2970.615685][T26715] bridge_slave_0: left promiscuous mode
[ 2970.616035][T26715] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2972.103218][T26715] bridge_slave_1: left allmulticast mode
[ 2972.103256][T26715] bridge_slave_1: left promiscuous mode
[ 2972.103537][T26715] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2972.648877][T26134] Bluetooth: hci2: command tx timeout
[ 2972.665141][T26134] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2972.689295][T26715] bridge_slave_0: left allmulticast mode
[ 2972.689330][T26715] bridge_slave_0: left promiscuous mode
[ 2972.689569][T26715] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2972.830531][T30752] openvswitch: netlink: Missing key (keys=1040, expected=2000)
[ 2973.053710][T26134] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2973.070242][T26134] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2973.100819][T26134] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2973.117709][T26134] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2973.667694][T26715] bridge_slave_1: left allmulticast mode
[ 2973.667722][T26715] bridge_slave_1: left promiscuous mode
[ 2973.667906][T26715] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2973.907096][T26715] bridge_slave_0: left allmulticast mode
[ 2973.907123][T26715] bridge_slave_0: left promiscuous mode
[ 2973.907310][T26715] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2974.787362][T30168] Bluetooth: hci2: command tx timeout
[ 2975.055063][T26715] bridge_slave_1: left allmulticast mode
[ 2975.055096][T26715] bridge_slave_1: left promiscuous mode
[ 2975.055331][T26715] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2975.163861][T26715] bridge_slave_0: left allmulticast mode
[ 2975.163896][T26715] bridge_slave_0: left promiscuous mode
[ 2975.164159][T26715] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2976.330454][T30168] Bluetooth: hci1: command tx timeout
[ 2977.135654][T26134] Bluetooth: hci2: command tx timeout
[ 2978.999654][T26134] Bluetooth: hci1: command tx timeout
[ 2979.341848][T26134] Bluetooth: hci2: command tx timeout
[ 2981.235443][T26134] Bluetooth: hci1: command tx timeout
[ 2981.839676][T26715] bond0 (unregistering): Released all slaves
[ 2982.905671][T26715] bond0 (unregistering): Released all slaves
[ 2983.277356][T26134] Bluetooth: hci1: command tx timeout
[ 2983.577662][T26715] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2984.309407][T30168] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2984.339044][T30168] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2984.340987][T30168] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2984.343143][T30168] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2984.345095][T30168] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2984.591596][T26715] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2984.710891][T26715] bond0 (unregistering): Released all slaves
[ 2985.979109][T30799] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7920'.
[ 2985.981446][T30799] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7920'.
[ 2986.492834][T26134] Bluetooth: hci5: command tx timeout
[ 2986.615633][T30803] netlink: 5128 bytes leftover after parsing attributes in process `syz.7.7921'.
