last executing test programs:

32m39.351995766s ago: executing program 32 (id=207):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000340)=ANY=[@ANYRES32=r3, @ANYRES32=r2, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x4003e80, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)

30m41.585027162s ago: executing program 33 (id=803):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040), 0xc)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r0, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x10000, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
r2 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7278, 0x0, 0x2, 0x156}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
ioctl$sock_SIOCDELRT(r0, 0x890c, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x26c8, 0x0, 0x1, 0x0, 0x10)

29m49.140798403s ago: executing program 34 (id=938):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f00000001c0)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0x200000}, 0x1c)
listen(r1, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff810500000000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000fff5dd000000100001000b0808004149004001040800", 0x58}], 0x1)

28m41.444907488s ago: executing program 35 (id=1222):
socket$l2tp(0x2, 0x2, 0x73)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
pipe(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$nl_netfilter(0x10, 0x3, 0xc)
write(r1, &(0x7f0000000340), 0x11000)
socket$nl_netfilter(0x10, 0x3, 0xc)
io_setup(0x3ff, &(0x7f0000000500)=<r2=>0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x200000000000, 0x3, 0xfffffffffffffffd, 0x0, 0x4, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f00000002c0)={0x3fd, 0x0, 0x0, 0x9, 0x0, 0x7f, 0x7ffeffff}, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

28m22.752370534s ago: executing program 36 (id=1274):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
msgget(0x0, 0x40)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)

25m4.667743353s ago: executing program 3 (id=1722):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x11, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3}, [@ldst={0x1, 0x3, 0x3, 0x9, 0xa, 0x30}]}, &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x28}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x200000006, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f}, 0x94)

25m4.403936161s ago: executing program 3 (id=1724):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x42, 0x2, 0x2}, 0x10)
sendmsg$tipc(r3, &(0x7f0000002340)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0}, 0x0)

25m2.967224549s ago: executing program 3 (id=1727):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r3, &(0x7f00000004c0)={0x293, 0x7d, 0x0, {{0x500, 0xf0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, ' nodev{cvfox\x92\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\xce\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05\xf7\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x12, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3\x13\xf6\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x232)

25m0.824974098s ago: executing program 3 (id=1731):
recvmsg$can_j1939(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000008c0)=[{0x0}, {0x0}], 0x2}, 0x2000)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000340)=ANY=[@ANYBLOB="f0000000100013070000000000000000fc020000000000000000000000000000fe8000000000000000000000000000100004000000000000000000202c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe"], 0xf0}, 0x1, 0xe}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

25m0.60170593s ago: executing program 3 (id=1733):
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket(0x840000000002, 0x3, 0xff)
connect$inet(r2, &(0x7f0000000540)={0x2, 0x4e22, @remote}, 0x10)
sendmmsg$inet(r2, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94)

24m58.235113324s ago: executing program 3 (id=1739):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000440)=0x400, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000400)={'batadv_slave_1\x00', <r3=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)
bind$xdp(r0, &(0x7f0000000240)={0x2c, 0x1, r3, 0x1000000, r1}, 0x10)

24m47.293036889s ago: executing program 37 (id=1728):
socket$inet_smc(0x2b, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$alg(0x26, 0x5, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$packet(0x11, 0x2, 0x300)
socket$kcm(0x2, 0x200000000000001, 0x106)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000008000f00fc00000018000180140002006e657464657673696d300000000000000800060000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES64=r2], 0x5c}, 0x1, 0x0, 0x0, 0x4000800}, 0x88010)

24m43.112132213s ago: executing program 38 (id=1739):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000440)=0x400, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000400)={'batadv_slave_1\x00', <r3=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)
bind$xdp(r0, &(0x7f0000000240)={0x2c, 0x1, r3, 0x1000000, r1}, 0x10)

22m13.560965606s ago: executing program 9 (id=2020):
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x23}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)

22m10.499835275s ago: executing program 9 (id=2025):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xb423, 0x0, 0x5, 0x199}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x3, r2, 0x0, 0x0, 0x0, 0x80800})
io_uring_enter(r3, 0x3516, 0x3e44, 0x8, 0x0, 0x0)

22m6.397583496s ago: executing program 9 (id=2031):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1)
r1 = dup(r0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000004c0)={0x0, 0x4}, 0x8)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r1, &(0x7f0000000280)={0x16, 0x98, 0xfa00, {0x0, 0x4, 0xffffffffffffffff, 0x30, 0x0, @in={0x2, 0x4e22, @multicast1}}}, 0xa0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000040)={0x8, 0x2, 0x9fb, 0x2}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0xffffffffffffff03, 0xfa00, {0x2, 0x0, 0x13f, 0x1}}, 0xfed7)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f00000001c0)={0x2, 0x4, 0x3, 0x6}, 0x10)
write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {0x0}}, 0x18)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x111, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f0000000200)={0x13, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, 0x1}}, 0x18)

22m6.21102891s ago: executing program 9 (id=2032):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xbbb71000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x400, 0x0)
close_range(r0, r4, 0x0)

22m4.684660726s ago: executing program 9 (id=2034):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000440))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r3 = accept(r1, 0x0, 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000300)=0x20000000)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="120000000400000004000000a4"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r4, &(0x7f0000000080), &(0x7f00000002c0)=@tcp=r3}, 0x20)
recvmsg$can_bcm(r3, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)

22m4.530695928s ago: executing program 9 (id=2035):
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000800)=""/194, 0xc2}, {&(0x7f0000000900)=""/124, 0x7c}], 0x2, &(0x7f0000000a80)=[@mask_cswp={0x58, 0x114, 0x9, {{0x17, 0x80000000}, 0x0, 0x0, 0x0, 0x7, 0x3, 0x5e13, 0x78, 0x1000000000000}}], 0x58, 0x4000000}, 0x4000080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000002c0)="beaa38543627a7a662afe0d83fc3e43fc6", 0x11}], 0x1}, 0x20048050)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
write$P9_RSTATu(0xffffffffffffffff, &(0x7f00000004c0)=ANY=[@ANYBLOB="930200007d00000005f0000000000000040000000000000000000000000000000000000000000000000000000000000000001f00206e6f6465767b6376666f7892ffffff8102000000000031ffcebc920000003800704a86ce"], 0x232)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

21m49.217266227s ago: executing program 39 (id=2035):
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000800)=""/194, 0xc2}, {&(0x7f0000000900)=""/124, 0x7c}], 0x2, &(0x7f0000000a80)=[@mask_cswp={0x58, 0x114, 0x9, {{0x17, 0x80000000}, 0x0, 0x0, 0x0, 0x7, 0x3, 0x5e13, 0x78, 0x1000000000000}}], 0x58, 0x4000000}, 0x4000080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000002c0)="beaa38543627a7a662afe0d83fc3e43fc6", 0x11}], 0x1}, 0x20048050)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
write$P9_RSTATu(0xffffffffffffffff, &(0x7f00000004c0)=ANY=[@ANYBLOB="930200007d00000005f0000000000000040000000000000000000000000000000000000000000000000000000000000000001f00206e6f6465767b6376666f7892ffffff8102000000000031ffcebc920000003800704a86ce"], 0x232)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

14m35.277728604s ago: executing program 8 (id=2570):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xffffffff}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ftruncate(0xffffffffffffffff, 0xffff)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, 0x0, 0xffffffffffffff9c, 0x0, 0x244)

14m31.950979815s ago: executing program 8 (id=2583):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x1, 0x0)
fchdir(r4)
r5 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
write$FUSE_CREATE_OPEN(r5, &(0x7f0000000180)={0xa0, 0xfffffffffffffff5, 0x0, {{0x4, 0x1, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0xff, 0x5, 0x100, 0x7cf4, 0x9, 0x7ffffffd, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0)
sendfile(r5, r5, 0x0, 0x7f03)

14m28.780981987s ago: executing program 8 (id=2575):
r0 = syz_usb_connect(0x2, 0x2d, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x7c, 0x6, 0x31, 0x20, 0x77d, 0x410, 0x3afa, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0xc0, 0x5, [{{0x9, 0x4, 0x5a, 0x0, 0x1, 0x84, 0xda, 0x28, 0x0, [], [{{0x9, 0x5, 0x85, 0x3, 0x200, 0x2, 0x5, 0x1}}]}}]}}]}}, 0x0)
syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0x11c0, 0x5506, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x8, 0x20, 0xb, [{{0x9, 0x4, 0x0, 0x4, 0x1, 0x3, 0x1, 0x2, 0x3, {0x9, 0x21, 0x1, 0x7, 0x1, {0x22, 0xd3d}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x7, 0x2, 0xff}}}}}]}}]}}, &(0x7f0000000680)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x300, 0xc, 0x5, 0x9, 0x8, 0x9}, 0x1c, &(0x7f0000000180)={0x5, 0xf, 0x1c, 0x2, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x1, "c3d232bf66dfa6950d891255e9464d70"}]}, 0x8, [{0x0, 0x0}, {0x2, &(0x7f0000000300)=@string={0x2}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x2801}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x140a}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x42c}}, {0x1f, &(0x7f0000000440)=@string={0x1f, 0x3, "cf791403799a166284cde7a9b8dec32dee91ef946744832bae8eab34ca"}}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x418}}, {0x0, 0x0}]})
socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
write$UHID_INPUT(r2, &(0x7f0000000740)={0x8, {"8078f0300bc4ac4baf16cd0708b625a7ad20b6fa57dd5816e52a354d1cc60b9e40093cb6ce1ba13b68b08340e5b8ea153bcd53084c8c05269cc75a982954c12d5b86edcf985c1c27db3dc1fca35363abc35b18d055f155ebb295f68fd17a78be3d4a0ed0b2faf0c8b26e40f0c28843b0e98da91c7d5aa20cfd582f30d82eb499e104747f94974169dceee01fdfcb1cef1fb736aa7d4b617bf97718c8c84ff24bdae95724d64bd201978641ef0005c20f9e321a957b1623b82eee2e25423afd5a15fd8704e08722a5f8f9538fe136e79599b713114e7d656dbb996b3896ceedc5a5628fa7a2adab313fa157acd0af9ff57d6a82e464ab6141972be0a8224aa0b890deb3c42c6ca79e18c502105280fbf8971c3491cef673023d40e3762110359939622d876810e7c4283051d4a01410c1d2f426773c000cb86212d200e4f21f5c89bf798d0b15d0732da330752c797223682c62b2fd209f9b65f2a74e311a95f82e93babac55caaff53d080964b95471c5e05f80164c2a8a2f4ffbb0bf78c4d62743858c0ba4d5ea227836f12ca45e19c8239f35a8b6a5dc24ea765239ea15827c2ed562079f65f64f5938e7a4c95369b03b9ad8512683a6768dc0a6d9d8eb0f7dab8d6188a7267faed0472f263bd51bb59306cbae9b31522542f3925a69f76046bc12e40c9176400f7c0971e589c25c3d7234a05017fd407fc6c18328c37301be6c073d8296dae91dda3e640074289469b2395be83c05ff3b2d41886bc41fc31c5b39f195e64498ba38e2b95b423e465697a25349d8cc675c7eabab303939d7eae158084ae0090808324ab909a2de1b7fa7a190dd04e4e3e3efed41bb864ccf39c585d6e76a96b4fb232f9af0556c24318e48d11981d738f29891e9c5c563488259bbbc61c05fe1053783fa1c4e2a28830c740a54dc073fb6a821b98668c723c236f088cb7a79239ff0fa30876024d1b83dbbeac11cfe212faeb225ff5c55474e511895f800331edd5a8cdccf6e03e998483d454732d7f64531c344b20185732c0ceb000512b1df111344f19f0c38e95bca26bab8b2a935d780f895f6e4ae700ad2f472050d4806c8d3d5b18384e47cf4e0156efef4c25dc7f0bc8287a059c9e4422277646a56658ec0563fabda3d696e9d8c5ed96c3d204240ec6c264a2e889c7f921c8e249bd06161e978a62a2881ae930fae5300f4228ab63cdcedb3ae67296ad3e467977ed6704410e279bb45d6310d1e92b64eaaca98f95a91bc03af0fca6466cf6217fe19bc07a5dbfb06d18067c4b13f7c629bd602325782494e33e2b47a9554cba1d33a19e9af74811d9b0da69862206ac5643f72ba75ed4230cfa7bae3d958308bcce36e27a826df43de1b279dd13ed2129a625ec91b4c5594343b3d2dc438ea2d1d0a6e8c22fff9101b5d96cb3293b6aaeed6c997758edba48eb518312c2e5a2eb8f89f0078ad6f5a5e6eab95ab45a898b3be94998abf9a7e9462187251ae062564712e1f2fd2ce6cbc0f6cfb0dd112a5bc8ba87262b0a9933a7425717188f05fbc4cac5bc2c1e5e8a66c0ac11ff2247b650ba722f5123c193be6fdb5c092452dea11fcb91a3d410648081952c6cc206d86a9f3b1dc8cb6898e52217afea4790ad754f37ba2a5e3fa49f5a76cc7b0a82e8f5a8867a2e60524eebc71cfdd0c1f757a94184cfb61252759b39a661b6259a095c729f73b5b0acdecd4c33c6f498b018a5f62a2556632be55013603c4f2ea07c4bf8bf0117dec428c5074d35a430f31f3af99d2c3378a7fbcb737a1282904e15cc3a29035a968c033dd849753fe0e3fde8ed7c3c7fcff007646e2c41bed4b584fd89751366809c4919cbfc42b9345dba7911921664a2d9e683cba45b7a8d0ee1bb9a2f163e1e443dfe80c47fb02e3c474cdaefd63f1bcd27c964e4c3c3a4ba99593cd94f1c9b69468a14eff4324ff6c823def8ce488a7209620d71314cf87078bb202a94ba1dd9ac03c4a4bda2b2686c3057a59f17856f3f2fcefbdc9d800b63b1995dfe7d8f01272e675397955d5340ee0cc71e049003db69d4f816e300d1397f54a4519d924d38e731e6e5a7309d887061b3ae9b51640941dd1d1cf258825dc1358bd341179e1be1f659cc3270ae82180b731cc0c84bdd2f4253612c6b59b1805d1e1650c75be627131dcf5e3cae82b76bd5204c6c6f3cdda75e6b7cec3727f41494da11a3dbea8312abc2c4c79084bae004f7805bbe7efc93a90f30db5d03e066a246dbbde51c9955a7e8ea1c5edf88a45d5f15cf1ff9176a34eebb1bdd2ab3e55148c4f964b8794c76a7a9658f49224a43632511404f30436ea34ebcdb32b16c76a3c7f073b92ae9328b12ae4fb88b9c1228c0a1e89aa3d37581cecc0d3127b87dd0a9b1b8178186e6146ca27ccf2d77568a1ddc1968e7da7952badd14a4fb613c1941c623c14b4431013b35de72594ae64726adf6ceba7d5d53a7ae080728ab7e7b7a03ea4a2c588c08648205f8adf8f0b63280bb3d7558c3d4d6b559a42b9e85a17d121737a44c40232224c203f2042dd529a23cf71fcd74d4f5f9460af457df8bd1f84a3d89116d53042c04dd1d1e39eb3e3c892bfee34efaf06443db7c79e11bd6458483854ac84e3f23fb97fd7e92d6bf83b9b18f14672a7939322b1ab1a7b7f5a1d25dd260e074cf9e19c5172f22d117b401c927a58d347b5ee98cd2985daae4c25a591b2c8628d7ab7655434482db46a0d6f684cf45ad1821900b53bbb2504604dee71b685226af0b145a0b168ebcec77d8817b664aa9b8263cd50c06c672258622a37cd6ceaca2b1a53783f32f85a3b4d086cfbc767efaabae9a9283dea165ff5afa935f3a0005101a395ecd4a9500e943191827352a8970e5b7920bf66d4633a8eaa5c9ef58312af647b0f2bc8a3281ed800c9c632323f45e42589656cb6776db242806b21c049281b66ba7057adc35028c1aa72e5fab878ac512a9f27b02dd586b2257b0816b9ee65be7ef96a1e42222b3c6d9abf4b999d57bf51c94e29d1b69e1c4ace4c66627bbe996efd2f32465deb00430cc5c6006c60ddaac0a3374f29f84dbd36751fc0be2a36cd68fde06a24057ecc43cb60335af57bbe58b5d992bbd704c2cb72fc9770019afb01ac81f66fef5524f560e428d35c83f5c5e52b6513051cef10df30e476f5e1f506aec8366d653e7eb7a1c687ee357a4fa97f675166efa6f0247892d4a643936a5ac9e434e99fdcd08e009cc124142f2db9ef447b900c5a0ff3ba1cd0540122fe895144a5f9c90c41e1ba93546cef1a9ed0cfe51564339c43e9e9e590266b78c3fde7c785e4496a286595aca0d9aa962e9237f7ec77f2ee4a7af92e2b18037be026024fbbe1acdc3e52b8736c54212fa6d9114b4fb59c60007fcce197c9dc78022f1bd85da1289ae3981d9bfac31b040767aa3ec6fa268c17283d18964e4e32c13974970fd1e9d682acd57b540e75f1d4ef266238a26c5a1b5127cdaffccacd54dbc4ae153dd4d84b4563169fba21acb5768106af1c3d05632c426ad5b534df7612d7507b71a57f75b268951f7d442f67dfb4eaedec0f1806d1351c8ded3269b26d5dd974c0df2cab4af60aabd56b7f4e9f5f3a32135b565202e9014e16d4c5880988b6b203b7b2beaa9f4c709da4d19f55abb9a6c03186693cabe5bdb7d51e4d872afb321dc12f53bbc984a079cf93b6be1437bd358d7f5dd865e6ae546f877ac7f2469c1e0985519d13803c8681242b570a657a4a8bf96b23e5cb22d0cf304b7f7c395a27c6663632a20c277bef55ed6ed583460ff3b906155856c41639d5746f157d9eefbbd0fefd12f581329f68d1e8f9a26c86840f419ac39f69c9cce4fb3efd788453eec9f4da9cc16af7ac1c8693059654a34a2fa687abd5824e5390a9d4b8d7648a1c801238f242c73692df90295a268a63cf62a5eac2394349b4119865b01f0ee35acb6bc23178678368e0c26846f0955bd5a1e82e478d7abd705680fb11559a2178705bc2e711e4aa9aca9b7d34edd9b710a6d39ddb73c3767fa9e84e2dd2170c0ea03e1b0323c3e32224c7bcfe8c6211c4c143dc4e9e3ae40d39ee70a249115d026e0d6e65371ab2739d416a1c7de6987819891bb9e3e43db97fad8c9bb05f3346ddeb25c73a3801eb6e111b6491ad8db41a401018323282e4b353d5266b679f6a1c2e9bc1f9206ebc5877ac6701e581ce065bf82b4e0d84ae8f9ed428a5941962b261fa1e2fe38ae963be0c8a4d3e20c3ef39b1bc249b377fae4ba27b53477d4e2db7b423a698ad526af844137fc19b1633a85f4198811579541914c059f8643a521f8b662637b93b88f0bed7e8b16b4d762c938fe1653250bdbc87165c2e6a2410e75b34d7479c5a25dd01f1b071d736dbac9e2dbcc7197a10ed62dda05f8f3696593c22faf107a5e7799d290bce1624058173279110f65ce4821586735d313e600c39d6fa7396635bd94daad45c7cb36460f67fb34def880b96ca20ce71ae4b26b418582a81890f48d55936328090c9b01a870b74e20d2038e54c0696bf6ebd07c619a4b8bc02269b61680ce3a0f50eb7e48482704d9ff6372079f2f31fff172f937f8857c49eb8c9d6a939a2e02012dde647c53100b2cb34e33a45e464f486fa11ebcdd3a07a9d6d1d2125c1533b364443100ae7bcd272c6da0dc1a26f8d6c1520cb44d2cb208e4b4d02c72ce08c738becd32acfeff4ae26c7fe375c4ca0353240b954fae9015ee750b22d6b0f7899daa88320b725ab3cf3fa95d9564a9e574914aed0f4f369e90a3a478958141ee1dc711b657634a5293e5d39ac37ff18e18fc7b2eb9f1479d71f5cd9162bcf22e3268e43c741a7e3fce446fa934505d4ed0f275808545de8ba1378dbb7fa8592451ec49f8c2ba0f132e786f33b5d4e8f3107cb1dbacf681431e7f5e3c868b8742ff0e414b7df9cc94c151c03a12e40b3531c1659cbad32b12d37913ce7d99b9808903b4d536c957e1e6656625988e6370dfdf3ad81fd42ec10dc4047cbe362290ed71a2a2e0066852de132439c9d50bd5754e005192b46792afa73410fb7342d83b80d5c09526779a02d1f75a86b36433ee5860b031e5ad9685c23423b658d108f7ef3fcede02268bf9a89cc0564e85da6418edc39c964780625481e05aae150c1ffa85637620a6cbdf22efa9181cc4e60f157e741ad3f703e19fd25226da34c8f0e2357a450d1653793a663354485f343ca81b31b0eedf209c9e648bb151c3cb0999d4504df6dc7f9a786567c0779bc289e5af78a8d2356e8bc84b00ef9737284b28af2aedbc5b4f8b40d8c5715a9f6e43c2abb0f2b65f0151552c6e80d9b0417c402860d199cbabcc401c20b5977e6cecca89377d4f594c6f3bf8ca4da19bfe718850f22640a7325061856ee8b522f30c4f0bed2da028d208f494f373d825f754be9728556bb4ca05b6466342fb65b4d272795a3ddf1104386c64918988b5911152d5b3c03c1261e5b867936a05a140a915ac1c08e6abfc5cccbaf8d68a01e91e96199c3f69bd74ee03309c075285d65f2cafd39028288a7faf4e627720e4fda5dd472a731a1dd96f60824816f1dd88ecfc788428d52204c8855c3de44bd1fcdfc4da27a40ba1af6045fcfaef5a36385c5387e39f83956d223ef1fae80266b88a9b9c07dbf325c8545e630e80e0265025c756691c355acc4459d23a826488d2d628ff20ca71f52e46c0ff60bedd288034f1c0aea5af256ce359fc9bc80ebbd05835c34bf28d6388c5df6eae9f3695ac7a2264fde8a783c6b1ae9e0cf96ff821014d9a", 0x1000}}, 0x1006)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r3=>0x0})
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000100)={0x1d, r3}, 0x18)
connect$can_j1939(0xffffffffffffffff, &(0x7f0000000080)={0x1d, r3, 0x0, {0x0, 0xf0, 0x2}, 0xfe}, 0x18)
sendmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)}}, 0x0)
io_uring_enter(0xffffffffffffffff, 0xde2, 0xdb9c, 0x9, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}}, 0x90)
syz_usb_control_io(r0, 0x0, 0x0)

