last executing test programs:

3m9.267057064s ago: executing program 3 (id=4):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x1010, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0xfffffd10, &(0x7f0000000200)=0x2000000000006)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, 0x0, &(0x7f0000000300))
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(0xffffffffffffffff, 0xc03864bc, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000004c00)=""/102392, 0x18ff8)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000001640)=@mangle={'mangle\x00', 0x44, 0x6, 0x408, 0x2a8, 0x98, 0x2a8, 0x130, 0x1f0, 0x370, 0x370, 0x370, 0x370, 0x370, 0x6, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11, 0x0, 0x69}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@ttl={{0x28}, {0x2, 0xa}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@loopback, @empty, 0x0, 0x0, 'syzkaller0\x00', 'dvmrp1\x00', {}, {}, 0x6}, 0x0, 0x70, 0xb8}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1, 0x3, {0x5}}}}, {{@ip={@broadcast, @dev={0xac, 0x14, 0x14, 0x18}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x98, 0xc8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x468)

3m5.557007496s ago: executing program 3 (id=11):
socket(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000700000001000100090000000100", @ANYRES32=0x0, @ANYBLOB], 0x48)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="600000000206010800000000000000000000000005000400000000000900020073797a31000000001400078008001240000000000500140008000000050005000a000000050001000600000011000300686173683a69702c706f7274"], 0x60}}, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c000000090601080000000000000000070000000900020073797a31000000000500010007000000340007801800018014000240fe8000000000000000000000000000bb060004400e1f00cd050007008800000006000540"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xa, &(0x7f0000000000)=@raw=[@map_fd={0x18, 0x2}, @ldst={0x0, 0x3, 0x4, 0x0, 0x63cc52f0dd3656b0, 0xfffffffffffffff4, 0x4}, @cb_func={0x18, 0x4, 0x4, 0x0, 0xfffffffffffffffa}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @ringbuf_query], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0xcc03, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x3004408c)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

2m49.282268139s ago: executing program 32 (id=11):
socket(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000700000001000100090000000100", @ANYRES32=0x0, @ANYBLOB], 0x48)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="600000000206010800000000000000000000000005000400000000000900020073797a31000000001400078008001240000000000500140008000000050005000a000000050001000600000011000300686173683a69702c706f7274"], 0x60}}, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c000000090601080000000000000000070000000900020073797a31000000000500010007000000340007801800018014000240fe8000000000000000000000000000bb060004400e1f00cd050007008800000006000540"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xa, &(0x7f0000000000)=@raw=[@map_fd={0x18, 0x2}, @ldst={0x0, 0x3, 0x4, 0x0, 0x63cc52f0dd3656b0, 0xfffffffffffffff4, 0x4}, @cb_func={0x18, 0x4, 0x4, 0x0, 0xfffffffffffffffa}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @ringbuf_query], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0xcc03, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x3004408c)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

2m35.789546467s ago: executing program 4 (id=52):
r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)
pread64(r0, &(0x7f0000000100)=""/70, 0x46, 0x8002)
r1 = syz_open_dev$vim2m(&(0x7f0000000100), 0x2, 0x2)
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a", 0xa}], 0x1}, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, 0x0)
ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000200)=@mmap={0x1, 0x1, 0x4, 0x1, 0x6, {0x77359400}, {0x1, 0x8, 0x5, 0x9, 0x64, 0x5, ' \x00'}, 0xfffffff7, 0x1, {}, 0x2})
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)

2m28.493358702s ago: executing program 4 (id=61):
epoll_create1(0x0)
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000003c0)={{0x1, 0x1, 0x18, <r3=>r1}, './file0\x00'})
write$vhost_msg(r3, &(0x7f0000000600)={0x1, {&(0x7f0000000480)=""/224, 0xe0, &(0x7f0000000580)=""/127, 0x1}}, 0x48)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$kcm(0x29, 0x5, 0x0)
getsockopt$kcm_KCM_RECV_DISABLE(r5, 0x119, 0x1, 0xffffffffffffffff, 0xfffffffffffffe84)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001000010429bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="2b030000000000002000128008000100677470001400028008000100", @ANYRES32=r7, @ANYBLOB="080002"], 0x40}}, 0x8080)
setsockopt$inet_udp_encap(r7, 0x11, 0x64, &(0x7f0000000040)=0x3, 0x4)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r8, 0xffffffffffffffff, 0x0)

2m26.865831771s ago: executing program 4 (id=65):
r0 = userfaultfd(0x80001)
open(0x0, 0x2a4c0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r1 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
close(0xffffffffffffffff)
execveat$binfmt(0xffffffffffffff9c, r1, 0x0, 0x0, 0x0)
r2 = openat$binfmt(0xffffffffffffff9c, r1, 0x2, 0x0)
close(r2)
execveat$binfmt(0xffffffffffffff9c, r1, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setattr(0x0, 0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYRES32=r4, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="358742"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))

2m26.545920216s ago: executing program 4 (id=66):
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000940)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x0}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f513, &(0x7f00000000c0))
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x5, 0x4, 0x4, 0x7, 0x800, 0xffffffffffffffff, 0x0, '\x00', 0x0, r2, 0x2, 0x1, 0x80000}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000240), 0xfff, r3}, 0x38)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000280)={'team_slave_1\x00', &(0x7f0000000040)=@ethtool_cmd={0x2, 0x6, 0x10, 0x3, 0xe8, 0x3, 0x0, 0x6, 0x1, 0x2, 0xfffffffd, 0x0, 0x200, 0xb, 0x47, 0x3, [0x100, 0xfffffff9]}})
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r4, 0x80000300, 0x0, 0x0)

2m24.524813586s ago: executing program 4 (id=67):
pipe2$9p(0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r0, 0x8800000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmmsg(r6, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r5, r0, 0x0, 0x578410eb)