[ 2987.733557][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2987.808688][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2987.892572][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2987.948043][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2988.136145][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2988.506152][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2988.671990][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2988.677773][T26134] Bluetooth: hci5: command tx timeout
[ 2989.354612][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2989.472968][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2989.762699][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2989.828516][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2989.899645][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2989.958433][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2990.023427][T26715] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2990.084481][T26715] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2990.117515][T26715] bond0 (unregistering): Released all slaves
[ 2990.171332][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2990.262604][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2990.320942][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2990.405309][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2990.472575][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2990.555020][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2990.630602][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2990.694092][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2990.723251][T26134] Bluetooth: hci5: command tx timeout
[ 2990.764813][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2990.842501][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2990.929724][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2991.113106][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2992.278461][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2992.313342][T26715] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2992.373521][T26715] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2992.399361][T26715] bond0 (unregistering): Released all slaves
[ 2992.446992][T30809] bridge1: entered promiscuous mode
[ 2992.486083][T30783] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[ 2992.486140][T30783] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[ 2992.486163][T30783] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 2992.598431][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2992.700722][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2992.708837][   T38] audit: type=1800 audit(2000002127.460:453): pid=30783 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.6.7915" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[ 2992.792395][T26134] Bluetooth: hci5: command tx timeout
[ 2999.996869][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3012.624271][T30168] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 3012.640396][T30168] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 3012.643150][T30168] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 3012.644377][T30168] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 3012.645148][T30168] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 3014.774433][T26134] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[ 3014.774641][T26134] CPU: 1 UID: 0 PID: 26134 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3014.774677][T26134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 3014.774694][T26134] Workqueue: hci0 hci_rx_work
[ 3014.774850][T26134] Call Trace:
[ 3014.774861][T26134]  <TASK>
[ 3014.774871][T26134]  dump_stack_lvl+0x189/0x250