14m23.41150871s ago: executing program 8 (id=2579):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0x3}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket(0x10, 0x3, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a"], 0x4c}}, 0x40000)
sendmmsg(r4, &(0x7f0000000000), 0x4000000000001f2, 0xfc)

14m22.205714613s ago: executing program 8 (id=2581):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0xfffffffb, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0xe}, 0x18)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/partitions\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff}, 0x2, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f0000000280)={0x13, 0x10, 0xfa00, {&(0x7f00000009c0), r3, 0x9cd120de59ab3588}}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700e, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090f04000000000000000000850000000f000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r4}, 0x10)
umount2(&(0x7f0000000480)='./file0\x00', 0x2)
openat(r1, &(0x7f00000000c0)='./file0\x00', 0x6a1c2, 0x50)
faccessat(r1, &(0x7f0000000000)='./file0\x00', 0x5)

14m21.877567478s ago: executing program 8 (id=2584):
r0 = socket$inet6(0xa, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
syz_io_uring_setup(0x0, 0xfffffffffffffffe, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x14, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}}, 0x14}}, 0x20000000)

14m6.801556007s ago: executing program 40 (id=2584):
r0 = socket$inet6(0xa, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
syz_io_uring_setup(0x0, 0xfffffffffffffffe, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x14, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}}, 0x14}}, 0x20000000)

12m51.358330276s ago: executing program 0 (id=2701):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x54)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r3, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000340)={r4, 0x0, 0x0, 0x0, 0x1, [<r5=>0x0], [0x0, 0x7], [0x0, 0x80000002, 0x2], [0x0, 0x0, 0x1, 0x1]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000080)={r5, 0x0, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r6})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

12m49.543211182s ago: executing program 0 (id=2703):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB], 0x48)
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000032c0), 0x0, 0x0)
setsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(r0)

12m47.76480122s ago: executing program 0 (id=2705):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000000c0), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_rdma(0x10, 0x3, 0x14)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000900), &(0x7f0000000000)=0xfe47)

12m46.474047355s ago: executing program 0 (id=2709):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f00000001c0)={0x0, 0x3d, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x1a000}}, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x0)

12m44.54420311s ago: executing program 0 (id=2710):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r3})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)

12m41.407577692s ago: executing program 0 (id=2716):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0x1, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0xffe6, 0xb}, {0xffe0, 0x3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x1, 0x4, 0xbec, 0x7f, 0xc, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

12m26.237166871s ago: executing program 41 (id=2716):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0x1, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0xffe6, 0xb}, {0xffe0, 0x3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x1, 0x4, 0xbec, 0x7f, 0xc, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

9m53.43997451s ago: executing program 7 (id=2837):
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdef0, 0x8000000000000000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x141800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000500)=0x4)
r5 = userfaultfd(0x1)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r5, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})

9m51.58286694s ago: executing program 7 (id=2840):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000000085000000730000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ppoll(&(0x7f0000000000), 0x0, &(0x7f0000000040)={0x0, 0x989680}, &(0x7f0000000180)={[0xffffffffffffff68]}, 0x8)
r3 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYRES32, @ANYBLOB="00000002000000002800"], 0x48}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0xa4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xb5}, 0x48)

9m50.321721645s ago: executing program 7 (id=2842):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffff"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000580)=0x1)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4}}, 0x26)
connect$inet6(r2, &(0x7f0000000400)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000270001000000000000000000ac1e01010000"], 0x50}}, 0x0)
sendmsg$inet(r3, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x4041)

9m50.185551419s ago: executing program 7 (id=2843):
mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103)
inotify_init1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0xd, 0x200200090}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3, 0x0, 0x8}, 0x18)
unlinkat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000180)={0x200000, 0x0, 0x13}, 0x18)

9m49.163581457s ago: executing program 7 (id=2846):
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r3, 0x0, 0x54)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000340)={r5, 0x0, 0x0, 0x0, 0x1, [<r6=>0x0], [0x0, 0x7], [0x0, 0x80000002, 0x2], [0x0, 0x0, 0x1, 0x1]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000080)={r6, 0x0, <r7=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r7})

9m48.871951342s ago: executing program 7 (id=2848):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'ip6gretap0\x00'})
socket$netlink(0x10, 0x3, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000180)={'ip6tnl0\x00', &(0x7f0000000040)=@ethtool_gstrings={0x1b, 0x6}})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)

9m32.274899062s ago: executing program 42 (id=2848):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'ip6gretap0\x00'})
socket$netlink(0x10, 0x3, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000180)={'ip6tnl0\x00', &(0x7f0000000040)=@ethtool_gstrings={0x1b, 0x6}})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r3, 0x84, 0x65, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)

1m3.320477474s ago: executing program 1 (id=3419):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
io_uring_setup(0x1d8f, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x143042, 0x8d)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c0260000410007010000000007000000017c00000400fc80a72601"], 0x26c0}}, 0x4010)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004a40)=ANY=[@ANYBLOB="c0260000410007010000000007000000027c00000400fc80a72601"], 0x26c0}}, 0x4010)
ioctl$int_in(r0, 0x5452, &(0x7f0000000040)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
gettid()
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={@fallback=r0, r0, 0x24, 0x4, 0x0, @void, @value=r0}, 0x20)
r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r4, 0x4000000)
accept4$x25(r4, 0x0, 0x0, 0x80800)

1m2.886044572s ago: executing program 1 (id=3423):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2182, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/consoles\x00', 0x0, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
sendmmsg$inet(r4, &(0x7f0000004a80)=[{{0x0, 0x0, &(0x7f00000000c0)}}], 0x1, 0x400c0)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54b24f15655595860608d70ff6e425a6c36af37b33facd22dc8a9c7044410d324b03e654156762092a62fea8f13441431ce248bfc73a6726ee61b5191d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d100a05e97ed3dcad452db6e08a991e2c78b057f55deebde6f0b11ce65700c0a1ad7946ff7c355db87566e3e5abb7a37b52876fd9fa194c09273031900"})

58.261536597s ago: executing program 1 (id=3426):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f00000002c0)={0xc})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0xa8202, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r6, {0x2, 0x0, @local}, 0x2}}, 0x2e)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a0000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500"/132], 0xfc}}, 0x0)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x4e22, 0x81, @mcast2, 0x5}, 0x1c)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r8, &(0x7f00000005c0)=@pppol2tpv3={0x18, 0x1, {0x0, r6, {0x2, 0x4e22, @remote}, 0x2, 0x4, 0x3, 0x3}}, 0x2e)
close_range(r1, 0xffffffffffffffff, 0x0)

56.814359254s ago: executing program 1 (id=3428):
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="5c0000002400010028bd7000ffdbdf250400000006000400"], 0x5c}, 0x1, 0x0, 0x0, 0x24004800}, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setresuid(0x0, 0x0, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000040))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
ioctl$UFFDIO_COPY(r5, 0xc028aa03, &(0x7f0000002200)={&(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x1000})

54.07695765s ago: executing program 1 (id=3431):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106-gcm-aesni\x00'}, 0x58)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x4cfb, 0x80, 0x3, 0x135}, &(0x7f00000000c0), &(0x7f0000000080))
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000)
r1 = openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SOUND_MIXER_READ_DEVMASK(r1, 0xc0044dff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r5 = creat(&(0x7f0000000580)='./file1\x00', 0x0)
r6 = fanotify_init(0xf00, 0x1)
fanotify_mark(r6, 0x105, 0x40009975, r5, 0x0)
fallocate(r4, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r4, 0x0)

43.669600694s ago: executing program 1 (id=3443):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc10c5541, &(0x7f0000000280)={0x0, 0x20, 0x1})
r1 = socket$unix(0x1, 0x1, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = syz_open_dev$vim2m(0x0, 0xe2, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000000)={0x7, 0x1, 0x3, "7981b27ccde80dc8802bcb5c171a38daed39ec0ad31b841b130c606cecd516cc", 0x41414270})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_io_uring_setup(0xbd8, 0x0, 0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000200)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x46, 0x2004, @fd_index=0x9, 0x2, 0x0, 0x0, 0xa, 0x1, {0x5, r7}})
io_uring_enter(r5, 0x847ba, 0x0, 0xe, 0x0, 0x0)
close(r1)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r8, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x2e, 0x0, 0x0)

28.218025822s ago: executing program 43 (id=3443):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc10c5541, &(0x7f0000000280)={0x0, 0x20, 0x1})
r1 = socket$unix(0x1, 0x1, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = syz_open_dev$vim2m(0x0, 0xe2, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000000)={0x7, 0x1, 0x3, "7981b27ccde80dc8802bcb5c171a38daed39ec0ad31b841b130c606cecd516cc", 0x41414270})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_io_uring_setup(0xbd8, 0x0, 0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000200)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x46, 0x2004, @fd_index=0x9, 0x2, 0x0, 0x0, 0xa, 0x1, {0x5, r7}})
io_uring_enter(r5, 0x847ba, 0x0, 0xe, 0x0, 0x0)
close(r1)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r8, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x2e, 0x0, 0x0)

