last executing test programs:

58m14.400059034s ago: executing program 32 (id=211):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x632a, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000000)=0xb2, 0x4)
sendmmsg$inet6(r0, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f0000000340)=[{{0x0, 0x0, 0x0}, 0x20000}], 0x1, 0x12141, 0x0)

47m37.066980647s ago: executing program 33 (id=1655):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f00000002c0)={0x2a, 0x4, 0x0, {0x1, 0xe5, 0x2, 0x0, [0x0, 0x0]}}, 0x2a)
r1 = openat$cgroup_pressure(r0, &(0x7f0000000140)='cpu.pressure\x00', 0x2, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x41, 0x3, 0x228, 0x0, 0xa, 0x9a000000, 0x0, 0x0, 0x190, 0x1f0, 0x1f0, 0x190, 0x1f0, 0x3, 0x0, {[{{@ip={@multicast1, @remote, 0x0, 0x0, 'veth0\x00', 'wg1\x00', {}, {}, 0x6}, 0x0, 0xd0, 0xf8, 0x0, {0x0, 0xffffffffa0028000}, [@common=@inet=@tcp={{0x30}, {[], [0x4e21]}}, @common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x2}}]}, @common=@inet=@TCPMSS={0x28}}, {{@ip={@multicast1, @dev={0xac, 0x14, 0x14, 0x26}, 0x0, 0xffffffff, 'vcan0\x00', 'geneve1\x00'}, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x0, 0xfd}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x288)
r3 = openat$ocfs2_control(0xffffffffffffff9c, 0x0, 0x40102, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, 0x1})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$inet6(0xa, 0x5, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r5, 0xc0286405, 0x0)
ppoll(&(0x7f0000000040)=[{r1}], 0x1, 0x0, 0x0, 0x0)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x60, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x12}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x60}}, 0x0)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

46m38.094828449s ago: executing program 34 (id=1767):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0xffffff14, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r3, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r1], 0x50}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0xffb7, &(0x7f0000000180)={&(0x7f0000000780)=ANY=[@ANYBLOB="500000001000810500"/20, @ANYRES32=0x0, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100030000000c0002001c0000000f00000008000500", @ANYRES32=r1], 0x50}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$SO_BINDTODEVICE_wg(r4, 0x1, 0x19, &(0x7f0000000080)='wg2\x00', 0x4)
sendmmsg(r4, &(0x7f0000008040)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000004c0)="0d652c1aa3b2a80e6e0136deb7e056acc530d75d3ff6047bfaff9d56065225e6f1124189009742b84c33acf28d600bc129e5f5f093b6b767df119493db9cbef9527186969356aefcc1543676b03d9911dae25107c76338db86b81524226a760775934d1a61294123716f100037d8971f1ebe3707cac31a9e1cfa0a12471443eb0376392c7191f9ae7b73638b6a8b15a7677beb474ed7f57071425af733f70950e1e7638e84dd59f5565d9554be80a192e2f5cf5a6c0fda5646", 0xb9}, {&(0x7f0000001a80)="6a350b9b24c7bf8fcf1e3b32b35987d4a54e5c98a3d152465c3bd15ce00e3131f6c13c816e986036f1d9ded172d36a7468877059957c5879486c3d7d202a0e6198b95280e6fa1d9ce082500aab330c10ea27af0b93128ce871f21c651b7c02e88e6b47b06d1ea05dbab8d49f855706c65c279cb2ab84ef7c1a655f9a3256c0d0ba6be26fe794ac0ea226f65a041a6db064f79b239dc5921c5e01d2790ed1b4aec34e0a225c0e8c0b472840a3c85d883b1f1edfad3d50dfbcde07d45ee1791b646e5f215e812c791a948f1c9c87f98a9423b19d196aa285381347645d77a3f0b2350ab71e3c0b59187d4c6c238dbd8eb69e4d96f1c02f7e584771739653b41abf28fd0cd6f40f5f46a93857bb6b58bfa392326c0d7a06cca769ad0edb2e4e938ca56a5385b5757e749234147e917f6b61153194b8ec8d11099c4b916e76a99db12ada31512ebc9766e46ada54aedd4a73b47bba7848554da08124e4ca3ab0d6f185cb909a70cef0771ec3083ff472634697a4a1f983a7779866ec21ae805c164726f3a3a77eca3662c1c6a84c54b22423fca3594dc0e4c860b92362772e0b0229beca24b6c6506da18b6038b130ef286073f32567615313080547c596a91b826f2c325f69aed592980811b3c6eb4285dc8e535412f238e4e0faa623af7723b884e7833734acc15182f9687edb0eb53d028c185bbee69f44349f35619145f734952c329ab052ea71a2cab68274ce2c4b39dee63414a1b729fe63a4436a027f9baaa6096b997f0b007a22dd109a45b9643af420559bd38c6aeee6d48f0cb18988bc42fd94223dcae70760f9e0e62cf74b30941faa8bbd3d97eeac77a4d86aac7db5a9c016df4008e41cbebc569724c1847c40e264336cc2154cb3ef20e94d25a45a08d4251092e4de687145bd9381ebd17fce974d3923d7447fceff44c9776213bddc4f234047de81a8e20a2e0eab3a1ced516dd5b7c85338df93a8c5532d33d7b7ccbba4938502b0cdc0dae74aedafe1df97c9e40bed9d51acfd67ace61dac133f4871c33ca79f468707f00028cae4d31c7b82a7d5f93fdeb084cce28cadc2640050973bb8cd73aa8c5ddfd829eece3354b40bdfd80032a64fa99e1464ede991ba99ff45b6411bd2be8d7f40ca648d14bf5c4322d63b054314c2873a883e366c9a45ac3e91a72da5e73a52f71cca40402609d9ee5551bb222e79d390349a47b7732da1f69e9a1c84402704331030294f0fe715ce90e50daf4ec9cc9784e6b74e2ae6936719a8ea37a781c86db268b987ba8b9c8c129da4ed7ab303b4343d1f9cfb5900e87cf6bb3d28e9a953f2a7c1d6c83897c86c95957e02cdc7d468be812ca1b9e1084586b9cb57a29ce8bac6907a6e5b6eb4273bfd9b16bae28967a703f708d23a7063d523001273a6b4009842cf0fe3a2be83216fff00aa6a672e33cc0e92e79f396e2667e16910bc7d137cd523d8f476fe9c0be07bb0d322758244713d608614748ead93caaf605d6500a772c6200eed1238ee25fbcc64b02eb7ee1c11fb429477cf978d873d7c4162493e7b38f8b2a06a2430eb61451d9ce43c14fed56c59a489413fc35dece5fb485e60e681955a62b59755c41ae7e46a6e3590ccd4f61853af4e9be687d22bda66dd3e4bf2434a3b2f3ba613d91d7c10d51f3cf075cab71fbfc9dc85ab4e7493e9e02c884f311b048ca6b98daae9a08e81be9f24777f894e7608747ab13cbe235ff92a43fd6c831d1574089b067f46c38535", 0x4dc}], 0x2}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
listen(r2, 0x1)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000014c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374000014000280080001400000001508000240000000060900010073797a31000000000900020073797a320000000078020000000a010200000000000000000000000a65000600f7c33142c7ad7b530ce37f0146edb7382c760c706081df13b36de2c981493ebd8165b7fd02f79d429692f8055a919a65585d7442b9773ac19026c134d1f31260300ccda2f95b019424f90245a371019c3e51fba20c80cf50f59943380030652973000000da000600e5ba577868fc3f4b6ce99d4d9bd023410f05cb8feb945161ac1f994a1a674be2a9685ab473411045d578141d25d5f4b15a57b0242dfbba27aafc493ae53c45c950bc2548cc5018cf94d0633f8ac1024ffb354ae3345a7d9bafa7872a13d5279eb4beb95011265fe72784e6edca9bf64eb567a2473cc3ae747400470bc0a58a9d6c50c7d5baaca99e8e7663e5a27d8e208eb3ce2c970e6eb54786540005e58d89fb526160a22df91dc4fe2c8cc35d64d1940c7ff82e9cd277fa8719cf6325b07660a4aad2d075aa7441954a5e1ab7f0b6069986fd64bc00000900010073797a30000000000c0004400000000000000003fc0006002994ab371938388a21d14cb558b98231efc367a633f994cc52cd0b9c4ff014250aa96a0c514eb0b4d0423323cd12541e8abcd9de6b2659151ebb2f66ed63a0b710b40e0e719f301ad2cd1287f790f3f00280fefe3e3a6eec7cf49f6df617da7417a7834e089ed4de94839025398ef8af86fa48dd719874fd539d4cad6a419b53222355c2ab276beab975a91bdc5a2316dfb0d8b0060040b51eda9dc70a81c2e6eed85035e5f9da8a786f7651b4cb2a650045802448fc7baa8bb78e09bd76b74eadea066ca8fed0f281d900d8780f6ce62a1bdd7b5a2f3ade69327bb4fa9262d702ff780267e6c06965f497081f180900010073797a3000000000300000000b0a01010000000000000000030000000900020073797a3100000000100011800a000100717565756500000084000000180a01020000000000000000010000080900010073797a30000000000c000540001f0000000000020c00038008000240000000080c00054000000000000000040c000540000000000000edc3207c41193d9c00030800074000000000d6fe010073797a30000000000900010073797a31000000000900010073797a31000000001c0000000b0a010100000000000000000a00000a08000c40000000cb34000000050a010200000000000000000c00000108000a400000000308000540fffffffc08000b400000000208000540fffffffb140000001100010000000000000000000000000a"], 0x3f4}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000500000085000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='netlink_extack\x00'}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01040400000a00120002002800000019002d4400009b84136ef75afb83de066a5900e1baac341b61130000f2ff00000100"/85, 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)
io_uring_setup(0x7699, &(0x7f0000001440)={0x0, 0xe516, 0x800, 0x3, 0x126})
setresuid(0x0, 0x0, 0xffffffffffffffff)
syz_clone(0x40004000, &(0x7f0000000280)="b74508df6ce5cc6d8b210e324f597e0322072249fce3bf16b42e9b61067ed829ed565bb21fbfc07defe16478c4d2c6f03654fb5eac8222ead9a3cda518929fce574ac10d89015d7c8f451dd2b3f26933efb675d00fe599ae6f97f89530bdb8c36725857aee5fc29eae8ee095702b090636ad49b6f7862ae7d372996d68b2810e223b237c4c162ba8a658e931ed99dbd919aaccd73bfeb9110b975b7439725cfbe1ccd9cd04aa0c7b626428b6fd8bc002a15056abbbaa", 0xb6, &(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)="ff0b447cbedbbaec28d1430faf9104744cccffcf7dccc793abdc28f9955f690eab3c43ccee6a420e3799cfdb45301b2c2b11e7ec739d84518212aab154232b524e484d2e8ae51702f97a8cf4251f7297504c9e55d0bce2c8ebd8e04271611a640a864772e47cd615ef7005ddee63bd6f7581b09953fc8f0884997d5993af0e31a95df57f270d70d890411b74ca807afba9e7aada0e8395dec3d3493047dab42563bd81ec7bca29091ad03aa14def71da15a25c2c2f1b8d1c61dc2a60478b3f7203f53317b06b374c41d9539d210965588b19dea8c7dfcefa4fed1d269cb8505a8cd8a64578cc122f9dcc21a150911d23c1a45d5900da989f4f73347d17277d59535bda787decf359529e7a800e02e0cf7c9da5563a65f43d61d8894e0601e59950de40e623949cbf6902dfe0ff225faa0b9ac130a625df4f7673b067131b9c4ce6e05678761c39c8a4c69036121df14b5c2bf062d936e1fc2f1bc32ad074e2064cd5925405a410c14fdce7f5e91dcb49ef31b425347e36b65f5ae386c365afd0866b9da60f03a5e3b87e0dc2de92fe7b6711e1c1f5cf32bfc12a6fba517b3201f964c78873be3a4d23ccb2b6161347404772f0d145f9cd4b103d1937850c052609b00462ab08457a72bd8e4a2007082f54676df7ea775c6da03d37001f43f33ffb59bff63a67ad254511fba728f935e0a0aaab5a38e20002e6129c3086e93f8dbab9398d17b89effc4d4ee22dddac52be734f04ba387f229069c55720638eab342150a0e09bc7316788454d66532aa8cf2390f2d80fe6eb66a36da1adfb8346b42660ffba30220c11c5041b4112097ffb00e965404361fda19fa714be1972ff056a0a8ae3e942309ce732a72bcd4e82fd34ca41021cc37bb9e78d57c54522b768633fda38f778c6d4f2f3528b7de92dae26d581144935527f6632f61e50ae44cc3b4406ba70cd12c3a4d1f94d9c413834d98ba974455862525040e2417307752c68ee4d44d1b0fbcbc151b089b437c7ba7b94a585f3a10c914f01622f92e39b28c49e795045a50edafbcb201819a3f9d26a633ce7ad04571f98e414282dd1e989d2296262561eb1ad221b4ea20f8c4542f17e669a9a5d400dcef3535ae1d4dc9201b4ca1b7dbd333025a39767b6c9076cd20bdd1eed7b7c30496abf08eb68d3665997f88fa922e0b828bd72aacfcdcf50fa0c00fd53ca1703450ce59db8f79ea5a8b861440f7907279947b7f4ec266ab8dfcf7e31332d184e257c23174a26e390d1333c8a5be8ca1be7d58d59fb3fd37114764a3c86fc603e100964943532a79ba38e6ce2d7e5cfaed8699427ed7554178b31719a288080147fe78ef09bbcb6058dfedc03b5417d6010cf9f742e37a66837bb3195283d16e169f9cde6e4a1302e74560595b041ec94821b2f5b4f8a9a0c46d0bdc64371a11181f76037db39b3802ed2ea78cb41d693eac455855ca1d660a8ef3db20f2acfb58ec5839f7261fcd04347a9272ef1f47bd6b39553db74ca1318e12361913487471395b59b96fac8ccf8d17f8389bfdfcd4ff3ed3eac3962de011f3b76afa95151e1fbc5e14eb8a97af492ed8c7743c65452372ab33a1bb611e4bd62a9b3320970ece0682b83976a8c0980b00a087494a08362d27641e2f60731c41b3c71374f7d89898388dd41f409e204207a6e930e25322b5a869db53db87518cea054c5975f55fd27bd9adc7ace1216155aec592d774727135c4f2ea9eacfdf00e8d7310b64ed7884d4a6d5a009a811e4390dff0219d4cc753bc0025f5703f56a5ecb12c142c788298ff99456c5504d9b3e83563555f37b44fc89036e9d1bd8573fc13da436d4cd05c89cd1ce4f4ef6240f72faf691173f4f37c73a1c7874f8cd9cc82b93437d38d32837669d9eb182316906901f830233bdcf4f80cd232035b91c87e0df68b1641c0b0095b344f7637181856156837d20adc57d840b9af96b2d77d9b7418547a5820c8816adc7c6bed8d056e6623f2484481ef48b043c97e6af9d8574b4de0b427bcdef15495f9f2a53c46f51ff782b0c344346ac92ee05e2f1844475a6433217b9137e2c6ad660e65cde295bed20970de213d405955a9d90575887f49742e36a4e5d8322bf7b2e0c595cc1a15cf34a7ac280148a56b48fe25e7b256e3d12234950ba7e779e02e560d832348ab1a9bc6ba016f54dabd206d1e7c3cf136aa53d827bd0b93f08fc8be7dc1c814e9db4f6744123f0334a05fa808b5c4c99ec508ae52623e9075890ce8a8e8deea4c0155eac8422b2c172e46f7f5874eaa7b1917a727b98f8f310fc061aae846e6e74ba2d06e978bce6f66c24252580bc5526e548f0c010276a645ee292825c69de231848dd096d715239b6a8ea106a14ee2d85d4da1fdf09bd47fd0e076a295d553204d1f87127f741e34a6edaa1037dc0b3d173e0fd730bf0279780e36f68d80ad9f88a5cdaf32f343e5f93d380000032dcca010f2965bb3e91aeeb4d9a5fcd1c952ab5c5e080307939e14f4948da94111ed67ccdf3afc2188438b8b06cbd0e23937f4d8dcffe6fac20131ba4112cf7cbea0796e4293af3701bcdf82c2cc42cfc8aa1dc40decaff6319d8db9cd0a35d8cb38b3d8b58f809904ce217eeb9895b5ea3b12cf010e636486e6c8628d94990bff7979d882c7db70996c3320abdebdb1ffda51cbf6ef49c67803cc46d4a7fb20295598732df764a8b2645524834a88ba2e63e148838874a43e2d947a03f4a77fd11a0512c0530d41ee0eb48da53170a34613fb992995f6fd6e07832c723f21a2ccdf368ee0381bdba96eabde06c2664c444210211b66b07178b10f2be6b4910199021ae1c696309dcfc050e6cb3e6f67261f14e491e2df0bf7b29858adb2fc481faa07d3193cfa589c8d91ba30da82c838949e2b1014a5c65069a2baa44a132a476c596f6914e1aca82810978724a88d4ec811589080d4088daa95e4f74a4b8c44f7e1c2a9e51fdaeee47d534e9a244aa7ffdf5f00b6d825054dcd47669def78870d70a7dba9f6dd44b43dd6e6b1dd45259b3f33daf21cb62dbad9519de8cff35c53b2798802823a5641c149079cbce5fc79bcdd866dfb9848120c5dda47132680361233abc219ea2d4a163d63e1dff4812705cd54eb8024703506a915f3dcebbd5dba2252b825280c2e682e14b82509ee6fafa5266b068b426bb1fe361188b8bb98d21c221ddd57b667da3750ad5174331d8fea779eab5338394ef1ec6d8c513f846cb6e2817db48bc8930efb438850686cc98fe599b1198d427a3bcb68b68d064fd2ad0341d3a73fc878d8b031cac1cacf12261f9c072591a16649988727d55aeed803efeb33bd237b5e6f89f41c15dfef543fcaadedb27903d811e0f7db35380fcbbf9afdd8616890d8d313368029af7be54da6c2a3b8df766f7ee8b62d9be69f0982c78a291d720d3c9c1edfb7989e7917c06537f9b4d8e3fa8f543c75871daf51716c0607ff676a91f7f66ffdfe62920613420f269fd0f5ada3d1fdecdf6dfa008795305c1a91a356b287d2a5dcc60e29b0119c7f9e2bd9753cd610d84f5f87e3dc9d8a13b9ef97903448beccb71c9de155a596c11b854be1dd2cf82d228f3830503d84e09a62ecc7f4225d10d2643a1d954cd97febbb0ff4064e1ce655309ffba9c701745a87382181fe31b5facf1671ee13b3b24c584ef35e8d423263c3e4b0d9bc4f3ad7e6e187318707ee4ef46fd36ae6cef72b70bbd30c21863c3cbfe6c26d7cc505893f0bbd09ec63bf14cad63adcd33fc328ca0a4a7d1e2661c79609eb4f62886f4be1ef0df6a291437c64f7f799029b93b6c808f133e7696cfb90803cc1a58412e7995636492979871d86fd0f5228442c0c4d34b1f795e6e8840bd239e2bc38ec6a540dcb9454af42127aad2dda7ab2e689d46bf4f39a57c6012f7987b2b394d7d5e0ed237cd992f6d4c81b64694a98235ccbfbf56b7c5be54cee2ed18c18bf80ee669b8845bf0becae4a9406843cbea850d06996dde8ff49cd301f5c6f4e72018b1a233d09be7326d4c4df442115ce8cb7c63836579387ea7093a133930bf10b68b33386440cdeb7668153cf287768a2721034d3749e13592dd26126b5eb638382f304cace4faad7a5a98975a7062dde92ccba478971a3f0c6639c833e1da7e602f143e3fbaee9e72c97a82f0aeb69ae01ed4738a67eca669e6a3dfbe6853658b63126777a27037f4bebe4bf066f93378ceb7168174005afbf2d52bca95001a5959c2508c52e150f97fff01fe0a460f1cbe1c38cb44a824b28b1832ff464a4cf5996100712d352ef657b4739ede9ac49afb9db7c77b94e1a14841a8dd16f51988ac65cf3ecda795947def442139b3e5e51e4143f5a42aceb5aa84a1c9cb498d83af3261b1daf8ddb0fdb59cf6e0bce102c648f5f131997c3855ba7bce1ac28877b4f576d7f165f3e070d74f7d82acd0c90b49511b23c3901469eb1a30cac5702055fd829f5d2afe5be68eff6728e6b4e3e91e70a18ea35ff0744a4323da87b8765cbed3b45ba269ec0ddd48b97f1cff33f51e5a1703de14dab104881eb59254194e37579c0ad6d185b0d3ea7e1b57d61c9710533990064403e31ad523ccc751c7698a97a547a00197996682e90e8132970a0e6a326ec90dda5a1ea40816914acd2bbeeba2f458efeaf20a81d328ff75b98618843ef7c3f4d80e5b708df71fc94e205f024a6f0406ca111936db6159c5de5be785388d2c2fe651a18d7ff4c88a9b35fb0a8940984be6507d624964e9b22aca5e81ab574768e0a89630b8302e2a3f11a870c38a6106c8ba0c010067ad085537745c2eadbfbac2c36de000f97abbc732c3ddad0be29e74bdaa536dfcb55a7d36ef6b511f51b7c15ddc45e45e490f66961cff0c88c110ac4e688c6470b35324e9e0245cecca596316210689688fd38a772d829ae4ff547cefedf70f954fc9851c9b6e918d3079beabc33f3934438ff54cd3cd38244d709e9c7a7555969aa08e930df32ebf76bc67d161aa64c37cf161ab384e2510fd4bc754ed0f42beb1815991af49439f9ac2c69ec1b8fa368e8ad8dbed9026bf3fb8a3864a5be7872a8897f536d0764ab9f0099f3ce3cbdb7bb31f90bc73d829ee25afd563af97c603d548a77eb64f21754ad6fe837ca893a1ef4b9bcadfbed0764db0a51c250f52f4c925ccc96ffc587c024f0a62e918057125a4baf6a319c6434438b2179f29c4ef6fca0876c971c7da9839095f641eb78a38f9bf98913659fd02a586fad336a13f5bd5bf8c1e20a604f96666ba36a737093b082a50b815b2d0aada3a55ae99263958eed3c838b65e7503be680a1ec1c505701f82af2acbbc7b9c603d9b3a682fe9376913cd754beb843df4d8dfae5fed4f110d3d76c24ed11962ca352a1b2981b2b0e68ff55f420335c7fcdbdd0bc4d512cacf80e93b442a611083aa793fc4520c9b21f92f27303d0333abce6b7e18aed8f1f2128cec28165c4199701225e25d1e02cd1e0aeed29127c87fbe896bc63900c101079311aaa801504cd1806695a8096b65541009c782c55e4c0c25aa2c2f2c42e974cf13cf006f361358414e4a61db4f819c403f3045f629a5da3f8783e25f7aa5b512f00a1a13b0e8b67b98c8f869a4f3584143f88db2edab3bb7b30354db7e7d7e304fa881accdb37267caae443f6e628c768f65c57da37e381a66a813d2008ba2a1754498ecf9b158bb681b772f82a70eedf04a1d743cea3c838f98a12f4fcd8602da0e0cfc307c6d65442f0330740aed61c3af192a8c78eb4ba373a9554d2814029")
gettid()
socket$netlink(0x10, 0x3, 0x15)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSBRKP(r7, 0x5425, 0x0)
ioctl$TIOCGICOUNT(r7, 0x5409, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