[ 3014.774973][T26134]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3014.775081][T26134]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3014.775170][T26134]  sysfs_create_dir_ns+0x259/0x280
[ 3014.775260][T26134]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 3014.775316][T26134]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 3014.775358][T26134]  ? rt_spin_unlock+0x65/0x80
[ 3014.775397][T26134]  kobject_add_internal+0x5a5/0xb50
[ 3014.775462][T26134]  kobject_add+0x155/0x220
[ 3014.775500][T26134]  ? __pfx_kobject_add+0x10/0x10
[ 3014.775535][T26134]  ? get_device_parent+0x370/0x3a0
[ 3014.775631][T26134]  device_add+0x408/0xb50
[ 3014.775660][T26134]  hci_conn_add_sysfs+0xd5/0x1e0
[ 3014.775714][T26134]  le_conn_complete_evt+0xc3a/0x1220
[ 3014.775795][T26134]  ? trace_irq_disable+0x37/0x110
[ 3014.775856][T26134]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 3014.775891][T26134]  ? irqentry_exit+0x74/0x90
[ 3014.775928][T26134]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3014.775977][T26134]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 3014.776019][T26134]  hci_le_conn_complete_evt+0x187/0x450
[ 3014.776065][T26134]  hci_event_packet+0x78f/0x1200
[ 3014.776099][T26134]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 3014.776138][T26134]  ? __pfx_hci_event_packet+0x10/0x10
[ 3014.776179][T26134]  ? __pfx_migrate_enable+0x10/0x10
[ 3014.776219][T26134]  ? __rcu_read_unlock+0x84/0xe0
[ 3014.776306][T26134]  ? hci_send_to_monitor+0xe2/0x570
[ 3014.776428][T26134]  hci_rx_work+0x46a/0xe80
[ 3014.776464][T26134]  ? process_scheduled_works+0x9ef/0x17b0
[ 3014.776515][T26134]  process_scheduled_works+0xade/0x17b0
[ 3014.776575][T26134]  ? __pfx_process_scheduled_works+0x10/0x10
[ 3014.776623][T26134]  worker_thread+0x8a0/0xda0
[ 3014.776655][T26134]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 3014.776698][T26134]  ? __kthread_parkme+0x7b/0x200
[ 3014.776739][T26134]  kthread+0x70e/0x8a0
[ 3014.776776][T26134]  ? __pfx_worker_thread+0x10/0x10
[ 3014.776803][T26134]  ? __pfx_kthread+0x10/0x10
[ 3014.776842][T26134]  ? __pfx_kthread+0x10/0x10
[ 3014.776877][T26134]  ret_from_fork+0x3f9/0x770
[ 3014.776919][T26134]  ? __pfx_ret_from_fork+0x10/0x10
[ 3014.776954][T26134]  ? __switch_to_asm+0x39/0x70
[ 3014.776975][T26134]  ? __switch_to_asm+0x33/0x70
[ 3014.776995][T26134]  ? __pfx_kthread+0x10/0x10
[ 3014.777030][T26134]  ret_from_fork_asm+0x1a/0x30
[ 3014.777069][T26134]  </TASK>
[ 3014.779060][T26134] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 3014.779906][T26134] Bluetooth: hci0: failed to register connection device
[ 3015.596386][T26134] ==================================================================
[ 3015.596410][T26134] BUG: KASAN: slab-use-after-free in l2cap_connect_cfm+0x6e4/0x1040
[ 3015.596530][T26134] Read of size 8 at addr ffff888062db4500 by task kworker/u9:0/26134
[ 3015.596551][T26134] 
[ 3015.596565][T26134] CPU: 1 UID: 0 PID: 26134 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3015.596592][T26134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 3015.596609][T26134] Workqueue: hci0 hci_rx_work
[ 3015.596636][T26134] Call Trace:
[ 3015.596646][T26134]  <TASK>
[ 3015.596656][T26134]  dump_stack_lvl+0x189/0x250
[ 3015.596692][T26134]  ? __kasan_check_byte+0x12/0x40
[ 3015.596741][T26134]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3015.596774][T26134]  ? lock_release+0x4b/0x3e0
[ 3015.596810][T26134]  ? __virt_addr_valid+0x4a5/0x5c0
[ 3015.596832][T26134]  print_report+0xca/0x240
[ 3015.596861][T26134]  ? l2cap_connect_cfm+0x6e4/0x1040
[ 3015.596893][T26134]  kasan_report+0x118/0x150
[ 3015.596924][T26134]  ? l2cap_connect_cfm+0x6e4/0x1040
[ 3015.596962][T26134]  l2cap_connect_cfm+0x6e4/0x1040