2m23.491807438s ago: executing program 4 (id=71):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x602, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ae0210000060a0b040000000000000000020000000900010073797a30000000000900020073797a3200000000b42104802800018008000100666962001c000280080001400000001508000240000000030800034000000032882101800a0001006d6174636800000078210280090001006473637000000000041003009153a04709dd3ce609dff7ed79a6b495475de7fb1ab757cefa6702b550641f1bc0f33a205505b2569471224ab9523b742af6a2a799407d48bec685a43c9fa1d84b2263623a39fa7d2373a858b35457216ee91bd3e98f97181b6f0abca47a3e5db91f5a0059d45a24730bddc5915ad5fcd19265f5dfeea8638bc7f3fe0fbefe12776b861bc591b7543536ebd3cf666a7a6366a7bb51f1011cfc40d26ccb7d27cba7e3ba76c82ccf6cf21f62bdb5c1dc9ffb5512c0c7f263fc19577efd96e3f8ea7ac0ac6058e344d8b2260c3f70badd0035a121a24d3926c18cdbc7b4e397d2b9925b54f549aac05575be911f1b0bc0b09114366933dd498a989085f3021f1dd0541a533516d85ac8a617621fa0ad728e5e77147cdcd4b310860e522a3780c8a92fc2e58a97d1bb432ecefbb0c85518da22a1071df27d204aabf65b3fc1aa04a6903a07548b4a2ee8b033821e727959b52528ae4bb4b8a7b9626b898bf1265b92540c67c05b476d1b9d83b7e43343748755e11081fe2394c817fc4e1d5962e929a9a85b66da20a7a100a0fe3ace658286342838271e7ce0765240260d67a0ab7cf8c601743c68f0ab0406e1a3bafa7561bdb08bc2002ad33e1bc80c1cb0dd72b6ac3f7c93bbea95be309848ff5194e98ac171c7495623e773062affd7a1de1a86bc8827c5ea24d4dbe3cfc37eaddf1ffaeabf7cdcbd4795004f18d4caea50c2da08b71c9c5df1f8f15a9abb7a822ba57348d14a6d022c66d9e60bdc2809913e5a0408d0a6c80a29ee8968d0160a54d5374680f0326ff3a2f38eb16288a92680f4be3f78f999a65b12347903a7c2860b80d72bf27fee3d3cf7728fecccf6c737ea08c570b829f19fb19959580332a5bca3f03b088178b2166783a0390748525e347a8f016687b179293a3a47087094d714204c50f5a65868656786453bd9703dcea9978b736118fa03e9fb98da62bfc21965149aeb03d4800c1b0fc3861ef8582e8017b0e5965b4f474af98e9d7785d9434811345b82644e2086239657bd4fa760f5478d8dda0e781da9f1fece3d0b587ded634479b6eb41d01cb63b8ffcd4aac7dea43645098cb48820b2d68a8bc7f0bd301a77e38ec0ee1148d897515e7b152034f532a350470419fff34b4ce2e69173fc26aa1edfeeccb5ca501cb3aedc0d68929a763add304818b220d17e936ad71109f5a8acd6e330f4a3ba6d05c7e0565f9a2b6009574906e30fd5af8d7a685696621c424d8cdc0126bfeb849084fb4feb66d5c6a05333f644367f51025d612d81d581adf3e4a7fc251f967908b2753b674e28a1dc3fd5401999eaa4b8b4322563f758e3402c09d25c6e73868a00be511726cdd5f53271f01e90d2f4f6c9927fae109198af082b2466449916e80060af83eca3780f7b29054fc1845d65bd40d5db892e6fab09bb84ca5ed0ff656fe8885144eed780e1a79645d6fd5af589713567786967376fdccbcf512ccf8667fd7d9cfcacae33ce247e1eaa90d7e9e64705d792fb3e89c638bb0a43fecaec2bfd6d4dfc24eb9442b3cab0858dceca92cdd6f7270f7733817230983187eabbce5544e0c92591069dcfd48a8e5e35f0316d549f31e4986335be22edefecfdb91eb8c35a9e32c20a58b6ca8a8e8f028ee45932956c56083694f62785f69807fa29dd56ebc04d7a47993fb9319f233d3c8ebef5139240a78f1a7bcdb3a985b79b7feb1d2d2868100c31cbba6bb6c776b92fbc6142532e4f4da848d974bec9d93c4927c6f93d11f7206082555ea18ba1867dd774d0d03c981f67e48f6dd507bf36d5fb0f7f7314a2d1c404bf6ec5f7aa61253102ee66dfd9db5562b3b155998378eee2a0b67f284ffd92be2416c9dfca460c4140c6ae310830971d44044140e895388da8fb1e1f8819973f5565fc42cd08f8847b5ab1409da27f8383e666c01cca9e3c95b49c5e5480c036fb504b07127583be1375fb400920c68ce11c6326b0936b468d88956387e8ab3ad821e03a39e0a0af2cc0814850a1f9246b94daaa43b06af1c1c530e390e566dd0fd9a5c7179b6500ef5fe169f9512aca335deb0c28051ce51e903ef34affd8205edc8858123104d6817f4a6ab59de833f27a573a57fab47ea8c71819cfa2809f8d0ff310cc369e76a89c7beb05dbc75da875f41b9454fcb83fc3f87119d8f4a7fe28587abf7469fb5e06d75754ceda96612ee14c81ab1f774928bb3bd50c4c4580448449904c0a6d90b04718d85829b72568b0dfc8caa7bbc52d6a2740845a9c6d06899ea6a5d60e68312a8dcb92d51c09b335fca73df180d5c04988c17e4915c95ae3c1b6a63cd4a40d1e0395c35d8c054c7d1a8d7a73015b0f21a974d84445aa8bad3a0f96db711e2083d4ec4e2166451c20ab2664de0dfc28e46cdc9355c3d4f122a975d67e40e9e9d4a7171258977540619083e5f1a9e0b884726f9721fe54c2bc20fc597370854f74d65780bdfb0e4ec8861131eac73120b20c750d53b3bd800a59c83b53e714151e20506399a82484a8fb0af514f46269eaf6329f1b818e479832572212f1ccd204a0013353c15ba7ae0f163f5f8728876ee763859a950217f55805b16781b99c570a897d5526b93f0e5d86d974d067cec23f3839db7e15c6f3516645a21b8c956a0346a769e90a430d49d57ba0e58ddc45cc5e8f97948bceaae05ecc6ff36e3ca0236416e0fdc71ef46739a588dc8a23366d01288282a2ce2c47609abbb4c80a412ada0bf6894aebcb95d04824836d3c3f0ced848d76cc415eeeb31fe85a68ad68810e5b16d8a93ab23e73131314f585472828d74854e8c147730607a4041fdbf98e933524021bb7e86cb468a001f91ab3fcbf02ba951def880167b1e01688b26802ae6e31bf48982b4e0a332d15ac45f8af06b740a882c94cbf976ff5035343d2e4485c694ede7954c038740830820ac54e9fda53b29ee3ffc1401a15e10772f224844cb88c1059524c52b9301049d1b626ad0a1de235ad4fda9424501d6de2b9c71bff9683f30ae187a662fee2df850783db3a4f671262bdcdbe3e76feec6533999b3926f8c26d1b2b8b7e44b81c2a77752fb15c61414b6884b44412188dd23b0fc52bdfa7ea52aef412075581e1323181ae34a86390d38a713aa6568db497ca0a9fc2a09729023e052ba59fbe1bb13629005871e0338dfb69e5afe8b7211389ddec86644ea065dbd5ed7908001440856d67d77ace8dc9f2f8028fd9be217ceea04be069ffb13d9aaf6645bedd3e6c1e4596033206b06a41a024897416fe81ec10c15f4eb6e9e35acfa48819d6bbd8b6427b695bbe119a9a5019abe58d80f7e11dce5cd56201676a10f22be24601b97f6732d800760d1ab31a87a6a1442667f2068946b24167dda85acfa818b28757d9eb67368124ca8c3d39aab854cab4e32508b62ffcaa0ec071d30c1dc69f855a4c971f35ce290fb8c520ddf2fffd54733401f385d715a04fa9ee5e291579e64f117448a0a9f56edea41539b423e2164b367728171eb2a79e1d5feddb8ce469fa63299a36572c66d4e29cd29b980efabbd49a40e15539fe27f4350e6d8c72db58818a056f08061dcdac3c6fa92ed00a556a5f785d61c5ba585ec240261246fb6089dc25d95736410f2c4ece4e9f268ba7ee2da0acdcdb4062a9b5b4389d699b46a915e80ab33777305760d6498d38b1b46649789f6b7776fa074eb9baaddea834f3a02088f2f2518969d1c2d2416af86abc2ed66397480f3869bd4eb4bc4d8a1f17f8bdc9ee340bb39c3fcac5ac6bf65a3b2148d185609e1f4c76adb3e9d6d47a31c4e20ae29a8e0e81b2ee22ffcd12777fd1e3d8c2de83610418da0d0349cf0a99e20b10680cc3ef2a3e13ae46825c9f172c73df249dff50664a78389603671ece11b2777e3015646bdb9e64da78499c94fe63c12e1a9981006d1a1653b5387231044b9c42978567aca87920851944166747b5e416f259ccc1be44c52a0f033cd6199421c1f19844ca996997b4c7dec56b289fc6708138801557f36e0cbad8c2d1ef86128d10683ccb8e659cefbe7d2523969c4c58539c520644dadf4aa1793622cd21f36ef84069f20add9278ce5b97d43f818a88a430ec39cf1681b080d617af5232086948b351d88d47c2cbbace772fd8580c7fd817658341c8e39b6843ac9cb78aa48f96fb39706622924169ceb6970021b86ce302f81f74ded068018791dfb1a9e44fcff9367c8cbf7b5229b1c1112328bd52cfea6b49f9e72b61ced9358b7e63f404ef2a3d891002cd024be68d268541af228df1873878f964035fd39634b33431ea3dd25ea1dd601a14a8286d73248922b2e3e72e550ad18e9a6c68568bafe85fd985d1fde1fb7368a8415b39b4ff30b2d4688fb6a4b775f57b1dc141ef065ff7f2d6551a1ce8f38c7d0676ad5d11d0dc4c8b375c72d9fcf20fca17ffaf2805a4527620498f76ee08af54f7e4969b2b82b828519f2c3231f0d9732fe574f918d8c0cab45c3b081db6a83c28c54550ff0fe3aaaa5d068cc5e42c6700788c17e30b43f6096ec55a8b551c4c1daaf61557f61c069102872920cf71e99dc256b78913aabe6d6bc9e1471f3a616b43bfb515412c5e0862f4ca417bc9dc48c8bacfec17f25d8286ab13be939757281457d44fe855a20e76b337c3eba4d7c51851088f234ab09b733a279af93215d75268178cf7106d9fd7777cea6363e3b3c24f7f35f22f75d2116d68b91810f70c7f82fe8f0cfdd9d5374759330a6b105f2a4a6777aee3e9cdfb92421c4f6ec5ba554052c78d118b58568736ff4641b679a7b1a9ad1374d1f3e305ebfa810b54e17e46650c1c97ab42e208d33c1817b390cefd2abcec74516d1b3995c9e5b7b7399a0e14bf895af84ac9b42f772a7180fef9b4cc628c1f4ce776eb6c29b5a3a98c230f28633c5fe0490fb39f39d5f796833f781708c5ee5d6f830c64bc999dcc817201d84211b8dbaba63ae062f7a011791a96f2bd7e89e0afe0f03b8d0c35985378a112db6cef0ac205c873f759fcdb04c5cce279df7f50db7eddd6ca0555728d5d1873c0fb064ca8bbe718f703fab9a7b60312fcdbc70aa41b6336f83d8d14a5c4e5783d87c119e11c0b54941be6ea2d97fee5f393fc27165f474a273655529d86af8b16993cd47006738ca71fae415cee097584b2cbe3e9f933e85114ef6a24eccc3bcc60f65b0048eed67a95ee74aa6c2e2fc5e6a168a923de7b3be45a73ec44cd2edd9154030811d3ae8b450278f929a06d0bb160af1366b2a7bbf431e82d5b0b84a8ae1856a95950e75f3880baa83c4c14cdb6b28029d886a1a7e92aee7b19dba39ac0ee40fc9bb53d55950cccb1f56b1ab102dc6c37e6af58970a34c9d6be6a9501a129343db66db61fb9733610e08f841d1f63f879885f53c814a61986fbda23d895e5105263a7fea53beff234e415a2876bba73b7719d2e38326465fc676c1853293acf6c99e6a5b1c119d6dc5f94d28f2fe444a08c30c9e82c730fff846c4dce48360a9eca970b36cb0e1b6aef8f3eaf6049d848ab2d0e85d9348693c406956c94206bba61761e4cb4f7a22d736b012efbd5c86d6db1a8ee8b8cfaf42d6bbd3cc3bf779ff17d1286a7f4ba9d37ac44dcc07a22ff9a54effdf90bbdce3a7b68fb1c3db8059b9db2eefdabaa8fdf04b9981c800b3aae454b696a8c6238efa159316462f56231abc2babf9cbbbc7844978f0e115c5c35317f220c4d4667bf092ba40bfb2636eb152682098b32c38b8bcc2220ee11aa2923976bc262ff5a1f08f2c17cffac082c289929c0aa2958fe080001006f736600080002"], 0x2208}, 0x1, 0x0, 0x0, 0x20000884}, 0x8800)