26.333060141s ago: executing program 4 (id=3470):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
r1 = accept(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getsockopt$IP_SET_OP_VERSION(r1, 0x1, 0x53, &(0x7f0000000000), 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_dev$swradio(&(0x7f0000000040), 0x0, 0x2)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x14\x00'}]}, 0x1c}}, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r4, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f000000e280)={0x2020, 0x0, <r5=>0x0, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000380)={0x50, 0x0, r5, {0x7, 0x27, 0x0, 0x1001a}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f0000008280)="03680f2a20da68ab7a58c28b635d19c32b6efabb6ae3b5eee5a74d8943c613539e166c8baef50500824343a2f05093a5c21f746caefe9f9bccd83cca0fc28da20e2706308c61398dfce5f54ea9f266791ba29a4c7da158637def8b816aa296815ff13c06d632df45feaec1fd272ec1b510eaf58fe6b26cc36df3ecc0f5b1f258a190304e2519dd39ba9f5bc1788926ced5202e3b1e3afa16ae0b5d66dc05b36d3a00f72e5f318f8bdfc7eddc94238c50031d0657a22445ad0b3b90a86b086eed837a00bf0a3888bf61b4db57d6d8d6b286bbb13ba3b246def60ac34241eb843f89fe77d7e3e52573e90d791f21d4a8dfcc24ba95db60e2135634c02bd4b14535285df4fbe381ec036d876c4c8057c79371fa9717414590890e182a7b9e0ab927812083acf0d04e04c20c0555c8ceedc5bcf9b0e814be6eca98ce7b2f9f17d098bea541b75a1617c09fa99902ad746811f89a1fc5e6a80d77528247d6c104395715d2c9f9102f070a295f20c4307b9e848d3928b50985bfa2486893139761925b8fab96d26291243db23c4fd4d96864f4db860731a4e3e10b52d8d0487f5a8536cb4507dbdc111570ad0321b918edbc52807c2e0676d3257553702d9c1bd6741e9cd5cdeb3b8f636b6eb02a3b0066d7f677d586de5018850000f000ab3960f6656fb98039ceb6400d0299c356fc22b7298ed157c667bed5563fac2192a8ff7706a9e58d9d2f92632d6b25d8b090642e3f323bf7ff4d8264617a43a97099dd7347fbe3b1c439737913f17eff57f3e1ff4fdac374fb554e9a6a1ff32daa69507698d660d8d5f591801d8e4a9309342c3dc84966dbfcd2652800200bcb0dde9d456b7a07c5409f4f5387d0150daa34dbc865c6108d34dcc51eedb277e9638b43ce3c9afac5d7aa0f8542e58b0a84632a07557b041845d0012cf016ef065f97660b731ce1b79493de71def047277a3ae6d4a0d86591847d3475926039848c5baf6e1b43bc83053855182423156e54cadc8c85089265b49da853d15e5a701fedf2bf7986a723abf72e513fa05cb178345f2fcc859df49e74c8ccef196000a05cb090f22986ffb6f8f74ab41d2d88b6b535507a23b03d2fc2743f6f69fbcd43b8ff52b1ba32fa0137d542c515569b7f486f8ffa02ad1f54767f51701eb4c141437720884d529a57e17bc2837799124f7f112f42bd90f5b435d7a5d7524f7667bb7a6266263e62bf7ebf6896888d584c65a530b766111f078630d8629ffa91acb5ed02498549bd7e042acae0fab7ccb23278088a364be3da9619d91e1061bbaa9b33c3c5fbbcbc725ce8c2cc9ab0f2b4d30078040d3ca79d3ca056c360381ee87e743dea73a25ea2b4843f9ef280feb507f933fb556c718d8bf8f8618db72805b65d381b319f65c745c1e5060dae2f498852e79aff8dd9c88fd939a31871a430d3ba96fb118c79d1b08a397af23b1a188d1802106f588c768a1e6c9d244ac9a38d2a54ed50f19b78bf25e0ae1f9337ceaa8ff5ca8640104b19bcd643b51501d4e03ed5ffb383e7ed0ab78d540ae10bbd64fba1af59a4190215b7d10230992bbb4ff618d8284a2e2446990511fc2bff07cce9ba94a11d3db041e220e3d931fdf129d8ec2c9b17d6587a0044c9e09f52848db43ddc0df94513cc9e94e9d427623502a910deea0f21d86b16366769a46bf0d6d9fc0d2cd6b98ed885e9e2d765bdd051196bf20bd27c46ec902726d96de352c346d904fa00d63b67d272f116dce489f9d636cef61b441b9c113addec983b8b2fbdb2b32049e436c972b2fcf5140dc7b094c5047cb6226da700b72aeb3febdf16a75b6f61a311f606251c99b377c775c8fb3446ccf25dc4cca24290b3939f948019b05c80b5a6382112f63e0990b324c16a087c72aaec08796afc769f678e3634100a5a9da8215cb5d7a6a6b50a81676ef4edca35595b11f9606bef2fb84fe1f0a0703c886579f09986086f0dca6eb8061f9a74c79c1f758684a7363974b14561b9d2efdaba6c4cd8cb70627da1e195fcae3d8b2fa751278e8f220c83e677e14731eccd6fe0c357b011ed88b6df0c266b383f224b8e95384e401b717030b1227582d0d1042bd90377c4f2c7206a19983fc5905e4eb87edb6532b26ca9e28e160202606d19d9f5da34762f4b3fa842d7bff382ad70dcbc411f8b3e4cace8c8e0c72898d24023545e0dfdc4176209276a535491ce11c045c57b45c40f19b12dcf6ffbf78ab23e7fe9bdc404cf47db9855f2b835e1fce57debfa071803ec38da3c77a904080a4c737ce2b20e14e8449762f1ca0b1ce71779d2e6ee5299e1cf230e8070045c23c1d0e52f66fe9039f95cdc0b448dc12d24de39157934270345991948fce921b5d8e739315cc75d4b3b49928437b88672c1a7770365207b43895f45909d5d972f48aa66de609152a5afa2c7d75f0a14189d0409f0b623eab3b6e7d81025cde140893ed71b6f24f5a36d21dafb62af6be9da845403bc8ed36672efa74d7da19d5794cb4b79fa1c86940b1890c012e14b7c3bb261f16bdd99efaa9819b0bc00af842a6b94c6086d15b16ab81af9331ba3a5ad6941ef35239e85455ceab02c598ccee8fbad97ed37daebfe3b26a5a6c9eda5f65a1cfaf7a1f1688267c812a56c552ae11b465dac030e18f9008ad03cad80bf2cb91a7d99dcfa54d323ae0a4c3a6dc0f80d7ff703870610a945eb0ab5b6d14e81869c8872f6b123d98edcf6bba10d76d35cff4b0bb73db8b6695a8351785bcba1e160a42ed367c4da727da38f91562e941e5c4fa90c00000000cd3a7d6892f18a5aa3c74a4fc00bf5909267489b937a928d9d8ff92530b5226eedf8ab9a957e5ffec45bc3a55e6955b38393ce52892655265d1f741e0b744808eb568a08d145a8bc5ada9b079f6d0bec5fc2ace0502b3f926372dff49478fbd10451f0de4b3d1a63b9d4e17ade45628d2e9dca041fcf7fc1e105e1fc44089fde0caf418ba8454dc361df4a59e1bd79143d280613e3c79ad18e922a43e199aa5927bb9553dd31e6223ad19bf8aff6e1dac8b3680feea3138bc61742b03f047b3d77039c1a4c2d05bd89c4bc12a1c83d78b4e7023f690fce6a44608c423d8cbc2e80942b9d9df2f4bf5606640fa47692f3e003885983a73e1dc313b243bbab5c3c6348afab796da766044ba142eda5a9d3713e3eda8c54c1708909c5da89ba67d29cd7f409c9b759cba316c42028754e3cb6eae2cc4f6d66982f212320f199b2e837bb4c54c54bcdcd2ac240ef6295d38e9889b4213819ef0f9aba6ceead4e0fd2c4becdc1f8ee3049831996c9a74a5fd4e12a1fd21ed47cf27e29f9d61e4b673d88914c36eefa53d3c49d94b463b7f8462c1951dfe33c10993d5cfcd0ededd50ad55009528f1e79fbc2fa70c3338b32c40ae3bb45d7079c7ae8433fb1aa19affbd3fbce0cb5ab0d557afb3be036856066eea45c28e93528b35477fc97fe9ff3641e5bb0f0e46069eb653c027daabff38541250081c77e0e3a1d030a73289e771cc41db1085df0ad978fcf0b46af821c6b717b265e07d3a85397ea94de26f510290ddb5df8fcff76fe624843c8577802809c145916afce01d9dfdfa8bf07633e98f14fc73d5ef58ae5cb0c308bc74ca38259692a1cd4cf16752786a1c816f24612c27393d7e40a2df9a3dfa23a0c59613c8a7ccdd97c3fc67ecab94dcd8cc4b4517ed2414d41ce574074ffebd156e3d65c4421b0f339bc9f29abbfe49db62122248cf96b74d9639b3ef9d935cd81315a7ecfb0dc6ea1ee053c2e5c3615fbc10782f16a564fcabe1df70da7de989e00eedc346cef5b5cf880e9d563fc15302f056d37f98a939fd1dd5478b4318c256e93b77e31f87d8f7fe31755191b40d778ddb2ada1480bb9fcb96a09783fcf2c2c9fac2c3a2771dd0e2fb113cd460ee2c9cf4a712f04eb1b1a746091109f7ce0655e1ff7781fbe853e3d03bb91c9d8f4f416f5745c6b607bbf72786bd3c0ac4761e6e6d70f12dbefa1b13542086f793b72c6102ac06e75be17bdbb1efbf7e007f07f9bd433fd9d9cbf93e760757b792f15231895561fe49d9d683ccc066f38af581422b71702627162c0f0f35c36a61eaaa92129114b7334281e35fd39576e51d8593c149c9326e0c710ea4dcc9ef39a432a48ae1834f5046b954f9c033d6035cde0dbffe3e97f48a1dc695f4b2f6fe5d4eee83008318def105c37e11c9015670f13417ed036e68f6fbfca2a8289829677feb23079f3f2ee53b26e491924fefc1c50e54f288a8c4b6ba6d319054c3a9e39e14bba81b423acbd44b51279bbea6b0bb2047325837ce8b2191454f52ffa2cd04abe89e3de5bc102e9fdf740d3efd975bc9503af796e6aeee711ef8797de5d507a964730aa70cb9d3840054d4e1ffc57de378b511f7649666a54a6b3d91ed517198d76322bf99d13bef530a43ed3f13196bf2def6dcfb39f76471c75c5779bedf105717e546057fb478bfd24e8fdf3c12d028b542d1f424a9d45bb9e026e6098eb1cb0a77378300ec1b4c9f006aa4dfb7fb5c57cf1b035cbe96009ead1ca25ea1e5fae40312a4e9fe250684a1c8653bb303209e0fc6a498f3a08f6c5b946378a349f3aea45104a2badb8a45f500bb4f0f6cd620ce794e0f390e1cb7f2f1fc0039f4250a577544a6862b47bf89eea3a8c1516b7a9dd111c2ca719190e8feb1a7079e9fdfdb8224dc50791c986825469c087c8f081616edaa4193e161281aa68b7286a364cbb336b2459f0892e57c40afcfda7d16ea1877efb4e4b0d4b5c31e8cba15066903d3a91bdc7fb64452fb9843436110596f0b038da167a86f97d32c807270a1c994fe88e2517e11bdd210dd982d3c8158459440108308a936c9d2370b9d157c3f9caec36ff05bc40b37f095edf33bf4fad440f38c3f52129456936c07014140be5618f4e9d07b66679238023390cd676b1a3a28d0e90d5ad9ef13a31fcdc5a435454309367c437424e340a1f91c6483bee1026d85a16fb854252ea4ede39a4e69702ecff76432de508e064eda0df9f263a25c0f626d1c1ffaa6783be2975451ee936cc2178648935a924f6fb2db2f8ba34e348920d903114520918cc6872b842e3744fc18d1363583a107ec7b89c7792c0d8069e12f873f6d668f6fdeb47b72986914e45c2b061c5c936c73c9bcf1475ea0d25edaad21cf193405c8acef3bff4e4f1b2b321d70dba59e856a8849c2bba9508bad775370669b2bb7f5e53181af8bff525e13a4935d7e28b997b4ff15da9e36f1353a154ab701ad15420786daaf27ba7e122f7b825c668185b685630420378b4142ec4e4242c2cf0bf6e143f7e55cb12fb9dd59a8df9959ce4fc5fff68ae7174977a31ad7fd644bc94a20bae76f0af474034990fdfec8ceca0e6cd93fe21d84837b7e9d74c17b6d3054f0c008ee05764745fd8773a0c1c31bb3eef5b7e261b54805b5c805a4eeef05c812fcdede200442e7340c63490645ebd09c235d5c52a785542526edfe3875ad08267faed1d0a15236f00c6736b94c1a3821302ff610697ad7becdbc96f54b55138b585cd122e0d5aeaf43c9ba373e8aa1c1297e3415552cc57cd60ee1f3c04500ed0eed37775c873de3066c034c176c67c5bfbe9899a47732030855781341374641da058eee61d01d11b9db8f19fd4558957897340e32cdfbc39713f1f439be0638f614cdb5361433a45a6ff024e39c94141dc5403af101404ce5f2efa97b90d9ecdb7c361785dab977feded32554d1a74d5cbfe2435be7f0329ba382455c2ac11fbe29fe3826796d4bea03dc53a37f63f5be2773f83faf282f0ae24d9fe5762b71b499fd37b4ce7e71f93c3a983f80fed477708bbf2261c89893c4b76e34fac9b42671b6cc81678cc867f53e8c3ecf8e26206212743ca0c4941c2c61ed3177fccf85921e998d2b826df751173944bb07eeaae4001f677a0687a2550eeac8bb5128ecad9c7b6a514596a30b8292fbacc09ab488193507b6785d7a35c979db774b2c413246f1ae88d35d1914b20b8fb501034321642fb0b0baba3378e4c31fb5e247c177e573295df0194462b99079a436400ba1be2e30d39b8714c0fb2bdcd981d5a5cd514f8d4f14e4e0437108630355d8f2b60a6d18cb14ceb2b5d0704aa6e93e180bd79cb17e176bc4f81a03db12a03413de6189896955bb9e3cc69b6f9a50a7eda3742527f98c71d7ea8ba75e253c2b783f7104813c619949e6a0765179b1b9cbe68b703335ab5986928d86384357a2f4189f4b4ffcd61a3d29709bbc93b5371f0e7798cb72ae4c17bcee24f8e566f2777803c3d182d15a63ac40063f0ccdf4bd790404524eae02eafb6b54c699578486490033f0be866c74a134083003d330498658ba973ea674c4a0ff158403987b4c4752b07c8637a119b019fd5093406960144445056f6ffe73eda0235dc1871bb6058d4a9feecac628265689d58a81453d33290ab56eb691f3180d0288449f41844e56f5c6cf522d4a5866b24fb9552fde71946c4d25dcceaa41cfddb5a33c51c54c0a0a5abd31be8fb6ec53c1d14ba648e183979dbd0db01b9e51ba3803be7e7d3dee752668367264c783f74838121797ae5706ef3aa460682d1bf55808c70e69ae29d7683368470d08e7e9a1095305dce250b5b4bd48c02e098d241b1089736e8306a737e3a1a93e554cc3ab24672b8c74bfb8825004ca869e347f873de14575493836662ad741d79269904f905d7df64d0581ab8d76ee51a32d72ccb719f3a25c0a856b5bd2b2a1269e208d70c32e1d5ad0dfdc0ef43f0230e95eb85871eb4d6033abbf0be7025382d878eeaeea73c94270e79bd5757dc1bac95236a62545cd467830b12dcc30d7cc81e889d360d073db40058e9a1c7b41fc53e67740bc984132a1452cf7d000378f14ef93a7eb0dc9bacf23584ad6761139576607f8214757f71fc47b2944127116ca3e83b9d9643bce8d7bb44b4d16b5d5cff70a9e1114cd920b6fc1f409672648ad56ac3136ef0a314adb458faf3d3f171cb2fc513d76e43e6bda2f1a68e6fcf4a4ecbe6bc87716e2a82ea0c4657983ca0caaf8d75fdf5b0d7930e4f3e95eb1271485f938e7ad2bf0c97b7c11745de45518a1e3a74341968588558e7197b407d24eda0671ee28f219e4c5f809a7ea6f9f5b9705f4634a96112eb262bd5967db5237285b865d3f64516495ea6d1ec20dbed7af02362371a61241fa1ef5b3095609d66ecc16010f6f67a280d1c6d215ec224ead17d68bbc9bc64b363b5be9b479b7aa2cbc8587a6b48cf653fde7a262a11ab3a10356f55f122310feac77c32ce0994d6e8a70f1c53331cb473a8e29427322fb6da292c4443b1678877f1c981fa05fbdef96520e5895aeb2a3a8e62652f9d8830c3b144b9598873e2ef41b7ade943807766877d609972cca74855eaedce07cda35b50557de96e736ca3107c154d31aeee78db214687b9964517bcd2c6c9ec047514b45c831aee4588166dc3ec9ab36bd1033e74b3d02d731c5bd84f659fa9fe55cac08c12cb999a2e64fac52f6cb7d1fffbf45d9a1126787d0060fd1be563ccbc278ac97dab0c1bee664675f273f5fa429bdc24b21ff1cf0a3ad3c687fb07ffd88bad6ab6c6b422a43b77ff76f96bf405c07f8a667bb8ff54d6714aaa21ceba2e78ce03146b2ab9f49e6d65081119b8e7cf3843e91349790d2b975c9f9c305df0ab4f2b1b2f30f629313cc66a325e4037f38f29842ee5781ba73d2f30f506cf7ff2237a72b4075aefa32cdd5ba0ae4e65cb6fa47a3e06f0d5f684b7172d6b58f5f7d783c4122db4f4b8b4f9d3296c9d115f432710c29d40dfca0010ecbe2f42fac899911d65c84f08aaa1923c8add5af518286211db14e1187a8839f3b2ae8bd914eafc16a576bbe3eba6271a4c5b3170c3f543761f11f1326a05c575bde1b5c6afd3876bea4fbb649071a95caf74de9f7b3421803ec351f934b8d0932ce72a13abf3627d9a396c10875fc167ef1ae98ff92af9ca366033c99d30306fd540a09d67d26ab192504e7c09f9e4d06287a2b1748f1761ba3c16d9d08be7562b7351c4b4671f5d4b38681bfd86c7f2003a9749b20b602112a95803469f5d252c564912b55c4bf3409298dbd066d877cc70a89b484b9ee6bb836c9acd1e53086c4be85e9a3bc5969c7016db9c72b68620c241409d06f4d7f72fe2289c9b4921055922783b8b886bc22926b7d194820af2b90e3c60e87e1a7851f38a970c07c1da120d1da75de2bb994ff7d05a313522373326f160914a9589711e0439d694f5221afe8cc118722ce4927e9543e61a12a76b060000000000000095d32063387349b4e9f253d8b73c6e834b6866f8a56b4797b92d521fa732aa0d55c8e9d6c56011ee6fb450853dc564d18e97c463609c27a63f9c91c46d7bd80ace4edc06127a450ed0dfa1410cc36ed52b7d1f457e5b4b26b5eca0d91abe4f1a42a2eec40ec2faff1222f71dc226d6344e947b45155691205c09913fc3c6ab3fe76f4d1b11fa45869e20694b5f0a1074780a07332764212533b797dd24d8df157d4172f91253b77eb2ec90c8222307ed59136463057b7f469116086410b7503b44cef401c47811c1390060da5b3321d34096b67468a7702978d98d4bd721c18a25ed541249638e90281dc8e3565dc33e66d7b832a9bd62c02c5ed0e92935c92472499653d2d842ea6697c733ee80d775884074b3a0c250a4aa021bb6ea93514f9cc5f09feb5719d270cd184e364ca966f1416e10f111bc425f32a993fc5cd75503f99d89d91d7ddc6dee70193057cb946e5fbf8663c53e12cebffe5dbd4a86bfcf5f35f0d8aa43763a60e00356b4f8bc2bca01b02cfddde38f0c4df1e7f98709fdebc5abb5eb9631bdc3dbfcf15517fabcf16931eb7381e83713b081ad1947274d4896ee8953d772e9e71f363b6f1147317bc739ec128e4ec865f8f0ea34cd5ff19fb2c28931d2c85846735358504ae9161535cd7890e8b95c814cfec116b78e6d0eb5097cd4f35888121452e27391d865c15f0b986925d0d0c623bcbb4d8ca66603720253af17853967ea5954eb5ef0dc43de185ec4925026c680464e66d1caff1f4c7c757bd55ec2515ffe7183e3481ff6f626c2228a3fc3d15f63e4bfbec76a2a170206142cbbcf204a1cbfe0ee56eb47dfb79c80894c0a0fbf8a2955d861678fc2f8f9ad7a28052197b5992bced1273658da5b1f42fca48c80883600c24d8515a0c7113deb4c97df918ab64bca16a0c14f2547dc91d5ce4f884978c95fe54899f77ffc20a2c4b27350bc451bef72a46d8e144ad57a8d5f8ac039f58b8a53ea1f3fd5fce612a171bf82ba17c0681cf46ce5c8181a522ed2e986361903903159643046c7be1787dac6ccab09d18a30997541dc6e9efa260f1ff0392bc1890f01d8bb725f4fe7d8bc618f46e0c23be6b9ca67777dd3f5a89b41ccfb11a526a3bed045a2906f86cc5186a1db7a70391261b694b423e5a44d374f9d3720330e083574083f8950b2b35c8bb5b6c0a7fe259f235dc1c069d4581a9f0a7451890561a0829bb290de6aefe4d243ae0b00ca61a1dc4262bb4951242b21d88148eb7b6a9718d6433274f2b3c9bcdbb6d5df67b48ff42692d8cd7f4b7f41728de68ea1ce0f3e4a2843c5b9ffc43f69b8a0445dce44081f5b443a327084b0d00d07cbdbbfd2da5d67bf8d4bb4ee408d17eeee48b61decd06bd3dac9a1adbeb069b49ec96608b9179bb3af4c10f2ade6778b31fd4c22c2961cb949a64e9a8a4879c550f8d8783064cb304511e40e2e562ba83c08ba8ae011a784ed9db03db5527a7aae222c856c8df0a94f9c4def0f94244c5b8e3db9f39dbd337928e24d9d8562f231fea72116c01089163d2c5f4ca17faab20b73c9957fa1a9af20837a804870034d4e64281125b070d8ee0dbf05f95e5fb079e2a57e9af977222e90b664189114dccbca81ee58b7de90a813768a2049052b339a608d3e9966bdb3b584291fbf7694a7d1dea7f72ca604894e6cca5d326ed5e48c15eff5e6a8cc11c40f84ca920d79a5c55d07001909bf6338921c656a39d59d03f62bb5b8870189f0416ec8c317b03ccdcbbeb3e1a9bf2661813f4966b57eb56a2757de5f7745851b5f7bf75e41eb1646e61a41923c5c0e58c2ea478d95b5c39c450744aea0aad3706fce684cb7338ff3dacab60e8d968f0e6fc070693ae3ca16996b34a50afb7e6e377546ae28dc8de7a2ea3a657b4b0003a91a488e347c61971d62f32eaf843d4d4c4f86cc4033c1244c8408def09188dde509c629323f34072f9089a3846680894e8b000a03865638b2ea212b68fdef7f17583f92014eef2c8115a37c9c82dee06213c1407c1433690f68cdc8e91971104039dfe06774b946f43b68b7957a5ca3ee763eafbb7437850eb0a285c413bcf6965232d593d8da47a2a06abc635ae38e596a9dae55b43f341bcc6fe72d79b453ac1c259da37f64cbc1f1508caf280aa6a3f4cd2ff5564cc5a8727f222431454a5ac93398a29fb95b4e057686cd6fcd920992f74e5870749676a36e043bec5fc1b0fce5563affe9addfaa3689e857383ccd1f2924080449d2cfb006e855570b711c1dedd1df2629afaa3806f4ae229a9a8ef1940ddf2c55dac7812d2374c0684b7ba27b2f0849ee4c055d2b8ccc8e41c593378340d7546bb974bc8032f220b37099e3b04c6591c40d2c50a855a491e03c1c9cbb32c400f6104341262d92daaf3e2c04936cf28788fdff8e0a77770a9deb9089a9e32eb5d9e2581aecd98f83881ca8e7d49e603556dc03a9aa19a8f3a4735aaee347b25ea35b36fa57484c0b6d591979b4a3da894fa0c15966d6a5e02e397cccdb9c314b504372b81ef6913877767001263c05dae362b49e5928ef36f554ce245b4111486417634f1e7f4530a760ae6ffd3123f5736ac12c5bf506c5dca03079c0fd0776cdb56c938cdf480fb9b97b1685dfa3be6f712aae107e2dda726bec137b2ebdf56c0fcaecca4350bd7b5c84d57f29c2a2c99ae10c30cece4831d71ae4ee3362983cc816bb6cb9225b9db08503a1be23a26a0425a8628a2e718feae5df91d829f27966f766b623a0a4958a57642aefae259713733670d5b1d027fb8eb2d0d3a0b4acd482076dfa09ffe883f556b2db2262bc0872e1bd713f100dd7a8a8f2d725b46e09c625d513179872bbcc9a41e596a18b2471d977f4ca2bebd06cdaba31b70ef25e098f214fef16f16f725cad4311eb91457fdb70b471eddb65ecafb1e2b03c5ff21356241e3cab2c8ba601f9ef1aec9006b7cd0b81da29be01cb4c1d52e563298e373013886ebb1889bd5616647c6c418ea6bc1f3c0853b65cae48467b35f08318e3a9d034af7224cc3520ab1ece7751ba15407298b21e4f84ef7c23d7993739403d4f116cba2d0ae2d4003a28334c461c734d4555105b986ad0af28aac36c753ab52b91b7e23ae3ab07d3b170fe53a2249efe5b65463a3f237cec72093b04005f95a15ae595191ba39d0ae1d91d8e00b132ae9339884bc57bbb79978a308e1c31c5f213b092f380a7ba58f55869e9c29a5a6e7a7aa4f8d58e5787cc05e500", 0x2000, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x90, 0x0, 0x0, {0x3, 0x8000000000000, 0x28dc, 0x0, 0x440000, 0x1, {0x1, 0xfffffffffffffffd, 0x0, 0x1000, 0xfffffffffffffffc, 0x100, 0x0, 0x0, 0x4, 0xc000, 0x0, 0x0, r6}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_emit_ethernet(0x7e, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001810000481100fe8000000000000000000000000000aafe8000000000000000000000000000aa"], 0x0)
rename(&(0x7f0000000100)='./file0/../file0/file0\x00', &(0x7f00000005c0)='./file0/../file0/file0\x00')
read(r3, &(0x7f0000000080)=""/94, 0x5e)
ioctl$VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f00000001c0)={0xb, @raw_data="9f4a96c5fe384616f1a9e9661829ad2f00d4f42b69f5352c110a8f9da8f8e51391fd07549b270a667430288b6eb25436a35c1749b5a2ea0e58d9d9cd467fc130b3234488546f00f60d34e302195d565a8f14c0ded549e28766cb1caaef9e2499b43f59e95392f654fcbe2cf59714f89e28fd4036bc62200da3cfadf1b5e24cd5de1d45ff67ace9ce3752812de38e2eccc5680ad93af92a66556ec63abe6abaab291e60c965a3488c2b58478d627414ca29c8bb79d56ae10cdce90dc9116d27adf8ff3b05b0c0d374"})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)

18.896647861s ago: executing program 4 (id=3476):
syz_io_uring_setup(0xd2, &(0x7f0000000180)={0x0, 0xcf8e, 0x10000}, &(0x7f0000000040), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeda}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
setgroups(0x0, 0x0)
lseek(0xffffffffffffffff, 0x10000000005, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$smackfs_ptrace(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
write$smackfs_ptrace(r4, &(0x7f0000000080)=0x1, 0x14)

18.869985936s ago: executing program 2 (id=3477):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3})
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f00000001c0)={0x8, 0x8167, 0xe})
r5 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6, 0x0, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000280)={0x40, 0x403, 0xc})
r7 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000200)={0x1000008, 0x1, 0x7})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r3, 0xc00464b4, &(0x7f0000000380)={r6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000240)={0x103, 0x9, 0xd83d})
dup(r2)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000002c0)={0x8, 0xd7, 0x8})
close_range(r0, 0xffffffffffffffff, 0x0)

18.836420489s ago: executing program 6 (id=3479):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000680)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=ANY=[@ANYBLOB='P\x00', @ANYRES32=r1, @ANYBLOB="010028bd70ffff03ffffffff7f0008000100e0f92f0c26d1e24336b65022de8e2822c2386efa514a42da99e99bb2f86fd30846a0afc1d2b6371fe51af4a0bffb649275fe01634c815128dbda532dfccc661be79c6a95f5f9d1d4973a6bf9492d8bd4d9caf2f8d104ee8458538dacec433ea85e4c501ede1c7eb9e9", @ANYRESDEC=0x0, @ANYRESHEX=r2], 0x50}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$set_reqkey_keyring(0xf, 0xfffffffb)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_buf(r6, 0x1, 0x3b, 0x0, &(0x7f0000000300))
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r7, &(0x7f00000002c0)="23000000010006", 0x7)

17.633628698s ago: executing program 2 (id=3480):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r6 = accept4(r5, 0x0, 0x0, 0x80000)
sendmsg$TIPC_NL_LINK_SET(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="900b0000"], 0xb90}, 0x1, 0x0, 0x0, 0x400c010}, 0x20004000)
recvmsg(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x21, 0x4, 0x5b, 0x8a, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2}, 0x48)
sendmsg$NFT_MSG_GETSET(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000000a0a01ff"], 0x14}}, 0x0)

16.596383432s ago: executing program 6 (id=3481):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf9100000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
msync(&(0x7f0000007000/0x2000)=nil, 0x2000, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000100), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x30, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}}, 0x24040084)
sendmsg$SMC_PNETID_ADD(r2, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
r3 = openat$vimc0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r3, 0xc02c564a, &(0x7f0000000040)={0x6, 0x33565348, 0x2, @stepwise={0xa000, 0x5, 0x8, 0x6, 0x7, 0xe2a1}})
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x4200, 0x0)
setresgid(0xee00, 0xee01, 0x0)
setgroups(0x0, 0x0)
setuid(0xee00)
shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil)

16.589127204s ago: executing program 4 (id=3482):
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a000000020000", 0x7)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e14060200", 0x1d}], 0x1}, 0x40000)
r0 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
select(0x40, &(0x7f0000000240)={0xffffffffffff5814, 0x1, 0x200, 0xc, 0x1c00000000, 0x2, 0x6, 0x100000000}, &(0x7f0000000300)={0x1, 0x8000000000000000, 0x8, 0x80000001, 0x4, 0x1000, 0x594b, 0x7ff}, &(0x7f00000003c0)={0xfffffffffffffff8, 0x3, 0x252, 0x81, 0x98c, 0x2f79754f, 0xfffffffffffffff7, 0x7ff}, &(0x7f0000000400)={0x77359400})
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x3, [@struct={0x0, 0x2, 0x0, 0x13, 0x0, 0x2, [{0x1}, {0x1}]}]}, {0x0, [0x61]}}, 0x0, 0x3f, 0x0, 0x9}, 0x28)
write(r0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x802, 0x0)
getsockopt$inet6_opts(r2, 0x29, 0x36, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, &(0x7f0000000380))
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
sendto$inet(r3, &(0x7f0000000000), 0xfffffffffffffd74, 0x40004, 0x0, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x20800, 0x0, 0x21}, 0x18)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

15.733609076s ago: executing program 5 (id=3483):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
open(&(0x7f00000003c0)='.\x00', 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r5, <r6=>0xffffffffffffffff}, 0x4)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r4, @ANYRES16=r6], 0x4c}}, 0x40000)
sendmmsg(r4, &(0x7f0000000000), 0x4000000000001f2, 0xfc)

15.177903138s ago: executing program 2 (id=3484):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=@newsa={0x104, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0x4c20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2, 0x0, 0x10000000}, {0x0, 0x200000, 0x7}, {0x40000, 0xfffffffd, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x286ca06bbee933dc, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_usb_connect(0x2, 0x24, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r3 = syz_open_dev$evdev(0x0, 0x5, 0x4c2bc1)
ioctl$EVIOCSCLOCKID(r3, 0x400445a0, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, 0x0, &(0x7f0000000040)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(0x0, r5, &(0x7f0000000500)=@IORING_OP_STATX={0x15, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x200})
newfstatat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x100)
setresuid(r6, r6, 0x0)
io_uring_enter(r4, 0x627, 0x4c1, 0x43, 0x0, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x1a, 0x7, 0x0, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, @in=@multicast2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0xb400, 0x2}, {0x0, 0x200000, 0x7, 0xfffffffffffffffd}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0)