[ 3015.597002][T26134]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 3015.597036][T26134]  ? mutex_lock_nested+0x154/0x1d0
[ 3015.597062][T26134]  ? hci_connect_cfm+0x2c/0x140
[ 3015.597091][T26134]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 3015.597126][T26134]  hci_connect_cfm+0x92/0x140
[ 3015.597157][T26134]  le_conn_complete_evt+0xcd3/0x1220
[ 3015.597200][T26134]  ? trace_irq_disable+0x37/0x110
[ 3015.597236][T26134]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 3015.597267][T26134]  ? irqentry_exit+0x74/0x90
[ 3015.597299][T26134]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3015.597337][T26134]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 3015.597372][T26134]  hci_le_conn_complete_evt+0x187/0x450
[ 3015.597407][T26134]  hci_event_packet+0x78f/0x1200
[ 3015.597434][T26134]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 3015.597466][T26134]  ? __pfx_hci_event_packet+0x10/0x10
[ 3015.597491][T26134]  ? __pfx_migrate_enable+0x10/0x10
[ 3015.597519][T26134]  ? __rcu_read_unlock+0x84/0xe0
[ 3015.597547][T26134]  ? hci_send_to_monitor+0xe2/0x570
[ 3015.597583][T26134]  hci_rx_work+0x46a/0xe80
[ 3015.597613][T26134]  ? process_scheduled_works+0x9ef/0x17b0
[ 3015.597643][T26134]  process_scheduled_works+0xade/0x17b0
[ 3015.597687][T26134]  ? __pfx_process_scheduled_works+0x10/0x10
[ 3015.597725][T26134]  worker_thread+0x8a0/0xda0
[ 3015.597755][T26134]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 3015.597793][T26134]  ? __kthread_parkme+0x7b/0x200
[ 3015.597828][T26134]  kthread+0x70e/0x8a0
[ 3015.597863][T26134]  ? __pfx_worker_thread+0x10/0x10
[ 3015.597891][T26134]  ? __pfx_kthread+0x10/0x10
[ 3015.597927][T26134]  ? __pfx_kthread+0x10/0x10
[ 3015.597961][T26134]  ret_from_fork+0x3f9/0x770
[ 3015.597993][T26134]  ? __pfx_ret_from_fork+0x10/0x10
[ 3015.598025][T26134]  ? __switch_to_asm+0x39/0x70
[ 3015.598046][T26134]  ? __switch_to_asm+0x33/0x70
[ 3015.598066][T26134]  ? __pfx_kthread+0x10/0x10
[ 3015.598100][T26134]  ret_from_fork_asm+0x1a/0x30
[ 3015.598130][T26134]  </TASK>
[ 3015.598139][T26134] 
[ 3015.598145][T26134] Allocated by task 26134:
[ 3015.598163][T26134]  kasan_save_track+0x3e/0x80
[ 3015.598193][T26134]  __kasan_kmalloc+0x93/0xb0
[ 3015.598218][T26134]  __kmalloc_cache_noprof+0x1a8/0x320
[ 3015.598264][T26134]  l2cap_chan_create+0x50/0x780
[ 3015.598285][T26134]  l2cap_sock_new_connection_cb+0x182/0x2b0
[ 3015.598306][T26134]  l2cap_connect_cfm+0x377/0x1040
[ 3015.598337][T26134]  hci_connect_cfm+0x92/0x140
[ 3015.598363][T26134]  le_conn_complete_evt+0xcd3/0x1220
[ 3015.598391][T26134]  hci_le_conn_complete_evt+0x187/0x450
[ 3015.598419][T26134]  hci_event_packet+0x78f/0x1200
[ 3015.598440][T26134]  hci_rx_work+0x46a/0xe80
[ 3015.598462][T26134]  process_scheduled_works+0xade/0x17b0
[ 3015.598486][T26134]  worker_thread+0x8a0/0xda0
[ 3015.598511][T26134]  kthread+0x70e/0x8a0
[ 3015.598541][T26134]  ret_from_fork+0x3f9/0x770
[ 3015.598567][T26134]  ret_from_fork_asm+0x1a/0x30
[ 3015.598586][T26134] 
[ 3015.598591][T26134] Freed by task 30867:
[ 3015.598618][T26134]  kasan_save_track+0x3e/0x80
[ 3015.598642][T26134]  kasan_save_free_info+0x46/0x50
[ 3015.598662][T26134]  __kasan_slab_free+0x5b/0x80
[ 3015.598687][T26134]  kfree+0x195/0x550
[ 3015.598714][T26134]  l2cap_sock_cleanup_listen+0xea/0x3e0
[ 3015.598746][T26134]  l2cap_sock_release+0x6a/0x230
[ 3015.598778][T26134]  sock_close+0xc3/0x240
[ 3015.598861][T26134]  __fput+0x45b/0xa80
[ 3015.598888][T26134]  task_work_run+0x1d4/0x260
[ 3015.598908][T26134]  exit_to_user_mode_loop+0xec/0x110
[ 3015.598939][T26134]  do_syscall_64+0x2bd/0x3b0
[ 3015.598958][T26134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3015.598992][T26134] 