2m8.030829742s ago: executing program 33 (id=71):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x602, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ae0210000060a0b040000000000000000020000000900010073797a30000000000900020073797a3200000000b42104802800018008000100666962001c000280080001400000001508000240000000030800034000000032882101800a0001006d6174636800000078210280090001006473637000000000041003009153a04709dd3ce609dff7ed79a6b495475de7fb1ab757cefa6702b550641f1bc0f33a205505b2569471224ab9523b742af6a2a799407d48bec685a43c9fa1d84b2263623a39fa7d2373a858b35457216ee91bd3e98f97181b6f0abca47a3e5db91f5a0059d45a24730bddc5915ad5fcd19265f5dfeea8638bc7f3fe0fbefe12776b861bc591b7543536ebd3cf666a7a6366a7bb51f1011cfc40d26ccb7d27cba7e3ba76c82ccf6cf21f62bdb5c1dc9ffb5512c0c7f263fc19577efd96e3f8ea7ac0ac6058e344d8b2260c3f70badd0035a121a24d3926c18cdbc7b4e397d2b9925b54f549aac05575be911f1b0bc0b09114366933dd498a989085f3021f1dd0541a533516d85ac8a617621fa0ad728e5e77147cdcd4b310860e522a3780c8a92fc2e58a97d1bb432ecefbb0c85518da22a1071df27d204aabf65b3fc1aa04a6903a07548b4a2ee8b033821e727959b52528ae4bb4b8a7b9626b898bf1265b92540c67c05b476d1b9d83b7e43343748755e11081fe2394c817fc4e1d5962e929a9a85b66da20a7a100a0fe3ace658286342838271e7ce0765240260d67a0ab7cf8c601743c68f0ab0406e1a3bafa7561bdb08bc2002ad33e1bc80c1cb0dd72b6ac3f7c93bbea95be309848ff5194e98ac171c7495623e773062affd7a1de1a86bc8827c5ea24d4dbe3cfc37eaddf1ffaeabf7cdcbd4795004f18d4caea50c2da08b71c9c5df1f8f15a9abb7a822ba57348d14a6d022c66d9e60bdc2809913e5a0408d0a6c80a29ee8968d0160a54d5374680f0326ff3a2f38eb16288a92680f4be3f78f999a65b12347903a7c2860b80d72bf27fee3d3cf7728fecccf6c737ea08c570b829f19fb19959580332a5bca3f03b088178b2166783a0390748525e347a8f016687b179293a3a47087094d714204c50f5a65868656786453bd9703dcea9978b736118fa03e9fb98da62bfc21965149aeb03d4800c1b0fc3861ef8582e8017b0e5965b4f474af98e9d7785d9434811345b82644e2086239657bd4fa760f5478d8dda0e781da9f1fece3d0b587ded634479b6eb41d01cb63b8ffcd4aac7dea43645098cb48820b2d68a8bc7f0bd301a77e38ec0ee1148d897515e7b152034f532a350470419fff34b4ce2e69173fc26aa1edfeeccb5ca501cb3aedc0d68929a763add304818b220d17e936ad71109f5a8acd6e330f4a3ba6d05c7e0565f9a2b6009574906e30fd5af8d7a685696621c424d8cdc0126bfeb849084fb4feb66d5c6a05333f644367f51025d612d81d581adf3e4a7fc251f967908b2753b674e28a1dc3fd5401999eaa4b8b4322563f758e3402c09d25c6e73868a00be511726cdd5f53271f01e90d2f4f6c9927fae109198af082b2466449916e80060af83eca3780f7b29054fc1845d65bd40d5db892e6fab09bb84ca5ed0ff656fe8885144eed780e1a79645d6fd5af589713567786967376fdccbcf512ccf8667fd7d9cfcacae33ce247e1eaa90d7e9e64705d792fb3e89c638bb0a43fecaec2bfd6d4dfc24eb9442b3cab0858dceca92cdd6f7270f7733817230983187eabbce5544e0c92591069dcfd48a8e5e35f0316d549f31e4986335be22edefecfdb91eb8c35a9e32c20a58b6ca8a8e8f028ee45932956c56083694f62785f69807fa29dd56ebc04d7a47993fb9319f233d3c8ebef5139240a78f1a7bcdb3a985b79b7feb1d2d2868100c31cbba6bb6c776b92fbc6142532e4f4da848d974bec9d93c4927c6f93d11f7206082555ea18ba1867dd774d0d03c981f67e48f6dd507bf36d5fb0f7f7314a2d1c404bf6ec5f7aa61253102ee66dfd9db5562b3b155998378eee2a0b67f284ffd92be2416c9dfca460c4140c6ae310830971d44044140e895388da8fb1e1f8819973f5565fc42cd08f8847b5ab1409da27f8383e666c01cca9e3c95b49c5e5480c036fb504b07127583be1375fb400920c68ce11c6326b0936b468d88956387e8ab3ad821e03a39e0a0af2cc0814850a1f9246b94daaa43b06af1c1c530e390e566dd0fd9a5c7179b6500ef5fe169f9512aca335deb0c28051ce51e903ef34affd8205edc8858123104d6817f4a6ab59de833f27a573a57fab47ea8c71819cfa2809f8d0ff310cc369e76a89c7beb05dbc75da875f41b9454fcb83fc3f87119d8f4a7fe28587abf7469fb5e06d75754ceda96612ee14c81ab1f774928bb3bd50c4c4580448449904c0a6d90b04718d85829b72568b0dfc8caa7bbc52d6a2740845a9c6d06899ea6a5d60e68312a8dcb92d51c09b335fca73df180d5c04988c17e4915c95ae3c1b6a63cd4a40d1e0395c35d8c054c7d1a8d7a73015b0f21a974d84445aa8bad3a0f96db711e2083d4ec4e2166451c20ab2664de0dfc28e46cdc9355c3d4f122a975d67e40e9e9d4a7171258977540619083e5f1a9e0b884726f9721fe54c2bc20fc597370854f74d65780bdfb0e4ec8861131eac73120b20c750d53b3bd800a59c83b53e714151e20506399a82484a8fb0af514f46269eaf6329f1b818e479832572212f1ccd204a0013353c15ba7ae0f163f5f8728876ee763859a950217f55805b16781b99c570a897d5526b93f0e5d86d974d067cec23f3839db7e15c6f3516645a21b8c956a0346a769e90a430d49d57ba0e58ddc45cc5e8f97948bceaae05ecc6ff36e3ca0236416e0fdc71ef46739a588dc8a23366d01288282a2ce2c47609abbb4c80a412ada0bf6894aebcb95d04824836d3c3f0ced848d76cc415eeeb31fe85a68ad68810e5b16d8a93ab23e73131314f585472828d74854e8c147730607a4041fdbf98e933524021bb7e86cb468a001f91ab3fcbf02ba951def880167b1e01688b26802ae6e31bf48982b4e0a332d15ac45f8af06b740a882c94cbf976ff5035343d2e4485c694ede7954c038740830820ac54e9fda53b29ee3ffc1401a15e10772f224844cb88c1059524c52b9301049d1b626ad0a1de235ad4fda9424501d6de2b9c71bff9683f30ae187a662fee2df850783db3a4f671262bdcdbe3e76feec6533999b3926f8c26d1b2b8b7e44b81c2a77752fb15c61414b6884b44412188dd23b0fc52bdfa7ea52aef412075581e1323181ae34a86390d38a713aa6568db497ca0a9fc2a09729023e052ba59fbe1bb13629005871e0338dfb69e5afe8b7211389ddec86644ea065dbd5ed7908001440856d67d77ace8dc9f2f8028fd9be217ceea04be069ffb13d9aaf6645bedd3e6c1e4596033206b06a41a024897416fe81ec10c15f4eb6e9e35acfa48819d6bbd8b6427b695bbe119a9a5019abe58d80f7e11dce5cd56201676a10f22be24601b97f6732d800760d1ab31a87a6a1442667f2068946b24167dda85acfa818b28757d9eb67368124ca8c3d39aab854cab4e32508b62ffcaa0ec071d30c1dc69f855a4c971f35ce290fb8c520ddf2fffd54733401f385d715a04fa9ee5e291579e64f117448a0a9f56edea41539b423e2164b367728171eb2a79e1d5feddb8ce469fa63299a36572c66d4e29cd29b980efabbd49a40e15539fe27f4350e6d8c72db58818a056f08061dcdac3c6fa92ed00a556a5f785d61c5ba585ec240261246fb6089dc25d95736410f2c4ece4e9f268ba7ee2da0acdcdb4062a9b5b4389d699b46a915e80ab33777305760d6498d38b1b46649789f6b7776fa074eb9baaddea834f3a02088f2f2518969d1c2d2416af86abc2ed66397480f3869bd4eb4bc4d8a1f17f8bdc9ee340bb39c3fcac5ac6bf65a3b2148d185609e1f4c76adb3e9d6d47a31c4e20ae29a8e0e81b2ee22ffcd12777fd1e3d8c2de83610418da0d0349cf0a99e20b10680cc3ef2a3e13ae46825c9f172c73df249dff50664a78389603671ece11b2777e3015646bdb9e64da78499c94fe63c12e1a9981006d1a1653b5387231044b9c42978567aca87920851944166747b5e416f259ccc1be44c52a0f033cd6199421c1f19844ca996997b4c7dec56b289fc6708138801557f36e0cbad8c2d1ef86128d10683ccb8e659cefbe7d2523969c4c58539c520644dadf4aa1793622cd21f36ef84069f20add9278ce5b97d43f818a88a430ec39cf1681b080d617af5232086948b351d88d47c2cbbace772fd8580c7fd817658341c8e39b6843ac9cb78aa48f96fb39706622924169ceb6970021b86ce302f81f74ded068018791dfb1a9e44fcff9367c8cbf7b5229b1c1112328bd52cfea6b49f9e72b61ced9358b7e63f404ef2a3d891002cd024be68d268541af228df1873878f964035fd39634b33431ea3dd25ea1dd601a14a8286d73248922b2e3e72e550ad18e9a6c68568bafe85fd985d1fde1fb7368a8415b39b4ff30b2d4688fb6a4b775f57b1dc141ef065ff7f2d6551a1ce8f38c7d0676ad5d11d0dc4c8b375c72d9fcf20fca17ffaf2805a4527620498f76ee08af54f7e4969b2b82b828519f2c3231f0d9732fe574f918d8c0cab45c3b081db6a83c28c54550ff0fe3aaaa5d068cc5e42c6700788c17e30b43f6096ec55a8b551c4c1daaf61557f61c069102872920cf71e99dc256b78913aabe6d6bc9e1471f3a616b43bfb515412c5e0862f4ca417bc9dc48c8bacfec17f25d8286ab13be939757281457d44fe855a20e76b337c3eba4d7c51851088f234ab09b733a279af93215d75268178cf7106d9fd7777cea6363e3b3c24f7f35f22f75d2116d68b91810f70c7f82fe8f0cfdd9d5374759330a6b105f2a4a6777aee3e9cdfb92421c4f6ec5ba554052c78d118b58568736ff4641b679a7b1a9ad1374d1f3e305ebfa810b54e17e46650c1c97ab42e208d33c1817b390cefd2abcec74516d1b3995c9e5b7b7399a0e14bf895af84ac9b42f772a7180fef9b4cc628c1f4ce776eb6c29b5a3a98c230f28633c5fe0490fb39f39d5f796833f781708c5ee5d6f830c64bc999dcc817201d84211b8dbaba63ae062f7a011791a96f2bd7e89e0afe0f03b8d0c35985378a112db6cef0ac205c873f759fcdb04c5cce279df7f50db7eddd6ca0555728d5d1873c0fb064ca8bbe718f703fab9a7b60312fcdbc70aa41b6336f83d8d14a5c4e5783d87c119e11c0b54941be6ea2d97fee5f393fc27165f474a273655529d86af8b16993cd47006738ca71fae415cee097584b2cbe3e9f933e85114ef6a24eccc3bcc60f65b0048eed67a95ee74aa6c2e2fc5e6a168a923de7b3be45a73ec44cd2edd9154030811d3ae8b450278f929a06d0bb160af1366b2a7bbf431e82d5b0b84a8ae1856a95950e75f3880baa83c4c14cdb6b28029d886a1a7e92aee7b19dba39ac0ee40fc9bb53d55950cccb1f56b1ab102dc6c37e6af58970a34c9d6be6a9501a129343db66db61fb9733610e08f841d1f63f879885f53c814a61986fbda23d895e5105263a7fea53beff234e415a2876bba73b7719d2e38326465fc676c1853293acf6c99e6a5b1c119d6dc5f94d28f2fe444a08c30c9e82c730fff846c4dce48360a9eca970b36cb0e1b6aef8f3eaf6049d848ab2d0e85d9348693c406956c94206bba61761e4cb4f7a22d736b012efbd5c86d6db1a8ee8b8cfaf42d6bbd3cc3bf779ff17d1286a7f4ba9d37ac44dcc07a22ff9a54effdf90bbdce3a7b68fb1c3db8059b9db2eefdabaa8fdf04b9981c800b3aae454b696a8c6238efa159316462f56231abc2babf9cbbbc7844978f0e115c5c35317f220c4d4667bf092ba40bfb2636eb152682098b32c38b8bcc2220ee11aa2923976bc262ff5a1f08f2c17cffac082c289929c0aa2958fe080001006f736600080002"], 0x2208}, 0x1, 0x0, 0x0, 0x20000884}, 0x8800)

34.276637082s ago: executing program 1 (id=194):
epoll_create1(0x0)
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$kcm(0x29, 0x5, 0x0)
getsockopt$kcm_KCM_RECV_DISABLE(r4, 0x119, 0x1, 0xffffffffffffffff, 0xfffffffffffffe84)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000001000010429bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="2b030000000000002000128008000100677470001400028008000100", @ANYRES32=r6, @ANYBLOB="080002"], 0x40}}, 0x8080)
setsockopt$inet_udp_encap(r6, 0x11, 0x64, &(0x7f0000000040)=0x3, 0x4)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r7, 0xffffffffffffffff, 0x0)

31.47896361s ago: executing program 1 (id=199):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000340), 0x2)
r4 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x1)
ftruncate(r4, 0xffff)
fcntl$addseals(r4, 0x409, 0x7)
r5 = ioctl$UDMABUF_CREATE(r3, 0x40187542, &(0x7f0000000000)={r4, 0x2000000, 0x0, 0x10000})
ioctl$DMA_BUF_IOCTL_SYNC(r5, 0x40086200, 0x0)
ioctl$SOUND_MIXER_READ_RECSRC(0xffffffffffffffff, 0x80044dff, 0x0)
r6 = gettid()
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
write$rfkill(r7, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb80393884d01a507, 0x4008032, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x0, 0xfffffffffffffffb, 0x4a, 0x0, @buffer={0x0, 0x7b, &(0x7f0000000040)=""/123}, &(0x7f00000000c0)="5e8c857c28fdaae6633e77e352ed6d09d01661348c6f954610e97de0984f4413a1d50ec3d6da3b0f1a5efa5d9b3e5f57dea91111e218e02fe636dfd690aceb0307992c8dc2207aa9cd02", &(0x7f0000000480)=""/237, 0xc5d0, 0x1, 0xffffffffffffffff, &(0x7f0000000140)})

28.811493663s ago: executing program 1 (id=201):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000009c0)="ad56b6c5820fae9d6dcd3292ea54c7be8bbdadbb1632ea5704cae881ef915d374c90c200", 0x24)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmsg$RDMA_NLDEV_CMD_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[], 0x38}}, 0x0)
recvmsg(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001240)=""/47, 0x2f}], 0x1}, 0x10002)

28.086222664s ago: executing program 1 (id=204):
r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)
pread64(r0, &(0x7f0000000100)=""/70, 0x46, 0x8002)
r1 = syz_open_dev$vim2m(&(0x7f0000000100), 0x2, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a", 0xa}], 0x1}, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, 0x0)
ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000200)=@mmap={0x1, 0x1, 0x4, 0x1, 0x6, {0x77359400}, {0x1, 0x8, 0x5, 0x9, 0x64, 0x5, ' \x00'}, 0xfffffff7, 0x1, {}, 0x2})
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)