13.698280648s ago: executing program 5 (id=3485):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000005140)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000008000000000010000000c0002000000000000000000400007800c00018008000100", @ANYRES32, @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x4081}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000700)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@array={0x0, 0x0, 0x0, 0x4, 0x3000000, {0x0, 0x4, 0x3}}]}}, 0xffffffffffffffff, 0x32, 0x0, 0x4, 0x7}, 0x28)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x7, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x5865, 0x10, 0x2, 0x24d}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r3, 0x100847c0, 0x0, 0x1, 0x0, 0x0)

12.300823633s ago: executing program 6 (id=3486):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, 0x0)
chdir(&(0x7f0000000440)='./bus\x00')
r0 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
sendfile(r0, r0, 0x0, 0x7f03)

12.143426618s ago: executing program 4 (id=3487):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r4, 0x0, 0x39000, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x1, 0xffffffffffffffff, 0x0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)}, 0x0, 0x1, 0x1})
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
syz_80211_inject_frame(0x0, &(0x7f0000000100)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x7, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x35)
openat$comedi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/comedi4\x00', 0x80080, 0x0)
io_uring_enter(0xffffffffffffffff, 0x40f9, 0x217, 0xa5, 0x0, 0x97)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5)
sendmsg$NL80211_CMD_GET_WIPHY(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)={0x20, r6, 0x301, 0x0, 0x0, {{}, {@void, @void, @val={0xc, 0x99, {0x2, 0x29}}}}}, 0x20}}, 0x40)

8.933670484s ago: executing program 5 (id=3488):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2182, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/consoles\x00', 0x0, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, 0x0, 0x0)
sendto$inet(r3, &(0x7f0000000580)="17", 0x1d4c, 0x10048095, 0x0, 0x0)

8.536063006s ago: executing program 6 (id=3489):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = syz_open_dev$video4linux(0x0, 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r3, 0xc0305602, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000001080)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r4, 0x84, 0x23, &(0x7f0000000000)={r6, 0x9}, 0x8)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.bfq.io_service_bytes_recursive\x00', 0x26e1, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r8, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32], 0x398}, 0x1, 0x0, 0x0, 0x8010}, 0x0)
close(r7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040))

6.477611236s ago: executing program 2 (id=3490):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x40)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x0, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r6, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x80000)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0xffffffffffffff9a, 0x1000000, 0x0})

6.358734307s ago: executing program 5 (id=3491):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000240)={0x2, 0x5, 0x40003})
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x20400)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8166, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000200)={0x200, 0x1fb, 0xc38})
r5 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6, 0x0, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000280)={0x40, 0x403, 0xc})
r7 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000001c0)={0x7, 0x1, 0x7})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r3, 0xc00464b4, &(0x7f0000000400)={r6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000380)={0xff, 0x3, 0xd83f})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000002c0)={0x8, 0xd7, 0x8})
close_range(r0, 0xffffffffffffffff, 0x0)

6.213762023s ago: executing program 4 (id=3492):
ioctl$VIDIOC_G_INPUT(0xffffffffffffffff, 0x80045626, &(0x7f0000000000))
r0 = syz_usb_connect$hid(0x3, 0x36, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
lseek(0xffffffffffffffff, 0x851, 0x0)
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000080), 0xc, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x4000)
ioctl$USBDEVFS_FORBID_SUSPEND(0xffffffffffffffff, 0x5521)
socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x42, 0x0)
pwrite64(r4, 0x0, 0x0, 0x7)
ioctl$I2C_PEC(0xffffffffffffffff, 0x708, 0x2)
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, &(0x7f0000000100)={0x0, 0x0, 0x4, &(0x7f0000000180)={0x1f, "90f541a5e64f61909103f1fbbc2bd3c9f144d76e44c7b2986eb5e52829e7cb8393"}})
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e44007d0c05b591f56f8ebcc0366c90f0faaf652c119f0152c6d1b72c6d"], 0x47)

5.099761257s ago: executing program 6 (id=3493):
socket$kcm(0x10, 0x2, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = epoll_create1(0x80000)
r2 = epoll_create1(0x80000)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x40)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r1}})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0x80000006})

4.173311326s ago: executing program 2 (id=3494):
chdir(0x0)
getsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x23, 0x0, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
writev(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
fsopen(0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000001040)={'gre0\x00', 0x0})
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000840)=@raw={'raw\x00', 0x3c1, 0x3, 0x3e8, 0x1c0, 0x111, 0x4b4, 0x8, 0xd4feffff, 0x318, 0x20a, 0x278, 0x318, 0x278, 0x3, 0x0, {[{{@ipv6={@empty, @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x7a, 0x198, 0x1c0, 0x0, {}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x2}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "6d93eb04697dfa39de04767f46614613a407abbf4ed2e83a63b484dbb3bf6b2a850e79009e2905d2f98ba19f91f3c9faee6d3686e9bee067f4e77d9ad66238750c4100d7ee97ec7646259d90edece6e9787a97bc956c01754c34c5c9518c46178ed5f9194454980e579c80eca35a58dc47d1d5e4ff6e216c724e88c702448587", 0x28}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ipv6={@loopback, @private1, [], [], 'veth1_to_hsr\x00', 'pim6reg1\x00'}, 0x0, 0xf0, 0x158, 0x0, {}, [@common=@unspec=@nfacct={{0x48}, {'syz1\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x448)
recvmmsg(0xffffffffffffffff, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {0x0}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x5)

3.751776476s ago: executing program 5 (id=3495):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r2, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r7, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}}, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r0, 0x9)
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r9, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)

1.210420974s ago: executing program 6 (id=3496):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$alg(0xffffffffffffffff, &(0x7f0000003680)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xbcb7, 0x80, 0x3, 0x1000}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80000)
fcntl$setpipe(r5, 0x407, 0x0)
write$FUSE_INIT(r5, &(0x7f0000000340)={0x50, 0xfffffffffffffff5, 0x0, {0x7, 0x28, 0xd19e, 0x0, 0x0, 0x4, 0x8d, 0x40000000, 0x0, 0x0, 0x10, 0x2}}, 0x50)
vmsplice(r5, &(0x7f0000000140)=[{&(0x7f0000000100)="eb", 0x20000101}], 0x1, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xa83b, 0x10, 0x2}, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r6, 0x0, 0x0, 0x4, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_TEE={0x21, 0x30, 0x0, @fd=r1, 0x0, 0x0, 0x8, 0x77ccfad2b632319b, 0x161a24b4c8e61de9, {0x0, 0x0, r0}})
io_uring_enter(r2, 0x3516, 0x3e44, 0x8, 0x0, 0x0)

1.206452654s ago: executing program 4 (id=3497):
creat(&(0x7f00000002c0)='./file0\x00', 0x84)
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
syz_emit_ethernet(0x2a, 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000001, 0x12, r0, 0x0)
truncate(0x0, 0x8fff5)
r1 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
socket$alg(0x26, 0x5, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r3}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(r1, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x1e1000, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}], 0x1)
pselect6(0x40, &(0x7f0000000240)={0x0, 0xfffffffffffffffc, 0x3, 0x8, 0x2, 0xc, 0xfffffffffffffffc, 0x3}, 0x0, &(0x7f0000000280)={0x3ff, 0x0, 0x0, 0x400d, 0x4, 0x2, 0x466}, 0x0, 0x0)
mount(&(0x7f0000000300), 0x0, 0x0, 0x2200892, 0x0)
ioctl$SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f0000000180))
write$dsp(r2, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)

1.286359ms ago: executing program 5 (id=3498):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x2008084)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r3 = openat$dma_heap(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r3, 0xc0184800, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000340)={'batadv_slave_1\x00'})
socket(0x2, 0x3, 0x67)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000040)={0xf0f024})
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000540)={0x2, @pix={0x3, 0x401, 0x3132564e, 0x1, 0x3, 0x3, 0xc, 0x7, 0x0, 0x0, 0x0, 0x3}})

0s ago: executing program 2 (id=3499):
r0 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_pressure(r0, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x80000)
sendmsg$kcm(r5, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001600)=[{0x0}, {&(0x7f0000001680)="094fb143daa9baa36aaa2cca06886c", 0xf}], 0x2}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(r6, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000300)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x8050}, 0x44008000)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_SET(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB='4\x00\x00', @ANYBLOB="de0515ad3a4e6501a171", @ANYRES8=r2], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

kernel console output (not intermixed with test programs):

packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1453.133445][T16098] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1453.137363][T16115] team0: Port device team_slave_0 added
[ 1453.281541][T16098] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1453.281557][T16098] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1453.281589][T16098] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1453.310610][T16115] team0: Port device team_slave_1 added
[ 1453.316793][T16133] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1453.434676][T16133] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1453.630620][T16115] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1453.630635][T16115] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1453.630659][T16115] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1453.919374][T16115] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1453.919390][T16115] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1453.919415][T16115] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1453.930622][T16133] team0: Port device team_slave_0 added
[ 1454.034000][T16133] team0: Port device team_slave_1 added
[ 1454.053959][T16098] hsr_slave_0: entered promiscuous mode
[ 1454.055302][T16098] hsr_slave_1: entered promiscuous mode
[ 1454.056279][T16098] debugfs: 'hsr0' already exists in 'hsr'
[ 1454.056301][T16098] Cannot create hsr debugfs directory
[ 1454.539145][T14623] Bluetooth: hci5: command tx timeout
[ 1454.670733][T16133] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1454.670749][T16133] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1454.670773][T16133] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1454.891647][T16133] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1454.891662][T16133] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1454.891685][T16133] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1454.921314][T16115] hsr_slave_0: entered promiscuous mode
[ 1454.922577][T16115] hsr_slave_1: entered promiscuous mode
[ 1454.923403][T16115] debugfs: 'hsr0' already exists in 'hsr'
[ 1454.923425][T16115] Cannot create hsr debugfs directory
[ 1455.088623][ T9178] hsr_slave_0: left promiscuous mode
[ 1455.128765][ T9178] hsr_slave_1: left promiscuous mode
[ 1455.129811][ T9178] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1455.159349][ T9178] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1455.328949][ T9178] hsr_slave_0: left promiscuous mode
[ 1455.348976][ T9178] hsr_slave_1: left promiscuous mode
[ 1455.349941][ T9178] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1455.349966][ T9178] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1455.410041][ T9178] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1455.410071][ T9178] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1455.498806][ T9178] hsr_slave_0: left promiscuous mode
[ 1455.548997][ T9178] hsr_slave_1: left promiscuous mode
[ 1455.549951][ T9178] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1455.580098][ T9178] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1455.629435][ T9178] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1455.649361][ T9178] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1455.810817][ T9178] veth1_macvtap: left promiscuous mode
[ 1455.810942][ T9178] veth0_macvtap: left promiscuous mode
[ 1455.811234][ T9178] veth1_vlan: left promiscuous mode
[ 1455.811447][ T9178] veth0_vlan: left promiscuous mode
[ 1456.619200][T14623] Bluetooth: hci5: command tx timeout
[ 1456.789314][ T9178] team0 (unregistering): Port device team_slave_1 removed
[ 1456.959435][ T9178] team0 (unregistering): Port device team_slave_0 removed
[ 1458.709352][T14623] Bluetooth: hci5: command tx timeout
[ 1459.971142][ T9178] team0 (unregistering): Port device team_slave_1 removed
[ 1460.247021][ T9178] team0 (unregistering): Port device team_slave_0 removed
[ 1460.779728][T14623] Bluetooth: hci5: command tx timeout
[ 1463.538898][ T9178] team0 (unregistering): Port device team_slave_1 removed
[ 1463.699232][ T9178] team0 (unregistering): Port device team_slave_0 removed
[ 1464.529417][ T9178] team0 (unregistering): Port device team_slave_1 removed
[ 1464.700519][ T9178] team0 (unregistering): Port device team_slave_0 removed
[ 1465.687130][T16133] hsr_slave_0: entered promiscuous mode
[ 1465.694200][T16133] hsr_slave_1: entered promiscuous mode
[ 1467.170760][T16175] chnl_net:caif_netlink_parms(): no params data found
[ 1467.825158][T16175] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1467.825300][T16175] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1467.825526][T16175] bridge_slave_0: entered allmulticast mode
[ 1467.829859][T16175] bridge_slave_0: entered promiscuous mode
[ 1467.833250][T16175] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1467.833475][T16175] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1467.833658][T16175] bridge_slave_1: entered allmulticast mode
[ 1467.836339][T16175] bridge_slave_1: entered promiscuous mode
[ 1468.181928][T16175] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1468.186589][T16175] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1468.514355][T16175] team0: Port device team_slave_0 added
[ 1468.587726][T16175] team0: Port device team_slave_1 added
[ 1468.990101][T16175] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1468.990117][T16175] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1468.990141][T16175] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1468.993544][T16175] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1468.993557][T16175] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1468.993581][T16175] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1469.313552][T16175] hsr_slave_0: entered promiscuous mode
[ 1469.314953][T16175] hsr_slave_1: entered promiscuous mode
[ 1469.315979][T16175] debugfs: 'hsr0' already exists in 'hsr'
[ 1469.316002][T16175] Cannot create hsr debugfs directory
[ 1470.785233][T16098] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1470.829218][T16098] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1470.951276][T16098] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1471.073629][T16098] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1471.356025][T16115] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1471.450899][T16115] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1471.492566][T16115] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1471.545663][T16115] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1471.905716][T16098] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1471.951256][T16098] 8021q: adding VLAN 0 to HW filter on device team0
[ 1471.983997][ T9167] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1471.984211][ T9167] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1472.071110][ T9180] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1472.071281][ T9180] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1472.102800][T16115] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1472.215842][T16115] 8021q: adding VLAN 0 to HW filter on device team0
[ 1472.229487][ T9178] bridge_slave_1: left allmulticast mode
[ 1472.229515][ T9178] bridge_slave_1: left promiscuous mode
[ 1472.229757][ T9178] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1472.299987][ T9178] bridge_slave_0: left allmulticast mode
[ 1472.300017][ T9178] bridge_slave_0: left promiscuous mode
[ 1472.300286][ T9178] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1472.373155][ T9178] bridge_slave_1: left allmulticast mode
[ 1472.373175][ T9178] bridge_slave_1: left promiscuous mode
[ 1472.373319][ T9178] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1472.430337][ T9178] bridge_slave_0: left allmulticast mode
[ 1472.430366][ T9178] bridge_slave_0: left promiscuous mode
[ 1472.430647][ T9178] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1472.503216][ T9178] bridge_slave_1: left allmulticast mode
[ 1472.503236][ T9178] bridge_slave_1: left promiscuous mode
[ 1472.503376][ T9178] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1472.570189][ T9178] bridge_slave_0: left allmulticast mode
[ 1472.570218][ T9178] bridge_slave_0: left promiscuous mode
[ 1472.570456][ T9178] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1472.939515][ T9178] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1473.039280][ T9178] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1473.102651][ T9178] bond0 (unregistering): Released all slaves
[ 1473.364937][ T9178] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1473.438907][ T9178] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1473.501993][ T9178] bond0 (unregistering): Released all slaves
[ 1473.759491][ T9178] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1473.839100][ T9178] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1473.915455][ T9178] bond0 (unregistering): Released all slaves
[ 1474.142100][ T9166] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1474.142248][ T9166] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1474.157229][ T9166] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1474.157872][ T9166] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1474.898622][ T9178] hsr_slave_0: left promiscuous mode
[ 1474.918510][ T9178] hsr_slave_1: left promiscuous mode
[ 1474.919501][ T9178] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1474.973880][ T9178] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1475.069343][ T9178] hsr_slave_0: left promiscuous mode
[ 1475.109185][ T9178] hsr_slave_1: left promiscuous mode
[ 1475.110102][ T9178] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1475.159915][ T9178] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1475.259393][ T9178] hsr_slave_0: left promiscuous mode
[ 1475.312737][ T9178] hsr_slave_1: left promiscuous mode
[ 1475.313349][ T9178] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1475.349418][ T9178] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1476.203191][ T9178] team0 (unregistering): Port device team_slave_1 removed
[ 1476.349332][ T9178] team0 (unregistering): Port device team_slave_0 removed
[ 1477.449258][ T9178] team0 (unregistering): Port device team_slave_1 removed
[ 1477.589915][ T9178] team0 (unregistering): Port device team_slave_0 removed
[ 1478.769398][ T9178] team0 (unregistering): Port device team_slave_1 removed
[ 1478.919206][ T9178] team0 (unregistering): Port device team_slave_0 removed
[ 1479.750718][T16098] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1479.780726][T16115] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1480.066148][T16115] veth0_vlan: entered promiscuous mode
[ 1480.110335][T16115] veth1_vlan: entered promiscuous mode
[ 1480.467350][T16133] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1480.516280][T16133] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1480.583872][T16133] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1480.718338][T16133] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1480.837841][T16115] veth0_macvtap: entered promiscuous mode
[ 1480.922083][T16115] veth1_macvtap: entered promiscuous mode
[ 1481.037406][T16175] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1481.109791][T16175] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1481.168574][T16175] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1481.205052][T16175] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1481.316965][T16098] veth0_vlan: entered promiscuous mode
[ 1481.386568][T16115] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1481.433162][T16115] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1481.451238][T16098] veth1_vlan: entered promiscuous mode
[ 1481.495037][T14224] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1481.535137][ T9183] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1481.551894][ T9183] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1481.573800][ T9183] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1482.111423][T16098] veth0_macvtap: entered promiscuous mode
[ 1482.135979][T16098] veth1_macvtap: entered promiscuous mode
[ 1482.229810][ T9183] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1482.229830][ T9183] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1482.295583][T16133] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1482.369818][T16098] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1482.407943][ T9183] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1482.407960][ T9183] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1482.437484][T16098] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1482.497843][T16133] 8021q: adding VLAN 0 to HW filter on device team0
[ 1482.512097][ T9180] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1482.525960][ T9180] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1482.538112][ T9180] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1482.562724][ T9180] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1482.582379][T14224] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1482.582594][T14224] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1482.603312][T16175] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1484.665522][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.665593][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1484.681852][ T9183] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1484.683355][ T9183] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1485.243482][T16175] 8021q: adding VLAN 0 to HW filter on device team0
[ 1485.682976][T16239] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2783'.
[ 1486.431987][ T9168] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1486.432148][ T9168] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1486.437984][ T9167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1486.438002][ T9167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1486.852601][ T9167] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1486.852757][ T9167] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1486.907293][ T9168] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1486.907312][ T9168] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1489.493494][T16267] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[ 1489.493537][T16267] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1489.596191][T16133] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1493.027229][T16175] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1494.702884][T16133] veth0_vlan: entered promiscuous mode
[ 1495.798968][T16133] veth1_vlan: entered promiscuous mode
[ 1496.021705][T16133] veth0_macvtap: entered promiscuous mode
[ 1496.051659][T16133] veth1_macvtap: entered promiscuous mode
[ 1496.120900][T16133] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1496.151413][T16133] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1496.180018][T14224] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.183490][T14224] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.186214][T14224] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.207336][ T7829] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1497.871104][T16175] veth0_vlan: entered promiscuous mode
[ 1497.901074][T16175] veth1_vlan: entered promiscuous mode
[ 1497.993064][T16175] veth0_macvtap: entered promiscuous mode
[ 1498.010642][T16175] veth1_macvtap: entered promiscuous mode
[ 1498.059883][T16175] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1498.093210][T16175] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1498.117363][ T9180] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1498.118218][ T9180] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1498.118253][ T9180] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1498.157826][ T9180] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1499.264168][T13036] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1499.432018][T13036] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1499.475214][T13036] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1499.489507][T13036] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1499.503804][T13036] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1504.408484][T14623] Bluetooth: hci1: command tx timeout
[ 1504.658484][T15083] libceph: connect (1)[c::]:6789 error -101
[ 1504.658710][T15083] libceph: mon0 (1)[c::]:6789 connect error
[ 1504.670222][T15083] libceph: connect (1)[c::]:6789 error -101
[ 1504.670426][T15083] libceph: mon0 (1)[c::]:6789 connect error
[ 1504.928981][ T1226] libceph: connect (1)[c::]:6789 error -101
[ 1504.929200][ T1226] libceph: mon0 (1)[c::]:6789 connect error
[ 1505.204952][ T9168] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1505.441315][ T1226] libceph: connect (1)[c::]:6789 error -101
[ 1505.441538][ T1226] libceph: mon0 (1)[c::]:6789 connect error
[ 1505.449786][T16366] ceph: No mds server is up or the cluster is laggy
[ 1505.769877][ T9168] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1506.464296][T14623] Bluetooth: hci1: command tx timeout
[ 1506.551947][ T9180] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1506.551968][ T9180] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1506.804715][T16378] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370955161
[ 1508.811728][T14623] Bluetooth: hci1: command tx timeout
[ 1509.296768][ T9168] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1510.260835][ T9166] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1510.260854][ T9166] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1511.388686][T14623] Bluetooth: hci1: command tx timeout
[ 1511.707954][T16408] sock: sock_timestamping_bind_phc: sock not bind to device
[ 1511.957910][ T9168] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1519.623086][T13036] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1519.647544][T13036] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1519.657084][T13036] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1519.674457][T13036] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1519.675187][T13036] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1520.149989][T16336] chnl_net:caif_netlink_parms(): no params data found
[ 1521.818498][T16449] Bluetooth: hci0: command tx timeout
[ 1522.271142][ T9168] bridge_slave_1: left allmulticast mode
[ 1522.271173][ T9168] bridge_slave_1: left promiscuous mode
[ 1522.271431][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1523.283731][   T37] audit: type=1804 audit(2000001307.820:254): pid=16473 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.2832" name="/newroot/19/file0" dev="tmpfs" ino=119 res=1 errno=0
[ 1523.321517][T16473] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[ 1523.321538][T16473] ref_ctr increment failed for inode: 0x77 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888037515a00
[ 1523.411398][ T9168] bridge_slave_0: left allmulticast mode
[ 1523.411432][ T9168] bridge_slave_0: left promiscuous mode
[ 1523.411704][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1524.576497][T16449] Bluetooth: hci0: command tx timeout
[ 1526.623609][ T5837] Bluetooth: hci0: command tx timeout
[ 1528.122922][T16502] netlink: 60 bytes leftover after parsing attributes in process `syz.7.2842'.
[ 1528.123385][T16502] unsupported nlmsg_type 40
[ 1529.036057][T16449] Bluetooth: hci0: command tx timeout
[ 1529.056571][ T5837] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[ 1529.056595][ T5837] CPU: 0 UID: 0 PID: 5837 Comm: kworker/u9:2 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1529.056617][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1529.056630][ T5837] Workqueue: hci2 hci_rx_work
[ 1529.056654][ T5837] Call Trace:
[ 1529.056662][ T5837]  <TASK>
[ 1529.056671][ T5837]  dump_stack_lvl+0x189/0x250
[ 1529.056703][ T5837]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1529.056728][ T5837]  ? __pfx__printk+0x10/0x10
[ 1529.056753][ T5837]  ? kernfs_path_from_node+0x2c/0x280
[ 1529.056771][ T5837]  ? kernfs_path_from_node+0x243/0x280
[ 1529.056788][ T5837]  ? kernfs_path_from_node+0x2c/0x280
[ 1529.056808][ T5837]  sysfs_create_dir_ns+0x259/0x280
[ 1529.056834][ T5837]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1529.056855][ T5837]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1529.056894][ T5837]  ? rt_spin_unlock+0x65/0x80
[ 1529.056918][ T5837]  kobject_add_internal+0x5a5/0xb50
[ 1529.056953][ T5837]  kobject_add+0x155/0x220
[ 1529.056984][ T5837]  ? __pfx_kobject_add+0x10/0x10
[ 1529.057016][ T5837]  ? get_device_parent+0x370/0x3a0
[ 1529.057046][ T5837]  device_add+0x408/0xb50
[ 1529.057075][ T5837]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1529.057103][ T5837]  le_conn_complete_evt+0xc3a/0x1220
[ 1529.057139][ T5837]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1529.057161][ T5837]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1529.057183][ T5837]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1529.057209][ T5837]  ? skb_pull_data+0xfb/0x200
[ 1529.057233][ T5837]  hci_le_conn_complete_evt+0x187/0x450
[ 1529.057264][ T5837]  hci_event_packet+0x78c/0x1200
[ 1529.057286][ T5837]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1529.057310][ T5837]  ? __pfx_hci_event_packet+0x10/0x10
[ 1529.057328][ T5837]  ? __pfx_migrate_enable+0x10/0x10
[ 1529.057358][ T5837]  ? hci_send_to_monitor+0xe2/0x570
[ 1529.057384][ T5837]  hci_rx_work+0x46a/0xe80
[ 1529.057412][ T5837]  ? process_scheduled_works+0x9ef/0x17b0
[ 1529.057437][ T5837]  process_scheduled_works+0xade/0x17b0
[ 1529.057494][ T5837]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1529.057536][ T5837]  worker_thread+0x8a0/0xda0
[ 1529.057589][ T5837]  kthread+0x711/0x8a0
[ 1529.057617][ T5837]  ? __pfx_worker_thread+0x10/0x10
[ 1529.057638][ T5837]  ? __pfx_kthread+0x10/0x10
[ 1529.057668][ T5837]  ? __pfx_kthread+0x10/0x10
[ 1529.057693][ T5837]  ret_from_fork+0x3f9/0x770
[ 1529.057719][ T5837]  ? __pfx_ret_from_fork+0x10/0x10
[ 1529.057749][ T5837]  ? __switch_to_asm+0x39/0x70
[ 1529.057765][ T5837]  ? __switch_to_asm+0x33/0x70
[ 1529.057780][ T5837]  ? __pfx_kthread+0x10/0x10
[ 1529.057805][ T5837]  ret_from_fork_asm+0x1a/0x30
[ 1529.057841][ T5837]  </TASK>
[ 1529.078655][ T5837] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1529.078698][ T5837] Bluetooth: hci2: failed to register connection device
[ 1529.797765][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1543.811009][ T9168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1545.990371][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1545.990443][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.395547][ T9168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1546.673930][ T9168] bond0 (unregistering): Released all slaves
[ 1550.095820][ T5837] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1550.639997][ T5837] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1551.325003][ T5837] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1551.385572][T14623] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1551.392002][T14623] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1553.428478][T16449] Bluetooth: hci2: command 0x0406 tx timeout
[ 1553.500280][T16449] Bluetooth: hci5: command tx timeout
[ 1555.401198][ T9168] hsr_slave_0: left promiscuous mode
[ 1555.521024][ T9168] hsr_slave_1: left promiscuous mode
[ 1555.521973][ T9168] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1555.522001][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1555.578678][ T5837] Bluetooth: hci5: command tx timeout
[ 1555.639718][ T9168] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1555.639748][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1555.859033][ T9168] veth1_macvtap: left promiscuous mode
[ 1555.859104][ T9168] veth0_macvtap: left promiscuous mode
[ 1555.859266][ T9168] veth1_vlan: left promiscuous mode
[ 1555.859379][ T9168] veth0_vlan: left promiscuous mode
[ 1557.840941][T16449] Bluetooth: hci5: command tx timeout
[ 1558.262291][T16449] Bluetooth: hci4: command 0x0406 tx timeout
[ 1561.169148][T16449] Bluetooth: hci5: command tx timeout
[ 1562.834763][ T5837] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1562.844716][ T5837] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1562.873824][ T5837] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1562.875816][ T5837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1562.876642][ T5837] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1562.983720][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1563.170648][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1563.969960][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1564.040308][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1565.022112][T16449] Bluetooth: hci3: command tx timeout
[ 1565.365901][T16668] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[ 1565.365918][T16668] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1565.365979][T16668] vhci_hcd vhci_hcd.0: Device attached
[ 1565.428826][T16668] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(7)
[ 1565.428850][T16668] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1565.428897][T16668] vhci_hcd vhci_hcd.0: Device attached
[ 1565.458357][T16673] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(10)
[ 1565.458380][T16673] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1565.458428][T16673] vhci_hcd vhci_hcd.0: Device attached
[ 1565.475054][T16668] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1565.479506][T16668] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1565.505608][T16668] vhci_hcd vhci_hcd.0: pdev(4) rhport(5) sockfd(15)
[ 1565.505629][T16668] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1565.505712][T16668] vhci_hcd vhci_hcd.0: Device attached
[ 1565.548537][    T9] vhci_hcd: vhci_device speed not set
[ 1565.609315][    T9] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[ 1565.610385][T16668] vhci_hcd vhci_hcd.0: pdev(4) rhport(6) sockfd(19)
[ 1565.610406][T16668] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1565.610496][T16668] vhci_hcd vhci_hcd.0: Device attached
[ 1565.635913][T16681] vhci_hcd: connection closed
[ 1565.636469][ T9183] vhci_hcd: stop threads
[ 1565.636484][ T9183] vhci_hcd: release socket
[ 1565.636558][ T9183] vhci_hcd: disconnect device
[ 1565.636672][T16678] vhci_hcd: connection closed
[ 1565.637168][ T9183] vhci_hcd: stop threads
[ 1565.637176][ T9183] vhci_hcd: release socket
[ 1565.637240][ T9183] vhci_hcd: disconnect device
[ 1565.638052][T16674] vhci_hcd: connection closed
[ 1565.638831][ T9183] vhci_hcd: stop threads
[ 1565.638840][ T9183] vhci_hcd: release socket
[ 1565.638907][ T9183] vhci_hcd: disconnect device
[ 1565.640207][T16671] vhci_hcd: connection closed
[ 1565.640722][ T9183] vhci_hcd: stop threads
[ 1565.640732][ T9183] vhci_hcd: release socket
[ 1565.640796][ T9183] vhci_hcd: disconnect device
[ 1565.642093][T16669] vhci_hcd: connection reset by peer
[ 1565.644903][ T9183] vhci_hcd: stop threads
[ 1565.644912][ T9183] vhci_hcd: release socket
[ 1565.644979][ T9183] vhci_hcd: disconnect device
[ 1566.239785][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1566.539554][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1566.582787][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1566.817068][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1566.866015][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1567.120228][T16449] Bluetooth: hci3: command tx timeout
[ 1567.457450][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1567.982134][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1568.023105][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1569.262736][T16449] Bluetooth: hci3: command tx timeout
[ 1570.351855][T16715] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1570.707116][    T9] vhci_hcd: vhci_device speed not set
[ 1571.366160][T16449] Bluetooth: hci3: command tx timeout
[ 1578.410612][ T9168] team0 (unregistering): Port device team_slave_1 removed
[ 1578.979765][ T5837] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1578.999109][ T5837] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1579.000876][ T5837] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1579.044869][ T5837] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1579.045705][ T5837] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1579.834590][ T9168] team0 (unregistering): Port device team_slave_0 removed
[ 1583.077198][T16449] Bluetooth: hci6: command tx timeout
[ 1585.420456][T16449] Bluetooth: hci6: command tx timeout
[ 1586.491381][T16778] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2902'.
[ 1586.491783][T16778] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2902'.
[ 1588.165108][T16449] Bluetooth: hci6: command tx timeout
[ 1592.797870][T16449] Bluetooth: hci6: command tx timeout
[ 1593.589336][T16806] binder: 16800:16806 ioctl c0306201 2000000003c0 returned -22
[ 1598.090551][T16829] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2915'.
[ 1607.689967][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.690043][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1609.096818][ T5837] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1609.144613][ T5837] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1609.241201][ T5837] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1609.242626][ T5837] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1609.243112][ T5837] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1609.526132][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1610.222004][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1610.420812][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1610.546057][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1610.598545][T16336] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1610.599202][T16336] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1610.599346][T16336] bridge_slave_0: entered allmulticast mode
[ 1610.608859][T16336] bridge_slave_0: entered promiscuous mode
[ 1611.199753][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1611.431218][T16449] Bluetooth: hci7: command tx timeout
[ 1611.548057][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1611.722294][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1612.151281][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1612.222360][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1612.405018][T16519] syz_tun (unregistering): left promiscuous mode
[ 1612.611949][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1612.754584][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1613.260073][T16910] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1613.266250][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1613.498481][T16449] Bluetooth: hci7: command tx timeout
[ 1613.723219][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1616.421765][T16449] Bluetooth: hci7: command tx timeout
[ 1618.547168][T16449] Bluetooth: hci7: command tx timeout
[ 1621.372969][T16947] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2940'.