[ 3015.599014][T26134] The buggy address belongs to the object at ffff888062db4000
[ 3015.599014][T26134]  which belongs to the cache kmalloc-2k of size 2048
[ 3015.599035][T26134] The buggy address is located 1280 bytes inside of
[ 3015.599035][T26134]  freed 2048-byte region [ffff888062db4000, ffff888062db4800)
[ 3015.599060][T26134] 
[ 3015.599067][T26134] The buggy address belongs to the physical page:
[ 3015.599083][T26134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x62db0
[ 3015.599111][T26134] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 3015.599131][T26134] anon flags: 0x80000000000040(head|node=0|zone=1)
[ 3015.599156][T26134] page_type: f5(slab)
[ 3015.599185][T26134] raw: 0080000000000040 ffff888019842000 0000000000000000 dead000000000001
[ 3015.599206][T26134] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[ 3015.599229][T26134] head: 0080000000000040 ffff888019842000 0000000000000000 dead000000000001
[ 3015.599249][T26134] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[ 3015.599270][T26134] head: 0080000000000003 ffffea00018b6c01 00000000ffffffff 00000000ffffffff
[ 3015.599287][T26134] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000008
[ 3015.599299][T26134] page dumped because: kasan: bad access detected
[ 3015.599316][T26134] page_owner tracks the page as allocated
[ 3015.599325][T26134] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 29667, tgid 29667 (syz-executor), ts 2695445293772, free_ts 2695037425972
[ 3015.599366][T26134]  post_alloc_hook+0x240/0x2a0
[ 3015.599398][T26134]  get_page_from_freelist+0x2119/0x21b0
[ 3015.599420][T26134]  __alloc_frozen_pages_noprof+0x181/0x370
[ 3015.599438][T26134]  alloc_pages_mpol+0xd1/0x380
[ 3015.599467][T26134]  allocate_slab+0x8a/0x370
[ 3015.599491][T26134]  ___slab_alloc+0x8d1/0xdc0
[ 3015.599530][T26134]  __kmalloc_cache_noprof+0xe6/0x320
[ 3015.599563][T26134]  fib6_net_init+0x1e4/0x970
[ 3015.599663][T26134]  ops_init+0x359/0x5c0
[ 3015.599764][T26134]  setup_net+0x10c/0x320
[ 3015.599797][T26134]  copy_net_ns+0x31b/0x4d0
[ 3015.599830][T26134]  create_new_namespaces+0x3f3/0x720
[ 3015.599860][T26134]  unshare_nsproxy_namespaces+0x11c/0x170
[ 3015.599891][T26134]  ksys_unshare+0x4c8/0x8c0
[ 3015.599931][T26134]  __x64_sys_unshare+0x38/0x50
[ 3015.599968][T26134]  do_syscall_64+0xfa/0x3b0
[ 3015.599989][T26134] page last free pid 12791 tgid 12791 stack trace:
[ 3015.600005][T26134]  __free_frozen_pages+0xb59/0xce0
[ 3015.600043][T26134]  __slab_free+0x2db/0x390
[ 3015.600072][T26134]  qlist_free_all+0x97/0x140
[ 3015.600099][T26134]  kasan_quarantine_reduce+0x148/0x160
[ 3015.600139][T26134]  __kasan_slab_alloc+0x22/0x80
[ 3015.600170][T26134]  __kmalloc_cache_noprof+0x143/0x320
[ 3015.600223][T26134]  gro_cells_destroy+0x35a/0x440
[ 3015.600280][T26134]  ip_tunnel_dev_free+0x19/0x30
[ 3015.600339][T26134]  netdev_run_todo+0xcd4/0xea0
[ 3015.600384][T26134]  ops_undo_list+0x3e1/0x990
[ 3015.600417][T26134]  cleanup_net+0x4cb/0x800
[ 3015.600447][T26134]  process_scheduled_works+0xade/0x17b0
[ 3015.600476][T26134]  worker_thread+0x8a0/0xda0
[ 3015.600503][T26134]  kthread+0x70e/0x8a0
[ 3015.600535][T26134]  ret_from_fork+0x3f9/0x770
[ 3015.600557][T26134]  ret_from_fork_asm+0x1a/0x30
[ 3015.600577][T26134] 
[ 3015.600583][T26134] Memory state around the buggy address:
[ 3015.600595][T26134]  ffff888062db4400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3015.600614][T26134]  ffff888062db4480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3015.600632][T26134] >ffff888062db4500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3015.600644][T26134]                    ^