22.16832606s ago: executing program 1 (id=211):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r0 = openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2000, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x401, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
prlimit64(r1, 0xc, &(0x7f0000000180)={0x8, 0x6}, &(0x7f0000000f80))
sendmsg$nl_route_sched(r4, 0x0, 0x880)
connect$inet(0xffffffffffffffff, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)
ioctl$SNDCTL_SEQ_GETOUTCOUNT(r0, 0x80045104, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001000), 0x2, 0x0)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300)={<r7=>0xffffffffffffffff}, 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r6, &(0x7f0000000340)={0x15, 0x110, 0xfa00, {r7, 0x0, 0x30, 0x30, 0x0, @in6={0x1b, 0x4000, 0x0, @loopback, 0xbff}, @ib={0x1b, 0x38e, 0x0, {}, 0x0, 0x3ffffffc, 0x8}}}, 0x118)
write$RDMA_USER_CM_CMD_QUERY(r6, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f0000000480), r7, 0x2}}, 0x18)
write$RDMA_USER_CM_CMD_CONNECT(r5, &(0x7f0000001040)={0x6, 0x118, 0xfa00, {{0x7, 0x57f8, "669c45f4ec60bff12e4890888348296a0a1e79424ddda61b15bedab068d4ea1bb7bef7630c4a8e9755efff90f85c12750a5c4382919d84bfb58ed40af09511a3ec419547f797e60d32f10039f2db430d25f4fea3d1e0897c2b3334a3c9f727c945624aea27468fdde417e1e04fa3543c78d48a143d6af22a0c0268d1945a52ed7674e8623452f77b4796af87978f3b3b932f01ec257b2b25b1351d303e2b1abc2ace4b273a65553c1d237f736aaf4e8bf19a7bf47aaeab957c75fe6567b10ddbedb89eb8ef4bd839198b4cc36c21cef7bb472031fd7a7c689e1e80b4855bf525b0cd689f3e6cf9c921da8a855fa8efbf4bbc5c82491fd490489e5b07a288b5d8", 0xfc, 0x8, 0x80, 0x80, 0x21, 0x6, 0x0, 0x1}, r7}}, 0x120)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001c000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000015010000033800001d13fcff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48)

20.503115168s ago: executing program 1 (id=212):
r0 = userfaultfd(0x80001)
open(0x0, 0x2a4c0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r1 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
close(0xffffffffffffffff)
execveat$binfmt(0xffffffffffffff9c, r1, 0x0, 0x0, 0x0)
r2 = openat$binfmt(0xffffffffffffff9c, r1, 0x2, 0x0)
close(r2)
execveat$binfmt(0xffffffffffffff9c, r1, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setattr(0x0, 0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d0020070000", @ANYRES32=r4, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="358742"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))

12.127013242s ago: executing program 2 (id=224):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000340), 0x2)
r4 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x1)
ftruncate(r4, 0xffff)
fcntl$addseals(r4, 0x409, 0x7)
r5 = ioctl$UDMABUF_CREATE(r3, 0x40187542, &(0x7f0000000000)={r4, 0x2000000, 0x0, 0x10000})
ioctl$DMA_BUF_IOCTL_SYNC(r5, 0x40086200, 0x0)
ioctl$SOUND_MIXER_READ_RECSRC(0xffffffffffffffff, 0x80044dff, 0x0)
r6 = gettid()
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
write$rfkill(r7, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb80393884d01a507, 0x4008032, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x0, 0xfffffffffffffffb, 0x4a, 0x0, @buffer={0x0, 0x7b, &(0x7f0000000040)=""/123}, &(0x7f00000000c0)="5e8c857c28fdaae6633e77e352ed6d09d01661348c6f954610e97de0984f4413a1d50ec3d6da3b0f1a5efa5d9b3e5f57dea91111e218e02fe636dfd690aceb0307992c8dc2207aa9cd02", &(0x7f0000000480)=""/237, 0xc5d0, 0x1, 0xffffffffffffffff, &(0x7f0000000140)})

10.921976872s ago: executing program 2 (id=225):
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000940)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r2, 0x8008f513, &(0x7f00000000c0))
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x5, 0x4, 0x4, 0x7, 0x800, 0xffffffffffffffff, 0x0, '\x00', 0x0, r3, 0x2, 0x1, 0x80000}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000240), 0xfff, r4}, 0x38)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000280)={'team_slave_1\x00', &(0x7f0000000040)=@ethtool_cmd={0x2, 0x6, 0x10, 0x3, 0xe8, 0x3, 0x0, 0x6, 0x1, 0x2, 0xfffffffd, 0x0, 0x200, 0xb, 0x47, 0x3, [0x100, 0xfffffff9]}})
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r5, 0x80000300, 0x0, 0x0)

9.360674168s ago: executing program 2 (id=226):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r5 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r5, r4, 0x0, 0x3a)

8.20079968s ago: executing program 2 (id=227):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x1010, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0xfffffd10, &(0x7f0000000200)=0x2000000000006)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, 0x0, &(0x7f0000000300))
ioctl$DRM_IOCTL_MODE_ATOMIC(0xffffffffffffffff, 0xc03864bc, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000004c00)=""/102392, 0x18ff8)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000001640)=@mangle={'mangle\x00', 0x44, 0x6, 0x408, 0x2a8, 0x98, 0x2a8, 0x130, 0x1f0, 0x370, 0x370, 0x370, 0x370, 0x370, 0x6, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11, 0x0, 0x69}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@ttl={{0x28}, {0x2, 0xa}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@loopback, @empty, 0x0, 0x0, 'syzkaller0\x00', 'dvmrp1\x00', {}, {}, 0x6}, 0x0, 0x70, 0xb8}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1, 0x3, {0x5}}}}, {{@ip={@broadcast, @dev={0xac, 0x14, 0x14, 0x18}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x98, 0xc8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x468)
r3 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f00000001c0)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f00000007c0)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000ffff00000000000000bd0000000000000000000000e4ec01000000004000000000fc00000000000000000000000000013da51fd47aa2e2f700000000000000000000000000000000000000000000000000000000000000060000000000000000050000000a004e200e8a34c38f"], 0x310)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x60, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0x3}, {0xffff, 0xffff}, {0x4, 0xffe0}}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xd, 0x5, 0x8, 0x800, 0x0, 0x1aa2, 0xc, 0x1}}, {0x6, 0x2, [0x8]}}]}, @qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x60}, 0x1, 0x0, 0x0, 0x1d4}, 0x8840)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008801}, 0x1)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2b, &(0x7f00000005c0)={0x1, {{0xa, 0x4e20, 0x0, @mcast1}}, {{0xa, 0x0, 0x94, @empty}}}, 0x108)

7.400156196s ago: executing program 0 (id=228):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$unix(r1, &(0x7f00000004c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = socket$inet(0x2, 0x3, 0x9)
pipe2$watch_queue(&(0x7f0000000480), 0x80)
shutdown(r2, 0x0)
recvmmsg(r2, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x6, 0x0, 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r4, 0xc018643a, &(0x7f0000000140)={0x4000000})
ioctl$DRM_IOCTL_WAIT_VBLANK(r4, 0xc018643a, &(0x7f0000000000)={0x4000000, 0xd, 0x1})
pread64(r4, &(0x7f0000000180)=""/244, 0x20, 0x100000000)
r5 = fsmount(r3, 0x0, 0x0)
r6 = openat$cgroup_subtree(r5, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000040)={[{0x2b, 'cpuset'}]}, 0x8)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_clone(0x8a140600, &(0x7f00000001c0)="07b5e42d30226aba87697ce3ff665d7cb4bdf0381b74230609ad5a0c5b8a9d5c2f3277994317083b76b0aedef0afef4267cf265f61c257cdf6b2b4f80e41dc603103f166f30d40ea85dfe1e8e66067ed6f2943db878e74532cf26a3f8ca5", 0x5e, &(0x7f0000000240), &(0x7f0000000340), &(0x7f0000000380)="646a21c1314836dab1375dc5370b85967842427f74c7fdda0fb7ef9233f6099289037fa8ede14a0147")
sendmsg$nl_xfrm(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001100)={&(0x7f0000000a00)=@newsa={0x19c, 0x10, 0x1, 0x0, 0x0, {{@in=@private=0xa010101, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x64}, {@in, 0x0, 0x32}, @in=@dev={0xac, 0x14, 0x14, 0x36}, {0x0, 0x100, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xe3}, {0xfffffffffffffffd, 0x4, 0x8000000, 0x100000000}, {0x0, 0x0, 0x2}, 0x0, 0x0, 0xa, 0x0, 0x0, 0xcd}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @replay_esn_val={0x1c, 0x17, {0x0, 0x70bd27, 0x0, 0x70bd2a, 0x70bd28}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}}}]}, 0x19c}}, 0x0)
syz_open_dev$dmmidi(&(0x7f0000000300), 0x6, 0x70202)
socket$nl_route(0x10, 0x3, 0x0)
openat$audio(0xffffffffffffff9c, 0x0, 0x80802, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)

5.597848298s ago: executing program 0 (id=229):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000009c0)="ad56b6c5820fae9d6dcd3292ea54c7be8bbdadbb1632ea5704cae881ef915d37", 0x20)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000c00)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@assoc={0x18, 0x117, 0x4, 0x10}], 0x18, 0x40040}], 0x1, 0x8040)
sendmsg$RDMA_NLDEV_CMD_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[], 0x38}}, 0x0)
recvmsg(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001240)=""/47, 0x2f}, {&(0x7f0000000080)=""/177, 0xb1}], 0x2}, 0x10002)

5.477809596s ago: executing program 0 (id=230):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x1010, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0xfffffd10, &(0x7f0000000200)=0x2000000000006)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x1)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000dc0)={0x0, &(0x7f0000000200)})
ioctl$DRM_IOCTL_MODE_ATOMIC(0xffffffffffffffff, 0xc03864bc, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000004c00)=""/102392, 0x18ff8)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000001640)=@mangle={'mangle\x00', 0x44, 0x6, 0x408, 0x2a8, 0x98, 0x2a8, 0x130, 0x1f0, 0x370, 0x370, 0x370, 0x370, 0x370, 0x6, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11, 0x0, 0x69}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@ttl={{0x28}, {0x2, 0xa}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@loopback, @empty, 0x0, 0x0, 'syzkaller0\x00', 'dvmrp1\x00', {}, {}, 0x6}, 0x0, 0x70, 0xb8}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1, 0x3, {0x5}}}}, {{@ip={@broadcast, @dev={0xac, 0x14, 0x14, 0x18}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x98, 0xc8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x468)
r3 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f00000001c0)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f00000007c0)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000ffff00000000000000bd0000000000000000000000e4ec01000000004000000000fc00000000000000000000000000013da51fd47aa2e2f700000000000000000000000000000000000000000000000000000000000000060000000000000000050000000a004e200e8a34c38f"], 0x310)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x60, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0x3}, {0xffff, 0xffff}, {0x4, 0xffe0}}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xd, 0x5, 0x8, 0x800, 0x0, 0x1aa2, 0xc, 0x1}}, {0x6, 0x2, [0x8]}}]}, @qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x60}, 0x1, 0x0, 0x0, 0x1d4}, 0x8840)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008801}, 0x1)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2b, &(0x7f00000005c0)={0x1, {{0xa, 0x4e20, 0x0, @mcast1}}, {{0xa, 0x0, 0x94, @empty}}}, 0x108)

5.387276036s ago: executing program 34 (id=212):
r0 = userfaultfd(0x80001)
open(0x0, 0x2a4c0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r1 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
close(0xffffffffffffffff)
execveat$binfmt(0xffffffffffffff9c, r1, 0x0, 0x0, 0x0)
r2 = openat$binfmt(0xffffffffffffff9c, r1, 0x2, 0x0)
close(r2)
execveat$binfmt(0xffffffffffffff9c, r1, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setattr(0x0, 0x0, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d0020070000", @ANYRES32=r4, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="358742"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))

3.400218362s ago: executing program 2 (id=232):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x181100)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0xa2003, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x20004, <r3=>r1})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet(0x2, 0x1, 0x0)
r8 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r8, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r3})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000100))