44m0.889165478s ago: executing program 35 (id=2169):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
socket$inet6(0xa, 0x1, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1038, 0x12b6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r4, &(0x7f00000063c0)={0x0, 0x0, &(0x7f0000006380)={&(0x7f0000000300)=ANY=[@ANYBLOB="68000000000901080000000000000000000000003c0002002c00018014000300fc02000000000000000000000000000014000400200100000000000000000000000000000c00028005000100000000000900010073797a30000000000c00048008000140000000010440b3bb162393a218337f34a66357761e5c3d3b8516b3aaf2f72957845505660344e85c3e888c4a3168aa18cf04b4e0aed15246c2dc6775d06d0ac4b3fb3a35694fb2664c"], 0x68}}, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f0000000400)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\a'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=@newtaction={0x88c, 0x30, 0x12f, 0x0, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}, @TCA_POLICE_PEAKRATE={0x1d0}, @TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}]]}, {0xfffffffffffffff4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0)
syz_open_procfs(0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000002040)='mountinfo\x00')
read$FUSE(r6, &(0x7f0000002080)={0x2020}, 0x2020)

43m19.957057877s ago: executing program 36 (id=2244):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x1000085}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt(r1, 0x65, 0x1, 0x0, 0x0)
bind$can_raw(r1, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x3}, 0x8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1e00000000000000020000000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000a002f246f2be1684dc5216fc0429c22a11a660000009006af"], 0x50)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r2, 0x0, 0x0}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x2000000, 0xfede, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendto$inet(0xffffffffffffffff, &(0x7f0000000300)="ab", 0x34000, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r4 = socket$inet6(0xa, 0xa, 0x1002)
bind$inet6(r4, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @rand_addr, 0x8}, 0x1c)
listen(r4, 0x3)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
r6 = accept4(r4, 0x0, 0x0, 0x800)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x28, 0x0, 0x8, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x3}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x8004)
close_range(r3, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket(0x2a, 0x6, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0xfff2}}}, 0x24}}, 0x0)
getsockname$packet(r7, &(0x7f0000000200)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001500)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xfff3}, {}, {0x1c}}, [@filter_kind_options=@f_flow={{0x9}, {0x8, 0x2, [@TCA_FLOW_ACT={0x4}]}}]}, 0x38}}, 0x44050)

37m50.789469196s ago: executing program 37 (id=3109):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r0, &(0x7f0000001680)=[{&(0x7f0000000000)=@in={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000040)="9e", 0x1}], 0x1}], 0x1, 0xfc) (fail_nth: 8)

34m44.920157572s ago: executing program 38 (id=3517):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x106}}, 0x20)
mknod$loop(0x0, 0x10, 0x1)
r1 = creat(0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000880)={r1, 0x0, 0x25, 0x1e, @val=@uprobe_multi={0x0, 0x0, 0x0, 0xb, 0x0, 0x1}}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x4000)
quotactl$Q_SETQUOTA(0xffffffff80000801, 0x0, 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x30, 0xffffffffffffffff, 0x31716000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, 0xffffffffffffffff}}, {@aname={'aname', 0x3d, '_!oU\x885\r\x00\xff\xff\xff\xff\xfe\xff\xff\xffp\xbaH6X40\xe2D\xe0\xe4\xf2\xdd\f0\x12\x00F\x1d\xf8\x9c\xdd\xb0Q\xf7\x13\xed\xb3\x11\x049Z\x88\x96\xb3B\xdf\xff\xff\xff\xff\xfd\xd8\xa9\v\xfb\t\x0fn\xe2\xf6&\xde\xff\xb5F\x00\x00\x00\x00\x00'}}]}})
ftruncate(0xffffffffffffffff, 0x5ae)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0xb, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r6, 0x0, 0x4000000)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r7, &(0x7f0000000040)={0x1, 0x5}, 0x2)
write$USERIO_CMD_REGISTER(r7, &(0x7f00000000c0), 0x2)
read(r7, &(0x7f0000000100)=""/85, 0x55)

34m44.796417078s ago: executing program 39 (id=3539):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100", @ANYRES32, @ANYBLOB="3c0002"], 0x58}}, 0x0)

34m44.562572794s ago: executing program 40 (id=3541):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00', <r2=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001000000008000600", @ANYRES32=r2, @ANYBLOB="08000300", @ANYRES32=r3], 0x2c}}, 0x0)

34m44.2563308s ago: executing program 41 (id=3536):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
pselect6(0x6f, &(0x7f0000000300)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe9de}, &(0x7f0000000000)={0x1c}, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$inet(0x2, 0x3, 0x2)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r3, 0x0, 0x3, &(0x7f0000000200), 0x4)

34m44.029736509s ago: executing program 42 (id=3540):
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
syz_open_dev$MSR(&(0x7f00000001c0), 0x7, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000300)=ANY=[@ANYBLOB="09000000000000e90300"/20, @ANYRES32])
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600"/20, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="feffffff8de2a6b04e0e173b99afafa0f0382c000000000e8043dee8"], 0x48)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@private0, @in6=@remote}}, {{@in=@empty}, 0x0, @in6=@loopback}}, 0xe8)
r3 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000140)=0x7, 0x4)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000006c0)=@newtaction={0x44c, 0x31, 0x1, 0x0, 0x0, {}, [{0x438, 0x1, [@m_police={0x434, 0x0, 0x0, 0x0, {{0xb}, {0x408, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44c}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x10)

31m44.584955321s ago: executing program 43 (id=4054):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x200000000000011, 0x2, 0x407ff8)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r4, 0x4b67, &(0x7f0000001ec0)={0x1, &(0x7f0000001e80)=[{0x0, 0x1000}]})

30m34.429138526s ago: executing program 44 (id=4225):
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP_VS_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x481, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
capset(0x0, &(0x7f0000000180))
r3 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x80201)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x17, 0x0, 0x0}, &(0x7f0000000380)="ea9374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfcff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r4, 0x80045300, &(0x7f0000000240))
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x1)

27m15.092033817s ago: executing program 45 (id=4792):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000003c0)={0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x6}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x4}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240), 0x0, 0x0, r2})
r3 = socket$kcm(0x29, 0x2, 0x0)
getsockopt$kcm_KCM_RECV_DISABLE(r3, 0x119, 0x3, 0x0, 0xffffffffffffffe0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(0xffffffffffffffff, 0xc01864ba, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)

26m14.015973097s ago: executing program 46 (id=4976):
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', &(0x7f0000000040)={0x32d82, 0x7, 0x1}, 0x18)
mkdirat(r0, &(0x7f0000000340)='./file0\x00', 0xe2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000400)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0x6, 0xc, 0xde, 0xffffffffffffed29, 0x2, 0x6, 0x1000, 0x279, 0x40, 0x13, 0x8, 0x2, 0x38, 0x1, 0x5, 0x7, 0x80}, [{0x1, 0xfffffff7, 0x8, 0x100000000, 0x1, 0x4, 0x0, 0x9}], "021270e03ce90d33b0168de1ea6d10ad33f8f9260cea0231964d8bf76b93c70e96c1ebd99458c32600486ceaea2eabbff637be33b4568b948e53bcfbf22660586d43a7de13e4581efc3ed402ffe707e492c74d31aa92c46fc1900cd734f5cc08a4c0fb7084f5bf9c22d79a2d51bc1574d204b483e9e30d169546317971769abe8d02f0023c24251826190ee2", ['\x00']}, 0x204)
ioctl$SIOCSIFHWADDR(r1, 0x401c5820, &(0x7f0000000080)={'macvlan1\x00', @broadcast})

23m29.133968646s ago: executing program 47 (id=5417):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r1, 0xc0c89425, &(0x7f0000000200)={"e0862599eb6e4c53378b359eb45b4670", 0x0, 0x0, {0xfffffffffffffffb, 0x2fba}, {0xd6b4, 0x800}, 0x8011, [0xffffffefffffffff, 0x6, 0x7, 0x9, 0x1, 0xd4, 0x5, 0x5, 0x4, 0x8000, 0x2, 0x0, 0x3ff, 0x10000, 0x0, 0x9]})
ioctl$BTRFS_IOC_RM_DEV_V2(r1, 0x5000943a, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000002840)={0xff}, 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000180)=0x1b)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100))
r3 = accept4(r0, 0x0, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000b40)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}, {0x14, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x4}}}]}]}], {0x14}}, 0xcc}}, 0x0)
sendmsg$nl_netfilter(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0}, 0x1, 0x0, 0x0, 0x200008d0}, 0x4000)
recvmmsg(r3, &(0x7f00000051c0)=[{{0x0, 0x5, &(0x7f0000001c00)=[{&(0x7f0000000b40)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)