[ 1623.894204][ T5837] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1623.920422][ T5837] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1623.922118][ T5837] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1623.943575][ T5837] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1623.944360][ T5837] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1625.702117][T16885] chnl_net:caif_netlink_parms(): no params data found
[ 1625.715331][T16985] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1625.716943][T16985] block nbd0: shutting down sockets
[ 1625.732643][T16752] chnl_net:caif_netlink_parms(): no params data found
[ 1626.062127][T16449] Bluetooth: hci0: command tx timeout
[ 1627.576120][T16988] IPVS: set_ctl: invalid protocol: 47 172.20.20.187:20003
[ 1628.145684][T16449] Bluetooth: hci0: command tx timeout
[ 1630.218430][T16449] Bluetooth: hci0: command tx timeout
[ 1630.226823][ T9168] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1632.854169][T16449] Bluetooth: hci0: command tx timeout
[ 1634.247928][T17014] random: crng reseeded on system resumption
[ 1635.210921][T17012] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[ 1635.210936][T17012] ref_ctr increment failed for inode: 0x18b offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888025c97080
[ 1635.211137][   T37] audit: type=1804 audit(2000001419.740:255): pid=17012 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.2951" name="/newroot/67/file0" dev="tmpfs" ino=395 res=1 errno=0
[ 1638.426177][ T9168] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1638.989524][T16752] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg1": -EINTR
[ 1640.281431][T17044] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1641.361535][ T9168] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1641.857736][ T5837] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1641.879710][ T5837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1641.882417][ T5837] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1641.883493][ T5837] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1641.884170][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1644.517547][ T9168] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1644.974795][ T5837] Bluetooth: hci1: command tx timeout
[ 1645.600224][T16885] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1645.600419][T16885] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1645.600628][T16885] bridge_slave_0: entered allmulticast mode
[ 1645.603388][T16885] bridge_slave_0: entered promiscuous mode
[ 1646.572021][T16885] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1646.572161][T16885] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1646.572362][T16885] bridge_slave_1: entered allmulticast mode
[ 1646.575854][T16885] bridge_slave_1: entered promiscuous mode
[ 1646.587406][T16974] chnl_net:caif_netlink_parms(): no params data found
[ 1647.310590][ T5837] Bluetooth: hci1: command tx timeout
[ 1650.541903][ T5837] Bluetooth: hci1: command tx timeout
[ 1650.743170][T16885] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1650.994649][T17087] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[ 1650.995711][T17087] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[ 1652.826457][ T5837] Bluetooth: hci1: command tx timeout
[ 1653.260384][T16885] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1653.689120][T17096] hpfs: Bad magic ... probably not HPFS
[ 1655.096173][T16885] team0: Port device team_slave_0 added
[ 1655.157158][T16885] team0: Port device team_slave_1 added
[ 1658.503064][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1658.864227][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1658.980818][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1659.512073][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1659.654557][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1659.763778][T16974] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1659.763928][T16974] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1659.764126][T16974] bridge_slave_0: entered allmulticast mode
[ 1659.766822][T16974] bridge_slave_0: entered promiscuous mode
[ 1659.933700][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1660.170452][T16885] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1660.170494][T16885] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1660.170546][T16885] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1660.580827][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1660.641930][T16974] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1660.642072][T16974] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1660.642287][T16974] bridge_slave_1: entered allmulticast mode
[ 1660.670021][T16974] bridge_slave_1: entered promiscuous mode
[ 1660.701953][T16885] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1660.701966][T16885] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1660.701991][T16885] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1660.736590][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1661.053647][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1661.109479][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1661.422311][T17132] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1661.442200][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1662.361592][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1662.890263][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1662.954815][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1663.052110][ T9168] bridge_slave_0: left allmulticast mode
[ 1663.052140][ T9168] bridge_slave_0: left promiscuous mode
[ 1663.052409][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1664.029930][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1664.037380][ T9168] bridge_slave_1: left allmulticast mode
[ 1664.037399][ T9168] bridge_slave_1: left promiscuous mode
[ 1664.037564][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1665.224755][T17149] affs: No valid root block on device nullb0
[ 1665.246022][ T9168] bridge_slave_0: left allmulticast mode
[ 1665.246128][ T9168] bridge_slave_0: left promiscuous mode
[ 1665.255144][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1665.309640][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1665.398220][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1665.631479][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1665.979055][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1666.222609][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[ 1666.575661][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1666.978232][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1667.283840][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1667.343107][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1667.432971][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1667.702735][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1667.963149][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1668.279152][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1668.800600][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1669.042890][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1669.042964][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1669.076604][T16449] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1669.084077][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1669.320785][T16449] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1669.322433][T16449] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1669.325206][T16449] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1669.337066][T16449] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1671.428263][ T5837] Bluetooth: hci3: Opcode 0x0c16 failed: -110
[ 1673.025785][ T5837] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1673.493717][ T5837] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1674.921701][ T5837] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1675.071440][ T5837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1675.077713][ T5837] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1676.367268][T17189] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2989'.
[ 1676.367309][T17189] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2989'.
[ 1676.416868][ T9168] bond0 (unregistering): Released all slaves
[ 1677.400101][ T5837] Bluetooth: hci3: command tx timeout
[ 1677.752036][T17200] random: crng reseeded on system resumption
[ 1679.732828][ T5837] Bluetooth: hci3: command tx timeout
[ 1679.789068][ T1226] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[ 1679.960732][ T1226] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1679.960788][ T1226] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1679.960808][ T1226] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1679.989453][ T1226] usb 5-1: config 0 descriptor??
[ 1680.013074][ T1226] pwc: Askey VC010 type 2 USB webcam detected.
[ 1683.046597][ T5837] Bluetooth: hci3: command tx timeout
[ 1683.210676][ T1226] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1683.451558][ T1226] pwc: recv_control_msg error -71 req 02 val 2700
[ 1683.458484][ T1226] pwc: recv_control_msg error -71 req 02 val 2c00
[ 1683.461453][ T1226] pwc: recv_control_msg error -71 req 04 val 1000
[ 1683.470903][ T1226] pwc: recv_control_msg error -71 req 04 val 1300
[ 1683.476586][ T1226] pwc: recv_control_msg error -71 req 04 val 1400
[ 1683.478006][ T1226] pwc: recv_control_msg error -71 req 02 val 2000
[ 1683.484386][ T1226] pwc: recv_control_msg error -71 req 02 val 2100
[ 1683.484898][ T1226] pwc: recv_control_msg error -71 req 04 val 1500
[ 1683.485478][ T1226] pwc: recv_control_msg error -71 req 02 val 2500
[ 1683.485951][ T1226] pwc: recv_control_msg error -71 req 02 val 2400
[ 1683.486490][ T1226] pwc: recv_control_msg error -71 req 02 val 2600
[ 1683.487008][ T1226] pwc: recv_control_msg error -71 req 02 val 2900
[ 1683.487524][ T1226] pwc: recv_control_msg error -71 req 02 val 2800
[ 1683.488434][ T1226] pwc: recv_control_msg error -71 req 04 val 1100
[ 1683.488907][ T1226] pwc: recv_control_msg error -71 req 04 val 1200
[ 1683.518737][ T1226] pwc: Registered as video103.
[ 1683.522043][ T1226] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input17
[ 1683.558808][ T1226] usb 5-1: USB disconnect, device number 5
[ 1684.667917][T17225] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2998'.
[ 1685.065421][ T5837] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1685.082534][ T5837] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1685.097390][ T5837] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1685.099080][T14623] Bluetooth: hci3: command tx timeout
[ 1685.106819][ T5837] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1685.123607][ T5837] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1686.398402][T16231] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 1686.565433][T16231] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 1686.565464][T16231] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1686.565480][T16231] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1686.565501][T16231] usb 2-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[ 1686.565511][T16231] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1686.618376][T16231] usb 2-1: config 0 descriptor??
[ 1686.627232][T17246] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3002'.
[ 1686.631384][T16231] em28xx 2-1:0.0: error: skipping audio endpoint 0x83, because it uses bulk transfers !
[ 1686.877399][ T5898] usb 2-1: USB disconnect, device number 13
[ 1687.022123][ T9168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1687.098940][ T9168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1687.146857][ T9168] bond0 (unregistering): Released all slaves
[ 1687.338463][T16449] Bluetooth: hci5: command tx timeout
[ 1689.428783][T16449] Bluetooth: hci5: command tx timeout
[ 1691.508540][T16449] Bluetooth: hci5: command tx timeout
[ 1693.970253][T16449] Bluetooth: hci5: command tx timeout
[ 1697.135083][T17050] chnl_net:caif_netlink_parms(): no params data found
[ 1697.858754][ T9168] hsr_slave_0: left promiscuous mode
[ 1697.900344][ T9168] hsr_slave_1: left promiscuous mode
[ 1697.901477][ T9168] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1697.901502][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1697.940170][ T9168] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1697.940198][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1698.115216][ T9168] veth1_macvtap: left promiscuous mode
[ 1698.115337][ T9168] veth0_macvtap: left promiscuous mode
[ 1698.117182][ T9168] veth1_vlan: left promiscuous mode
[ 1698.117425][ T9168] veth0_vlan: left promiscuous mode
[ 1698.909552][   T37] audit: type=1326 audit(2000001483.450:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17316 comm="syz.4.3021" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7bb165ebe9 code=0x0
[ 1703.403793][ T5837] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1703.411831][ T5837] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1703.413500][ T5837] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1703.414735][ T5837] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1703.447943][ T5837] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1703.669854][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1703.797785][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1703.834034][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1704.005945][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1704.138854][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1704.529696][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1704.737205][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1705.361878][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1705.572875][ T5837] Bluetooth: hci0: command tx timeout
[ 1705.662029][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1705.819408][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1705.864295][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1705.932626][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1706.210068][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1707.340105][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1707.499269][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1707.578332][ T5837] Bluetooth: hci0: command tx timeout
[ 1707.688373][T17369] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1707.688541][T17369] block nbd0: shutting down sockets
[ 1709.678265][ T5837] Bluetooth: hci0: command tx timeout
[ 1710.764204][T17383] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1710.764233][T17383] overlayfs: failed to set xattr on upper
[ 1710.764241][T17383] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1710.764249][T17383] overlayfs: ...falling back to index=off.
[ 1710.764255][T17383] overlayfs: ...falling back to uuid=null.
[ 1710.853439][T17384] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[ 1711.825430][ T5837] Bluetooth: hci0: command tx timeout
[ 1712.830731][T17396] sctp: [Deprecated]: syz.1.3041 (pid 17396) Use of int in max_burst socket option deprecated.
[ 1712.830731][T17396] Use struct sctp_assoc_value instead
[ 1716.109097][ T9168] team0 (unregistering): Port device team_slave_1 removed
[ 1716.352234][T17412] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1716.352385][T17412] block nbd0: shutting down sockets
[ 1717.209267][ T9168] team0 (unregistering): Port device team_slave_0 removed
[ 1723.722335][T17449] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1723.729002][T17449] block nbd0: shutting down sockets
[ 1723.788550][T17453] netlink: 'syz.4.3053': attribute type 12 has an invalid length.
[ 1723.788566][T17453] netlink: 9472 bytes leftover after parsing attributes in process `syz.4.3053'.
[ 1726.876572][T17466] overlayfs: failed to resolve './file1': -2
[ 1728.039195][T17232] chnl_net:caif_netlink_parms(): no params data found
[ 1728.402314][T16449] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1728.756084][T16449] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1728.960989][T16449] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1728.982808][T16449] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1728.986388][T16449] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1730.757246][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.757325][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1731.098381][ T5837] Bluetooth: hci1: command tx timeout
[ 1732.034992][T17232] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1732.035133][T17232] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1732.035338][T17232] bridge_slave_0: entered allmulticast mode
[ 1732.038005][T17232] bridge_slave_0: entered promiscuous mode
[ 1732.133643][T17232] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1732.133828][T17232] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1732.134018][T17232] bridge_slave_1: entered allmulticast mode
[ 1732.136763][T17232] bridge_slave_1: entered promiscuous mode
[ 1732.207627][T17495] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1732.207778][T17495] block nbd0: shutting down sockets
[ 1733.222021][ T5837] Bluetooth: hci1: command tx timeout
[ 1735.317316][ T5837] Bluetooth: hci1: command tx timeout
[ 1735.373131][T17232] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1735.470282][T17232] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1736.409711][T17342] chnl_net:caif_netlink_parms(): no params data found
[ 1737.007310][T17232] team0: Port device team_slave_0 added
[ 1737.339203][ T5837] Bluetooth: hci1: command tx timeout
[ 1737.895072][T17232] team0: Port device team_slave_1 added
[ 1738.270040][T17232] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1738.270054][T17232] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1738.270077][T17232] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1738.302941][T17232] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1738.302955][T17232] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1738.302979][T17232] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1738.549886][T17342] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1738.553063][T17342] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1738.553735][T17342] bridge_slave_0: entered allmulticast mode
[ 1738.561230][T17342] bridge_slave_0: entered promiscuous mode
[ 1738.687750][T17342] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1738.698746][T17342] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1738.698972][T17342] bridge_slave_1: entered allmulticast mode
[ 1738.701685][T17342] bridge_slave_1: entered promiscuous mode
[ 1739.609243][ T9168] bridge_slave_1: left allmulticast mode
[ 1739.609274][ T9168] bridge_slave_1: left promiscuous mode
[ 1739.610645][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1741.430481][ T9168] bridge_slave_0: left allmulticast mode
[ 1741.430511][ T9168] bridge_slave_0: left promiscuous mode
[ 1741.430796][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1741.662646][ T9168] bridge_slave_1: left allmulticast mode
[ 1741.662676][ T9168] bridge_slave_1: left promiscuous mode
[ 1741.662924][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1743.161775][ T9168] bridge_slave_0: left allmulticast mode
[ 1743.161807][ T9168] bridge_slave_0: left promiscuous mode
[ 1743.162031][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1743.369994][   T10] IPVS: starting estimator thread 0...
[ 1743.478350][T17553] IPVS: using max 13 ests per chain, 31200 per kthread
[ 1743.737213][ T9168] bond0 (unregistering): Released all slaves
[ 1743.906690][ T9168] bond0 (unregistering): Released all slaves
[ 1744.129571][ T9168] bond0 (unregistering): Released all slaves
[ 1744.404787][ T9168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1744.549278][ T9168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1745.717071][T16449] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1745.731710][T16449] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1745.733288][T16449] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1745.735903][T16449] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1745.736690][T16449] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1745.792649][ T9168] bond0 (unregistering): Released all slaves
[ 1746.170110][ T5997] usb 2-1: new low-speed USB device number 14 using dummy_hcd
[ 1747.215948][ T5997] usb 2-1: New USB device found, idVendor=046d, idProduct=08b1, bcdDevice=6d.2a
[ 1747.215976][ T5997] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1747.223181][ T5997] usb 2-1: config 0 descriptor??
[ 1747.277002][ T5997] pwc: Logitech QuickCam Notebook Pro USB webcam detected.
[ 1747.620089][ T9168] bond0 (unregistering): Released all slaves
[ 1747.841396][ T5837] Bluetooth: hci3: command tx timeout
[ 1748.660513][T17232] hsr_slave_0: entered promiscuous mode
[ 1748.667569][T17232] hsr_slave_1: entered promiscuous mode
[ 1749.763789][T17342] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1749.902847][ T5837] Bluetooth: hci3: command tx timeout
[ 1749.906183][T17581] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1749.907521][T17581] block nbd0: shutting down sockets
[ 1750.156609][T17342] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1750.327325][ T5997] pwc: Failed to set LED on/off time (-71)
[ 1750.338303][ T5997] pwc: send_video_command error -71
[ 1750.338318][ T5997] pwc: Failed to set video mode VGA@30 fps; return code = -71
[ 1750.338442][ T5997] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71
[ 1750.342151][ T5997] usb 2-1: USB disconnect, device number 14
[ 1751.985842][ T5837] Bluetooth: hci3: command tx timeout
[ 1753.111071][T17598] nvme_fabrics: missing parameter 'transport=%s'
[ 1753.111087][T17598] nvme_fabrics: missing parameter 'nqn=%s'
[ 1754.058498][T16449] Bluetooth: hci3: command tx timeout
[ 1758.085894][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1758.154000][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1758.165996][T17342] team0: Port device team_slave_0 added
[ 1758.166886][T17476] chnl_net:caif_netlink_parms(): no params data found
[ 1758.724554][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1758.758256][T17618] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3088'.
[ 1758.758274][T17618] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3088'.
[ 1758.758290][T17618] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3088'.
[ 1758.758327][T17618] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3088'.
[ 1758.777279][T17342] team0: Port device team_slave_1 added
[ 1758.971711][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1759.218708][T17620] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1759.218863][T17620] block nbd0: shutting down sockets
[ 1760.021205][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1760.342595][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1760.369170][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1761.226913][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1764.213811][T17644] program syz.1.3094 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1764.250670][ T5837] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1764.282133][ T5837] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1764.284975][ T5837] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1764.307554][ T5837] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1764.974438][T14623] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1765.328330][ T9168] team0 (unregistering): Port device team_slave_1 removed
[ 1766.494054][T17654] overlayfs: failed to resolve './file0': -2
[ 1767.057918][T16449] Bluetooth: hci0: command tx timeout
[ 1767.277633][ T9168] team0 (unregistering): Port device team_slave_0 removed
[ 1769.555702][T16449] Bluetooth: hci0: command tx timeout
[ 1772.559914][T16449] Bluetooth: hci0: command tx timeout
[ 1773.501978][T17693] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 1773.502020][T17693] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 1774.630144][T16449] Bluetooth: hci0: command tx timeout
[ 1778.353506][T17476] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1778.353652][T17476] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1778.353898][T17476] bridge_slave_0: entered allmulticast mode
[ 1778.356566][T17476] bridge_slave_0: entered promiscuous mode
[ 1778.367957][T17476] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1778.368090][T17476] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1778.368455][T17476] bridge_slave_1: entered allmulticast mode
[ 1778.371040][T17476] bridge_slave_1: entered promiscuous mode
[ 1780.883191][T17738] comedi comedi0: comedi_config --init_data is deprecated
[ 1781.182252][T17476] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1781.203195][T17476] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1784.447454][T17746] ieee802154 phy0 wpan0: encryption failed: -22
[ 1785.639625][T17476] team0: Port device team_slave_0 added
[ 1785.647561][T17476] team0: Port device team_slave_1 added
[ 1787.614768][T17563] chnl_net:caif_netlink_parms(): no params data found
[ 1787.891869][T17766] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3119'.
[ 1788.069726][T17767] ALSA: mixer_oss: invalid index 40000
[ 1789.704497][ T5837] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1789.724185][ T5837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1789.725876][ T5837] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1789.754299][ T5837] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1789.754774][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1790.362893][T17563] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1790.363182][T17563] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1790.363455][T17563] bridge_slave_0: entered allmulticast mode
[ 1790.374626][T17563] bridge_slave_0: entered promiscuous mode
[ 1790.411815][T17563] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1790.411979][T17563] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1790.412274][T17563] bridge_slave_1: entered allmulticast mode
[ 1790.419808][T17563] bridge_slave_1: entered promiscuous mode
[ 1793.015420][T16449] Bluetooth: hci1: command tx timeout
[ 1793.021956][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1793.022020][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1795.066757][T16449] Bluetooth: hci1: command tx timeout
[ 1796.447747][T17563] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1796.872564][T17563] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1797.099259][T16449] Bluetooth: hci1: command tx timeout
[ 1799.195486][T16449] Bluetooth: hci1: command tx timeout
[ 1800.148579][T17641] chnl_net:caif_netlink_parms(): no params data found
[ 1800.198089][T17563] team0: Port device team_slave_0 added
[ 1801.747419][T17563] team0: Port device team_slave_1 added
[ 1806.506348][T17641] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1806.506589][T17641] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1806.506850][T17641] bridge_slave_0: entered allmulticast mode
[ 1806.525977][T17641] bridge_slave_0: entered promiscuous mode
[ 1806.530978][T17641] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1806.531117][T17641] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1806.531318][T17641] bridge_slave_1: entered allmulticast mode
[ 1806.533963][T17641] bridge_slave_1: entered promiscuous mode
[ 1807.142098][T17859] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1807.142098][T17859]    program syz.4.3139 not setting count and/or reply_len properly
[ 1808.810128][ T5837] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1808.816190][ T5837] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1808.817856][ T5837] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1808.829565][ T5837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1808.832203][ T5837] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1810.888852][T14793] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[ 1811.408266][T14793] usb 5-1: Using ep0 maxpacket: 8
[ 1811.475881][T14793] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[ 1811.476285][T14793] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1811.476359][T14793] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1811.476432][T14793] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1811.476479][T14793] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1811.476708][T14793] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1811.476879][T14793] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1811.842525][ T5837] Bluetooth: hci3: command tx timeout
[ 1812.105623][T17641] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1812.120004][T14793] usb 5-1: usb_control_msg returned -32
[ 1812.120047][T14793] usbtmc 5-1:16.0: can't read capabilities
[ 1812.488452][T17641] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1813.770223][ T9168] bridge_slave_1: left allmulticast mode
[ 1813.770255][ T9168] bridge_slave_1: left promiscuous mode
[ 1813.770554][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1813.830138][ T9168] bridge_slave_0: left allmulticast mode
[ 1813.830167][ T9168] bridge_slave_0: left promiscuous mode
[ 1813.830423][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1814.674949][ T5837] Bluetooth: hci3: command tx timeout
[ 1814.781542][T16231] usb 5-1: USB disconnect, device number 6
[ 1815.055885][ T9168] bridge_slave_1: left allmulticast mode
[ 1815.055918][ T9168] bridge_slave_1: left promiscuous mode
[ 1815.056173][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1816.266208][ T9168] bridge_slave_0: left allmulticast mode
[ 1816.266239][ T9168] bridge_slave_0: left promiscuous mode
[ 1816.266510][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1817.191403][ T5837] Bluetooth: hci3: command tx timeout
[ 1818.922117][ T9168] bridge_slave_1: left allmulticast mode
[ 1818.922150][ T9168] bridge_slave_1: left promiscuous mode
[ 1818.922403][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1820.089624][ T5837] Bluetooth: hci3: command tx timeout
[ 1820.230654][ T9168] bridge_slave_0: left allmulticast mode
[ 1820.230685][ T9168] bridge_slave_0: left promiscuous mode
[ 1820.230969][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1821.864739][ T9168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1824.749262][ T9168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1825.811962][T14623] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1825.813404][ T9168] bond0 (unregistering): Released all slaves
[ 1825.838503][T14623] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1825.841796][T14623] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1825.845041][T14623] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1825.846740][T14623] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1825.977864][T17185] Bluetooth: hci6: Frame reassembly failed (-84)
[ 1827.710350][ T9168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1827.829376][ T9168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1827.917168][ T9168] bond0 (unregistering): Released all slaves
[ 1827.978258][T14623] Bluetooth: hci6: command 0x1003 tx timeout
[ 1827.985371][ T5837] Bluetooth: hci6: Opcode 0x1003 failed: -110