3.361142375s ago: executing program 0 (id=233):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x181100)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0xa2003, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x20004, <r3=>r1})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet(0x2, 0x1, 0x0)
r8 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r8, 0xc00c642e, &(0x7f00000000c0)={<r9=>0x0, 0x0, r3})
ioctl$DRM_IOCTL_GEM_FLINK(r8, 0xc008640a, &(0x7f0000000300)={r9, <r10=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000100)={r10})

1.440769319s ago: executing program 0 (id=234):
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r0 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r0)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000040)={0x1, r0})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r3=>0x0})
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000300)={0x90000011})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xc0002000})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r2)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x2c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x2c}}, 0x30020880)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)

1.435731137s ago: executing program 2 (id=235):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000340), 0x2)
r4 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x1)
ftruncate(r4, 0xffff)
fcntl$addseals(r4, 0x409, 0x7)
r5 = ioctl$UDMABUF_CREATE(r3, 0x40187542, &(0x7f0000000000)={r4, 0x2000000, 0x0, 0x10000})
ioctl$DMA_BUF_IOCTL_SYNC(r5, 0x40086200, 0x0)
ioctl$SOUND_MIXER_READ_RECSRC(0xffffffffffffffff, 0x80044dff, 0x0)
r6 = gettid()
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
write$rfkill(r7, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb80393884d01a507, 0x4008032, 0xffffffffffffffff, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000380)={0x0, 0xfffffffffffffffb, 0x4a, 0x0, @buffer={0x0, 0x7b, &(0x7f0000000040)=""/123}, &(0x7f00000000c0)="5e8c857c28fdaae6633e77e352ed6d09d01661348c6f954610e97de0984f4413a1d50ec3d6da3b0f1a5efa5d9b3e5f57dea91111e218e02fe636dfd690aceb0307992c8dc2207aa9cd02", &(0x7f0000000480)=""/237, 0xc5d0, 0x1, 0xffffffffffffffff, &(0x7f0000000140)})