22m42.81047387s ago: executing program 48 (id=5561):
ioctl$SNDCTL_SEQ_SYNC(0xffffffffffffffff, 0x5101)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0xb, <r0=>0xffffffffffffffff})
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r0, 0x80089419, &(0x7f0000000040))
r1 = syz_open_dev$vcsa(&(0x7f0000000080), 0x4d44, 0x82000)
getpeername$packet(r1, &(0x7f00000000c0), &(0x7f0000000100)=0x14)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000440)={&(0x7f0000000180)={0x2bc, 0x0, 0x300, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x9}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x14b4}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x3ff}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x2}], @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1e13}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2ee}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xa}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_WIPHY_FREQ={0x8}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x28}], @NL80211_ATTR_FRAME={0x26, 0x33, @action={{{0x0, 0x0, 0xd, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x5}, @device_b, @broadcast, @random="ec226ce7a8dd", {0xb, 0x37a}}, @channel_switch={0x0, 0x4, {{0x25, 0x3, {0x0, 0xa, 0xff}}, @val={0x3e, 0x1, 0x1}, @void}}}}, @NL80211_ATTR_FRAME={0x1f8, 0x33, @auth={{{0x0, 0x0, 0xb, 0x0, 0x0, 0x1}, {0x6}, @device_a, @broadcast, @from_mac=@broadcast, {0x4, 0x973}}, 0x1, 0x1, 0x32, @val={0x10, 0x1, 0x4f}, [{0xdd, 0x9d, "52865d2a1ddc7a21753b179d1a9372aabd08ee292e078c1fee3f8925755f9423a108e3a21795f61739776092001f1c793c4920b5ae72979088be5b30ce55b5061f4d1d9ade1694ac39de3bd760c911f985f45ad9bc1a9f0704628472211507c28e2842e3ee3769b49e193712759c52418efd93f98696a311443cd974591363c2240768f70dc916042e3c919514a50d72f5163d760003b188b1a3ac20a5"}, {0xdd, 0xcf, "af8b98b9cf1cc8512d8464d987d04b3f43309081adcd629a1e46bb2f95d492a0ac7b233501ae42c8cb186a6af26b832a7491f7d59e9a8b17fbd8a021bf6e48a5f8f2f7de500f95a92fe94fb82cc4515f89617bf5c57ffa00258431560248991cb766d07f4fb6b91e1b8893545ea867f345e9430dc64dc6fb77d75e75ca297434bf5c13bb89050c5b0aa2026f6e3ad0e9d7fcfc064d6a2c220787f8ec15b39042e3ff72169ef2b8070d41c6eff106da6394dddbdf7e0410e31ab7d63ea54d17497ff6ab7323569574683a130189e512"}, {0xdd, 0x61, "0940ccd2fb17d1ac38e38bea84eaa1a212e560556b50978ef3b53741fa338b26127ef5af0f9154154d79c4aeb22cea2bcdda81890a5e6f2de04c22cc9ca6d67e6522aa60b92a8d7840430044990c034992233539e6b2116f293e71a51df1cec7e3"}]}}]}, 0x2bc}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f00000004c0))
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), r1)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r1, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x58, r2, 0x821, 0x70bd2a, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xf}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x14, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x3}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000000}, 0x8008)
connect$unix(r1, &(0x7f0000000680)=@file={0x1, './file0\x00'}, 0x6e)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000700)=r0, 0x4)
r3 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCDFWD(r3, 0xb101, 0x0)
setsockopt$MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000740)={{0xa, 0x4e20, 0xcc4, @local, 0x5}, {0xa, 0x4e22, 0x3d3, @mcast1, 0x80000001}, 0x0, {[0xaf, 0x100, 0x5, 0x6, 0xfffffffc, 0xf, 0x1000, 0x80000000]}}, 0x5c)
ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f00000007c0)={r1, 0x0, 0xfffffffffffff000})
pselect6(0x40, &(0x7f0000000800)={0x8, 0x10000, 0x3, 0x44a, 0x7, 0x100, 0x0, 0x6}, &(0x7f0000000840)={0x4, 0xe0b, 0x80000001, 0x8, 0x7, 0xffffffffffff0000, 0x8, 0x2}, &(0x7f0000000880)={0x3548d403, 0x8d1e, 0x9, 0xf4, 0x7ff, 0x6a, 0x6, 0x8c}, &(0x7f00000008c0), &(0x7f0000000940)={&(0x7f0000000900)={[0x5]}, 0x8})
sendmsg$AUDIT_USER_TTY(r1, &(0x7f0000000ac0)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000a80)={&(0x7f00000009c0)={0xc0, 0x464, 0x1, 0x70bd2c, 0x25dfdbfb, "c6bb720f20763484363ff93c34c76b162d9da58fb7ec39b5148a8b5a58f313e35c35ef8539186d165150cc1130be687352922a75092a0e9c254be258e80cc952423bd3a4024ef3c5eb14a47fd561241af067bb4f03926cb21884a0235f3a1d9b59563755ee7a0e7376c7d20185cfec1c2430daa4b3db2257f6eb971ff59fa65f94e132233ca6906a2f2de80cb3b2e556987a49a22216d3377aa3fd242aa73f0f9f17275386625e1b51b79b84a49117", ["", "", ""]}, 0xc0}, 0x1, 0x0, 0x0, 0x800}, 0x11)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r4, 0xc004aea7, &(0x7f0000000b00)=0x7)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b80), r1)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000000cc0)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000bc0)={0xa8, r5, 0x4, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xffffff00, 0x71}}}}, [@NL80211_ATTR_KEYS={0x40, 0x51, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPES={0x1c, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac05}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_KEY_SEQ={0x9, 0x4, "20c4da30b0"}, @NL80211_KEY_SEQ={0x4}]}]}, @NL80211_ATTR_USE_RRM={0x4}, @NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x8, 0x1, 0x1, 0x0, {0x9, 0x9f3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2, 0x1}, 0x800, 0x2, 0x1f}}, @NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x8, 0x1, 0x7, 0x0, {0x3, 0xb0, 0x0, 0x7, 0x0, 0x0, 0x1, 0x3, 0x1}, 0x300, 0x4c4a0e4d, 0x5}}]}, 0xa8}}, 0x4044004)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000d80)={r1, 0x58, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000e40)={'syztnl1\x00', &(0x7f0000000dc0)={'syztnl1\x00', r6, 0x10, 0x7, 0x1, 0x401, {{0x14, 0x4, 0x2, 0x30, 0x50, 0x64, 0x0, 0xc2, 0x29, 0x0, @local, @dev={0xac, 0x14, 0x14, 0x28}, {[@timestamp_addr={0x44, 0x34, 0x44, 0x1, 0xe, [{@empty, 0xfc}, {@remote, 0x3}, {@broadcast, 0x6}, {@multicast1, 0xb}, {@multicast2, 0x2}, {@loopback, 0xffffffff}]}, @ra={0x94, 0x4}, @end]}}}}})
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000e80)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x0, '\x00', 0x0, r1, 0x5, 0x3, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001180)={0x80000000, <r8=>0x0}, 0x8)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000011c0)=@base={0x3, 0x2, 0x7ff, 0xf28, 0x4040, 0xffffffffffffffff, 0xca9, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x8, 0x1e, &(0x7f0000000f00)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @jmp={0x5, 0x0, 0x8, 0xc, 0x9, 0x4, 0x8}, @map_fd={0x18, 0x0, 0x1, 0x0, r7}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001000)='syzkaller\x00', 0x81, 0xb3, &(0x7f0000001040)=""/179, 0x41100, 0x0, '\x00', 0x0, @cgroup_skb, r1, 0x8, &(0x7f0000001100)={0x4, 0x5}, 0x8, 0x10, &(0x7f0000001140)={0x4, 0xa, 0x5}, 0x10, r8, 0xffffffffffffffff, 0x1, &(0x7f0000001240)=[r1, r9, r1, r1, r1, r1, r1], &(0x7f0000001280)=[{0x1, 0x2, 0x1, 0xc}], 0x10, 0x400, @void, @value}, 0x94)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000013c0), 0xffffffffffffffff)
sendmsg$IEEE802154_SCAN_REQ(r10, &(0x7f0000001480)={&(0x7f0000001380)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001440)={&(0x7f0000001400)={0x3c, r11, 0x20, 0x70bd26, 0x25dfdbff, {}, [@IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0x3}, @IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0x7}, @IEEE802154_ATTR_DURATION={0x5, 0x15, 0x6}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1b}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x4}]}, 0x3c}}, 0x4)

20m39.47206823s ago: executing program 49 (id=5882):
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes192\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x6, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_emit_ethernet(0x7c, &(0x7f0000000240)={@link_local, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "9a83c9", 0x46, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6558, 0x0, 0x0, [0x0]}}}}}}}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
syz_emit_ethernet(0x8e, &(0x7f00000004c0)=ANY=[@ANYRESOCT], 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

19m16.610524123s ago: executing program 50 (id=6131):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102400, 0x19000)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = dup3(0xffffffffffffffff, r5, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @val={0x8}, @void}}}, 0x24}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000380)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, 0x0)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x8044)
write$binfmt_misc(r4, &(0x7f0000000300), 0x6)
r8 = dup3(0xffffffffffffffff, r2, 0x0)
sendmsg$key(r8, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4188aec6, &(0x7f0000000100)={0x200})
openat$vimc1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
semctl$IPC_STAT(0x0, 0x0, 0x2, &(0x7f0000000040)=""/10)

19m12.906761038s ago: executing program 51 (id=6139):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x600002, 0x141)
fcntl$lock(r0, 0x26, &(0x7f0000000100))
open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0)
read$alg(0xffffffffffffffff, &(0x7f0000000300)=""/126, 0x7e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
writev(0xffffffffffffffff, 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000100)=';e\x00\x00\xa4\xd8\xe0\x9c\x7f9\x8aZ]3N\xbb\xe1^\x9c\xe1\x9b6s$0Y\xf8\x90\x00\x00\x00\x00\xd2~l\xf6\x12\xde\xdd\xd5\x1d\x96\xb0a\xad\xcd\x16\xd8G\xae\xd9DZm\xabO\xad\x11%\x7f`@\x16c\xc0\xb6\x1f\xe3\x00\x1a_\xc7\xbf\xa7T\xbe\x13\x8b\xb3r\x8fL\xe6\xba\xe7\x18\xb4$BIj\xa3\xc9\xc6|\x9b\x88\xddPx\x02I\xde\xe8\xcd\x02\xc1\xedc2\x06\xcbM\xfb\x13jZ\x96\xeej\x9b\xe4XjN\xb9>\xdf3U\r \x8dh8T/h)\x90\xff\x8d\xd9\x89\xab\xf8P\xacYtk\xa3\xed\xfa*8\x13\b\xce\xf8z\xed\xadnz\x96\xa3\x9a9R\xd9]\xe11We\xfe3\xe06\x1a^\x04^\xef\xa3\x0fU\x9b1\xc6J\x83\x9d[\\a\xfd\xdc\xa1\xcd\xbe\x9b\xc5z7\xe8VP\x89\x16MK`\xe5\x137\b\x00\x00\x00\xd5\x01\xea\x98\xe6Z\x95j\xe3\x0ek>\x14\x80\rXS\xce\xf9\x0e\x89\xc4\xc6\x1bOm4Lla\r\xce\x17\xb5r&\xf3\x96\xbc\xc39\xa7\x95\xd9F\x17', 0x0)
r3 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
r4 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000340)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)
close_range(r2, 0xffffffffffffffff, 0x0)

17m19.137000733s ago: executing program 52 (id=6380):
r0 = socket(0x2b, 0x1, 0x40000001)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = dup(r3)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r4, 0x4018aee3, &(0x7f0000000300)=@attr_arm64={0x0, 0x0, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x4000000400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = socket$isdn(0x22, 0x2, 0x25)
r7 = socket$isdn(0x22, 0x2, 0x22)
dup3(r6, r7, 0x0)
r8 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
r9 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040))
r10 = dup2(r9, r8)
ioctl$DRM_IOCTL_SET_MASTER(r10, 0x641e)
unshare(0x22020600)
r11 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r11, 0x1, r11, &(0x7f0000000000)={0xf000201c})
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8905, &(0x7f0000000280)={'wg2\x00'})
r12 = memfd_create(&(0x7f0000000d00)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0xe)
fcntl$addseals(r12, 0x409, 0x3f)
r13 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r13, &(0x7f0000000600)={&(0x7f0000000000)={0x2, 0x0, @private}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000700000f6923246100890704"], 0x18}, 0x0)

15m38.890294272s ago: executing program 53 (id=6553):
syz_open_procfs(0x0, &(0x7f0000000080)='net/kcm\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x2000, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x8000000000000c, &(0x7f00000001c0)='u', 0x1)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x9, 0xffffffffffffffff, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r3, 0x2275, &(0x7f0000000080)=0x7fffffff)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1}, {0xa}, {0x0, 0x2, 0x0, 0x0, 0xa}]})

11m59.488307295s ago: executing program 54 (id=7200):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_emit_ethernet(0x38b, &(0x7f00000003c0)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x355, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000050000000026000400"}, {0x18, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x18, 0x5, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2"}, {0x21, 0x7, "f5000000000002000000000200000000000000000000000000008879e66485201a0015ca837400"/55}, {0x0, 0x14, "5e14f0e7e72d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fa632dbf04542188b196e213408c"}, {0x3, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0)

7m47.050186978s ago: executing program 5 (id=7979):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5b"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x75)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='cpu.stat\x00', 0x275a, 0x0)
preadv(r1, 0x0, 0x0, 0x0, 0x0)

7m46.894840726s ago: executing program 5 (id=7981):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x1a1281)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000a40)=@nat={'nat\x00', 0x670, 0x5, 0x338, 0x0, 0x1f8, 0xfeffffff, 0x1f8, 0x0, 0x2a0, 0x2a0, 0xffffffff, 0x2a0, 0x2a0, 0x5, 0x0, {[{{@ip={@broadcast, @remote, 0x0, 0x0, 'geneve1\x00', 'geneve0\x00'}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@dev, 'pimreg\x00'}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x0, 0x7}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1f8}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x2200, {0x0, @local, @local, @gre_key, @icmp_id}}}}, {{@ip={@private, @dev, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pim6reg0\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @local, @loopback, @port, @gre_key}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x398)
syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x0)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001300)=[@fadd={0x58, 0x114, 0x6, {{0x0, 0x7}, &(0x7f0000001200)=0x7, 0x0, 0x1, 0x81, 0x9, 0x7, 0x24, 0x7ff}}], 0x58}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000840)={&(0x7f0000000a40)=ANY=[@ANYBLOB="9feb010018000000000000006c0000006c00000004e3000006000000030000042c0500000200000004000000050a00000700000604000000fdffffff010000000100000036c7000000000000060000060400000015000000ff070000"], &(0x7f0000000b00)=""/178, 0x88, 0xb2, 0x1, 0x9, 0x0, @void, @value}, 0x28)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=@newtaction={0x74, 0x12, 0xbf68af9d17701211, 0x0, 0x0, {0x7}, [{0x4}, {0x5c, 0x1, [@m_xt={0x58, 0x0, 0x0, 0x0, {{0x7}, {0x71, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}, @TCA_IPT_HOOK={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000800)={'syz1\x00', {}, 0x0, [], [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe]}, 0x45c)
dup(0xffffffffffffffff)
remap_file_pages(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000004, 0x36c, 0x2)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r7}, 0x10)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r0, 0x5514, 0x0)

7m45.635495008s ago: executing program 5 (id=7986):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000002780)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]})
memfd_create(&(0x7f0000000280)='\x00\x00\x00\x00\x00\x00z\x9b\xb6\xe8t;\xfc\x02\x00\x00\x009\xa0\x8b\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x89\xe5\x8f\xe2\xb6\xd6\x9cF\xbd\xff\x14\x05\x00\x00\x00\x00\x00\x00\x00\xf3\xdc\x91\'\x06\\8\r\xfc\xeeG\xbe\x90C\x1c)5\x98\xa3\xfa\a\xf9\x98\xbb}\xeb\x86P=\xe51\x9d,\xb7\xe6_M\xbe\x19\xea#\xff[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabW\xac\rP\xf42\xb7\xc8\xaajn\xd7\n\r\x802\xd7\x1b$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xda\x8a#t>r\xae\xe8\xc9)', 0x0)
r3 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$rds(0x15, 0x5, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='contention_end\x00', r4}, 0x18)
r5 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="1400000035000b63d25a80648c2594f90624fc60", 0x14}], 0x1}, 0x0)

7m44.419304916s ago: executing program 5 (id=7988):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="640000000206010800000000000000000000000014000780080012400000000008000840000000000500010006000000050005000a00000005000400000000000900020073797a310000000015000300686173683a69702c706f72742c6e65"], 0x64}}, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x10, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f00000000c0)={@mcast1, @mcast2, @mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x320})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@newlink={0x24, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xfeffff7f}, [@IFLA_VFINFO_LIST={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0400"/20, @ANYRES32=0x0, @ANYRES32, @ANYRESDEC=r2], 0x48)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r0, 0x890b, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0xce)
ioctl$SIOCAX25DELFWD(r4, 0x8917, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x4c}}, 0x0)
shutdown(r1, 0x1)
r5 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r5, &(0x7f000047b000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
r6 = socket$inet6(0xa, 0x6, 0x0)
r7 = syz_open_dev$evdev(&(0x7f0000000000), 0x1ff, 0x1)
ioctl$EVIOCGLED(r7, 0x80404519, &(0x7f0000000080)=""/87)
r8 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x3d0, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x200, 0x230, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x430)
socket$l2tp6(0xa, 0x2, 0x73)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4004810)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty, 0x3}, 0x1c)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TLS_RX(r9, 0x6, 0x2, &(0x7f0000000100)=@gcm_128={{}, "fc67595be6ba531d", "f282a57fc5303cf76e7249da3a45d934", "b1c522fd", "4fdc74240191b1d5"}, 0x28)