[ 3015.600657][T26134]  ffff888062db4580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3015.600674][T26134]  ffff888062db4600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3015.600686][T26134] ==================================================================
[ 3015.601357][T27864] Bluetooth: hci3: command tx timeout
[ 3015.601375][T26134] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 3015.601392][T26134] CPU: 1 UID: 0 PID: 26134 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3015.601417][T26134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 3015.601433][T26134] Workqueue: hci0 hci_rx_work
[ 3015.601459][T26134] Call Trace:
[ 3015.601467][T26134]  <TASK>
[ 3015.601476][T26134]  dump_stack_lvl+0x99/0x250
[ 3015.601509][T26134]  ? __asan_memcpy+0x40/0x70
[ 3015.601533][T26134]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3015.601562][T26134]  ? __pfx__printk+0x10/0x10
[ 3015.601590][T26134]  vpanic+0x281/0x750
[ 3015.601621][T26134]  ? preempt_schedule+0xae/0xc0
[ 3015.601650][T26134]  ? __pfx_vpanic+0x10/0x10
[ 3015.601679][T26134]  ? preempt_schedule_common+0x83/0xd0
[ 3015.601709][T26134]  ? preempt_schedule+0xae/0xc0
[ 3015.601738][T26134]  ? __pfx_preempt_schedule+0x10/0x10
[ 3015.601771][T26134]  panic+0xb9/0xc0
[ 3015.601801][T26134]  ? __pfx_panic+0x10/0x10
[ 3015.601834][T26134]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 3015.601871][T26134]  ? l2cap_connect_cfm+0x6e4/0x1040
[ 3015.601904][T26134]  check_panic_on_warn+0x89/0xb0
[ 3015.601927][T26134]  ? l2cap_connect_cfm+0x6e4/0x1040
[ 3015.601959][T26134]  end_report+0x78/0x160
[ 3015.601986][T26134]  kasan_report+0x129/0x150
[ 3015.602015][T26134]  ? l2cap_connect_cfm+0x6e4/0x1040
[ 3015.602053][T26134]  l2cap_connect_cfm+0x6e4/0x1040
[ 3015.602090][T26134]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 3015.602122][T26134]  ? mutex_lock_nested+0x154/0x1d0
[ 3015.602146][T26134]  ? hci_connect_cfm+0x2c/0x140
[ 3015.602175][T26134]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 3015.602237][T26134]  hci_connect_cfm+0x92/0x140
[ 3015.602268][T26134]  le_conn_complete_evt+0xcd3/0x1220
[ 3015.602309][T26134]  ? trace_irq_disable+0x37/0x110
[ 3015.602343][T26134]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 3015.602372][T26134]  ? irqentry_exit+0x74/0x90
[ 3015.602403][T26134]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3015.602436][T26134]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 3015.602470][T26134]  hci_le_conn_complete_evt+0x187/0x450
[ 3015.602505][T26134]  hci_event_packet+0x78f/0x1200
[ 3015.602537][T26134]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 3015.602568][T26134]  ? __pfx_hci_event_packet+0x10/0x10
[ 3015.602593][T26134]  ? __pfx_migrate_enable+0x10/0x10
[ 3015.602621][T26134]  ? __rcu_read_unlock+0x84/0xe0
[ 3015.602644][T26134]  ? hci_send_to_monitor+0xe2/0x570
[ 3015.602677][T26134]  hci_rx_work+0x46a/0xe80
[ 3015.602704][T26134]  ? process_scheduled_works+0x9ef/0x17b0
[ 3015.602731][T26134]  process_scheduled_works+0xade/0x17b0
[ 3015.602775][T26134]  ? __pfx_process_scheduled_works+0x10/0x10
[ 3015.602812][T26134]  worker_thread+0x8a0/0xda0
[ 3015.602843][T26134]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 3015.602881][T26134]  ? __kthread_parkme+0x7b/0x200
[ 3015.602916][T26134]  kthread+0x70e/0x8a0
[ 3015.602951][T26134]  ? __pfx_worker_thread+0x10/0x10
[ 3015.602978][T26134]  ? __pfx_kthread+0x10/0x10
[ 3015.603015][T26134]  ? __pfx_kthread+0x10/0x10
[ 3015.603049][T26134]  ret_from_fork+0x3f9/0x770
[ 3015.603080][T26134]  ? __pfx_ret_from_fork+0x10/0x10
[ 3015.603111][T26134]  ? __switch_to_asm+0x39/0x70
[ 3015.603132][T26134]  ? __switch_to_asm+0x33/0x70
[ 3015.603152][T26134]  ? __pfx_kthread+0x10/0x10
[ 3015.603203][T26134]  ret_from_fork_asm+0x1a/0x30
[ 3015.603232][T26134]  </TASK>
[ 3015.603597][T26134] Kernel Offset: disabled