0s ago: executing program 0 (id=236):
r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)
r1 = syz_open_dev$vim2m(&(0x7f0000000100), 0x2, 0x2)
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a", 0xa}], 0x1}, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, 0x0)
ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000200)=@mmap={0x1, 0x1, 0x4, 0x1, 0x6, {0x77359400}, {0x1, 0x8, 0x5, 0x9, 0x64, 0x5, ' \x00'}, 0xfffffff7, 0x1, {}, 0x2})
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.178' (ED25519) to the list of known hosts.
[   91.773845][ T5781] cgroup: Unknown subsys name 'net'
[   92.013810][ T5781] cgroup: Unknown subsys name 'cpuset'
[   92.068372][ T5781] cgroup: Unknown subsys name 'rlimit'
[   92.331868][   T31] cfg80211: failed to load regulatory.db
Setting up swapspace version 1, size = 127995904 bytes
[   94.064767][ T5781] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   96.661724][ T5112] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   96.673110][ T5112] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   96.674123][ T5112] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   96.675167][ T5112] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   96.676986][ T5112] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   96.679556][ T5112] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   96.680799][ T5112] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   96.681165][ T5112] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   96.683150][ T5112] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   96.733127][ T5806] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   96.738589][ T5112] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   96.746245][ T5112] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   96.747454][ T5112] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   96.758694][ T5112] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   96.759535][ T5112] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   96.760884][ T5112] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   96.761787][ T5112] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   96.821517][ T5806] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   96.826688][ T5806] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   96.857189][ T5806] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   96.895593][ T5809] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   96.898219][ T5809] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   96.901624][ T5809] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   96.903008][ T5809] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   96.903994][ T5809] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   97.892720][ T5802] chnl_net:caif_netlink_parms(): no params data found
[   97.907749][ T5796] chnl_net:caif_netlink_parms(): no params data found
[   97.987303][ T5797] chnl_net:caif_netlink_parms(): no params data found
[   98.379628][ T5800] chnl_net:caif_netlink_parms(): no params data found
[   98.396483][ T5807] chnl_net:caif_netlink_parms(): no params data found
[   98.720333][ T5798] Bluetooth: hci0: command tx timeout
[   98.799697][ T5798] Bluetooth: hci3: command tx timeout
[   98.877897][ T5798] Bluetooth: hci1: command tx timeout
[   98.957946][ T5798] Bluetooth: hci2: command tx timeout
[   98.959617][ T5798] Bluetooth: hci4: command tx timeout
[   99.042368][ T5802] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.042478][ T5802] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.042898][ T5802] bridge_slave_0: entered allmulticast mode
[   99.045784][ T5802] bridge_slave_0: entered promiscuous mode
[   99.056612][ T5796] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.057714][ T5796] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.058284][ T5796] bridge_slave_0: entered allmulticast mode
[   99.062185][ T5796] bridge_slave_0: entered promiscuous mode
[   99.181176][ T5802] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.181313][ T5802] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.181530][ T5802] bridge_slave_1: entered allmulticast mode
[   99.184673][ T5802] bridge_slave_1: entered promiscuous mode
[   99.197858][ T5796] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.198012][ T5796] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.198287][ T5796] bridge_slave_1: entered allmulticast mode
[   99.201586][ T5796] bridge_slave_1: entered promiscuous mode
[   99.217224][ T5797] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.217376][ T5797] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.218938][ T5797] bridge_slave_0: entered allmulticast mode
[   99.222182][ T5797] bridge_slave_0: entered promiscuous mode
[   99.445664][ T5797] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.445796][ T5797] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.445974][ T5797] bridge_slave_1: entered allmulticast mode
[   99.448822][ T5797] bridge_slave_1: entered promiscuous mode
[   99.802847][ T5802] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   99.806679][ T5796] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.014439][ T5802] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.017005][ T5796] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.017309][ T5800] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.017456][ T5800] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.020400][ T5800] bridge_slave_0: entered allmulticast mode
[  100.023619][ T5800] bridge_slave_0: entered promiscuous mode
[  100.032240][ T5797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.033721][ T5807] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.033870][ T5807] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.034106][ T5807] bridge_slave_0: entered allmulticast mode
[  100.037215][ T5807] bridge_slave_0: entered promiscuous mode
[  100.199947][ T5800] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.200086][ T5800] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.200309][ T5800] bridge_slave_1: entered allmulticast mode
[  100.202564][ T5800] bridge_slave_1: entered promiscuous mode
[  100.207063][ T5797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.207306][ T5807] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.207424][ T5807] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.209685][ T5807] bridge_slave_1: entered allmulticast mode
[  100.213354][ T5807] bridge_slave_1: entered promiscuous mode
[  100.730940][ T5802] team0: Port device team_slave_0 added
[  100.733157][ T5796] team0: Port device team_slave_0 added
[  100.797904][ T5798] Bluetooth: hci0: command tx timeout
[  100.877708][ T5798] Bluetooth: hci3: command tx timeout
[  100.931110][ T5802] team0: Port device team_slave_1 added
[  100.933272][ T5796] team0: Port device team_slave_1 added
[  100.936421][ T5800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.958581][ T5798] Bluetooth: hci1: command tx timeout
[  100.959959][ T5797] team0: Port device team_slave_0 added
[  100.963707][ T5807] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  101.037798][ T5798] Bluetooth: hci2: command tx timeout
[  101.037814][ T5809] Bluetooth: hci4: command tx timeout
[  101.151590][ T5800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  101.153744][ T5797] team0: Port device team_slave_1 added
[  101.156977][ T5807] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  101.509830][ T5802] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.509846][ T5802] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  101.509866][ T5802] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.750400][ T5796] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.750420][ T5796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  101.750445][ T5796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.049707][ T5802] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.049726][ T5802] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.049753][ T5802] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.054613][ T5796] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.054628][ T5796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.054648][ T5796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.057017][ T5800] team0: Port device team_slave_0 added
[  102.061928][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.061948][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.061979][ T5797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.084627][ T5807] team0: Port device team_slave_0 added
[  102.104835][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.104857][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.104888][ T5797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.116644][ T5807] team0: Port device team_slave_1 added
[  102.301335][ T5800] team0: Port device team_slave_1 added
[  102.649480][ T5807] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.649499][ T5807] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.649527][ T5807] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.878776][ T5798] Bluetooth: hci0: command tx timeout
[  102.935507][ T5802] hsr_slave_0: entered promiscuous mode
[  102.936711][ T5802] hsr_slave_1: entered promiscuous mode
[  102.940253][ T5807] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.940272][ T5807] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.940304][ T5807] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.942689][ T5800] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.942704][ T5800] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.942736][ T5800] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.957640][ T5798] Bluetooth: hci3: command tx timeout
[  103.039037][ T5798] Bluetooth: hci1: command tx timeout
[  103.117928][ T5809] Bluetooth: hci2: command tx timeout
[  103.118040][ T5798] Bluetooth: hci4: command tx timeout
[  103.138719][ T5796] hsr_slave_0: entered promiscuous mode
[  103.139811][ T5796] hsr_slave_1: entered promiscuous mode
[  103.140675][ T5796] debugfs: 'hsr0' already exists in 'hsr'
[  103.140771][ T5796] Cannot create hsr debugfs directory
[  103.161303][ T5800] batman_adv: batadv0: Adding interface: batadv_slave_1
[  103.161326][ T5800] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  103.161357][ T5800] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  103.174493][ T5797] hsr_slave_0: entered promiscuous mode
[  103.176090][ T5797] hsr_slave_1: entered promiscuous mode
[  103.177345][ T5797] debugfs: 'hsr0' already exists in 'hsr'
[  103.177374][ T5797] Cannot create hsr debugfs directory
[  103.863290][ T5807] hsr_slave_0: entered promiscuous mode
[  103.864266][ T5807] hsr_slave_1: entered promiscuous mode
[  103.864932][ T5807] debugfs: 'hsr0' already exists in 'hsr'
[  103.864952][ T5807] Cannot create hsr debugfs directory
[  104.091919][ T5800] hsr_slave_0: entered promiscuous mode
[  104.092945][ T5800] hsr_slave_1: entered promiscuous mode
[  104.093635][ T5800] debugfs: 'hsr0' already exists in 'hsr'
[  104.093653][ T5800] Cannot create hsr debugfs directory
[  104.957751][ T5798] Bluetooth: hci0: command tx timeout
[  105.047978][ T5798] Bluetooth: hci3: command tx timeout
[  105.129159][ T5798] Bluetooth: hci1: command tx timeout
[  105.198633][ T5809] Bluetooth: hci2: command tx timeout
[  105.198687][ T5798] Bluetooth: hci4: command tx timeout
[  105.224860][ T5802] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  105.270505][ T5802] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  105.303584][ T5802] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  105.359907][ T5802] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  105.495738][ T5796] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  105.536728][ T5796] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  105.575111][ T5796] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  105.640142][ T5796] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  105.777117][ T5797] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  105.812569][ T5797] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  105.844929][ T5797] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  105.904537][ T5797] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  106.065194][ T5807] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  106.114301][ T5807] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  106.154607][ T5807] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  106.204327][ T5807] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  106.291669][ T5802] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.373772][ T5800] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  106.410434][ T5800] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  106.450787][ T5800] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  106.500607][ T5800] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  106.535210][ T5802] 8021q: adding VLAN 0 to HW filter on device team0
[  106.576930][  T986] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.579133][  T986] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.602905][ T5796] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.634848][ T1495] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.635097][ T1495] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.732293][ T5796] 8021q: adding VLAN 0 to HW filter on device team0
[  106.770048][ T1495] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.770196][ T1495] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.805735][ T5797] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.830497][ T1495] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.830742][ T1495] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.912780][ T5797] 8021q: adding VLAN 0 to HW filter on device team0
[  106.969954][ T2213] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.970409][ T2213] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.002006][ T5807] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.025519][  T986] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.025663][  T986] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.145719][ T5807] 8021q: adding VLAN 0 to HW filter on device team0
[  107.216840][ T5800] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.225008][ T2213] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.225228][ T2213] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.283775][ T2213] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.283923][ T2213] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.396222][ T5800] 8021q: adding VLAN 0 to HW filter on device team0
[  107.451520][ T1495] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.451679][ T1495] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.476457][ T5802] 8021q: adding VLAN 0 to HW filter on device batadv0
[  107.562906][ T3575] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.563133][ T3575] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.723724][ T5796] 8021q: adding VLAN 0 to HW filter on device batadv0
[  107.929798][ T5797] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.064596][ T5796] veth0_vlan: entered promiscuous mode
[  108.140389][ T5796] veth1_vlan: entered promiscuous mode
[  108.259251][ T5797] veth0_vlan: entered promiscuous mode
[  108.302052][ T5807] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.316879][ T5797] veth1_vlan: entered promiscuous mode
[  108.388877][ T5796] veth0_macvtap: entered promiscuous mode
[  108.425413][ T5796] veth1_macvtap: entered promiscuous mode
[  108.467406][ T5802] veth0_vlan: entered promiscuous mode
[  108.494777][ T5800] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.515055][ T5796] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.542535][ T5802] veth1_vlan: entered promiscuous mode
[  108.544327][ T5797] veth0_macvtap: entered promiscuous mode
[  108.569988][ T5796] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.590457][ T5797] veth1_macvtap: entered promiscuous mode
[  108.605454][ T5807] veth0_vlan: entered promiscuous mode
[  108.616673][   T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.632645][   T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.636593][   T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.662216][   T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.689963][ T5807] veth1_vlan: entered promiscuous mode
[  108.751510][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.785234][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.902471][   T69] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.905655][ T5802] veth0_macvtap: entered promiscuous mode
[  108.939633][   T69] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.945642][   T69] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.948438][ T5800] veth0_vlan: entered promiscuous mode
[  108.967126][   T69] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.995074][ T5802] veth1_macvtap: entered promiscuous mode
[  109.110163][ T5800] veth1_vlan: entered promiscuous mode
[  109.116044][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.116072][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.176522][ T5807] veth0_macvtap: entered promiscuous mode
[  109.249133][ T5807] veth1_macvtap: entered promiscuous mode
[  109.257178][ T5802] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.316334][ T5802] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.336427][ T3575] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.336445][ T3575] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.393781][   T69] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.407120][   T69] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.411122][ T5807] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.413618][   T69] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.423912][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.423939][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.456374][  T986] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.499484][ T5807] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.583817][ T5800] veth0_macvtap: entered promiscuous mode
[  109.606022][ T2137] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.619863][ T2137] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.658177][ T2137] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.659055][ T3575] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.659075][ T3575] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.664797][ T5800] veth1_macvtap: entered promiscuous mode