7m43.496247937s ago: executing program 5 (id=7994):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000003680)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x200035c0, 0x0, 0x0, 0x200035f0, 0x20003620], 0x0, 0x0, &(0x7f00000035c0)=ANY=[]}, 0x78)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1)
r1 = socket(0x840000000002, 0x3, 0xff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x4, &(0x7f00000001c0)=@framed={{}, [@ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe, 0xa000000}]}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x0, 0x0, 0x0)
connect$inet(r1, 0x0, 0x0)
socket(0x15, 0x5, 0x0)
ioprio_set$pid(0x3, 0x0, 0x6000)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
mkdir(&(0x7f0000000300)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)

7m42.145302513s ago: executing program 5 (id=7996):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102400, 0x19000)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = dup3(0xffffffffffffffff, r5, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r6, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000380)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, 0x0)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x8044)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
write$binfmt_misc(r4, &(0x7f0000000300), 0x6)
r7 = dup3(0xffffffffffffffff, r2, 0x0)
sendmsg$key(r7, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4188aec6, &(0x7f0000000100)={0x200})
openat$vimc1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
semctl$IPC_STAT(0x0, 0x0, 0x2, &(0x7f0000000040)=""/10)

7m26.590109896s ago: executing program 55 (id=7996):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102400, 0x19000)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = dup3(0xffffffffffffffff, r5, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r6, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000380)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, 0x0)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x8044)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
write$binfmt_misc(r4, &(0x7f0000000300), 0x6)
r7 = dup3(0xffffffffffffffff, r2, 0x0)
sendmsg$key(r7, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4188aec6, &(0x7f0000000100)={0x200})
openat$vimc1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
semctl$IPC_STAT(0x0, 0x0, 0x2, &(0x7f0000000040)=""/10)

7m4.744112139s ago: executing program 9 (id=8122):
add_key(&(0x7f00000001c0)='big_key\x00', 0x0, 0x0, 0x0, 0xfffffffffffffff9)
sendmsg$RDMA_NLDEV_CMD_RES_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="180000000914010000000000000000000800010000f7ff0079aaf95df32955025162230a30e630fe16546a2bfefe60e404b07f41727e313acdd080007b160a0ba49a17ff3edd803814e194e355f416af8aecc99b9aa668e2e31ebb6a9972ce25f7f7743fc944586dd3e451b2a96536bedc8445543496fecd869fc401e895b1f705aa3dc43f6fe2f79ac17cf2c13be6bd2e1760ceddfcb982db08985b3a0617176e3971356633ed2dbe6a957e86247f4483f53a2ec7fe2c0e107235cfedb81b6f3cd60aa542e3f9a67a3228e0347c9e4c8fde20dd18f94634da767b4b5f33548f5be956be9dd7584cfd01f07f20be3055eb21ce74862f933f185aea68fa2939721848d90f65a42e33eb2dd47b08aa84ea2242160a816b5a5edcc619372da63e69fe9c01e2b62df0be268d9b18597a0ba114e43446f0b573259b42d0a3bfc6cde6b1abf4f306345bd5edd01bc6bac10063896100357c3b13639d98122203f753ab1c0000000000a89ada92621045f4b06425feda3c5234592169a36b491b2a96a12c41285fda16482924f7ffb5cca7eb0e360b0f792a59d16f53451f13cbf5cf2b6bad79a0d3d51b1e7ae85c2b356ea213e7000000e04c187d6b8cabe4b468ea08bc796e34ea6fa5bf7ba2a05c288f707af561bbafe2f2df0f6024573a6a1f2c9a69cf3f2fe91fd7d41d317bc168"], 0x18}, 0x1, 0x0, 0x0, 0x40000}, 0x20044085)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='oom_score\x00')
r1 = fanotify_init(0x0, 0x0)
readv(r1, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/175, 0xaf}], 0x1)
fanotify_mark(r1, 0x1, 0x40001019, r0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
read$FUSE(r0, &(0x7f0000000200)={0x2020}, 0x2020)
syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000632000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000500)='inet_sock_set_state\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
r4 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_int(r4, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x380000, @dev, 0x9}, 0x1c)
sendmmsg$alg(r4, &(0x7f0000000240)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000040)=ANY=[], 0xd8}], 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @empty}], 0x1c)
sendto$inet6(r6, &(0x7f00000000c0)="eb", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r7, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000740)={0x0, 0x9, 0x7, 0xb23, 0x8, 0xfffffffc}, 0x14)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000100000000000000000000000000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797ac127756e00000200000000"], 0x80}, 0x1, 0x0, 0x0, 0x40004000}, 0x40001)
write$UHID_CREATE2(r5, &(0x7f0000000300)=ANY=[], 0x118)

7m1.710695069s ago: executing program 9 (id=8129):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r7}, &(0x7f0000000800), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_freezer_state(r6, &(0x7f00000002c0), 0x2, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
r8 = accept(r1, 0x0, 0x0)
sendmmsg$alg(r8, &(0x7f0000000380)=[{0x0, 0x0, 0x0}], 0x1, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000180)="cf74ef75a65f23faffef0ccafd3657e69e01ab84eb59476c0c41f199e5cbbf4d086ca1ca4acbf91ed8e06221d05ebb073e429bf98caae40f1a1b911bf95fc1b6005d11ed7fe0c6a8a42291", 0x4b)
recvmsg(r8, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000040)=""/8, 0x8}], 0x1}, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x4580)
write$FUSE_NOTIFY_INVAL_INODE(r9, &(0x7f0000000080)={0x28, 0x2, 0x0, {0x5, 0x3, 0xffff}}, 0x28)

7m0.536905943s ago: executing program 9 (id=8135):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000030000000160a0500000000000000000007000000040003800900010073797a3000000000090002"], 0x78}}, 0x0) (fail_nth: 10)

6m59.834851784s ago: executing program 9 (id=8137):
r0 = landlock_create_ruleset(&(0x7f0000000140)={0x0, 0x2}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
memfd_create(&(0x7f00000016c0)='roo\x7fde\xd3^\xd7\x1d\x13\x0e\xcaJ&\xaf\xfa\n\x84\xdc\xbc.\a?\xe0\vn\x84\xbe\xc7zT\xd8G\xda0\xfbKA\x0e\x95\xbf\xb7\xb6\x8f\x9aJ\xce0\xc9\x1b\xe9(\xf1/\xe3\xcak\x94\xd1\xf6\nN\x1e\xb8p:\x05\xeb\xe8\x000\x1f\xcbK,\xaa]Cc\xdb\x1cP.ZND7g\xe8\xaf\xd6\xc0\xb8=\xd3[\x90\xf9\xc2\xfc\xc7m:\xddg\xd1\xc7Zxy\xb6J7\xcc7\x96\xe3L,\xad\x8c\xc2&\x1e\x9aX\xdd\x16\xcc\xb0:\xe2kCk\\\xce\x0e\xb5\x93\x00\xc3\x804\xee\xe2Web\xf7<\x86y \xcbS\x86\x13W\xf1\xc9k1\"\xf5\x8dQ\xce\xbe\x90\x8a\xe2V\nM\xfd\xcew\x85 \xbdY\x84\x96\x9c\x8c\fP\x1d\x19\xb9|\x93\x1c)\x03\x16\x17n\xe3/\x8b\x82\xf7\x1a\\ue\xd1v8\xebx\x1e\xdd\x03\"\xdb\xd2\xda\xf4O\xb4\xa8Z!4L~G?\x1fV\x9f\x9929\xbd\rxC\xa7\x1d<[4\xfdJ\x9d^\xe3\x02\x00\x00\x00\x00\x00\x00\x00\xccZ\xd3\xc4ys\xb5\b8E\xb6@9L\xdb{\x9c\x1e\xfd\xea\fk\xea\x1e~Q\x81\a/\x8c\xdb,\x862;\xc9\xaa\xecC\x7f\x8e$Q\xee\xcb\xb0\xd1g\x06H\x97v\"\a\xbbD\xbb\xc4u\x060\x850\x81,Nn\xa1\x859U0\xf6iT\x1f\x9b\xa1\xfb\xa1\xa0\x04lm3\xa8\xc4\x94z\xa2\xdb\xe0:\x91O\x19_;P\x97\x15\xb3\x8f5\x01I:\x9e\xd53\xbe\x9f\x8e\x8fZQ\x8b\x7f\xc1\xa68\x15\xad2Z)\xac\xe8\xb0\xad\x13\xb4\xc27\xc8\x17J\x82\xc7&\xbf\xfa\x04@y\r=\xbdc\x9b\x9fX1\x15\xd5\xa2\x8dn\xef\xfc\'-\xbd]\xf7\xc39\x01\x00\x00\x00\xa2tE\x10\x00'/449, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x84, @loopback, 0x0, 0x2, 'wrr\x00', 0x20, 0x9, 0x3}, 0x2c)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet_sctp(r4, &(0x7f0000001680)=[{&(0x7f0000000000)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000380)="9eb6c2a63fb4edc901040a8b1951eb79dffb5987812de4aed9a157cf7762531dd2f096191208e5a4a8a7efb139f1f93a5b779df3f03ee199f55eb07d0354c27752e0bf779561b3912e2fbee83bd195ef4eb0", 0x52}], 0x1}], 0x1, 0xfc)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000380)={'erspan0\x00', &(0x7f00000002c0)={'gre0\x00', 0x0, 0x80, 0x20, 0x6, 0x2, {{0x8, 0x4, 0x0, 0x3b, 0x20, 0x67, 0x0, 0x9, 0x4, 0x0, @local, @empty, {[@ssrr={0x89, 0xb, 0x8a, [@private=0xa010102, @local]}]}}}}})
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r7 = socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_int(r7, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
recvmmsg(r7, &(0x7f00000039c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000580)=""/4096, 0x1000}], 0x1}, 0x10001}], 0x1, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'xfrm0\x00', <r9=>0x0})
sendto$packet(r6, &(0x7f00000002c0)="12040500d3fc03fc01004788031c09100628", 0xfd35, 0x4, &(0x7f0000000140)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @multicast}, 0x14)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000440)='./file0\x00', &(0x7f00000003c0)='./file0/../file0/../file0/../file0\x00')
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0a000000080000004200000040000000c2000000", @ANYRESDEC, @ANYRESOCT=r2, @ANYRESDEC, @ANYRESDEC=r1, @ANYRESDEC=r6], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000080), 0x1003, r10}, 0x38)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500), 0x0, 0x2, r10}, 0x38)
syz_usb_connect(0x6, 0x46, &(0x7f0000000000)=ANY=[@ANYRES32=0x0], 0x0)

6m58.382752392s ago: executing program 9 (id=8142):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000001c000701080000000000000007000000", @ANYRES32, @ANYBLOB="e04f00000a000200aaaaaaaaaa"], 0x28}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0xffc3, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c00000010000304000000000000000000007400", @ANYRES32=r2, @ANYBLOB="08000000000000000a000100"], 0x2c}}, 0x0)

6m57.689883616s ago: executing program 9 (id=8148):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$bt_hci(r0, 0x0, 0x2, &(0x7f0000000280)=""/65, &(0x7f0000000040)=0x41)
syz_open_dev$dri(&(0x7f00000005c0), 0x1f, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x44, 0x30, 0x0, 0x0, 0x0, {}, [{0x30, 0x1, [@m_ct={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c000000030800000000000000000000000000000900010073797a31000000001c0004800800034000000000080005400c00000008"], 0x3c}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="7800000039000900000f0f000000000001000000040000000c000180"], 0x78}}, 0x0)
r6 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000080), 0x4002, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r6, 0xc0286405, &(0x7f0000000300)={0x1, 0x9, {0xffffffffffffffff}, {0xee00}, 0x6, 0x6})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r7=>0x0})
ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000002180)={@loopback={0xfec0ffff00000000}, @empty, @mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2020013, r7})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61153c00000000006113100000000000bfa000000000000007000000ee00160e5e03feff00000000140500000000000069163a0000000000bf07000000000000360507000fff0720670600003f000000150600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

6m56.428465265s ago: executing program 56 (id=8148):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$bt_hci(r0, 0x0, 0x2, &(0x7f0000000280)=""/65, &(0x7f0000000040)=0x41)
syz_open_dev$dri(&(0x7f00000005c0), 0x1f, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x44, 0x30, 0x0, 0x0, 0x0, {}, [{0x30, 0x1, [@m_ct={0x2c, 0x0, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c000000030800000000000000000000000000000900010073797a31000000001c0004800800034000000000080005400c00000008"], 0x3c}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="7800000039000900000f0f000000000001000000040000000c000180"], 0x78}}, 0x0)
r6 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000080), 0x4002, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r6, 0xc0286405, &(0x7f0000000300)={0x1, 0x9, {0xffffffffffffffff}, {0xee00}, 0x6, 0x6})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r7=>0x0})
ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000002180)={@loopback={0xfec0ffff00000000}, @empty, @mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2020013, r7})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61153c00000000006113100000000000bfa000000000000007000000ee00160e5e03feff00000000140500000000000069163a0000000000bf07000000000000360507000fff0720670600003f000000150600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

4m45.198820736s ago: executing program 7 (id=8584):
r0 = openat$nvram(0xffffffffffffff9c, 0x0, 0xc4a00, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r0}, 0x8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1e, 0x0, 0x4, 0xff, 0x484, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r2, 0x29, 0x4b, &(0x7f0000000100)=0x3, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000300)=[@in6={0xa, 0x4e21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}], 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd04, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r7, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000440)=ANY=[@ANYBLOB], 0x114}], 0x1}, 0x0)

4m44.073623431s ago: executing program 7 (id=8589):
r0 = socket(0x2b, 0x1, 0x40000001)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r2 = dup(r1)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r2, 0x4018aee3, &(0x7f0000000300)=@attr_arm64={0x0, 0x0, 0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x4000000400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$isdn(0x22, 0x2, 0x22)
dup3(0xffffffffffffffff, r4, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040))
r7 = dup2(r6, r5)
ioctl$DRM_IOCTL_SET_MASTER(r7, 0x641e)
unshare(0x22020600)
r8 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r8, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8905, &(0x7f0000000280)={'wg2\x00'})
setsockopt$inet6_int(r0, 0x29, 0x48, &(0x7f0000000040)=0x200, 0x4)
r9 = memfd_create(&(0x7f0000000d00)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0xe)
fcntl$addseals(r9, 0x409, 0x3f)
socket$inet(0x2, 0x2, 0x1)

4m39.593146931s ago: executing program 7 (id=8595):
r0 = syz_open_dev$swradio(&(0x7f0000000180), 0x0, 0x2)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
fstat(0xffffffffffffffff, 0x0)
ioctl$SIOCRSSL2CALL(r1, 0x89e2, &(0x7f0000000140)=@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0})
ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f00000000c0)={0x1, 0x5, 0xffffffff})
io_setup(0x6, &(0x7f00000003c0)=<r6=>0x0)
r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f0000000200)={{r7}, 0x401, 0x8, 0x5})
ioctl$DRM_IOCTL_GET_SAREA_CTX(0xffffffffffffffff, 0xc010641d, 0x0)
io_submit(r6, 0x1, &(0x7f00000000c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r7, 0x0}])
ioctl$SNDCTL_SEQ_OUTOFBAND(r7, 0x40085112, &(0x7f0000000040)=@e={0xff, 0x0, 0x0, 0x0, @SEQ_NOTEON=@special})
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mremap(&(0x7f00002d7000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r8, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f0000000300)={0xc, 0x0, <r10=>0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r8, 0x3b89, &(0x7f00000002c0)={0x18, 0x0, r9, r10, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000280)})
ioctl$IOMMU_IOAS_MAP$PAGES(r8, 0x3b85, &(0x7f0000000080)={0x28, 0x2, r10, 0x0, &(0x7f0000236000/0x800000)=nil, 0x800000, 0x400000000000000})