[ 1828.000206][T14623] Bluetooth: hci5: command tx timeout
[ 1828.438837][T17955] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1828.439052][T17955] block nbd0: shutting down sockets
[ 1828.469088][ T9168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1829.095686][ T9168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1829.300067][T17959] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3164'.
[ 1829.300130][T17959] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3164'.
[ 1829.300193][T17959] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3164'.
[ 1829.301486][T17959] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3164'.
[ 1829.452517][ T9168] bond0 (unregistering): Released all slaves
[ 1829.606848][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1829.996987][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1830.068289][T17951] Bluetooth: hci5: command tx timeout
[ 1830.847286][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1831.786460][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1831.812979][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1832.638856][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1832.640748][T17951] Bluetooth: hci5: command tx timeout
[ 1832.719654][T17778] chnl_net:caif_netlink_parms(): no params data found
[ 1832.862864][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1833.015072][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1833.176018][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1833.259092][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1833.290258][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1833.419515][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1834.708538][T17951] Bluetooth: hci5: command tx timeout
[ 1837.410610][ T9168] hsr_slave_0: left promiscuous mode
[ 1837.463828][ T9168] hsr_slave_1: left promiscuous mode
[ 1837.464743][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1837.509961][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1837.519016][T18005] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1837.519164][T18005] block nbd0: shutting down sockets
[ 1838.773588][T18016] binder: BINDER_SET_CONTEXT_MGR already set
[ 1838.773627][T18016] binder: 18011:18016 ioctl 4018620d 200000004a80 returned -16
[ 1841.223210][ T9168] team0 (unregistering): Port device team_slave_1 removed
[ 1842.889320][ T9168] team0 (unregistering): Port device team_slave_0 removed
[ 1843.459667][   T37] audit: type=1326 audit(2000001627.980:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18031 comm="syz.4.3181" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7bb165ebe9 code=0x0
[ 1844.032015][T18037] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3182'.
[ 1844.032037][T18037] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3182'.
[ 1844.032052][T18037] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3182'.
[ 1844.032091][T18037] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3182'.
[ 1845.050659][T18047] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1845.053799][T18047] exFAT-fs (loop4): unable to read boot sector
[ 1845.053837][T18047] exFAT-fs (loop4): failed to read boot sector
[ 1845.053878][T18047] exFAT-fs (loop4): failed to recognize exfat type
[ 1845.162718][ T9168] team0 (unregistering): Port device team_slave_1 removed
[ 1845.882667][ T9168] team0 (unregistering): Port device team_slave_0 removed
[ 1848.421200][ T9168] team0 (unregistering): Port device team_slave_1 removed
[ 1848.549915][ T9168] team0 (unregistering): Port device team_slave_0 removed
[ 1850.293433][T16449] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1850.441736][T16449] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1850.705597][T16449] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1851.223484][T17778] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg2": -EINTR
[ 1851.228505][T16449] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1851.230540][T16449] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1851.927858][T18082] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1851.927911][T18082] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[ 1851.938755][T18082] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1851.938806][T18082] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[ 1852.509049][   T37] audit: type=1326 audit(2000001636.500:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18077 comm="syz.1.3191" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f79c909ebe9 code=0x0
[ 1852.756347][T18086] netlink: 88 bytes leftover after parsing attributes in process `syz.4.3192'.
[ 1852.760170][T18086] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3192'.
[ 1853.159536][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.160984][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1853.593674][T16449] Bluetooth: hci0: command tx timeout
[ 1855.704276][T17951] Bluetooth: hci0: command tx timeout
[ 1855.732303][T17863] chnl_net:caif_netlink_parms(): no params data found
[ 1857.742104][T17951] Bluetooth: hci0: command tx timeout
[ 1858.400194][T18113] Invalid source name
[ 1858.400211][T18113] UBIFS error (pid: 18113): cannot open "ubifs", error -22
[ 1859.818688][T17951] Bluetooth: hci0: command tx timeout
[ 1859.947914][T18119] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3199'.
[ 1862.023891][T16256] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[ 1862.418226][T16256] usb 5-1: Using ep0 maxpacket: 32
[ 1863.233047][T16256] usb 5-1: config 0 has an invalid descriptor of length 51, skipping remainder of the config
[ 1863.240699][T16256] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[ 1863.240724][T16256] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1863.240741][T16256] usb 5-1: Product: syz
[ 1863.240752][T16256] usb 5-1: Manufacturer: syz
[ 1863.240764][T16256] usb 5-1: SerialNumber: syz
[ 1863.300202][T16256] usb 5-1: config 0 descriptor??
[ 1863.305535][T16256] cdc_ether 5-1:0.0: probe with driver cdc_ether failed with error -22
[ 1863.306493][T16256] usb 5-1: unsupported MDLM descriptors
[ 1865.277898][T17863] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1865.278040][T17863] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1865.278398][T17863] bridge_slave_0: entered allmulticast mode
[ 1865.282383][T17863] bridge_slave_0: entered promiscuous mode
[ 1865.289425][ T5905] usb 5-1: USB disconnect, device number 7
[ 1865.323973][T17943] chnl_net:caif_netlink_parms(): no params data found
[ 1865.353137][T17863] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1865.353274][T17863] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1865.353466][T17863] bridge_slave_1: entered allmulticast mode
[ 1865.359006][T17863] bridge_slave_1: entered promiscuous mode
[ 1867.838641][T17943] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1867.838782][T17943] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1867.839031][T17943] bridge_slave_0: entered allmulticast mode
[ 1867.842204][T17943] bridge_slave_0: entered promiscuous mode
[ 1867.844567][T18069] chnl_net:caif_netlink_parms(): no params data found
[ 1867.884707][T17943] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1867.884850][T17943] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1867.885047][T17943] bridge_slave_1: entered allmulticast mode
[ 1867.887754][T17943] bridge_slave_1: entered promiscuous mode
[ 1870.786604][T17943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1871.802372][T17943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1873.814598][T16449] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1873.831257][T16449] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1874.798488][T16449] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1875.135510][T16449] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1875.137160][T16449] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1875.553118][T17943] team0: Port device team_slave_0 added
[ 1875.757110][T17943] team0: Port device team_slave_1 added
[ 1875.770824][T18069] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1875.771044][T18069] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1875.771246][T18069] bridge_slave_0: entered allmulticast mode
[ 1875.777139][T18069] bridge_slave_0: entered promiscuous mode
[ 1875.966040][T18069] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1875.966182][T18069] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1875.966408][T18069] bridge_slave_1: entered allmulticast mode
[ 1876.005726][T18069] bridge_slave_1: entered promiscuous mode
[ 1876.271084][T17943] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1876.271100][T17943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1876.271123][T17943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1877.400705][T16449] Bluetooth: hci1: command tx timeout
[ 1877.760047][T17943] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1877.760062][T17943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1877.760087][T17943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1881.680133][T16449] Bluetooth: hci1: command tx timeout
[ 1882.232060][T18069] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1882.600223][T18069] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1883.742918][T16449] Bluetooth: hci1: command tx timeout
[ 1884.422728][T18214] o2cb: This node has not been configured.
[ 1884.422739][T18214] o2cb: Cluster check failed. Fix errors before retrying.
[ 1884.422777][T18214] (syz.1.3216,18214,0):user_dlm_register:674 ERROR: status = -22
[ 1884.422790][T18214] (syz.1.3216,18214,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "bus"
[ 1885.823799][T16449] Bluetooth: hci1: command tx timeout
[ 1887.515895][T16449] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1887.529943][ T9168] bridge_slave_1: left allmulticast mode
[ 1887.529963][ T9168] bridge_slave_1: left promiscuous mode
[ 1887.530134][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1887.576610][T16449] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1887.584684][T16449] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1887.594082][T16449] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1887.595275][T16449] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1887.814265][ T9168] bridge_slave_0: left allmulticast mode
[ 1887.814295][ T9168] bridge_slave_0: left promiscuous mode
[ 1887.814558][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1889.447379][ T9168] bridge_slave_1: left allmulticast mode
[ 1889.447412][ T9168] bridge_slave_1: left promiscuous mode
[ 1889.447656][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1889.658555][T17951] Bluetooth: hci3: command tx timeout
[ 1890.499901][ T9168] bridge_slave_0: left allmulticast mode
[ 1890.499933][ T9168] bridge_slave_0: left promiscuous mode
[ 1890.500175][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1890.508360][T17574] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[ 1890.621840][ T9168] bridge_slave_1: left allmulticast mode
[ 1890.621871][ T9168] bridge_slave_1: left promiscuous mode
[ 1890.622129][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1890.690390][ T9168] bridge_slave_0: left allmulticast mode
[ 1890.690419][ T9168] bridge_slave_0: left promiscuous mode
[ 1890.690694][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1890.696332][T17574] usb 5-1: device descriptor read/64, error -71
[ 1890.928365][T17574] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[ 1890.993877][ T9168] bond0 (unregistering): Released all slaves
[ 1891.058228][T17574] usb 5-1: device descriptor read/64, error -71
[ 1891.174608][T17574] usb usb5-port1: attempt power cycle
[ 1891.211686][ T9168] bond0 (unregistering): Released all slaves
[ 1891.682247][T17574] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[ 1892.759861][T17951] Bluetooth: hci3: command tx timeout
[ 1892.781294][T17574] usb 5-1: device descriptor read/8, error -71
[ 1893.198361][ T9168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1893.265729][T18267] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3230'.
[ 1894.349568][ T9168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1894.829476][T17951] Bluetooth: hci3: command tx timeout
[ 1895.025317][T18270] delete_channel: no stack
[ 1895.039938][T18273] block device autoloading is deprecated and will be removed.
[ 1895.070576][ T9168] bond0 (unregistering): Released all slaves
[ 1897.418347][T16449] Bluetooth: hci3: command tx timeout
[ 1898.947288][T18289] binder: 18288:18289 ioctl c0306201 200000000080 returned -14
[ 1899.559070][ T9168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1899.607966][T18289] binder_alloc: 18288: binder_alloc_buf, no vma
[ 1900.042115][ T9168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1901.949298][ T9168] bond0 (unregistering): Released all slaves
[ 1903.901315][T18069] team0: Port device team_slave_0 added
[ 1903.981685][T18069] team0: Port device team_slave_1 added
[ 1904.133584][T18321] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1904.134387][T18321] block nbd0: shutting down sockets
[ 1904.473977][T18069] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1904.473993][T18069] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1904.474018][T18069] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1904.684651][T18069] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1904.684666][T18069] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1904.684691][T18069] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1910.327206][T18332] random: crng reseeded on system resumption
[ 1913.647157][T18354] openvswitch: netlink: Missing key (keys=1040, expected=2000)
[ 1914.325114][T17951] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1914.330597][T17951] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1914.343068][T17951] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1914.353972][T17951] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1914.368334][T17951] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1914.641366][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1914.641411][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1916.464777][T16449] Bluetooth: hci0: command tx timeout
[ 1916.647629][T18364] overlayfs: failed to clone upperpath
[ 1916.969232][ T9168] team0 (unregistering): Port device team_slave_1 removed
[ 1917.138647][ T9168] team0 (unregistering): Port device team_slave_0 removed
[ 1918.271389][T18180] chnl_net:caif_netlink_parms(): no params data found
[ 1918.577325][T16449] Bluetooth: hci0: command tx timeout
[ 1920.959679][T16449] Bluetooth: hci0: command tx timeout
[ 1922.268135][T18180] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1922.268276][T18180] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1922.268453][T18180] bridge_slave_0: entered allmulticast mode
[ 1922.270920][T18180] bridge_slave_0: entered promiscuous mode
[ 1922.397231][T18180] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1922.397357][T18180] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1922.397555][T18180] bridge_slave_1: entered allmulticast mode
[ 1922.423286][T18180] bridge_slave_1: entered promiscuous mode
[ 1923.229907][T18414] netlink: 64 bytes leftover after parsing attributes in process `syz.4.3269'.
[ 1923.439141][T16449] Bluetooth: hci0: command tx timeout
[ 1923.439202][   T37] audit: type=1326 audit(2000001707.610:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18410 comm="syz.4.3269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bb165ebe9 code=0x7ffc0000
[ 1923.439247][   T37] audit: type=1326 audit(2000001707.620:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18410 comm="syz.4.3269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bb165ebe9 code=0x7ffc0000
[ 1923.439290][   T37] audit: type=1326 audit(2000001707.730:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18410 comm="syz.4.3269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7bb165d550 code=0x7ffc0000
[ 1923.439330][   T37] audit: type=1326 audit(2000001707.740:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18410 comm="syz.4.3269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f7bb1660417 code=0x7ffc0000
[ 1923.439370][   T37] audit: type=1326 audit(2000001707.740:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18410 comm="syz.4.3269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7bb165ebe9 code=0x7ffc0000
[ 1923.439411][   T37] audit: type=1326 audit(2000001707.770:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18410 comm="syz.4.3269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f7bb1660417 code=0x7ffc0000
[ 1923.439451][   T37] audit: type=1326 audit(2000001707.770:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18410 comm="syz.4.3269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f7bb165d84a code=0x7ffc0000
[ 1923.439491][   T37] audit: type=1326 audit(2000001707.780:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18410 comm="syz.4.3269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bb165ebe9 code=0x7ffc0000
[ 1923.439531][   T37] audit: type=1326 audit(2000001707.780:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18410 comm="syz.4.3269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bb165ebe9 code=0x7ffc0000
[ 1928.853072][T18180] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1928.897165][T18180] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1928.897768][T18230] chnl_net:caif_netlink_parms(): no params data found
[ 1929.964069][T18347] chnl_net:caif_netlink_parms(): no params data found
[ 1930.362402][T18230] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1930.362536][T18230] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1930.362772][T18230] bridge_slave_0: entered allmulticast mode
[ 1930.365261][T18230] bridge_slave_0: entered promiscuous mode
[ 1930.400669][T18230] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1930.400812][T18230] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1930.400999][T18230] bridge_slave_1: entered allmulticast mode
[ 1930.403807][T18230] bridge_slave_1: entered promiscuous mode
[ 1930.775537][T18444] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3275'.
[ 1931.383259][T17951] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1931.413230][T17951] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1931.416222][T17951] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1931.417574][T17951] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1931.440595][T17951] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1931.867623][T18230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1932.106693][T18230] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1932.600896][T18347] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1932.601049][T18347] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1932.601254][T18347] bridge_slave_0: entered allmulticast mode
[ 1932.604858][T18347] bridge_slave_0: entered promiscuous mode
[ 1933.498426][T17951] Bluetooth: hci1: command tx timeout
[ 1933.609963][T18347] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1933.610138][T18347] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1933.610686][T18347] bridge_slave_1: entered allmulticast mode
[ 1933.618247][T18347] bridge_slave_1: entered promiscuous mode
[ 1934.880658][T18230] team0: Port device team_slave_0 added
[ 1936.118110][T17951] Bluetooth: hci1: command tx timeout
[ 1936.120779][T18230] team0: Port device team_slave_1 added
[ 1936.275930][T18347] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1936.880715][T18347] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1937.581192][T18230] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1937.581207][T18230] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1937.581232][T18230] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1937.686014][T18230] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1937.686029][T18230] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1937.686043][T18230] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1937.698910][T18347] team0: Port device team_slave_0 added
[ 1937.762124][T18347] team0: Port device team_slave_1 added
[ 1938.109103][T18347] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1938.109119][T18347] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1938.109142][T18347] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1938.138258][T17951] Bluetooth: hci1: command tx timeout
[ 1938.217571][T18347] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1938.217585][T18347] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1938.217610][T18347] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1938.242929][T18230] hsr_slave_0: entered promiscuous mode
[ 1938.244235][T18230] hsr_slave_1: entered promiscuous mode
[ 1938.667979][T18347] hsr_slave_0: entered promiscuous mode
[ 1938.671639][T18347] hsr_slave_1: entered promiscuous mode
[ 1938.672526][T18347] debugfs: 'hsr0' already exists in 'hsr'
[ 1938.672550][T18347] Cannot create hsr debugfs directory
[ 1938.946839][ T9168] bridge_slave_1: left allmulticast mode
[ 1938.946869][ T9168] bridge_slave_1: left promiscuous mode
[ 1938.948013][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1939.011706][ T9168] bridge_slave_0: left allmulticast mode
[ 1939.011735][ T9168] bridge_slave_0: left promiscuous mode
[ 1939.011987][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1939.073177][ T9168] bridge_slave_1: left allmulticast mode
[ 1939.073198][ T9168] bridge_slave_1: left promiscuous mode
[ 1939.073353][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1939.139670][ T9168] bridge_slave_0: left allmulticast mode
[ 1939.139698][ T9168] bridge_slave_0: left promiscuous mode
[ 1939.139981][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1939.210764][ T9168] bridge_slave_1: left allmulticast mode
[ 1939.210784][ T9168] bridge_slave_1: left promiscuous mode
[ 1939.210943][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1939.280509][ T9168] bridge_slave_0: left allmulticast mode
[ 1939.280540][ T9168] bridge_slave_0: left promiscuous mode
[ 1939.280834][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1939.559084][ T9168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1939.656385][ T9168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1939.712162][ T9168] bond0 (unregistering): Released all slaves
[ 1939.949035][ T9168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1940.030457][ T9168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1940.112774][ T9168] bond0 (unregistering): Released all slaves
[ 1940.218476][T17951] Bluetooth: hci1: command tx timeout
[ 1940.389458][ T9168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1940.479040][ T9168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1940.568510][ T9168] bond0 (unregistering): Released all slaves
[ 1941.514552][T18449] chnl_net:caif_netlink_parms(): no params data found
[ 1941.527641][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1941.557356][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1941.569218][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1941.613463][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1942.376061][ T9168] team0 (unregistering): Port device team_slave_1 removed
[ 1942.535641][ T9168] team0 (unregistering): Port device team_slave_0 removed
[ 1943.381583][ T9168] team0 (unregistering): Port device team_slave_1 removed
[ 1943.508674][ T9168] team0 (unregistering): Port device team_slave_0 removed
[ 1944.661871][T18449] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1944.662004][T18449] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1944.662235][T18449] bridge_slave_0: entered allmulticast mode
[ 1944.664906][T18449] bridge_slave_0: entered promiscuous mode
[ 1944.667885][T18449] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1944.668018][T18449] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1944.670617][T18449] bridge_slave_1: entered allmulticast mode
[ 1944.674906][T18449] bridge_slave_1: entered promiscuous mode
[ 1944.982050][T18449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1944.986371][T18449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1945.331645][T16449] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1945.343900][T16449] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1945.353904][T16449] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1945.401222][T16449] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1945.403555][T16449] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1945.615012][T18449] team0: Port device team_slave_0 added
[ 1945.629966][T18449] team0: Port device team_slave_1 added
[ 1946.179372][T18449] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1946.179388][T18449] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1946.179414][T18449] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1946.282536][T18449] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1946.282552][T18449] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1946.282577][T18449] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1946.670612][T18449] hsr_slave_0: entered promiscuous mode
[ 1946.671904][T18449] hsr_slave_1: entered promiscuous mode
[ 1946.672774][T18449] debugfs: 'hsr0' already exists in 'hsr'
[ 1946.672803][T18449] Cannot create hsr debugfs directory
[ 1947.460664][T18347] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1947.508298][T17951] Bluetooth: hci5: command tx timeout
[ 1947.515595][T18347] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1947.576626][T18347] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1947.640379][T18347] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1947.974829][ T9168] bridge_slave_1: left allmulticast mode
[ 1947.974860][ T9168] bridge_slave_1: left promiscuous mode
[ 1947.975112][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1948.033528][ T9168] bridge_slave_0: left allmulticast mode
[ 1948.033558][ T9168] bridge_slave_0: left promiscuous mode
[ 1948.033801][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1948.393546][ T9168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1948.472047][ T9168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1948.532340][ T9168] bond0 (unregistering): Released all slaves
[ 1948.578972][T18493] chnl_net:caif_netlink_parms(): no params data found
[ 1949.028754][ T9168] hsr_slave_0: left promiscuous mode
[ 1949.048351][ T9168] hsr_slave_1: left promiscuous mode
[ 1949.049292][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1949.089134][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1949.585685][T17951] Bluetooth: hci5: command tx timeout
[ 1949.839070][ T9168] team0 (unregistering): Port device team_slave_1 removed
[ 1949.989258][ T9168] team0 (unregistering): Port device team_slave_0 removed
[ 1950.965295][T18493] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1950.965504][T18493] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1950.965696][T18493] bridge_slave_0: entered allmulticast mode
[ 1950.982523][T18493] bridge_slave_0: entered promiscuous mode
[ 1950.994950][T18493] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1950.995083][T18493] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1950.995271][T18493] bridge_slave_1: entered allmulticast mode
[ 1950.998925][T18493] bridge_slave_1: entered promiscuous mode
[ 1951.223635][T18493] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1951.285420][T18493] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1951.613590][T18493] team0: Port device team_slave_0 added
[ 1951.637533][T18493] team0: Port device team_slave_1 added
[ 1951.658209][T17951] Bluetooth: hci5: command tx timeout
[ 1951.947218][T18493] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1951.947229][T18493] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1951.947242][T18493] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1951.956199][T18449] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1952.020335][T18493] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1952.020350][T18493] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1952.020375][T18493] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1952.020949][T18449] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1952.095040][T18449] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1952.136926][T18449] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1952.317668][T18493] hsr_slave_0: entered promiscuous mode
[ 1952.320728][T18493] hsr_slave_1: entered promiscuous mode
[ 1952.537430][T18347] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1952.785442][T18347] 8021q: adding VLAN 0 to HW filter on device team0
[ 1952.830804][ T9184] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1952.831035][ T9184] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1952.868130][ T9184] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1952.868279][ T9184] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1953.061157][T18493] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1953.094780][T18493] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1953.145868][T18493] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1953.182535][T18493] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1953.252388][T18449] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1953.355927][T18449] 8021q: adding VLAN 0 to HW filter on device team0
[ 1953.403400][ T9168] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1953.403622][ T9168] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1953.444479][T16731] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1953.445106][T16731] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1953.705245][T18347] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1953.717684][T18493] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1953.738676][T17951] Bluetooth: hci5: command tx timeout
[ 1953.792019][T18493] 8021q: adding VLAN 0 to HW filter on device team0
[ 1953.816550][T16464] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1953.818285][T16464] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1953.855631][T16731] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1953.855862][T16731] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1953.980912][T18347] veth0_vlan: entered promiscuous mode
[ 1954.020633][T18347] veth1_vlan: entered promiscuous mode
[ 1954.202709][T18347] veth0_macvtap: entered promiscuous mode
[ 1954.227892][T18449] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1954.253867][T18347] veth1_macvtap: entered promiscuous mode
[ 1954.374550][T18347] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1954.423777][T18347] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1954.484988][T16464] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1954.486427][T16464] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1954.486914][T16464] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1954.487992][T16464] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1954.662318][T18493] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1954.979854][ T9168] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1954.979874][ T9168] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1955.117212][T16464] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1955.117231][T16464] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1955.183971][T18449] veth0_vlan: entered promiscuous mode