[  109.698356][ T2137] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.032532][ T5800] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.834185][ T5915] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  110.834215][ T5915] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  110.941916][ T5800] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.942904][ T2213] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.942924][ T2213] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.982873][ T5915] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  110.982899][ T5915] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  111.033175][ T1495] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.034550][ T1495] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.035581][ T1495] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.069172][ T1495] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.164780][ T5915] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  111.164806][ T5915] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  111.266023][ T5915] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  111.266046][ T5915] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  111.381787][ T5915] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  111.381813][ T5915] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  111.781787][ T2137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.781812][ T2137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.946977][ T1495] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.947003][ T1495] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.018191][ T5842] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  112.078399][  T166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.078420][  T166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.248344][ T5842] usb 3-1: Using ep0 maxpacket: 32
[  112.261091][ T5842] usb 3-1: config 0 interface 0 has no altsetting 0
[  112.272555][ T5842] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  112.272588][ T5842] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.272610][ T5842] usb 3-1: Product: syz
[  112.272626][ T5842] usb 3-1: Manufacturer: syz
[  112.272642][ T5842] usb 3-1: SerialNumber: syz
[  112.324544][ T1973] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.324571][ T1973] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.374997][ T5842] usb 3-1: config 0 descriptor??
[  112.526722][ T3575] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.526745][ T3575] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.600720][ T5842] gs_usb 3-1:0.0: Couldn't send data format (err=-71)
[  112.600767][ T5842] gs_usb 3-1:0.0: probe with driver gs_usb failed with error -71
[  112.680867][ T5842] usb 3-1: USB disconnect, device number 2
[  113.367578][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  113.367629][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  113.367667][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  113.367704][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  113.367741][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  113.367778][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  113.367814][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  113.367851][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  113.367888][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  113.367925][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  115.786726][ T5954] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  115.927771][   T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  116.128335][   T10] usb 5-1: Using ep0 maxpacket: 8
[  116.181743][   T10] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  116.181797][   T10] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  116.181814][   T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  116.181831][   T10] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  116.181855][   T10] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  116.181886][   T10] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  116.181902][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.488366][   T10] usb 5-1: usb_control_msg returned -32
[  116.488423][   T10] usbtmc 5-1:16.0: can't read capabilities
[  116.859625][ T5949] usbtmc 5-1:16.0: control status returned 0
[  122.922673][ T5991] usb 5-1: USB disconnect, device number 2
[  123.103964][ T6007] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  136.938927][ T5809] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  136.961283][ T5809] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  137.867283][ T5809] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  137.901050][ T5809] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  137.919334][ T5809] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  138.005024][ T5798] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  138.146848][ T5798] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  138.165940][ T5798] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  138.194932][ T5798] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  138.212179][ T5798] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  138.442385][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  138.443140][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  138.838102][ T6091] netlink: 72 bytes leftover after parsing attributes in process `syz.0.36'.
[  140.330397][ T5809] Bluetooth: hci5: command tx timeout
[  141.224820][ T6082] chnl_net:caif_netlink_parms(): no params data found
[  142.613980][ T5809] Bluetooth: hci5: command tx timeout
[  144.561236][ T6136] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  144.561320][ T6136] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[  144.639621][ T5809] Bluetooth: hci5: command tx timeout
[  146.540710][ T6082] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.547167][ T6082] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.550631][ T6082] bridge_slave_0: entered allmulticast mode
[  146.572526][ T6082] bridge_slave_0: entered promiscuous mode
[  146.580726][ T6082] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.584973][ T6082] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.585276][ T6082] bridge_slave_1: entered allmulticast mode
[  146.599071][ T6082] bridge_slave_1: entered promiscuous mode
[  148.933218][ T6082] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  148.975526][ T6082] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  153.374557][ T6176] syz.0.59 (6176) used greatest stack depth: 18136 bytes left
[  153.916375][ T6082] team0: Port device team_slave_0 added
[  153.924136][ T6082] team0: Port device team_slave_1 added
[  158.214744][ T1495] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.940613][ T1495] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.979068][ T6223] netlink: 4436 bytes leftover after parsing attributes in process `syz.4.71'.
[  160.039473][ T6223] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  160.052566][ T6082] batman_adv: batadv0: Adding interface: batadv_slave_0
[  160.052588][ T6082] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  160.052621][ T6082] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  160.118811][ T6082] batman_adv: batadv0: Adding interface: batadv_slave_1
[  160.118826][ T6082] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  160.118847][ T6082] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  160.592323][ T6229] lo speed is unknown, defaulting to 1000
[  160.596460][ T6229] lo speed is unknown, defaulting to 1000
[  160.604053][ T6229] lo speed is unknown, defaulting to 1000
[  160.615905][ T6229] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  160.629790][ T6229] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  160.781655][ T6229] lo speed is unknown, defaulting to 1000
[  160.783840][ T6229] lo speed is unknown, defaulting to 1000
[  160.785855][ T6229] lo speed is unknown, defaulting to 1000
[  160.789142][ T6229] lo speed is unknown, defaulting to 1000
[  160.791264][ T6229] lo speed is unknown, defaulting to 1000
[  160.793394][ T6229] lo speed is unknown, defaulting to 1000
[  162.971745][ T1495] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.009721][ T6250] Device name cannot be null; rc = [-22]
[  170.115273][ T1495] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  170.234369][ T6082] hsr_slave_0: entered promiscuous mode
[  170.236672][ T6082] hsr_slave_1: entered promiscuous mode
[  170.261575][ T6082] debugfs: 'hsr0' already exists in 'hsr'
[  170.261607][ T6082] Cannot create hsr debugfs directory
[  172.977214][ T6298] netlink: 'syz.0.89': attribute type 10 has an invalid length.
[  174.801417][ T6298] 8021q: adding VLAN 0 to HW filter on device team0
[  174.823627][ T6298] bond0: (slave team0): Enslaving as an active interface with an up link
[  175.103837][ T5798] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  175.122253][ T5798] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  175.135028][ T5798] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  175.138971][ T5798] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  175.140698][ T5798] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  175.178103][ T5809] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  175.179215][ T5809] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  175.180345][ T5809] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  175.181534][ T5809] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  175.182252][ T5809] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  177.433430][ T5798] Bluetooth: hci2: command tx timeout
[  177.704050][ T1495] bridge_slave_1: left allmulticast mode
[  177.704144][ T1495] bridge_slave_1: left promiscuous mode
[  177.704668][ T1495] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.972265][ T1495] bridge_slave_0: left allmulticast mode
[  178.972301][ T1495] bridge_slave_0: left promiscuous mode
[  178.972586][ T1495] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.786795][ T5809] Bluetooth: hci2: command tx timeout
[  180.488459][ T6332] binder: 6331:6332 ioctl 80089418 2000000000c0 returned -22
[  180.505785][ T6332] binder: 6331:6332 ioctl 81f8943c 0 returned -22
[  180.508321][ T6332] binder: 6331:6332 ioctl c0c89425 2000000005c0 returned -22
[  180.660484][ T6333] netlink: 8 bytes leftover after parsing attributes in process `syz.2.97'.
[  180.725594][   T37] audit: type=1326 audit(1765157526.038:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6331 comm="syz.2.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde020ef749 code=0x7ffc0000
[  180.725693][   T37] audit: type=1326 audit(1765157526.038:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6331 comm="syz.2.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fde020ef749 code=0x7ffc0000
[  180.725821][   T37] audit: type=1326 audit(1765157526.038:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6331 comm="syz.2.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde020ef749 code=0x7ffc0000
[  180.725955][   T37] audit: type=1326 audit(1765157526.038:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6331 comm="syz.2.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde020edf90 code=0x7ffc0000
[  180.726041][   T37] audit: type=1326 audit(1765157526.038:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6331 comm="syz.2.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fde020f0f77 code=0x7ffc0000
[  180.726120][   T37] audit: type=1326 audit(1765157526.038:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6331 comm="syz.2.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde020ef749 code=0x7ffc0000
[  180.726345][   T37] audit: type=1326 audit(1765157526.038:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6331 comm="syz.2.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fde020f0f77 code=0x7ffc0000
[  180.726544][   T37] audit: type=1326 audit(1765157526.038:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6331 comm="syz.2.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fde020ee3aa code=0x7ffc0000
[  180.726624][   T37] audit: type=1326 audit(1765157526.038:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6331 comm="syz.2.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde020ef749 code=0x7ffc0000
[  180.726756][   T37] audit: type=1326 audit(1765157526.038:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6331 comm="syz.2.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde020edf90 code=0x7ffc0000
[  181.867772][ T5798] Bluetooth: hci2: command tx timeout
[  182.378125][ T6336] netlink: 36 bytes leftover after parsing attributes in process `syz.2.98'.
[  184.050718][ T5809] Bluetooth: hci2: command tx timeout
[  185.701412][ T1495] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  185.762334][ T1495] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  185.800451][ T1495] bond0 (unregistering): Released all slaves
[  188.872007][ T6311] lo speed is unknown, defaulting to 1000
[  191.470440][ T6082] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  192.830911][ T6397] netlink: 36 bytes leftover after parsing attributes in process `syz.2.112'.
[  194.257999][ T6082] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  197.088885][ T5798] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  197.114783][ T5798] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  197.115988][ T5798] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  197.178525][ T5798] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  197.179517][ T5798] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  197.708006][ T1495] hsr_slave_0: left promiscuous mode
[  197.797720][ T1495] hsr_slave_1: left promiscuous mode
[  197.816136][ T1495] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  197.816309][ T1495] batman_adv: batadv0: Removing interface: batadv_slave_0
[  197.859866][ T1495] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  197.859898][ T1495] batman_adv: batadv0: Removing interface: batadv_slave_1
[  198.083880][ T1495] veth1_macvtap: left promiscuous mode
[  198.084145][ T1495] veth0_macvtap: left promiscuous mode
[  198.084443][ T1495] veth1_vlan: left promiscuous mode
[  198.084765][ T1495] veth0_vlan: left promiscuous mode
[  198.838112][ T6444] Zero length message leads to an empty skb
[  199.278974][ T5798] Bluetooth: hci3: command tx timeout
[  199.845161][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  199.845244][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  201.580693][ T5798] Bluetooth: hci3: command tx timeout
[  204.244281][ T5798] Bluetooth: hci3: command tx timeout
[  204.315886][ T6462] netlink: 36 bytes leftover after parsing attributes in process `syz.0.124'.
[  205.218460][ T1495] team0 (unregistering): Port device team_slave_1 removed
[  205.306566][ T6469] netlink: 4436 bytes leftover after parsing attributes in process `syz.1.126'.
[  205.306625][ T6469] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  205.460303][ T1495] team0 (unregistering): Port device team_slave_0 removed
[  206.429208][ T5798] Bluetooth: hci3: command tx timeout
[  211.643350][ T6500] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns
[  211.643492][ T6500] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  212.004761][ T6417] lo speed is unknown, defaulting to 1000
[  212.385658][ T6311] chnl_net:caif_netlink_parms(): no params data found
[  213.641181][ T6311] bridge0: port 1(bridge_slave_0) entered blocking state
[  213.641525][ T6311] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.641685][ T6311] bridge_slave_0: entered allmulticast mode
[  213.643554][ T6311] bridge_slave_0: entered promiscuous mode
[  213.826466][ T6311] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.841727][ T6311] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.846585][ T6311] bridge_slave_1: entered allmulticast mode
[  213.871146][ T6311] bridge_slave_1: entered promiscuous mode
[  214.794814][ T6535] Device name cannot be null; rc = [-22]
[  215.562954][ T5991] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  215.714349][ T6311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  215.737658][ T5991] usb 3-1: Using ep0 maxpacket: 8
[  215.740417][ T5991] usb 3-1: unable to get BOS descriptor or descriptor too short
[  215.744868][ T5991] usb 3-1: config 140 has an invalid descriptor of length 0, skipping remainder of the config
[  215.744887][ T5991] usb 3-1: config 140 has 1 interface, different from the descriptor's value: 2
[  215.756367][ T5991] usb 3-1: New USB device found, idVendor=1039, idProduct=2101, bcdDevice=25.81
[  215.756405][ T5991] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.756441][ T5991] usb 3-1: Product: syz
[  215.756459][ T5991] usb 3-1: Manufacturer: syz
[  215.756477][ T5991] usb 3-1: SerialNumber: syz
[  219.040491][ T6311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  219.502998][ T5991] usb 3-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2101) Rev (0X2581): Eagle I
[  219.541840][ T6417] chnl_net:caif_netlink_parms(): no params data found
[  219.922898][ T6546] netlink: 4436 bytes leftover after parsing attributes in process `syz.2.140'.
[  219.927179][ T6546] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  220.890930][ T6311] team0: Port device team_slave_0 added
[  220.912673][ T6311] team0: Port device team_slave_1 added
[  221.418516][ T5991] usb 3-1: [ueagle-atm] pre-firmware device, uploading firmware
[  221.418592][ T5991] usb 3-1: [ueagle-atm] loading firmware ueagle-atm/eagleI.fw
[  221.423004][   T10] usb 3-1: Direct firmware load for ueagle-atm/eagleI.fw failed with error -2
[  221.423027][   T10] usb 3-1: Falling back to sysfs fallback for: ueagle-atm/eagleI.fw
[  222.373683][ T5991] usb 3-1: USB disconnect, device number 3
[  227.138765][ T6311] batman_adv: batadv0: Adding interface: batadv_slave_0
[  227.138785][ T6311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  227.138814][ T6311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  227.251914][ T6311] batman_adv: batadv0: Adding interface: batadv_slave_1
[  227.251935][ T6311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  227.251964][ T6311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  228.825687][ T6587] binder: 6586:6587 ioctl 80089418 2000000000c0 returned -22
[  228.838176][ T6587] binder: 6586:6587 ioctl 81f8943c 2000000003c0 returned -22
[  228.838433][ T6587] binder: 6586:6587 ioctl c0c89425 0 returned -22
[  228.905709][   T37] kauditd_printk_skb: 19 callbacks suppressed
[  228.905763][   T37] audit: type=1326 audit(1765157574.288:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f466d61f749 code=0x7ffc0000
[  228.906298][   T37] audit: type=1326 audit(1765157574.288:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f466d61f749 code=0x7ffc0000
[  228.907407][   T37] audit: type=1326 audit(1765157574.288:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f466d61f749 code=0x7ffc0000
[  229.016464][   T37] audit: type=1326 audit(1765157574.298:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f466d61f749 code=0x7ffc0000
[  229.016575][   T37] audit: type=1326 audit(1765157574.298:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f466d61df90 code=0x7ffc0000
[  229.016707][   T37] audit: type=1326 audit(1765157574.328:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f466d620f77 code=0x7ffc0000
[  229.016848][   T37] audit: type=1326 audit(1765157574.328:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f466d61f749 code=0x7ffc0000
[  229.016982][   T37] audit: type=1326 audit(1765157574.338:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f466d620f77 code=0x7ffc0000
[  229.017032][   T37] audit: type=1326 audit(1765157574.338:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f466d61e3aa code=0x7ffc0000
[  229.017162][   T37] audit: type=1326 audit(1765157574.338:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6586 comm="syz.1.148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f466d61f749 code=0x7ffc0000