4m38.473202518s ago: executing program 7 (id=8598):
r0 = msgget$private(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socket$inet6_icmp(0xa, 0x2, 0x3a)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
msgctl$IPC_SET(0x0, 0x1, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x0)
ioctl$USBDEVFS_FREE_STREAMS(r4, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYRES32=r0])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000980)=@filter={'filter\x00', 0x42, 0x4, 0x3b0, 0xffffffff, 0x1f8, 0xf0, 0x0, 0xffffffff, 0xffffffff, 0x318, 0x318, 0x318, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr, @empty, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0xc8, 0xf0, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x0, 0x0, 0x2}}, @common=@ttl={{0x28}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x98, 0x108, 0x0, {}, [@common=@icmp={{0x28}, {0x0, "53a6"}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "d675ef1a27acea4c3c29b1bc225f00641b4756e72736ac9737ed75a12134a9df80284d4b52f6e9a2ed7f2cf113cb0032d3b0e7802fc1a581c0cfc778aab4a6ef"}}}, {{@ip={@private, @loopback, 0x0, 0x0, 'team_slave_0\x00', 'veth1\x00'}, 0x0, 0xe0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00'}}, @common=@socket0={{0x20}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x410)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r6 = socket(0x1e, 0x1, 0x0)
pipe2(&(0x7f0000000040), 0x0)
connect$tipc(r6, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r6, &(0x7f0000000040), 0x2000011a)
recvfrom$inet(r6, &(0x7f0000000b80)=""/24, 0x4a, 0x162, 0x0, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r7)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000200)={0x50, r8, 0x607, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}]}, 0x50}}, 0x0)

4m37.523923s ago: executing program 7 (id=8600):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x20}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x44050)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4m35.480958127s ago: executing program 7 (id=8604):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_emit_ethernet(0x86, &(0x7f00000004c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb0800450000780000000000019078ac1e0001ac1414aa030390780300000047000000fffc0000002f0000e000ee02ac1eac1414bb00000000ac141441000000000040000000000000e000000100000000de0b9dc6b8325ebaa0c4ac1414aa00000000ac1414aa00000000e000000100000000ac1e000100"/144], 0x0)
mq_unlink(&(0x7f0000000040)='\x7f+\x04\x94NjN|\xe6\xa5\xe32\xde\xbb\x1a\xff\xa8\xdeJ\xd4gy\nZeW\x83\xf80\xfa\xb6\x83sP\xb7\xd7\x887\f\xb81\xa8\x92\ne\xfd\x89\x88J\x9b\xedpq\xf2\xb4\x84\xc8\x03\xf7\x14sawo\x8b\xb3J\xaa\x850.W\xd3\xe2\xf5\xf1\xf8\xc2~V\\\xe9\xa8[\x9f\x8d*\xe1\xa3\xe5*\xd1\xf2\xb8\'R\xaaW\x03V>-\x01\xc9\x1d75\xba\x03r\x99\x82\x13\v\xc9Z\xe3\xfaL\x05\xf8\x8b\x10\x06\xc8\v1DW\xc7n\x1f\xe1\xb4\xd0\x11\xf3\x14\xbe\xf5\xc0\b\x1f\xb8\v\xdc5d5\x95\x99N^\x8f\xd2\xf4b~c\x0f\xbe,\f\xa9\x06\x92R\xe1w\"\xd9\xa0^|\x90\v\xdfe\x03\xcf\n\xcb>\xd0\x04D-\x8d\x7fs\xdcq\xe5\xc7\xbeqR\x8e\xb2o\xf8\x15\xbd\xdcK\x8d\b\b}\x1c\x9e\x95f\xf1\xc1\xff\xe3\xac\xfe0\x1a\xcd\xfc\b}\x96p\xb8C\xa9\xda\xfc\xf9\x84\xff5\xdcB\b\xe5\x03<\xc4nc\xc9\xe6\xaa\r\x8b\xca\x1f\x82\xa0\xdd`t\xbe\x91\xea:\xec\xdd\xed[\x9d\xa1\xff\x8f\x85b\xa3\xbb\xa6\xc4\xbb\x92\xc0\xa3\xe1\xed@\xd6a\x05\xb9\x13O\x84\x0ea,j\xce\xaew\xcf\xa4E\xe4a\xf3w\xe7\xf5dG\x8d\x15I\xfc\xdak\xb0c!\x1a\t$\x8a\xbe\x14\x0eK\xa2\x94,:\xa6\xd6\xc017uZ\xba\x0f+\xc4X,~\x8fW\x84\xe0T\xfdF\x05Q\f\xf0\t\x9a\xa4\x1e`\x9d\bv\xc3T\xe8`\t\xa0\x93]J\xe0j2\x93I\xad\x1d\x00\xb1\xe5\x17\xb8\xc3%P\x89I=\x89d\x17\fM\xba\a\xea\x04\xe3hQS\xe0\xd0\xeb\xfa\xaa\x93z!\xf6\xd0y\xb2')
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6(0xa, 0x40000080806, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb01001800000000000000140000001400000002000000000000006017732e72640800000000001322bf510823031cc913d4648df1e6ff63a758d60d644b37dcd12cf0c77fdd4a360560e12d21d41d45172d1bcba70ade88ee5ae6ac7c9ca5ee273534b448a36360111facfff60000000000008c0fa8781667fe"], &(0x7f00000003c0)=""/3, 0x2e, 0x3, 0x1, 0x9, 0x0, @void, @value}, 0x28)
connect$inet6(r2, 0x0, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000002200f30c0000000000feff00760000000f00001e37000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = io_uring_setup(0x1de4, &(0x7f0000000440)={0x0, 0x1, 0x400, 0x0, 0xfffffffe})
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0x16, 0x20000002, r7)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r3)
sendmsg$NLBL_MGMT_C_ADDDEF(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000004007c8121f9bf4baa0000080002000500000006ece77843bc69b59a4bfb73789933e954736d9ebcb34f65541bfa6a05a4c9aea0ca8cf992151151a4b7acab469759c464148024a0a99f4193c44dbfae48f6d829a6bc6dcdd8197798bc1cacd308baf5af1e561dc6b57a4ab1f37767b5229a2dc946c8ee4c6eeaf8f9c104f6ac47b36884982e2b"], 0x24}}, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r9, 0x0, 0x482, &(0x7f0000000740)=""/60, &(0x7f0000000780)=0x3c)
setsockopt$inet_tcp_TCP_MD5SIG(r9, 0x6, 0xe, 0x0, 0x0)
r10 = syz_open_dev$video4linux(&(0x7f0000000000), 0x10000, 0x440)
ioctl$VIDIOC_S_CTRL(r10, 0xc008561c, &(0x7f00000002c0)={0x9a090a, 0x937})
openat$cgroup_int(r5, &(0x7f0000000100)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0)
close(r1)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0x4c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

4m19.610005256s ago: executing program 57 (id=8604):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_emit_ethernet(0x86, &(0x7f00000004c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb0800450000780000000000019078ac1e0001ac1414aa030390780300000047000000fffc0000002f0000e000ee02ac1eac1414bb00000000ac141441000000000040000000000000e000000100000000de0b9dc6b8325ebaa0c4ac1414aa00000000ac1414aa00000000e000000100000000ac1e000100"/144], 0x0)
mq_unlink(&(0x7f0000000040)='\x7f+\x04\x94NjN|\xe6\xa5\xe32\xde\xbb\x1a\xff\xa8\xdeJ\xd4gy\nZeW\x83\xf80\xfa\xb6\x83sP\xb7\xd7\x887\f\xb81\xa8\x92\ne\xfd\x89\x88J\x9b\xedpq\xf2\xb4\x84\xc8\x03\xf7\x14sawo\x8b\xb3J\xaa\x850.W\xd3\xe2\xf5\xf1\xf8\xc2~V\\\xe9\xa8[\x9f\x8d*\xe1\xa3\xe5*\xd1\xf2\xb8\'R\xaaW\x03V>-\x01\xc9\x1d75\xba\x03r\x99\x82\x13\v\xc9Z\xe3\xfaL\x05\xf8\x8b\x10\x06\xc8\v1DW\xc7n\x1f\xe1\xb4\xd0\x11\xf3\x14\xbe\xf5\xc0\b\x1f\xb8\v\xdc5d5\x95\x99N^\x8f\xd2\xf4b~c\x0f\xbe,\f\xa9\x06\x92R\xe1w\"\xd9\xa0^|\x90\v\xdfe\x03\xcf\n\xcb>\xd0\x04D-\x8d\x7fs\xdcq\xe5\xc7\xbeqR\x8e\xb2o\xf8\x15\xbd\xdcK\x8d\b\b}\x1c\x9e\x95f\xf1\xc1\xff\xe3\xac\xfe0\x1a\xcd\xfc\b}\x96p\xb8C\xa9\xda\xfc\xf9\x84\xff5\xdcB\b\xe5\x03<\xc4nc\xc9\xe6\xaa\r\x8b\xca\x1f\x82\xa0\xdd`t\xbe\x91\xea:\xec\xdd\xed[\x9d\xa1\xff\x8f\x85b\xa3\xbb\xa6\xc4\xbb\x92\xc0\xa3\xe1\xed@\xd6a\x05\xb9\x13O\x84\x0ea,j\xce\xaew\xcf\xa4E\xe4a\xf3w\xe7\xf5dG\x8d\x15I\xfc\xdak\xb0c!\x1a\t$\x8a\xbe\x14\x0eK\xa2\x94,:\xa6\xd6\xc017uZ\xba\x0f+\xc4X,~\x8fW\x84\xe0T\xfdF\x05Q\f\xf0\t\x9a\xa4\x1e`\x9d\bv\xc3T\xe8`\t\xa0\x93]J\xe0j2\x93I\xad\x1d\x00\xb1\xe5\x17\xb8\xc3%P\x89I=\x89d\x17\fM\xba\a\xea\x04\xe3hQS\xe0\xd0\xeb\xfa\xaa\x93z!\xf6\xd0y\xb2')
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6(0xa, 0x40000080806, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb01001800000000000000140000001400000002000000000000006017732e72640800000000001322bf510823031cc913d4648df1e6ff63a758d60d644b37dcd12cf0c77fdd4a360560e12d21d41d45172d1bcba70ade88ee5ae6ac7c9ca5ee273534b448a36360111facfff60000000000008c0fa8781667fe"], &(0x7f00000003c0)=""/3, 0x2e, 0x3, 0x1, 0x9, 0x0, @void, @value}, 0x28)
connect$inet6(r2, 0x0, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000002200f30c0000000000feff00760000000f00001e37000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = io_uring_setup(0x1de4, &(0x7f0000000440)={0x0, 0x1, 0x400, 0x0, 0xfffffffe})
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0x16, 0x20000002, r7)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r3)
sendmsg$NLBL_MGMT_C_ADDDEF(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000004007c8121f9bf4baa0000080002000500000006ece77843bc69b59a4bfb73789933e954736d9ebcb34f65541bfa6a05a4c9aea0ca8cf992151151a4b7acab469759c464148024a0a99f4193c44dbfae48f6d829a6bc6dcdd8197798bc1cacd308baf5af1e561dc6b57a4ab1f37767b5229a2dc946c8ee4c6eeaf8f9c104f6ac47b36884982e2b"], 0x24}}, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r9, 0x0, 0x482, &(0x7f0000000740)=""/60, &(0x7f0000000780)=0x3c)
setsockopt$inet_tcp_TCP_MD5SIG(r9, 0x6, 0xe, 0x0, 0x0)
r10 = syz_open_dev$video4linux(&(0x7f0000000000), 0x10000, 0x440)
ioctl$VIDIOC_S_CTRL(r10, 0xc008561c, &(0x7f00000002c0)={0x9a090a, 0x937})
openat$cgroup_int(r5, &(0x7f0000000100)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0)
close(r1)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0x4c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

2m43.924112521s ago: executing program 0 (id=8894):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x1a1281)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000a40)=@nat={'nat\x00', 0x670, 0x5, 0x338, 0x0, 0x1f8, 0xfeffffff, 0x1f8, 0x0, 0x2a0, 0x2a0, 0xffffffff, 0x2a0, 0x2a0, 0x5, 0x0, {[{{@ip={@broadcast, @remote, 0x0, 0x0, 'geneve1\x00', 'geneve0\x00'}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@dev, 'pimreg\x00'}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x0, 0x7}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1f8}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x2200, {0x0, @local, @local, @gre_key, @icmp_id}}}}, {{@ip={@private, @dev, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pim6reg0\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @local, @loopback, @port, @gre_key}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x398)
syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x0)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001300)=[@fadd={0x58, 0x114, 0x6, {{0x0, 0x7}, &(0x7f0000001200)=0x7, 0x0, 0x1, 0x81, 0x9, 0x7, 0x24, 0x7ff}}], 0x58}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000840)={&(0x7f0000000a40)=ANY=[@ANYBLOB="9feb010018000000000000006c0000006c00000004e3000006000000030000042c0500"], &(0x7f0000000b00)=""/178, 0x88, 0xb2, 0x1, 0x9, 0x0, @void, @value}, 0x28)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=@newtaction={0x74, 0x12, 0xbf68af9d17701211, 0x0, 0x0, {0x7}, [{0x4}, {0x5c, 0x1, [@m_xt={0x58, 0x0, 0x0, 0x0, {{0x7}, {0x71, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}, @TCA_IPT_HOOK={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000800)={'syz1\x00', {}, 0x0, [], [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe]}, 0x45c)
dup(0xffffffffffffffff)
remap_file_pages(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000004, 0x36c, 0x2)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r7}, 0x10)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r0, 0x5514, 0x0)

2m42.926697891s ago: executing program 0 (id=8898):
bind$rds(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x18)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000840)={&(0x7f0000000a40)=ANY=[], &(0x7f0000000b00)=""/178, 0x88, 0xb2, 0x1, 0x9, 0x0, @void, @value}, 0x28)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=@newtaction={0x18, 0x12, 0xbf68af9d17701211, 0x0, 0x0, {0x7}, [{0x4}]}, 0x18}}, 0x0)
dup(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00'}, 0x10)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x5514, 0x0)

2m38.21424963s ago: executing program 0 (id=8910):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x6, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000003000000bca30000000000002403000040feffff6b0af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000061140800000000001d430000000000007a0a00fe0000001f6114100000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4fffe2158dfb8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb3fa3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5973acc706db6b861b8c10a7cbd0b723906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff6194732827a58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f1000000006eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f3a6da2819d2f9e77c7c64affa555ec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f37382000000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23577949a50f2d0455cf799b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115553f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5f07918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa61071799e1acb3928143be1c1023a375e528285544d0064b91f00f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aa3f999ce700ffe794e27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac987fd637c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fd52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812fc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a2271d96c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795d35f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7eddd12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b0200780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca78fa04d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b78825d5ed789711b77d40dc31e0b8fc651b45559da463f00000000000000005bae7859839f856e7a397913eec7977f6231c5f11849b3deabc60c5ccf240d16924eb760a969813be02a229c674045b88915518a17b683268f10358e1c0b20cfc2bd105e5e1db7fed951b8faf126267bb38b8d356f63d3433d3dee643503a8ba4968adf6673f720c474ecf324d989235f1b52aacfe52e4519af87b7e1594728d6d6fff1248e72d5b1b1b692b2b732f0f2ac0714079fd7bf97bf2b5687d1db91daa5210d09ebe66d00ff4f35143be01585e629d408f2d00a0a290db76adc5f57e160b2c188bb1ecc4e7d2948788e4f9c1bcaf91dac53a2f525f7385d5d82728b5217908748f4c22b6d79700"/4153], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x5, &(0x7f00000000c0), 0xffffffffffffffc2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

2m37.206701436s ago: executing program 0 (id=8918):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESHEX=r1, @ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYRESHEX], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x42, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x19, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x20, 0x1, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {}, {0x85, 0x0, 0x0, 0x10}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
timer_create(0x6, 0x0, 0x0)
r8 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r8, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_GET_NODES(r9, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, 0x0, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0xfd53}}, 0x0)
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, 0x0)
madvise(&(0x7f00008d7000/0x1000)=nil, 0x1000, 0x4)
close(r4)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