[ 1955.250837][T18449] veth1_vlan: entered promiscuous mode
[ 1955.392732][T18449] veth0_macvtap: entered promiscuous mode
[ 1955.427515][T18449] veth1_macvtap: entered promiscuous mode
[ 1955.489091][T18493] veth0_vlan: entered promiscuous mode
[ 1956.817218][T18449] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1956.824464][T18493] veth1_vlan: entered promiscuous mode
[ 1956.857882][T18449] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1956.906734][T16621] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1956.912420][T16621] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1956.915613][T16621] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1956.954621][T16621] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1957.271436][ T5898] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[ 1957.631692][ T5898] usb 3-1: Using ep0 maxpacket: 8
[ 1957.650596][ T5898] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 1957.650651][ T5898] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1957.650671][ T5898] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1957.650693][ T5898] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1957.650720][ T5898] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1957.650758][ T5898] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1957.650777][ T5898] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1957.739991][T18493] veth0_macvtap: entered promiscuous mode
[ 1958.014707][ T5898] usb 3-1: usb_control_msg returned -32
[ 1958.014755][ T5898] usbtmc 3-1:16.0: can't read capabilities
[ 1958.134076][T18493] veth1_macvtap: entered promiscuous mode
[ 1958.433789][T18493] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1958.492001][T18493] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1958.516180][ T9167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1958.516198][ T9167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1958.532018][T18367] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1958.532182][T18367] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1958.532215][T18367] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1958.532246][T18367] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1958.750429][ T9173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1958.750447][ T9173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1959.598172][ T9178] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1959.598192][ T9178] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1960.159648][   T10] usb 3-1: USB disconnect, device number 9
[ 1960.286460][ T5964] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1960.286479][ T5964] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1968.789347][T18614] orangefs_mount: mount request failed with -4
[ 1970.255293][T18634] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1970.433863][T18634] block nbd0: shutting down sockets
[ 1974.836463][T18664] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3313'.
[ 1976.107742][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 1976.107816][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 1989.645720][T18709] overlayfs: failed to clone lowerpath
[ 2010.160075][T18834] overlayfs: overlapping lowerdir path
[ 2013.256990][T18848] binder: 18839:18848 ioctl c0306201 0 returned -14
[ 2017.412296][T18875] overlayfs: failed to clone upperpath
[ 2024.673167][T18917] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3375'.
[ 2024.673189][T18917] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3375'.
[ 2024.673204][T18917] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3375'.
[ 2024.673243][T18917] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3375'.
[ 2031.869209][T18959] syz.6.3384: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 2031.869255][T18959] CPU: 0 UID: 0 PID: 18959 Comm: syz.6.3384 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2031.869267][T18959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2031.869273][T18959] Call Trace:
[ 2031.869277][T18959]  <TASK>
[ 2031.869281][T18959]  dump_stack_lvl+0x189/0x250
[ 2031.869302][T18959]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2031.869315][T18959]  ? __pfx__printk+0x10/0x10
[ 2031.869326][T18959]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 2031.869337][T18959]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 2031.869348][T18959]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 2031.869359][T18959]  warn_alloc+0x22e/0x3b0
[ 2031.869374][T18959]  ? stack_trace_save+0x9c/0xe0
[ 2031.869387][T18959]  ? __pfx_warn_alloc+0x10/0x10
[ 2031.869403][T18959]  ? __kasan_kmalloc+0x93/0xb0
[ 2031.869415][T18959]  ? __kmalloc_cache_noprof+0x1a8/0x320
[ 2031.869428][T18959]  ? xskq_create+0x56/0x170
[ 2031.869438][T18959]  ? xsk_init_queue+0xb0/0x110
[ 2031.869447][T18959]  ? xsk_setsockopt+0x4dc/0x8d0
[ 2031.869456][T18959]  ? do_sock_setsockopt+0x17c/0x1b0
[ 2031.869468][T18959]  ? __x64_sys_setsockopt+0x145/0x1b0
[ 2031.869480][T18959]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2031.869493][T18959]  __vmalloc_node_range_noprof+0x125/0x12f0
[ 2031.869523][T18959]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 2031.869540][T18959]  ? __kasan_kmalloc+0x93/0xb0
[ 2031.869552][T18959]  vmalloc_user_noprof+0xad/0xf0
[ 2031.869565][T18959]  ? xskq_create+0xbf/0x170
[ 2031.869577][T18959]  xskq_create+0xbf/0x170
[ 2031.869590][T18959]  xsk_init_queue+0xb0/0x110
[ 2031.869602][T18959]  xsk_setsockopt+0x4dc/0x8d0
[ 2031.869614][T18959]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 2031.869629][T18959]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 2031.869639][T18959]  ? do_sock_setsockopt+0x15e/0x1b0
[ 2031.869652][T18959]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 2031.869664][T18959]  do_sock_setsockopt+0x17c/0x1b0
[ 2031.869678][T18959]  __x64_sys_setsockopt+0x145/0x1b0
[ 2031.869695][T18959]  do_syscall_64+0xfa/0x3b0
[ 2031.869714][T18959]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2031.869735][T18959]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2031.869752][T18959]  ? clear_bhb_loop+0x60/0xb0
[ 2031.869777][T18959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2031.869795][T18959] RIP: 0033:0x7f2c62b9ebe9
[ 2031.869811][T18959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2031.869827][T18959] RSP: 002b:00007f2c60de5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 2031.869846][T18959] RAX: ffffffffffffffda RBX: 00007f2c62dd6090 RCX: 00007f2c62b9ebe9
[ 2031.869859][T18959] RDX: 0000000000000006 RSI: 000000000000011b RDI: 000000000000000b
[ 2031.869871][T18959] RBP: 00007f2c62c21e19 R08: 0000000000000004 R09: 0000000000000000
[ 2031.869882][T18959] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2031.869893][T18959] R13: 00007f2c62dd6128 R14: 00007f2c62dd6090 R15: 00007fff10122ee8
[ 2031.869923][T18959]  </TASK>
[ 2031.869982][T18959] Mem-Info:
[ 2031.870053][T18959] active_anon:3129 inactive_anon:4505 isolated_anon:0
[ 2031.870053][T18959]  active_file:24517 inactive_file:35845 isolated_file:0
[ 2031.870053][T18959]  unevictable:17644 dirty:280 writeback:0
[ 2031.870053][T18959]  slab_reclaimable:13102 slab_unreclaimable:112618
[ 2031.870053][T18959]  mapped:29394 shmem:4231 pagetables:1194
[ 2031.870053][T18959]  sec_pagetables:0 bounce:0
[ 2031.870053][T18959]  kernel_misc_reclaimable:0
[ 2031.870053][T18959]  free:1283389 free_pcp:2244 free_cma:0
[ 2031.870112][T18959] Node 0 active_anon:12516kB inactive_anon:18020kB active_file:97868kB inactive_file:143380kB unevictable:69040kB isolated(anon):0kB isolated(file):0kB mapped:117576kB dirty:1120kB writeback:0kB shmem:15388kB kernel_stack:13356kB pagetables:4656kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 2031.870223][T18959] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:120kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 2031.870331][T18959] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 2031.870437][T18959] lowmem_reserve[]: 0 2512 2513 2513 2513
[ 2031.870560][T18959] Node 0 DMA32 free:1222560kB boost:0kB min:3940kB low:6484kB high:9028kB reserved_highatomic:0KB free_highatomic:0KB active_anon:12512kB inactive_anon:17980kB active_file:96848kB inactive_file:143312kB unevictable:69040kB writepending:1120kB present:3129332kB managed:2572328kB mlocked:0kB bounce:0kB free_pcp:8976kB local_pcp:8324kB free_cma:0kB
[ 2031.870840][T18959] lowmem_reserve[]: 0 0 1 1 1
[ 2031.870988][T18959] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:1020kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 2031.871153][T18959] lowmem_reserve[]: 0 0 0 0 0
[ 2031.871390][T18959] Node 1 Normal free:3895636kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 2031.871451][T18959] lowmem_reserve[]: 0 0 0 0 0
[ 2031.871752][T18959] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 2031.872508][T18959] Node 0 DMA32: 876*4kB (UME) 572*8kB (UME) 2547*16kB (UME) 333*32kB (UME) 241*64kB (UME) 268*128kB (UME) 157*256kB (UM) 62*512kB (UM) 19*1024kB (UM) 11*2048kB (UM) 244*4096kB (UM) = 1222560kB
[ 2031.888849][T18959] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 2031.889450][T18959] Node 1 Normal: 199*4kB (UE) 43*8kB (UME) 36*16kB (UME) 235*32kB (UME) 87*64kB (UME) 27*128kB (UME) 12*256kB (UM) 5*512kB (UME) 3*1024kB (UM) 3*2048kB (ME) 943*4096kB (M) = 3895636kB
[ 2031.890661][T18959] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 2031.890880][T18959] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[ 2031.890956][T18959] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 2031.891023][T18959] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 2031.891106][T18959] 81466 total pagecache pages
[ 2031.891190][T18959] 1 pages in swap cache
[ 2031.891197][T18959] Free swap  = 124992kB
[ 2031.891256][T18959] Total swap = 124996kB
[ 2031.891265][T18959] 2097051 pages RAM
[ 2031.891271][T18959] 0 pages HighMem/MovableOnly
[ 2031.891278][T18959] 422071 pages reserved
[ 2031.891284][T18959] 0 pages cma reserved
[ 2032.748958][T18962] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 2037.650523][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2037.653506][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 2037.653581][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 2037.901436][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2038.763249][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2039.578160][T16449] Bluetooth: hci0: command 0x0406 tx timeout
[ 2039.709346][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2039.966492][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2040.942606][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2041.174874][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2041.592824][T19003] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 2041.596123][T19003] FAT-fs (loop11): unable to read boot sector
[ 2042.131361][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2044.520929][T19017] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3401'.
[ 2044.520950][T19017] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3401'.
[ 2044.520965][T19017] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3401'.
[ 2044.521002][T19017] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3401'.
[ 2046.724305][T19033] netlink: 228 bytes leftover after parsing attributes in process `syz.5.3404'.
[ 2049.329076][T19045] hugetlbfs: syz.4.3410 (19045): Using mlock ulimits for SHM_HUGETLB is obsolete
[ 2055.018128][T16449] Bluetooth: hci1: command 0x0406 tx timeout
[ 2055.220210][T19072] netlink: zone id is out of range
[ 2055.224292][T19072] netlink: zone id is out of range
[ 2055.349640][T19073] netlink: del zone limit has 4 unknown bytes
[ 2055.388416][T19072] netlink: set zone limit has 4 unknown bytes
[ 2055.804815][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2055.910866][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2058.645550][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2059.124044][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2059.253771][T19090] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 2059.464929][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2060.014419][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2060.521730][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2060.543848][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2060.598267][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2061.198440][T19099] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3426'.
[ 2061.596523][T19106] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3428'.
[ 2070.298109][T16449] Bluetooth: hci5: command 0x0406 tx timeout
[ 2071.018289][T19159] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 2074.079724][T19171] Bluetooth: MGMT ver 1.23
[ 2077.901135][T19205] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3447'.
[ 2077.901148][T19205] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3447'.
[ 2077.901157][T19205] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3447'.
[ 2077.901178][T19205] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3447'.
[ 2079.406852][T19217] netlink: 68 bytes leftover after parsing attributes in process `syz.6.3450'.
[ 2080.086654][T19220] gfs2: gfs2 mount does not exist
[ 2080.796570][T19230] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3453'.
[ 2084.089528][T19238] netlink: 'syz.6.3454': attribute type 1 has an invalid length.
[ 2090.045733][T19271] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3465'.
[ 2090.045754][T19271] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3465'.
[ 2090.045769][T19271] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3465'.
[ 2090.045807][T19271] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3465'.
[ 2091.110259][T14877] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[ 2093.103019][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2093.181921][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2093.268223][T14877] usb 3-1: Using ep0 maxpacket: 8
[ 2093.270137][T14877] usb 3-1: config 0 has no interfaces?
[ 2093.272711][T14877] usb 3-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[ 2093.272736][T14877] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2093.272753][T14877] usb 3-1: Product: syz
[ 2093.272765][T14877] usb 3-1: Manufacturer: syz
[ 2093.272785][T14877] usb 3-1: SerialNumber: syz
[ 2093.381228][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2093.411221][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2093.611916][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2094.043467][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2094.289993][T14877] usb 3-1: config 0 descriptor??
[ 2094.380890][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2094.859663][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2094.956807][T14877] usb 3-1: can't set config #0, error -71
[ 2094.964779][T14877] usb 3-1: USB disconnect, device number 10
[ 2095.090491][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2095.399097][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2096.323081][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2096.487602][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2096.501518][T19305] overlayfs: missing 'lowerdir'
[ 2096.544559][   T37] audit: type=1326 audit(2000001881.080:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19304 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7977d3ebe9 code=0x7ffc0000
[ 2096.544590][   T37] audit: type=1326 audit(2000001881.080:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19304 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7977d3ebe9 code=0x7ffc0000
[ 2096.599372][   T37] audit: type=1326 audit(2000001881.140:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19304 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7977d3ebe9 code=0x7ffc0000
[ 2096.599427][   T37] audit: type=1326 audit(2000001881.140:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19304 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7977d3ebe9 code=0x7ffc0000
[ 2096.599464][   T37] audit: type=1326 audit(2000001881.140:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19304 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7977d3ebe9 code=0x7ffc0000
[ 2096.599503][   T37] audit: type=1326 audit(2000001881.140:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19304 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f7977d3ebe9 code=0x7ffc0000
[ 2096.599543][   T37] audit: type=1326 audit(2000001881.140:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19304 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7977d3ebe9 code=0x7ffc0000
[ 2096.599581][   T37] audit: type=1326 audit(2000001881.140:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19304 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7977d3ebe9 code=0x7ffc0000
[ 2096.605038][T16449] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2096.625993][T16449] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2096.627701][T16449] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2096.636755][T16449] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2096.637568][T16449] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2096.818224][   T37] audit: type=1326 audit(2000001881.200:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19304 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f7977d3ebe9 code=0x7ffc0000
[ 2096.818357][   T37] audit: type=1326 audit(2000001881.200:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19304 comm="syz.5.3473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7977d3ebe9 code=0x7ffc0000
[ 2096.887502][T19311] overlayfs: missing 'lowerdir'
[ 2097.494464][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2097.607358][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2097.710291][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2097.814306][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2097.891297][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2098.778330][T16449] Bluetooth: hci3: command tx timeout
[ 2098.868395][ T1325] ieee802154 phy0 wpan0: encryption failed: -22
[ 2098.868469][ T1325] ieee802154 phy1 wpan1: encryption failed: -22
[ 2100.038369][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2100.827121][T19331] delete_channel: no stack
[ 2100.911773][T16449] Bluetooth: hci3: command tx timeout
[ 2101.036467][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2101.717163][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2102.040452][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2102.528217][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2102.654630][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2102.809521][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2102.938543][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2102.938735][T16449] Bluetooth: hci3: command tx timeout
[ 2103.037695][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2103.462930][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2103.588746][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2104.074894][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2104.273295][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2104.457378][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2105.018070][T16449] Bluetooth: hci3: command tx timeout
[ 2109.288189][T19357] overlayfs: missing 'lowerdir'
[ 2110.685033][T19356] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2111.871428][ T9167] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2112.759866][T19382] binder: 19371:19382 ioctl c0306201 200000000040 returned -14
[ 2113.816047][T16449] Bluetooth: hci2: unexpected event for opcode 0x0c7d
[ 2113.907999][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2114.574955][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2114.866048][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2115.526800][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2115.552485][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2117.055457][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2117.819090][T16449] Bluetooth: hci4: command 0x1003 tx timeout
[ 2117.857738][T16449] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 2117.867525][T16449] Bluetooth: hci2: Injecting HCI hardware error event
[ 2117.889909][T16449] Bluetooth: hci2: hardware error 0x00
[ 2117.892673][T17951] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 2118.372234][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2118.397329][ T9167] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2118.427050][T16449] =========[ 2118.427050][T16449] ==================================================================
[ 2118.427063][T16449] BUG: KASAN: slab-out-of-bounds in __list_del_entry_valid_or_report+0x92/0x190
[ 2118.427081][T16449] Read of size 8 at addr ffff888026baf760 by task kworker/u9:0/16449
[ 2118.427090][T16449] 
[ 2118.427098][T16449] CPU: 0 UID: 0 PID: 16449 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2118.427110][T16449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2118.427117][T16449] Workqueue: hci2 hci_error_reset
[ 2118.427130][T16449] Call Trace:
[ 2118.427135][T16449]  <TASK>
[ 2118.427139][T16449]  dump_stack_lvl+0x189/0x250
[ 2118.427153][T16449]  ? __kasan_check_byte+0x12/0x40
[ 2118.427165][T16449]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2118.427177][T16449]  ? lock_release+0x4b/0x3e0
[ 2118.427190][T16449]  ? __virt_addr_valid+0x4a5/0x5c0
[ 2118.427207][T16449]  print_report+0xca/0x240
[ 2118.427225][T16449]  ? __list_del_entry_valid_or_report+0x92/0x190
[ 2118.427248][T16449]  kasan_report+0x118/0x150
[ 2118.427268][T16449]  ? __list_del_entry_valid_or_report+0x92/0x190
[ 2118.427290][T16449]  __list_del_entry_valid_or_report+0x92/0x190
[ 2118.427309][T16449]  bt_accept_unlink+0x39/0x240
[ 2118.427328][T16449]  l2cap_sock_teardown_cb+0x17e/0x460
[ 2118.427352][T16449]  l2cap_chan_del+0xb2/0x5e0
[ 2118.427368][T16449]  ? l2cap_conn_del+0x37c/0x680
[ 2118.427385][T16449]  l2cap_conn_del+0x388/0x680
[ 2118.427404][T16449]  ? __pfx_l2cap_disconn_cfm+0x10/0x10
[ 2118.427422][T16449]  hci_conn_hash_flush+0x10d/0x230
[ 2118.427435][T16449]  hci_dev_close_sync+0xaef/0x1330
[ 2118.427449][T16449]  ? __pfx_hci_dev_close_sync+0x10/0x10
[ 2118.427460][T16449]  ? mutex_lock_nested+0x154/0x1d0
[ 2118.427469][T16449]  ? hci_error_reset+0x11f/0x3e0
[ 2118.427480][T16449]  hci_error_reset+0x127/0x3e0
[ 2118.427490][T16449]  ? process_scheduled_works+0x9ef/0x17b0
[ 2118.427502][T16449]  process_scheduled_works+0xade/0x17b0
[ 2118.427519][T16449]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2118.427533][T16449]  worker_thread+0x8a0/0xda0
[ 2118.427549][T16449]  kthread+0x711/0x8a0
[ 2118.427562][T16449]  ? __pfx_worker_thread+0x10/0x10
[ 2118.427573][T16449]  ? __pfx_kthread+0x10/0x10
[ 2118.427586][T16449]  ? __pfx_kthread+0x10/0x10
[ 2118.427598][T16449]  ret_from_fork+0x3f9/0x770
[ 2118.427610][T16449]  ? __pfx_ret_from_fork+0x10/0x10
[ 2118.427622][T16449]  ? __switch_to_asm+0x39/0x70
[ 2118.427631][T16449]  ? __switch_to_asm+0x33/0x70
[ 2118.427639][T16449]  ? __pfx_kthread+0x10/0x10
[ 2118.427651][T16449]  ret_from_fork_asm+0x1a/0x30
[ 2118.427663][T16449]  </TASK>
[ 2118.427666][T16449] 
[ 2118.427669][T16449] Allocated by task 29:
[ 2118.427680][T16449]  kasan_save_track+0x3e/0x80
[ 2118.427689][T16449]  __kasan_kmalloc+0x93/0xb0
[ 2118.427698][T16449]  __kmalloc_noprof+0x1ef/0x430
[ 2118.427709][T16449]  ___neigh_create+0x722/0x2360
[ 2118.427718][T16449]  ip6_finish_output2+0xb51/0x1720
[ 2118.427728][T16449]  ndisc_send_skb+0xb54/0x1440
[ 2118.427739][T16449]  addrconf_rs_timer+0x369/0x670
[ 2118.427748][T16449]  call_timer_fn+0x17b/0x5f0
[ 2118.427759][T16449]  __run_timer_base+0x648/0x970
[ 2118.427768][T16449]  run_timer_softirq+0xb7/0x180
[ 2118.427777][T16449]  handle_softirqs+0x22c/0x710
[ 2118.427787][T16449]  run_ktimerd+0xcf/0x190
[ 2118.427797][T16449]  smpboot_thread_fn+0x542/0xa60
[ 2118.427807][T16449]  kthread+0x711/0x8a0
[ 2118.427818][T16449]  ret_from_fork+0x3f9/0x770
[ 2118.427827][T16449]  ret_from_fork_asm+0x1a/0x30
[ 2118.427835][T16449] 
[ 2118.427837][T16449] The buggy address belongs to the object at ffff888026baf000
[ 2118.427837][T16449]  which belongs to the cache kmalloc-2k of size 2048
[ 2118.427845][T16449] The buggy address is located 784 bytes to the right of
[ 2118.427845][T16449]  allocated 1104-byte region [ffff888026baf000, ffff888026baf450)
[ 2118.427856][T16449] 
[ 2118.427858][T16449] The buggy address belongs to the physical page:
[ 2118.427867][T16449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x26ba8
[ 2118.427880][T16449] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 2118.427888][T16449] flags: 0x80000000000040(head|node=0|zone=1)
[ 2118.427897][T16449] page_type: f5(slab)
[ 2118.427906][T16449] raw: 0080000000000040 ffff888019842000 ffffea0001ad3400 dead000000000002
[ 2118.427914][T16449] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 2118.427923][T16449] head: 0080000000000040 ffff888019842000 ffffea0001ad3400 dead000000000002
[ 2118.427930][T16449] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[ 2118.427938][T16449] head: 0080000000000003 ffffea00009aea01 00000000ffffffff 00000000ffffffff
[ 2118.427946][T16449] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000008
[ 2118.427956][T16449] page dumped because: kasan: bad access detected
[ 2118.427963][T16449] page_owner tracks the page as allocated
[ 2118.427968][T16449] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 16115, tgid 16115 (syz-executor), ts 1480094139240, free_ts 1479955283859
[ 2118.428002][T16449]  post_alloc_hook+0x240/0x2a0
[ 2118.428021][T16449]  get_page_from_freelist+0x2119/0x21b0
[ 2118.428035][T16449]  __alloc_frozen_pages_noprof+0x181/0x370
[ 2118.428049][T16449]  alloc_pages_mpol+0xd1/0x380
[ 2118.428065][T16449]  allocate_slab+0x8a/0x370
[ 2118.428078][T16449]  ___slab_alloc+0x8d1/0xdd0
[ 2118.428098][T16449]  __kmalloc_cache_noprof+0xe6/0x320
[ 2118.428116][T16449]  rtnl_newlink+0xed/0x1c70
[ 2118.428131][T16449]  rtnetlink_rcv_msg+0x7cc/0xb70
[ 2118.428147][T16449]  netlink_rcv_skb+0x205/0x470
[ 2118.428162][T16449]  netlink_unicast+0x843/0xa10
[ 2118.428176][T16449]  netlink_sendmsg+0x805/0xb30
[ 2118.428193][T16449]  __sock_sendmsg+0x219/0x270
[ 2118.428207][T16449]  __sys_sendto+0x3c7/0x520
[ 2118.428223][T16449]  __x64_sys_sendto+0xde/0x100
[ 2118.428247][T16449]  do_syscall_64+0xfa/0x3b0
[ 2118.428259][T16449] page last free pid 16115 tgid 16115 stack trace:
[ 2118.428265][T16449]  __free_frozen_pages+0xb59/0xce0
[ 2118.428276][T16449]  __put_partials+0x159/0x1a0
[ 2118.428283][T16449]  __slab_free+0x2b3/0x390
[ 2118.428291][T16449]  qlist_free_all+0x97/0x140
[ 2118.428299][T16449]  kasan_quarantine_reduce+0x148/0x160
[ 2118.428308][T16449]  __kasan_slab_alloc+0x22/0x80
[ 2118.428317][T16449]  kmem_cache_alloc_noprof+0x143/0x310
[ 2118.428328][T16449]  alloc_empty_file+0x55/0x1d0
[ 2118.428335][T16449]  alloc_file_pseudo+0x13d/0x210
[ 2118.428342][T16449]  sock_alloc_file+0xb8/0x2f0
[ 2118.428350][T16449]  __sys_socket+0x13d/0x1b0
[ 2118.428358][T16449]  __x64_sys_socket+0x7a/0x90
[ 2118.428367][T16449]  do_syscall_64+0xfa/0x3b0
[ 2118.428377][T16449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2118.428385][T16449] 
[ 2118.428388][T16449] Memory state around the buggy address:
[ 2118.428393][T16449]  ffff888026baf600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2118.428399][T16449]  ffff888026baf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2118.428405][T16449] >ffff888026baf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2118.428410][T16449]                                                        ^
[ 2118.428415][T16449]  ffff888026baf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2118.428421][T16449]  ffff888026baf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2118.428426][T16449] ==================================================================
[ 2118.429079][T16449] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 2118.429094][T16449] CPU: 0 UID: 0 PID: 16449 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2118.429113][T16449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2118.429125][T16449] Workqueue: hci2 hci_error_reset
[ 2118.429144][T16449] Call Trace:
[ 2118.429150][T16449]  <TASK>
[ 2118.429157][T16449]  dump_stack_lvl+0x99/0x250
[ 2118.429181][T16449]  ? __asan_memcpy+0x40/0x70
[ 2118.429198][T16449]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2118.429220][T16449]  ? __pfx__printk+0x10/0x10
[ 2118.429250][T16449]  vpanic+0x281/0x750
[ 2118.429271][T16449]  ? preempt_schedule+0xae/0xc0
[ 2118.429290][T16449]  ? __pfx_vpanic+0x10/0x10
[ 2118.429310][T16449]  ? preempt_schedule_common+0x83/0xd0
[ 2118.429330][T16449]  ? preempt_schedule+0xae/0xc0
[ 2118.429348][T16449]  ? __pfx_preempt_schedule+0x10/0x10
[ 2118.429370][T16449]  panic+0xb9/0xc0
[ 2118.429390][T16449]  ? __pfx_panic+0x10/0x10
[ 2118.429413][T16449]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 2118.429437][T16449]  ? __list_del_entry_valid_or_report+0x92/0x190
[ 2118.429456][T16449]  check_panic_on_warn+0x89/0xb0
[ 2118.429474][T16449]  ? __list_del_entry_valid_or_report+0x92/0x190
[ 2118.429491][T16449]  end_report+0x78/0x160
[ 2118.429509][T16449]  kasan_report+0x129/0x150
[ 2118.429530][T16449]  ? __list_del_entry_valid_or_report+0x92/0x190
[ 2118.429553][T16449]  __list_del_entry_valid_or_report+0x92/0x190
[ 2118.429572][T16449]  bt_accept_unlink+0x39/0x240
[ 2118.429592][T16449]  l2cap_sock_teardown_cb+0x17e/0x460
[ 2118.429616][T16449]  l2cap_chan_del+0xb2/0x5e0
[ 2118.429631][T16449]  ? l2cap_conn_del+0x37c/0x680
[ 2118.429652][T16449]  l2cap_conn_del+0x388/0x680
[ 2118.429674][T16449]  ? __pfx_l2cap_disconn_cfm+0x10/0x10
[ 2118.429695][T16449]  hci_conn_hash_flush+0x10d/0x230
[ 2118.429719][T16449]  hci_dev_close_sync+0xaef/0x1330
[ 2118.429742][T16449]  ? __pfx_hci_dev_close_sync+0x10/0x10
[ 2118.429763][T16449]  ? mutex_lock_nested+0x154/0x1d0
[ 2118.429779][T16449]  ? hci_error_reset+0x11f/0x3e0
[ 2118.429796][T16449]  hci_error_reset+0x127/0x3e0
[ 2118.429811][T16449]  ? process_scheduled_works+0x9ef/0x17b0
[ 2118.429832][T16449]  process_scheduled_works+0xade/0x17b0
[ 2118.429864][T16449]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2118.429890][T16449]  worker_thread+0x8a0/0xda0
[ 2118.429921][T16449]  kthread+0x711/0x8a0
[ 2118.429943][T16449]  ? __pfx_worker_thread+0x10/0x10
[ 2118.429962][T16449]  ? __pfx_kthread+0x10/0x10
[ 2118.429984][T16449]  ? __pfx_kthread+0x10/0x10
[ 2118.430006][T16449]  ret_from_fork+0x3f9/0x770
[ 2118.430027][T16449]  ? __pfx_ret_from_fork+0x10/0x10
[ 2118.430049][T16449]  ? __switch_to_asm+0x39/0x70
[ 2118.430064][T16449]  ? __switch_to_asm+0x33/0x70
[ 2118.430078][T16449]  ? __pfx_kthread+0x10/0x10
[ 2118.430100][T16449]  ret_from_fork_asm+0x1a/0x30
[ 2118.430122][T16449]  </TASK>
[ 2118.430375][T16449] Kernel Offset: disabled