[  229.045982][ T6588] netlink: 8 bytes leftover after parsing attributes in process `syz.1.148'.
[  230.386973][ T6590] binder: 6589:6590 ioctl 80089418 2000000000c0 returned -22
[  230.387708][ T6590] binder: 6589:6590 ioctl 81f8943c 2000000003c0 returned -22
[  230.388158][ T6590] binder: 6589:6590 ioctl c0c89425 0 returned -22
[  230.596129][ T6593] netlink: 8 bytes leftover after parsing attributes in process `syz.0.150'.
[  232.250733][ T6597] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  232.250788][ T6597] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  232.613331][ T6597] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  232.613358][ T6597] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  232.669173][ T6417] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.669701][ T6417] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.669945][ T6417] bridge_slave_0: entered allmulticast mode
[  232.676811][ T6417] bridge_slave_0: entered promiscuous mode
[  233.004017][ T6417] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.004159][ T6417] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.004366][ T6417] bridge_slave_1: entered allmulticast mode
[  233.028157][ T6417] bridge_slave_1: entered promiscuous mode
[  233.071707][ T6311] hsr_slave_0: entered promiscuous mode
[  233.082427][ T6311] hsr_slave_1: entered promiscuous mode
[  233.167976][ T6311] debugfs: 'hsr0' already exists in 'hsr'
[  233.168011][ T6311] Cannot create hsr debugfs directory
[  236.374493][ T6417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  236.451537][ T6417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  236.862120][ T5809] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  236.865652][ T5809] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  236.894594][ T5809] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  236.895993][ T5809] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  236.897230][ T5809] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  236.929875][ T5798] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  236.930381][ T5798] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  236.930897][ T5798] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  236.932446][ T5798] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  237.088233][ T5798] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  238.221275][ T6641] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  238.560126][ T6417] team0: Port device team_slave_0 added
[  238.566378][ T6417] team0: Port device team_slave_1 added
[  238.848961][ T6638] lo speed is unknown, defaulting to 1000
[  239.277745][ T5798] Bluetooth: hci5: command tx timeout
[  241.420579][ T5798] Bluetooth: hci5: command tx timeout
[  241.490578][ T1495] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.750089][ T6417] batman_adv: batadv0: Adding interface: batadv_slave_0
[  242.750117][ T6417] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  242.750148][ T6417] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  242.946433][ T6677] Device name cannot be null; rc = [-22]
[  243.684997][ T5809] Bluetooth: hci5: command tx timeout
[  243.705013][ T6417] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.705032][ T6417] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  243.705072][ T6417] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.641889][ T1495] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.654412][ T5928] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  244.817574][ T5928] usb 2-1: Using ep0 maxpacket: 8
[  244.820868][ T5928] usb 2-1: unable to get BOS descriptor or descriptor too short
[  244.822005][ T5928] usb 2-1: config 140 has an invalid descriptor of length 0, skipping remainder of the config
[  244.822023][ T5928] usb 2-1: config 140 has 1 interface, different from the descriptor's value: 2
[  244.844637][ T5928] usb 2-1: New USB device found, idVendor=1039, idProduct=2101, bcdDevice=25.81
[  244.844661][ T5928] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.844675][ T5928] usb 2-1: Product: syz
[  244.844686][ T5928] usb 2-1: Manufacturer: syz
[  244.844697][ T5928] usb 2-1: SerialNumber: syz
[  244.998500][ T6692] netlink: 4436 bytes leftover after parsing attributes in process `syz.2.170'.
[  244.998583][ T6692] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  245.757797][ T5809] Bluetooth: hci5: command tx timeout
[  247.894652][    C1] wlan0: beacon TX faster than countdown (channel/color switch) completion
[  250.744550][ T1495] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.744754][ T5928] usb 2-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2101) Rev (0X2581): Eagle I
[  251.609211][ T6417] hsr_slave_0: entered promiscuous mode
[  251.630418][ T6417] hsr_slave_1: entered promiscuous mode
[  251.631448][ T6417] debugfs: 'hsr0' already exists in 'hsr'
[  251.631474][ T6417] Cannot create hsr debugfs directory
[  252.008487][ T5928] usb 2-1: [ueagle-atm] pre-firmware device, uploading firmware
[  252.008596][ T5928] usb 2-1: [ueagle-atm] loading firmware ueagle-atm/eagleI.fw
[  252.434460][ T5928] usb 2-1: USB disconnect, device number 2
[  253.165945][ T6707] netlink: 4436 bytes leftover after parsing attributes in process `syz.2.174'.
[  253.167420][ T6707] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  253.443171][ T1495] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.420554][ T5798] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  259.463984][ T5798] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  259.467765][ T5798] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  259.490209][ T5798] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  259.491188][ T5798] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  259.951653][ T6748] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  259.951747][ T6748] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[  261.286242][ T1318] ieee802154 phy0 wpan0: encryption failed: -22
[  261.286320][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[  261.497069][ T6733] lo speed is unknown, defaulting to 1000
[  261.530214][ T6748] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  261.530240][ T6748] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  261.629445][ T1495] bridge_slave_1: left allmulticast mode
[  261.629477][ T1495] bridge_slave_1: left promiscuous mode
[  261.629757][ T1495] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.709278][ T1495] bridge_slave_0: left allmulticast mode
[  261.709310][ T1495] bridge_slave_0: left promiscuous mode
[  261.709583][ T1495] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.938259][ T1495] bridge_slave_1: left allmulticast mode
[  261.938293][ T1495] bridge_slave_1: left promiscuous mode
[  261.938537][ T1495] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.021600][ T1495] bridge_slave_0: left allmulticast mode
[  262.021633][ T1495] bridge_slave_0: left promiscuous mode
[  262.021902][ T1495] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.216307][ T6773] netlink: 'syz.2.186': attribute type 10 has an invalid length.
[  265.538204][ T1495] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  265.615603][ T1495] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  265.674729][ T1495] bond0 (unregistering): Released all slaves
[  267.338223][ T1495] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  267.399491][ T1495] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  267.421342][ T1495] bond0 (unregistering): Released all slaves
[  267.468328][ T6638] chnl_net:caif_netlink_parms(): no params data found
[  267.795925][ T6773] 8021q: adding VLAN 0 to HW filter on device team0
[  267.830767][ T6773] bond0: (slave team0): Enslaving as an active interface with an up link
[  268.023969][ T6773] syz.2.186 (6773) used greatest stack depth: 17528 bytes left
[  270.855805][ T6817] Device name cannot be null; rc = [-22]
[  272.811589][ T6827] siw: device registration error -23
[  278.841022][ T6638] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.841177][ T6638] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.841357][ T6638] bridge_slave_0: entered allmulticast mode
[  278.871101][ T6638] bridge_slave_0: entered promiscuous mode
[  278.896175][ T6874] netlink: 4436 bytes leftover after parsing attributes in process `syz.2.210'.
[  278.896536][ T6874] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  279.039025][ T1495] hsr_slave_0: left promiscuous mode
[  279.077691][ T1495] hsr_slave_1: left promiscuous mode
[  279.083069][ T1495] batman_adv: batadv0: Removing interface: batadv_slave_0
[  279.128715][ T1495] batman_adv: batadv0: Removing interface: batadv_slave_1
[  279.317634][ T1495] hsr_slave_0: left promiscuous mode
[  279.347550][ T1495] hsr_slave_1: left promiscuous mode
[  279.349215][ T1495] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  279.349390][ T1495] batman_adv: batadv0: Removing interface: batadv_slave_0
[  279.401352][ T1495] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  279.401382][ T1495] batman_adv: batadv0: Removing interface: batadv_slave_1
[  279.733594][ T1495] veth1_macvtap: left promiscuous mode
[  279.733710][ T1495] veth0_macvtap: left promiscuous mode
[  279.733890][ T1495] veth1_vlan: left promiscuous mode
[  279.734014][ T1495] veth0_vlan: left promiscuous mode
[  282.758613][ T6900] siw: device registration error -23
[  284.208669][ T1495] team0 (unregistering): Port device team_slave_1 removed
[  284.338581][ T1495] team0 (unregistering): Port device team_slave_0 removed
[  286.917589][  T805] usb 2-1: [UEAGLE-ATM] firmware is not available
[  286.928238][   T10] usb 3-1: [UEAGLE-ATM] firmware is not available
[  288.898872][ T6933] siw: device registration error -23
[  294.593215][ T1495] team0 (unregistering): Port device team_slave_1 removed
[  294.930353][ T1495] team0 (unregistering): Port device team_slave_0 removed
[  295.142267][ T6961] netlink: 72 bytes leftover after parsing attributes in process `syz.0.228'.
[  296.133044][ T5809] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  296.173422][ T5809] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  296.187105][ T5809] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  296.195878][ T5809] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  296.196651][ T5809] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  296.231630][ T5798] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  296.233529][ T5798] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  296.234096][ T5798] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  296.235618][ T5798] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  296.236537][ T5798] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  297.290746][ T5798] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  297.293466][ T5798] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  297.318857][ T5798] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  297.320844][ T5798] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  297.341854][ T5798] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  298.317777][ T5798] Bluetooth: hci3: command tx timeout
[  298.649573][ T6638] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.650428][ T6638] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.650619][ T6638] bridge_slave_1: entered allmulticast mode
[  298.652543][ T6638] bridge_slave_1: entered promiscuous mode
[  300.298027][ T5798] Bluetooth: hci6: command tx timeout
[  300.730140][ T5798] Bluetooth: hci3: command tx timeout
[  300.907629][ T6971] lo speed is unknown, defaulting to 1000
[  301.348966][ T6982] lo speed is unknown, defaulting to 1000
[  302.010859][ T7006] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  302.010887][ T7006] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  302.331161][ T7006] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  302.331197][ T7006] Bluetooth: hci6: Error when powering off device on rfkill (-4)
[  302.331511][    C0] ------------[ cut here ]------------
[  302.331522][    C0] workqueue: cannot queue hci_cmd_timeout on wq hci6
[  302.331568][    C0] WARNING: kernel/workqueue.c:2252 at 0x0, CPU#0: ktimers/0/16
[  302.331600][    C0] Modules linked in:
[  302.331639][    C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  302.331671][    C0] Tainted: [L]=SOFTLOCKUP
[  302.331679][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  302.331697][    C0] RIP: 0010:__queue_work+0xd88/0xff0
[  302.331728][    C0] Code: 83 c5 18 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 39 3a 98 00 49 8b 75 00 49 81 c7 68 01 00 00 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d e9 40 d8
[  302.331748][    C0] RSP: 0018:ffffc900001577f0 EFLAGS: 00010082
[  302.331767][    C0] RAX: 1ffff1100badc153 RBX: 0000000000000008 RCX: ffff88801b6ddac0
[  302.331784][    C0] RDX: ffff888027fa4968 RSI: ffffffff89cc8ed0 RDI: ffffffff8edd4360
[  302.331801][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000100
[  302.331815][    C0] R10: dffffc0000000000 R11: ffffffff818aa600 R12: dffffc0000000000
[  302.331832][    C0] R13: ffff88805d6e0a98 R14: ffffffff8edd4360 R15: ffff888027fa4968
[  302.331850][    C0] FS:  0000000000000000(0000) GS:ffff888126d12000(0000) knlGS:0000000000000000
[  302.331869][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  302.331885][    C0] CR2: 00007f0765311878 CR3: 000000003329c000 CR4: 00000000003526f0
[  302.331904][    C0] Call Trace:
[  302.331922][    C0]  <TASK>
[  302.331947][    C0]  call_timer_fn+0x16e/0x590
[  302.331984][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  302.332014][    C0]  ? call_timer_fn+0xbe/0x590
[  302.332049][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  302.332096][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  302.332125][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  302.332157][    C0]  __run_timer_base+0x709/0x970
[  302.332215][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  302.332267][    C0]  run_timer_softirq+0xb7/0x180
[  302.332302][    C0]  handle_softirqs+0x226/0x6d0
[  302.332343][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  302.332383][    C0]  run_ktimerd+0xcf/0x190
[  302.332414][    C0]  ? __pfx_run_ktimerd+0x10/0x10
[  302.332443][    C0]  ? schedule+0x91/0x360
[  302.332479][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  302.332508][    C0]  smpboot_thread_fn+0x542/0xa60
[  302.332540][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  302.332580][    C0]  kthread+0x711/0x8a0
[  302.332618][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  302.332647][    C0]  ? __pfx_kthread+0x10/0x10
[  302.332677][    C0]  ? rt_spin_unlock+0x150/0x200
[  302.332706][    C0]  ? rt_spin_unlock+0x161/0x200
[  302.332726][    C0]  ? __pfx_kthread+0x10/0x10
[  302.332761][    C0]  ret_from_fork+0x599/0xb30
[  302.332790][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  302.332829][    C0]  ? __switch_to_asm+0x39/0x70
[  302.332862][    C0]  ? __switch_to_asm+0x33/0x70
[  302.332894][    C0]  ? __pfx_kthread+0x10/0x10
[  302.332928][    C0]  ret_from_fork_asm+0x1a/0x30
[  302.332983][    C0]  </TASK>
[  302.333001][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  302.333020][    C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  302.333052][    C0] Tainted: [L]=SOFTLOCKUP
[  302.333060][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  302.333073][    C0] Call Trace:
[  302.333082][    C0]  <TASK>
[  302.333091][    C0]  dump_stack_lvl+0x99/0x250
[  302.333123][    C0]  ? __asan_memcpy+0x40/0x70
[  302.333154][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  302.333192][    C0]  ? __pfx__printk+0x10/0x10
[  302.333231][    C0]  vpanic+0x237/0x6d0
[  302.333264][    C0]  ? __pfx_vpanic+0x10/0x10
[  302.333294][    C0]  ? is_bpf_text_address+0x292/0x2b0
[  302.333324][    C0]  ? is_bpf_text_address+0x26/0x2b0
[  302.333365][    C0]  panic+0xb9/0xc0
[  302.333397][    C0]  ? __pfx_panic+0x10/0x10
[  302.333440][    C0]  ? ret_from_fork_asm+0x1a/0x30
[  302.333482][    C0]  __warn+0x317/0x4b0
[  302.333522][    C0]  __report_bug+0x288/0x500
[  302.333562][    C0]  ? __pfx___report_bug+0x10/0x10
[  302.333589][    C0]  ? __pfx_hci_cmd_timeout+0x10/0x10
[  302.333631][    C0]  ? __lock_acquire+0x6b6/0x2cf0
[  302.333667][    C0]  report_bug_entry+0x16a/0x220
[  302.333696][    C0]  ? __queue_work+0xd88/0xff0
[  302.333723][    C0]  ? __queue_work+0xd8d/0xff0
[  302.333750][    C0]  handle_bug+0xca/0x200
[  302.333785][    C0]  exc_invalid_op+0x1a/0x50
[  302.333819][    C0]  asm_exc_invalid_op+0x1a/0x20
[  302.333841][    C0] RIP: 0010:__queue_work+0xd88/0xff0
[  302.333869][    C0] Code: 83 c5 18 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 39 3a 98 00 49 8b 75 00 49 81 c7 68 01 00 00 4c 89 f7 4c 89 fa <67> 48 0f b9 3a 48 83 c4 58 5b 41 5c 41 5d 41 5e 41 5f 5d e9 40 d8
[  302.333888][    C0] RSP: 0018:ffffc900001577f0 EFLAGS: 00010082
[  302.333907][    C0] RAX: 1ffff1100badc153 RBX: 0000000000000008 RCX: ffff88801b6ddac0
[  302.333924][    C0] RDX: ffff888027fa4968 RSI: ffffffff89cc8ed0 RDI: ffffffff8edd4360
[  302.333942][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000100
[  302.333956][    C0] R10: dffffc0000000000 R11: ffffffff818aa600 R12: dffffc0000000000
[  302.333974][    C0] R13: ffff88805d6e0a98 R14: ffffffff8edd4360 R15: ffff888027fa4968
[  302.333998][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  302.334032][    C0]  ? __pfx_hci_cmd_timeout+0x10/0x10
[  302.334081][    C0]  call_timer_fn+0x16e/0x590
[  302.334116][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  302.334145][    C0]  ? call_timer_fn+0xbe/0x590
[  302.334186][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  302.334233][    C0]  ? do_raw_spin_unlock+0x122/0x240
[  302.334261][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  302.334293][    C0]  __run_timer_base+0x709/0x970
[  302.334344][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  302.334397][    C0]  run_timer_softirq+0xb7/0x180
[  302.334431][    C0]  handle_softirqs+0x226/0x6d0
[  302.334476][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  302.334517][    C0]  run_ktimerd+0xcf/0x190
[  302.334548][    C0]  ? __pfx_run_ktimerd+0x10/0x10
[  302.334576][    C0]  ? schedule+0x91/0x360
[  302.334612][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  302.334640][    C0]  smpboot_thread_fn+0x542/0xa60
[  302.334672][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  302.334713][    C0]  kthread+0x711/0x8a0
[  302.334750][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  302.334780][    C0]  ? __pfx_kthread+0x10/0x10
[  302.334810][    C0]  ? rt_spin_unlock+0x150/0x200
[  302.334838][    C0]  ? rt_spin_unlock+0x161/0x200
[  302.334859][    C0]  ? __pfx_kthread+0x10/0x10
[  302.334894][    C0]  ret_from_fork+0x599/0xb30
[  302.334923][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  302.334962][    C0]  ? __switch_to_asm+0x39/0x70
[  302.334994][    C0]  ? __switch_to_asm+0x33/0x70
[  302.335027][    C0]  ? __pfx_kthread+0x10/0x10
[  302.335062][    C0]  ret_from_fork_asm+0x1a/0x30
[  302.335117][    C0]  </TASK>
[  302.335454][    C0] Kernel Offset: disabled