2m34.229991454s ago: executing program 0 (id=8927):
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000001940)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_notify={{0x18, 0x17}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, "3395f9d846826ed12656e4f68327d4ee"}}}, 0x1a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
prlimit64(0x0, 0x1, 0x0, 0x0)
ioprio_set$pid(0x3, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000004f40)="e911c90b6c5104ad51115c756c2eacd1ab6fec942dc7c2df545b7fbd4c5bea19399b48dc17b3c63003225a8adeebbf5ecdfa76a3fa8ea2169b58881537259572400ec371cac67a61c8682405eabd7fad877bfec4df9b201a173c3f216622b2680fab064b30844d166ab55633a968ab7fd24c0fa551c0a26f36fd2ad68bcd637fc810c19a59f7d192ea689ace6f0d6efd410a5d28cdc6ca117fe11d6988699c89fa9c05d39abfc3be44c71cbe450d1d236ea5d7eb7b6a29d9fe67cdeb0eaa46a2a184b3f233aac0ee2435f5d025f431e80d145baacfe7999f461a7f8823256d65edee905232b45994a7c1d6081181fe633b741a1cc68cfa65f746557c3e1e16edda682441a0224775134cc329a47c4ee5dc23de300200a5e06885fa2916f42b1dfc26ef3af08b18b2be978a2a4cc54a9321947d7c89a697d48b08a2700b2f577701747de382dfa2e07f92ccd96f7932517aa4442f25485451818b4e9df0608dba6dab28fa2c5aaed9522c839786c5c017673ba59c6d914dfbde6c4bee9855d72f62b02eb12fa591a76509462aa5ebc877f0b60042a0b6caf15dfb0e4f74c0662dfa23dbf2b013c0b95e98150c144cf63f13d20eaf9a3bff74567b6832c36cc6ac532ce8b563745bb7bc11afe15bb337a98fff20e03c4893383cf05d68caca8e3aff4a0da14caaa9597d3f22af1c0cda973d07bf54e97b5b38f5c5cbac41dca75a772e52bf459ba6fe1740ca6854fdd8ac2e002b46c8c61a6aab5de3afb0cf54b92956c13f34889e22714d6e3b6f9bfb72feb61e58b33e9cc0d6bdf3527be2cca1bc8e06bfe38200a685b9cafa038f2085d409cd6afed57714d486a563c5b1a81b6344afb18029f6a563dd00bacc9d323829593f56c2ee390234d2e9d0f271dff9b2b017bd5033c1501e39f729d957b3a52ad853283fd2bc2c00ee1f7e4f3b5e0985b327ca081b17935a8201f80cf36deea8f9e8ba8ed02ed8f59eba7c2fc6b405eb191e3e34e852692aacae129b6feb98f862d2397605e492b5e6e73aaebf3200ba50997ad80dda7ea0d7becc7639c8d0445d72da6817bb283a9aa9ab18b996d43342db5914ac3aa000118410b95fff15004f1ace296f75a465e42bd9139b9f7a30e2f35ff188b53e9fa12d09a4e2b762ce85009126cd28e53cf0d69161dd01e9618f08500c0dd24481adc604d37a460816d6abcc4cdee8f7ecda3608191a7dfaeef94b6d8c464b8b6197af49e01497843f4275b1b1250a5e2b5e0617aef8bb2e5f19942fe1daa1f89abefc36963d04008d2f2ca164e8074d58c1aa025831cfb519a8bcd607e2b23cbecdc78ef8828cd8adcae24c135c6d991ea81ff2589aadda99d1f314143daa810478364142f0dd1c4191b68bd081e331d5759b4768729f4d49271401df07ad4a9bfb108d26763622b6ba923930a2ff387aae26338ddc66c3f3205023ee29d01ac150a7bdf80ff9a9a741f275951321901b6844477c7f0b5342e8047d42852731b614c5878d4b442e7950c330a784c0f12efc09f8d3321cb7acdb274d3bcf26a5245fa0f29e3b753ef021e4f1cb6845c8094c5908e17ad4bd376895f168f2dcff37b7438b05f1c6abfa1a3f1334a7b0f7e84446601935cdc0db0081a93a50487bac999976b3aa6bbae47e71486e7e9a77b68e11771962dec08e94ef1023648e8d0722bbad9178b7a4bee612bbab7ff786c363308c40a09df01d5d7b62760a02d0761f63ec908bd3d734d827b5034e40df53ee4829b221e98fcc584e06bf91d1026acc9e749f1c17ca269c4f54d49c34ad38ba7a60c88480bbd6de859a55483559ba7ca73326facb0fbddbdbdff31c01c6b87cccd784ad15e4c3c680265ee77c4b3cca7be0b7681804b514227a832717dc189e4f7346bf4bff7e12ca9b3d820361c8edc97f319c0361151fb68f65f7f86140ce0bb9ac3510a880cb7bf89e050845da8d5d1367e190d40d5137bf60de9741e363915726a56cf78eed7a309beae54f98154dea42d0989c46dc92a8776235856c822bfa54b493cc49edcf7e5540c21c247c93e5f25f6bf5973a613cee0b5b7a683d2bd4c80f72a59d09549f01f70a581d72ad11a0d725dc32920e2d8880682d2e7c3712e44bb933f1c9080990a447db9e4f24df66b72177bff9fab3eec7df2ac314cef7a66ed13172e372573686d8f37aff4872e2555d2d85b92a98f7c2e15402da6e00cdd4d565e1b1f0ef1c9e9d053eefbe0fc761c95675795250a7421852c0d811e45256b5612bc91602823171b3d8292b76ea7ce201b9114cfb3d3dbb7d10ee20565c9860f6816542a4b83611bab1e78c03c9a5deb7ea7241100cbf9523ae1ed5d9937234d3bd11cf7a44880f4d56a9ea1ea26ad4e547511d22b55bdb144ca20e211d5e8845786d2acd779e085ae50d75ca36c9f284ed2edf9be69a09cc697e847460c61da35e2d2bca2eca0b9332abc830c68fba6dbfdd1d8946b2eef29d64d3c7476e9701dcb43c487dd0fc15c7c8f3eabc4f059eb1631176872a1cfd69afc73e424578b00baf091d177d54e64d7fc260705d139017859f1ed62e0d9b57ab8c891280457b8b011ca1a2fa92577465c7ff8ba0ac0a3e0867f43e5d7df1f387187030b0f196afc48011e27944831f5f4db0006a20dcfe7a1dea9eb6dea96d528af3fb6b38b9df3eaca143739675f9b722465128a71dd25d4536c0b9fcca377ebe10b1de8aa17e6a999ff8890ad2ee2afe8d41ab76eae8df8c52a15c6428eba61d31ddee6a53f812ec5ba4b8bda40216223fbe20c09d642efd8fc470ff4828f0c621ff4671734f68277da1eee0e359c691ec56f09b2af495ec8ca8c50ceef6c302efd63286485b3a0db8732c018708ea4f1598df0bdedd6e5cb3abb3566997f3c3479e501c4f8b81e166b74a46417afc94b99dad3a0fea6cebf72973f7bd2378548b6fe303b09a6c24a116e1862b0e04bd2c60385c780e992ea4210b28c1d4ab77ab4a44d39dd34612f79885381b4118677e285127b18faa776fd9c1a30798ee56f31fd19b93c071d2547176a959a9b6c46d495999be720ad7a36324c8995068b8ef1b278d88cec24c62d55ebf3bb9f58d86727b35ff1bd0bb40e111dbcbabff0e51e3f70da2b3fee10e83120f3d52161c07aec0f02364450d2a996035cd93226d7fd71e174203a7d3b6c6d52bb030b5f48fc6ddfe5ce69179333d37128f022f9f245e8bc4583cc40f3114b8136298e1e1a55aaa18cd9a785cc2144f414e29160c6d742024834b073cd451b30d3b760cbdf91091d40a7d6b1cc801c016afbfff71f480ba51983d153619c234062a68eca91a1a2a50c28eb7f56b5304d3238fe1cb049bf739392c4ae2ac751e20f089c89533fb50e38500e4bc9a21b582a2cb0856a9c3a002336099c78fec2ea7f1865a4ec6503261b3185f90a9827e120005353fd7ed8ed424bf8eac7a9ef67c3cfe17674390c731cb9135b68bbf524fb3c3d165bd366311e5c49be29dba2694fa2af8b00ebc04d30c1dd1e980c562bc7d90dc0a1872e679cf6210e6509e30d52e85b569bfa77f3bea9f48de9470c2a0622eefc6a56e507f7cc67f3171bc480a00b901bce0d0d575ac38c816b18e79e0fe09b513bf93c4fe11e086d4007bd1f343654b56ca8e34be89b24997014551fc362b3d2dbc4082052473a4e9bdb6e1a4707551ebc8e51be5452e29a1dfdfce23fded6bdb804da173abfc9b706998558bdc0edff764e4a6d616a888fe8d5fcb87b8e34d0f3484189f6f06e24b74e468f7fc9f60c2f456feb0eca04c91f002e4ebcb6adae6bea953e3fb1f3c01a68a08a92005c3629f0f4906e2bdee32cd86c6b751e775c3b28864640511a32c4f10f86e90cb2a508d0f5e15a18f3c0bbb5e5d2d2ce880ebd0e05898947eef255af66fbc6633544953710ba4ecda3ab44a7566c925973da584e634080aacecabb3f22ffe5957bc753820a3509b4c82c013829713b500c752a0d8de7729ab1ad79ac39db6331525bdc18083e76256edb16d60b09f8765d2ca2de9a676c13086ff5ed770012cec20ccf49a3edeecb6ecd826f4c970a6a015754a53aa74210a3d5bb697f231bbdfcf11352a666f0e24585e84b8d9a4b5f21a4d6b84082a211ee45d50416d06fdc5a04720c658221dda22aa4c34fb17b7fb115543aea896ed01d7665325090e54b713f500e9fa1671b315a854ab5d2c3902d1c8fd974983332ca09aa8eca6b641197da9be026ce965eace3d4e05939a399922d3142e1191753b57cbf7ea054fb48737473c03410bb0f40f98a7d8096fc29b732c37e2452f647a86b45240f2a3c73dfe81354b1800993f63776a0642e3c12bbd7aab9c328914372e1f7a3917923dadb1d60fa5abeb94fa959a9dfc801a470f1f3e2fa8fa534a733d3e509d36df243dcf9172ac2590150a0e1a6f2077d2301bb2c53a441abaa56ce75d946efeca2aa85cf6461fc957acea20eee92f78f13a70f28ea5f929774f94f959d956ac1c090148e5dc9f4292dd6ab6e5a2a13ea3323af35d87a3cb7c95c2c3e0612ed96c8d08e7d93b5f94eec417a3b645224806fcc0939342a15da6130d237e40a937393a19f935aca46d5f2bbc2b2dfa73735f9a8f29b12dd7a2dbf047354222b6fc8f3a9a5c162a12defe31c2cc48cddbd5d1b98f6ef6f190e63d2bedf5b622b082297585fd123c80e927ed52ad543a19f8448b3d00b00a9ab01d123d6bb3876374d2afec7b4b8a09b1d3195042ea7ed867447abe9881b6673d40698420f0910cb9e64e9b5972af3b4de62e842788b4b7665c7662e25378a6b42f3d01b5c20d9e1fd12aed90eae6de95b506272cfae02c82b3caf1fafcce2497f203c7c1bbb287e6ab06602db40e28e18bce3d4667ba8af53382dbcc76cf821604c2636a14bd12a36a905207e7f7c581b733819aead52a9f800ca27d312de5d3b5f80272594d385304e5cbd1c9bea9106bca6c6ba8371a4ded2c556664bab5cf8f7e10197b6f677971243ad64a7786f9bfb613f282771eceb38b4bef9fc5d2a9cbff0828206dd6ea2a89cd846edfeba758f14196496180ddbb2c474efbaa85041c548ded5541e1d03a5d08e7bfb277841507e17bbab91afeae6cd1bf90799c9b270e701b39d484281bccb206d584f872ed34781cc7c99a7c7b82c1c89055f46bb160b5387ac9a75a2e9975e4189f90a74e6ea17920c84f81e0fce7673c861868aaec3547a734f8bec0617bc809a17a0f2ced98615fb833a12dba259e5d5c087c2cfe0c7b9605f1691a71516d3e23f4132b0fd17ed93534e5d4864217422c117f27231adf2f59d3f4c9286899c451f63d809f18f15c88c5298d75d85976c3e7206000c4c645fee33657ee753b4304fd47adfa35f5bb1dad0babac17975ded43038f827af353b0518a5cbc73242afe59c06ee2a3bf6e43b6dde6ea1c60c7103c91ba6614c0d6f399ba17d4257cfba018e52fd87fbbe7c9b5406ac987ba15965552745d3d239e70b6aa3848c8e8eaa2589acde9dbb8e915aa55e1aa3aa8f7656b359edb292e3f784bc4f10180d404113e1c59040e0a7393c2ebe56c9925eeb250aeb98cda5500833d2231cc7832f14637ec81fa2e20c5809b3c397ffafd7e71dfba79b00d88f26b711aefc914984d99a9efabb02694304d6c4de07c53a5e5e5d823502dc5938b7854050fc1172cfe21c1c7864f5015c05bdb87bfbb236567e8e9e9404761d4a4e36f7030eea38c689fa573ef9d462b81cff417b832baeb0ac51a010a106449b3cec1189bfeb4ff8e236ffa36111c64c87d50d196fe3aa45110d20fb87055fc0ca796bbc3b1bbe61f7021a85c27d2bdf7f14186e66d3b8a37b070a7633ff2fb2a4f432665a5a0d1329b901409884fbf9bbc3e6936833868adbc4c239ad511fc26c0ffd4deae2fa988e20cc326df717390bf5506f0394f7c7e8a155a70e6f2634b5464fc49ed5359d8653766b59a07940e1b81eb8f028c08ac8ee15efbf11668f44aa8b709eb85cf8176e3cdeef1cdd5518de7ed9cb191a5ed41055b4f60e9a05ed7a89ae755606c45758c2792f2a6e65cdbf93502f72953b317896bb3bc97f84ab81a9be93b832d07e1f815d6d8a8c08cd7859c2b568c01e8711cd171fc19dd3172380e880aa0f80fffd84611dc8f3d7fe7b3959edd15f62ca0a3961e50f14bbe9c7219f9ff98fef6484d52aed162b185d2d124309b0b32aa079182a821ee17bbdb2798745ca87e8e34f81da19835ae18d85aeed37d3cfebe759e1f96837ba270ed469a26a9a76267077cba063d94803fdc9de6befb0ff6bac574c72a3b9f48662a7a6ddb15b64b1d966f4533f0a2d92c0095cec6d0a868ef2db8acc3f3bea605c4c5b93457ea76ab0428af48d7aa007d9f9f8a6143947c35ecac82a817200d4d9d51d9ee1c8596b62c5e5e605d6b5c3420c38d06817a4f1f952345b36d47a76999fd2a027a2a1b99eb040b66e2dc5d78e5f5541ae338029ee69c71c6e4619b2cfdf175653feed99a9260c78198914a2b9dc0198adcaf85dee7232974d6701ab5d4edc357b50a1418ed672ae66f66b1a7992432d51c64ffe6df318d9910a50695f4430112d32874d24f7a811fef4c6fe6b0f3e0cb2f48b243a836022e06e2e87cd9f0f5ed877ccb222e70d431b3e84420c0bedd99604ef9733916352b5c39a127d59761977ae22f67db6dd1eefcf89739a8b061da169fedfb8d3ed38425ebcc286f27fa7367a2da038042c23413b25a62432efc3d6cc09833f828c2855ad3d0c17d737e3991ed1c5f41b0d361198bb1cca3a441133e980420cc86ce4552c1b6b0981d0c7b5ada53b556fbd9e0bb0155c2eb848c2d8e83d6a97b4afffc7d4bd1a7219cfe3f9fb2ba7881b48a6394b9b32814ea8d26f7e5dc1b9fedb0286a38ef21d338a76eeb48f4fb6a0eb51b1bbcccf6af09efba8009bd2ba1591be67d67b06ac1350d6d58496ce1dff5086642d131dd1a906e579fd410e5ee20ec7d38cc7ee11fbe7ceb6b2857b21cef47debd4362d02f6f8ed3027ea96cc5c58f2522ffa6e193d9b8dd315e4441c08bc5078d0ebe73f8fac8fca2ac8c37f95d15f2dd13b473614025bd82942e21f4abe06cb9d304a4835efa77b0656050a2a0d945b0b62347a9de54a5e5cf27a0b0b22fff1ada12ac5e6332794987a7e1d309da0e0161f1db47107f57c989b59b9011babfe72beeb74566e3dc23c2ca806d02bfcc9e61061a88a5b9e418052edbd12a92d6a67ec87046abfe42d41ce8a624035ca284a107507aeed9aaac8e9c0979fe4d0e93c66c0fe5613f28e93a678a1eb0c22262c22665f3da0c69e49ca2a82fadc0fec2dbdf96601550f0a65ae7537d50bcecc7ddfd2fcf8ff6ae46786fa346b6a2840e83f81ba13849599af1063fd546631e4fd8f836bdf3c644de179697d3efabfe8cd4a74005c5afd542314524734e25d6ac94a3b2b7f90d9c25177fdcb27a7d043f4cfa6466410c540535d8d757f7d9e64fa250de95784b82f47b878ec077d18c2ef4d7e3068678b4f3de4261b7e5de8b38bb01e844c0faac5c78ef834ea5f8d707989a998ca8ea95f7b68543da6496e0aab4545ede40da4a7efec64ac32f36d37ff8c34a4885e225a5b138260394afecaa773f46e4c5e48f2ff17b2957f765752d356eabf4bc011843b0af689048439fd04a77042df1dc99023defbd86f8907d24b88512ea80089becba451ef32fa93e49938201325f55f0a360d3690707b350a67a06111a5db6ed9323940f91f7de0dbdfda4cb5348a734a18fec704e8a627edb1bcea83facad474d9b4238f0efd529653c3e69751233081fae1224197cb467a7de72bd422551ac7036fc6dfd9ef8b6d1bd2e1923e32c787c5de7f5c69fd69729b172804d234c4e009ee74c534f9cf38cd4d66abdbe64aa13382003ed7cec6c99f72ffae20cbd9d59e8afe8e16497d5eabb0bfbdab1656d2925d879eebad050b4af59d7bdd9b88ab0df4e68ea9c75e689a2406d299d2ac7f5cd51e8d93294c9c6bc249ea9163f2e17d7d24f32320666d71f11b5bb7313caa2f84c3f7a4a072bcbbe01bd6b10ce005bccbd5dc045c52fdf2bd20eb7a36520a01b951749850650bc1204c9ac31a22a0c8b07f86d63aa37f1adcb80fff407627c2f2c0d0dde0672d4290d8a2c9271906e091a0b2110adc5410280c2824c1691e3f04472e5b1ed980445d29f7fc603da6306018f74d6687c45a50d414d39d49725e0d943239f230639c9d9d0526c3cc769839dbc3b2abe256f22e72f7314672a669735bb3cff4d29c83315db306c93a6db585c9451125399003ca9e6f3f0a8e2b4d8c461635e69d721e520723de7066ba202fc3070c8a01ff2048dee50085cad06376e0fdfbc29a3db608646f4a2521ea6372e08ceb8becc85c8a4685ea4c39ba7065a21f52b090dff72b99d5da6090b80283c26a4112ab2e0201de0fd455b4dff2116808df6184527a2761b9399c90ad1d84299acf971b0c7fb58e88e91c0d11b88b55fefd3d9d86d5f58c03d010c4a132b98bc55517ed6bd4b2d3a7b092c73cd5ec7a004b18ed27dc6146b428ae7034c290e37a18fef372c874605fed5b6a73b3670089728260ff74cb7289e032668bab9ef6a3b02ade004de952d18f9a0dd5756f3eb479ea89a403dca27dc205bb5c6a8cf26ab1229b365069c8aee6374b254ee7d7610057afa7872faec0c449d1918b146c1005c143a944ffe43556a5f83c989f7c3cf465fc9d16584db129d575c4bee84c25e7cafb578b1cb4305584d6557c73b1b85ba2457c4b4c287751b421c8357ef3b868c00f4c90a6e944fc314333059a22ae07461de6139f8dabab5d00c2d4d89011d02dda2e86810a0b9be61bfd723c11ccc40c2386dec9901fecdbfd8a8eed8e892f639b0f77f15143450cbaf435f6b13065d7d4a95bf09994b490a873f8bbb87e6c9e06dfd50d5cb0fa8ab871ee24158bda8e0ab493050f336a0ffc333422ede6c425f18bcc2ccb71ca565a298e7c7fd494175810a1268c2bf8a8a0fe7716115fcf463ea9cc1004d73f2b13fa50b1bb5d799aa2ef938a51b51f23dd7b9557ef14c7982bfa085b44825e0dcc2faf1f56a6124624e046e1f51b09132c806664633ed8e6bcfecb995f7ef7ac7bdf480aac1c2aca577e98d8dfbb098fe29beb45b8c2ed85425946e9bb6771efdf6f548b85399ef6421d9ea7cab7b552fb6352d8912f2809454e3ef2849e31662d6449b5c69bd46a6b9036eae04420bdc08f6062c8fd48a0d48011154f7a6c16867df030fcd139b043823b11d72bb3d5c4cd77f860f25310f5d6bb29f06dea7970aa9560c487efe0e0810746c6865d9b37d60617bed512f58a8a7a118de85f7721a4be9a21eb1451acd7815820ab829f078ce31a31d4fc81832cd384ce4ccebfd586dae1265c68ac7e0b0b02c43d85af5fe69b443bd44c7d0d6b53f3ea4f10799780e2a5e15197388790b57ae524b4c48977cea5c306c0e05672c999b384b516f891ffa528dd19628ac0db7e071184b2f8e66c4a655d3eb600b7e86187b5f244b52173b2a6c92a8d3cc988f5aa7fb153716a83b0ab9afae2af971d82dd116dad8f8402df05959524a66ba67ca3be63a73aec5c85ebbe56dfc1e6aceb2b35c907034cf3121b14af9e2d1fdc499c913e8deecbece3e955a1490cd4391456c36cf708ca579aa668386107097638c5abcafb3c45832582a4a5ba1f77020152526c6988aa0217d482e1468c69440a317ab45cf1b0923d23414ebf6124c8d2ab65b83d833d83944aa7acd12adf1d6d1982dd6733de42835f82fa7f8c531867c3ceb83e214e0aa0c00652473190605337444f0cbcdbb3d09ca58798b453bd80fcaf8b1efe07e44e8a572e2900f79955c5bc2d66156fb810f4e823480c46d0d045464ca8bd49981797dee7e19594424a2696d9dfc05a8952d77e5146873524cd78088d8d731089da66bde12fc2e67912ade6348a3de5e8760dde7c521371f4f5fbab5aef8672e6f8a20688be5e6acf8ca624c5bb92fe82abe508a9f1e773f987a11e711ded4347722d785be356ab7c03cc0c26586a6ba2f8c9de718dbf35fc0ad6f701f85f760b49c1570f114a4651f25573003ce8f90cdb152d33b5c69d8e83849d914acae1e18f1e5d0192419c36900e5f4b7d0b0b35e4869dc892b7e6091ddb03fc5e01c93f171b3f73eaf08399deee1159e0042755c985d2fbecd1aba1fe3b86cb60b16b65e5bbb0f7246035bbee2c7f3e82abd112261376d8a145e47c6792847c02fce040de6d5d9491531759a50ddaf59c8f489dd3fbe45be54ce9882c8937107160b2f07ab47eb6d8d74cb009e23cdd16f541b64ce127ae37929c802ca752fd2d2c2d8b014317310712eeeffc17706e43d5e2bd4c45d0bc897636dc5732a8798aed06a129650f95e6bb6069a4076261f2787103f30d286afb7a743e592539a9b5dc7d3aa88e6ef327e965b2afb93aae3cd4ac0be7082826d107f7318d281e8a1379ec0b27efc4bb50c592d71b24c31b7006a7d5cae4bf961e668aa09d636b46544762a5dc5ccf0ecfac3e1edeb995ff389384feb1bbc0f983520294ec215a8ad29a164f3a4c6719784615b5d368ffe3cd2143a889270a60685929185753e4bcc1c02f756cddc0580380634185ea6febafd13f73a06167dd20e46b7f1d63c60916ea89f95dda4e3b8d75bd3ccf70d843cd4d24839d103c076b3c94ddbcb96d4bcb1ee98030a40f50af2f3be245d8d4c9028ce43e8ff9766f4d4df3bf354254191b9d7e0a552b2db2521db880f2fe1c7849d5666978a7c6461d2bd03de1bc84efe513025b6aa0fe482de1f386ec4f59b3e7abc4e348870ac10699de5bae5b042a24afbba4aded80d6753bc773e7a1fdda1d01fc97f03099b6a2d4cf2a8829a5d108c35e1a03434092fcb9e28e7c9989b3b0bfea5b7faade5cce059848f5c5bb8e5eae9edeb018cad243d9b3f4ea6f318773cba6e16457801ce015c4994a70fa4aaeaf02d2c6e6289cb1f48fc916a69f51b7dd0613fc0a96530fe989712c89e6cdfd7910569edfd542dda48e4a5d3ebda61d4e30537f30d63b0d3927ab78563c48f538b30a3f4e176077a0e8730a2bf7ffe7ac310f93b78cb096839ba374ca54d7b5f2cdc2abdd9e07b254a798bd0037f098642b41f64987130f3ba5d51a3a0e9de8fcd5e12de75eaf2d69dbea101e899bd526d95f4c925f25eaba72103e4f4c76e00536d6366fc801e3e589da731eb957f0176d07ea8eaa1a5cbc182eb6802b78b713a325fcffc67062134e7331ea9ba85979d741272bae3c1d70f84ba3a6434f902dfa82d9eeae063623b847f23073f862faaa75e6e83fabda3b0b312d08e945015fd6ded12902e0e282fcefce0d8c7a514684cdc7768c37034c951d2c81fce3992a82d270cb1965ff4e08583ab2791f518267d2125fd95894d0496a7bb7b98040339d7aafe64a5e8112ef0b047839f96a48e13c3149be7fb9a0c94fd6eee8b9b01711addd641f803109d5218de4b604a8f5766e2403babeec2dc3b4fc73195edb225d892c44850498cc786545e27ddbdb0d7062f169fec9dbb23788938d6a54babeb719f34be30e4526acc7f903085ef3c443b6cfaccf055fd794b", 0x2000, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(0xffffffffffffffff, 0x80089419, 0x0)
r0 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$kcm(0xa, 0x2, 0x3a)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/cpuinfo\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x20000023896)
io_setup(0x6, &(0x7f0000000080))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bond0\x00'})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
openat$mixer(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='qnx4\x00', 0x0, 0x0)

2m32.785972713s ago: executing program 0 (id=8930):
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x9]}, 0x8)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f00000000c0)=""/163)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000000c0)={'tunl0\x00', &(0x7f0000000380)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x0, 0x0, 0x1c, 0x0, 0xfffd, 0x0, 0x4, 0x0, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ssrr={0x89, 0x7, 0xff, [@multicast1]}]}}}}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r4, 0x40186f40, 0x20000502)
ioprio_get$uid(0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000240)="390000001300034700bb65e1c3e4ffff010000e7010000005600000025000000190004000400000007fd17e5ffff0800040000000000", 0x36}], 0x1)
socket$nl_route(0x10, 0x3, 0x0)
bind(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f0000000040)="b9", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private2}, 0x1c)
sched_setattr(r1, &(0x7f0000000100)={0x38, 0x5, 0x1000000b, 0x4, 0x102, 0x9, 0x0, 0x8, 0x3, 0x1}, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r6, 0x40046205, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001a40)="a1"})
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
preadv(r7, &(0x7f0000000180)=[{&(0x7f0000000240)=""/52, 0x34}], 0x5, 0x0, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r5, 0x29, 0x37, &(0x7f0000000000)=ANY=[], 0x8)

2m16.976001985s ago: executing program 58 (id=8930):
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x9]}, 0x8)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f00000000c0)=""/163)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000000c0)={'tunl0\x00', &(0x7f0000000380)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x7, 0x4, 0x0, 0x0, 0x1c, 0x0, 0xfffd, 0x0, 0x4, 0x0, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ssrr={0x89, 0x7, 0xff, [@multicast1]}]}}}}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r4, 0x40186f40, 0x20000502)
ioprio_get$uid(0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000240)="390000001300034700bb65e1c3e4ffff010000e7010000005600000025000000190004000400000007fd17e5ffff0800040000000000", 0x36}], 0x1)
socket$nl_route(0x10, 0x3, 0x0)
bind(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r5, &(0x7f0000000040)="b9", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private2}, 0x1c)
sched_setattr(r1, &(0x7f0000000100)={0x38, 0x5, 0x1000000b, 0x4, 0x102, 0x9, 0x0, 0x8, 0x3, 0x1}, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r6, 0x40046205, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001a40)="a1"})
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
preadv(r7, &(0x7f0000000180)=[{&(0x7f0000000240)=""/52, 0x34}], 0x5, 0x0, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r5, 0x29, 0x37, &(0x7f0000000000)=ANY=[], 0x8)

1m42.440441748s ago: executing program 2 (id=9061):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x1a1281)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000a40)=@nat={'nat\x00', 0x670, 0x5, 0x338, 0x0, 0x1f8, 0xfeffffff, 0x1f8, 0x0, 0x2a0, 0x2a0, 0xffffffff, 0x2a0, 0x2a0, 0x5, 0x0, {[{{@ip={@broadcast, @remote, 0x0, 0x0, 'geneve1\x00', 'geneve0\x00'}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@dev, 'pimreg\x00'}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x0, 0x7}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1f8}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x2200, {0x0, @local, @local, @gre_key, @icmp_id}}}}, {{@ip={@private, @dev, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pim6reg0\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @local, @loopback, @port, @gre_key}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x398)
syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x0)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001300)=[@fadd={0x58, 0x114, 0x6, {{0x0, 0x7}, &(0x7f0000001200)=0x7, 0x0, 0x1, 0x81, 0x9, 0x7, 0x24, 0x7ff}}], 0x58}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000840)={&(0x7f0000000a40)=ANY=[@ANYBLOB="9feb010018000000000000006c0000006c00000004e3000006000000030000042c0500000200000004"], 0x0, 0x88, 0x0, 0x1, 0x9, 0x0, @void, @value}, 0x28)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=@newtaction={0x74, 0x12, 0xbf68af9d17701211, 0x0, 0x0, {0x7}, [{0x4}, {0x5c, 0x1, [@m_xt={0x58, 0x0, 0x0, 0x0, {{0x7}, {0x71, 0x2, 0x0, 0x1, [@TCA_IPT_TABLE={0x24, 0x1, 'mangle\x00'}, @TCA_IPT_HOOK={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000800)={'syz1\x00', {}, 0x0, [], [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe]}, 0x45c)
dup(0xffffffffffffffff)
remap_file_pages(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000004, 0x36c, 0x2)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r7}, 0x10)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r0, 0x5514, 0x0)

1m41.247811879s ago: executing program 2 (id=9063):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xa200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f0000000180))
r3 = eventfd2(0x7, 0x801)
copy_file_range(r3, &(0x7f0000000280)=0x2, r1, &(0x7f00000003c0)=0x44594958, 0x8000, 0x0)
ptrace$ARCH_SET_GS(0x1e, 0x0, &(0x7f0000000100), 0x1001)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000080)={r3, 0x4})
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
open_by_handle_at(r2, &(0x7f0000000200)=@FILEID_BTRFS_WITHOUT_PARENT={0x28, 0x4e, {0x8000000000000000, 0x5, 0x101, 0x6, 0x6d, 0x7ff}}, 0x40000)
sendmmsg(r4, &(0x7f0000000180), 0x400008a, 0x0)
sendmsg$key(r4, &(0x7f0000000140)={0x9, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
read$eventfd(r3, &(0x7f0000000040), 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6(0xa, 0x80003, 0xff)
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001500)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000f3437b00001e3b"], 0x1c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[], 0xd4}}, 0x0)

1m40.890135167s ago: executing program 2 (id=9065):
socket$key(0xf, 0x3, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x9, 0x5, &(0x7f0000000040)=@raw=[@map_idx={0x18, 0xa, 0x5, 0x0, 0xc}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @jmp={0x5, 0x1, 0xc, 0x9, 0xa, 0x4, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0xd}], &(0x7f00000000c0)='syzkaller\x00', 0x81, 0x0, 0x0, 0x41100, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100)={0x3, 0x0, 0x8, 0x1}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000180)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f00000001c0)=[{0x3, 0x3, 0x1, 0x1}, {0x3, 0x1, 0xf, 0xc}, {0x5, 0x3, 0xf, 0xb}, {0x2, 0x5, 0xe, 0x4}, {0x3, 0x3, 0x5, 0x1}, {0x3, 0x5, 0x3, 0x169a52566d64de0c}, {0x0, 0x3, 0x9, 0x1}], 0x10, 0xba, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0, 0x0, 0x8}, 0x18)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r3, &(0x7f0000000080), 0x10)
listen(r3, 0x0)
accept4$llc(r3, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r5 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x0, r5})
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000001a40)={0x0, 0x0, 0x0, r5, 0x5})

1m40.611023278s ago: executing program 2 (id=9067):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001780)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="000000000000000020011280080001007674690014010280080006000000000008000100", @ANYBLOB, @ANYRES32], 0x154}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0xfffffffffffffffc, &(0x7f0000006680))
r3 = getpgrp(0x0)
r4 = syz_pidfd_open(r3, 0x0)
r5 = epoll_create(0x1)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f00000000c0))
r6 = gettid()
kcmp$KCMP_EPOLL_TFD(r3, r6, 0x7, r4, &(0x7f0000000040)={r5, r4})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r7 = socket(0x2000000000000021, 0x2, 0x10000000000002)
ioctl$FS_IOC_GETFSMAP(r7, 0xc0c0583b, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000900000008000000070000000000000012b90000000000000500000000000000050000000000000000000000000000000000000000000000000000000000000005000000060000000ba60000000000000700000000000000ff010000000000000600"/192])
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x1, @private}}, 0x80, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x18}, 0x4)
r8 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0)={0x0, r8}, 0x8)
syz_clone3(&(0x7f00000004c0)={0x2a20e0800, &(0x7f00000001c0), &(0x7f0000000280), &(0x7f00000002c0), {0x1e}, &(0x7f0000000300)=""/63, 0x3f, &(0x7f0000000340)=""/86, &(0x7f0000000480)=[r6, r3, r3, r3, r3, r6, r3], 0x7, {r8}}, 0x58)
syz_open_dev$media(0x0, 0x0, 0x68440)
ioctl$MEDIA_IOC_G_TOPOLOGY(0xffffffffffffffff, 0xc0487c04, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0xfffffe6d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
connect$rxrpc(r7, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x400}}, 0x24)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_clone(0x40000, 0x0, 0xfffffffffffffdd0, 0x0, 0x0, 0x0)
syz_clone(0x80, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg(r7, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xe000}, 0x5}], 0x1, 0x0)
write$tun(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="020086dd0300000000001400000060ec970012302c00fe8000000000000000000000000000aaff0200000000000000000000000000013a"], 0xfdef)

1m38.532515952s ago: executing program 2 (id=9075):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xa200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f0000000180))
r3 = eventfd2(0x7, 0x801)
copy_file_range(r3, &(0x7f0000000280)=0x2, r1, &(0x7f00000003c0)=0x44594958, 0x8000, 0x0)
ptrace$ARCH_SET_GS(0x1e, 0x0, &(0x7f0000000100), 0x1001)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000080)={r3, 0x4})
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
open_by_handle_at(r2, &(0x7f0000000200)=@FILEID_BTRFS_WITHOUT_PARENT={0x28, 0x4e, {0x8000000000000000, 0x5, 0x101, 0x6, 0x6d, 0x7ff}}, 0x40000)
sendmmsg(r4, &(0x7f0000000180), 0x400008a, 0x0)
sendmsg$key(r4, &(0x7f0000000140)={0x9, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
read$eventfd(r3, &(0x7f0000000040), 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6(0xa, 0x80003, 0xff)
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001500)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000f3437b00001e3b"], 0x1c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB], 0xd4}}, 0x0)

1m33.436851555s ago: executing program 2 (id=9086):
r0 = socket(0x2b, 0x1, 0x40000001)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = dup(r3)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r4, 0x4018aee3, &(0x7f0000000300)=@attr_arm64={0x0, 0x0, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x4000000400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = socket$isdn(0x22, 0x2, 0x25)
r7 = socket$isdn(0x22, 0x2, 0x22)
dup3(r6, r7, 0x0)
r8 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
r9 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040))
r10 = dup2(r9, r8)
ioctl$DRM_IOCTL_SET_MASTER(r10, 0x641e)
unshare(0x22020600)
r11 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r11, 0x1, r11, &(0x7f0000000000)={0xf000201c})
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8905, &(0x7f0000000280)={'wg2\x00'})
setsockopt$inet6_int(r0, 0x29, 0x48, &(0x7f0000000040)=0x200, 0x4)
r12 = memfd_create(&(0x7f0000000d00)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0xe)
fcntl$addseals(r12, 0x409, 0x3f)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000000)={0x2, 0x0, @private}, 0x10, &(0x7f0000000140)=[{0x0}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000100)=ANY=[], 0x18}, 0x0)

1m17.480585348s ago: executing program 59 (id=9086):
r0 = socket(0x2b, 0x1, 0x40000001)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = dup(r3)
ioctl$KVM_HAS_DEVICE_ATTR_vm(r4, 0x4018aee3, &(0x7f0000000300)=@attr_arm64={0x0, 0x0, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x4000000400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = socket$isdn(0x22, 0x2, 0x25)
r7 = socket$isdn(0x22, 0x2, 0x22)
dup3(r6, r7, 0x0)
r8 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
r9 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040))
r10 = dup2(r9, r8)
ioctl$DRM_IOCTL_SET_MASTER(r10, 0x641e)
unshare(0x22020600)
r11 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r11, 0x1, r11, &(0x7f0000000000)={0xf000201c})
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8905, &(0x7f0000000280)={'wg2\x00'})
setsockopt$inet6_int(r0, 0x29, 0x48, &(0x7f0000000040)=0x200, 0x4)
r12 = memfd_create(&(0x7f0000000d00)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0xe)
fcntl$addseals(r12, 0x409, 0x3f)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000000)={0x2, 0x0, @private}, 0x10, &(0x7f0000000140)=[{0x0}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000100)=ANY=[], 0x18}, 0x0)

1.999113378s ago: executing program 3 (id=9754):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='stack\x00')
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = dup(r2)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)

1.789619774s ago: executing program 4 (id=9760):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind$inet6(r0, &(0x7f00000006c0)={0xa, 0x4e23, 0x9, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3}, 0x1c)

1.630726834s ago: executing program 4 (id=9762):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'sit0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000001380)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x33, r2})

1.630356433s ago: executing program 3 (id=9763):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = fsopen(&(0x7f0000000200)='securityfs\x00', 0x0)
fsmount(r0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000280)='sync\x00', 0x0, 0x0)

1.630157209s ago: executing program 8 (id=9764):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, 0x0, 0x0)
sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x0)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f00000001c0)=@gcm_256={{0x303, 0x36}, "b94e34db85d81b18", "47aa7abe30152f713cd12ef23b2990ad5b256dee1bdb343ad81163debac5215e", "99be91b7", "d2441900000000f8"}, 0x38)

1.496730149s ago: executing program 3 (id=9767):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x7, @loopback, 0x10000}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x80000071e8, 0x4)

1.496053766s ago: executing program 8 (id=9768):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
pselect6(0x40, &(0x7f0000000180)={0x1f}, 0x0, 0x0, 0x0, 0x0)

1.430749911s ago: executing program 4 (id=9769):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0x3, 0x0, 0x1000, 0x0, 0xfe, "7a58beca39ed2d5a99bbc4bff0ebd3a9bd5a8a"})

1.294694355s ago: executing program 4 (id=9772):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x7}, {0x2000, 0x5000, 0xc, 0x0, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc}, {0xdddd0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3c}, {0x5000, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x8000000, 0xd, 0xfe, 0x0, 0x0, 0x0, 0x0, 0xfc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0xfe}, {0x1000}, {}, 0xddf8ffdb, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xf801, 0xeeee8000, [0x0, 0x0, 0x1]})
ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f0000000080))

1.211024296s ago: executing program 6 (id=9774):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, 0x0, 0x0)

1.080524466s ago: executing program 4 (id=9776):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
syz_clone(0x72b80180, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

1.080210876s ago: executing program 6 (id=9778):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="580000002100290100f5377062dbdf250aefffffff00208400000000"], 0x58}}, 0x4008000)

1.002649406s ago: executing program 6 (id=9779):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$sock(r2, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000002f40)="cd", 0x1}], 0x1}}], 0x1, 0x8004)
close_range(r0, 0xffffffffffffffff, 0x0)

926.474841ms ago: executing program 1 (id=9780):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000380)={0x5, 0x8000, 0x6, 0x0, 0xc9, 0x7, 0x9}, 0xc)

878.775627ms ago: executing program 6 (id=9781):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0x5c, 0x31, 0xffff, 0x0, 0x0, {}, [{0x48, 0x1, [@m_police={0x44, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x15, 0x6, "26a44d9f19e8446a0f5e355f0244210a90"}, {0xc}, {0xc}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4044010}, 0x0)

842.7903ms ago: executing program 6 (id=9782):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b402000000000000791100000000000085000000010000009500000000000000359bb9f43d86b136000000008762000000f33ad18fa9b151092e9172d8ca80be3f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket(0x11, 0x3, 0x0)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000700)=0xe9, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local}, 0x14)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
dup2(r0, r2)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r4, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0xfecc)

770.806545ms ago: executing program 1 (id=9783):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000580)=@delpolicy={0x5c, 0x14, 0x1, 0x70bd26, 0x0, {{@in=@dev, @in6=@loopback}, 0x4}, [@policy_type={0xa}]}, 0x5c}}, 0x0)

682.733306ms ago: executing program 6 (id=9784):
syz_usb_connect(0x0, 0x24, &(0x7f0000000e80)={{0x12, 0x1, 0x0, 0x6f, 0xb6, 0x84, 0x40, 0x1de1, 0xc102, 0x7d08, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x43, 0xda, 0x91}}]}}]}}, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x3, 0x0, 0x2, 0x7, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x17, 0x0, 0xc0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}]}, 0x38}, 0x1, 0x7}, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x42, &(0x7f0000000080)={0x0, 0x2710}, 0x10)

602.60477ms ago: executing program 1 (id=9785):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="4000000000010500000000000000000002000000240002801400018008000100e000000108000200e00000010c000280050001"], 0x40}, 0x1, 0x0, 0x0, 0x4091}, 0x0)

534.999593ms ago: executing program 3 (id=9786):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000240)=@req3={0x4010000, 0x100000001, 0x10000, 0x1, 0xfffffffc}, 0x1c)

486.876792ms ago: executing program 8 (id=9787):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='environ\x00')
pread64(r0, &(0x7f0000000080)=""/237, 0xed, 0x0)

486.688388ms ago: executing program 1 (id=9788):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1000}, 0x4)
unshare(0x2c020400)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f00000003c0)={0x0, 0x6}, 0x4)

422.598383ms ago: executing program 1 (id=9789):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'lo\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f00000002c0)="1004d6fc20fc0200020047888008", 0xe, 0x4, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

398.715032ms ago: executing program 8 (id=9790):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$UI_ABS_SETUP(r1, 0x401c5504, 0x0)
ioctl$UI_SET_RELBIT(r1, 0x40045566, 0x3)

286.57922ms ago: executing program 3 (id=9791):
r0 = socket$inet(0x2, 0x3, 0x2)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = dup(r1)
setsockopt$inet_buf(r2, 0x0, 0x2e, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000002140)='fdinfo\x00')
getdents64(r3, &(0x7f00000041c0)=""/4111, 0x100f)
getdents(r3, 0x0, 0x0)
setsockopt$inet_mreqsrc(r0, 0x0, 0x28, &(0x7f0000000040)={@multicast2, @local, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
set_robust_list(&(0x7f0000000100), 0x18)
r4 = pidfd_getfd(r2, 0xffffffffffffffff, 0x0)
bind$bt_hci(r4, &(0x7f0000000400)={0x1f, 0x4, 0x1}, 0x6)
syz_emit_ethernet(0x2a, &(0x7f0000000240)=ANY=[@ANYBLOB="0180c2000003aaaaaaaaaaaa080045001c57f0b2e032001c00300000001190780a0100fee00000020f00"], 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x2000}, 0x4)
r6 = syz_open_dev$sndpcmc(&(0x7f0000000140), 0x0, 0x101000)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r6, 0xc2604110, &(0x7f0000000180)={0x2, [[0x0, 0xffffffff, 0xed, 0x3, 0x80000001, 0x3, 0xfffffffd, 0x7], [0x1, 0x5, 0x0, 0x9, 0x5, 0x7, 0x2, 0x2], [0x2, 0x61bb, 0x801, 0x6b2a, 0x10000, 0x0, 0xdcfa, 0xc2]], '\x00', [{0x50, 0x0, 0x1, 0x1, 0x1}, {0x1400, 0x5fd8, 0x1, 0x1}, {0xffffffc0, 0x1, 0x1, 0x0, 0x1, 0x1}, {0xff, 0xfffffff1, 0x1, 0x1, 0x1, 0x1}, {0xffff3c3a, 0x5, 0x1, 0x0, 0x1}, {0x800, 0x401, 0x0, 0x0, 0x1}, {0x7, 0xab8, 0x0, 0x1, 0x0, 0x1}, {0x0, 0x5, 0x0, 0x0, 0x0, 0x1}, {0x5, 0x5, 0x1}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x2, 0xd5, 0x0, 0x1, 0x1}, {0x7, 0x5, 0x1}], '\x00', 0x6})
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r5, 0xf50f, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000080)={<r7=>0x0, @multicast1, @private}, &(0x7f0000000140)=0xc)
setsockopt$inet_mreqn(r2, 0x0, 0x20, &(0x7f0000000180)={@broadcast, @local, r7}, 0xc)

164.540132ms ago: executing program 4 (id=9792):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, 0x0)

136.476127ms ago: executing program 8 (id=9793):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000002880)={0x0, 0x0, &(0x7f0000002840)={&(0x7f00000027c0)={0x34, 0x0, 0x8, 0x201, 0x0, 0x0, {0x0, 0x0, 0x7}, [@CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @fccp}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x200}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x40000)

94.189721ms ago: executing program 3 (id=9794):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_FPU(r2, 0x81a0ae8c, &(0x7f0000000140))

31.106ms ago: executing program 1 (id=9795):
r0 = open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0)
r1 = gettid()
fcntl$setownex(r0, 0xf, &(0x7f0000000080)={0x2, r1})
fcntl$setlease(r0, 0x400, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0x0)

0s ago: executing program 8 (id=9796):
syz_emit_ethernet(0x3e, &(0x7f0000000100)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x7, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010102, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@generic={0x7, 0x7, "0441b613a3"}, @noop]}}, {{0x0, 0x4e24, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

 ref_tracker_free+0x643/0x7e0
[ 3399.737503][ T5486]  ? __asan_memcpy+0x40/0x70
[ 3399.742133][ T5486]  ? __pfx_ref_tracker_free+0x10/0x10
[ 3399.747533][ T5486]  ? netlink_deliver_tap+0x2e/0x1b0
[ 3399.752751][ T5486]  ? skb_clone+0x240/0x390
[ 3399.757190][ T5486]  ? __pfx_lock_release+0x10/0x10
[ 3399.762325][ T5486]  ? __netlink_deliver_tap+0x77e/0x7c0
[ 3399.767892][ T5486]  ? netlink_deliver_tap+0x2e/0x1b0
[ 3399.773108][ T5486]  netlink_unicast+0x7f6/0x990
[ 3399.777893][ T5486]  ? __pfx_netlink_unicast+0x10/0x10
[ 3399.783188][ T5486]  ? __virt_addr_valid+0x183/0x530
[ 3399.788317][ T5486]  ? __check_object_size+0x48e/0x900
[ 3399.793625][ T5486]  netlink_sendmsg+0x8e4/0xcb0
[ 3399.798421][ T5486]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3399.803736][ T5486]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3399.809236][ T5486]  __sock_sendmsg+0x221/0x270
[ 3399.814027][ T5486]  ____sys_sendmsg+0x52a/0x7e0
[ 3399.818845][ T5486]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3399.824293][ T5486]  __sys_sendmsg+0x292/0x380
[ 3399.828922][ T5486]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3399.834073][ T5486]  ? __pfx_vfs_write+0x10/0x10
[ 3399.838910][ T5486]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3399.845369][ T5486]  ? do_syscall_64+0x100/0x230
[ 3399.850186][ T5486]  ? do_syscall_64+0xb6/0x230
[ 3399.854915][ T5486]  do_syscall_64+0xf3/0x230
[ 3399.859464][ T5486]  ? clear_bhb_loop+0x35/0x90
[ 3399.864160][ T5486]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3399.870070][ T5486] RIP: 0033:0x7fa98e57e719
[ 3399.874520][ T5486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3399.894161][ T5486] RSP: 002b:00007fa98f2f2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3399.902604][ T5486] RAX: ffffffffffffffda RBX: 00007fa98e735f80 RCX: 00007fa98e57e719
[ 3399.910641][ T5486] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000006
[ 3399.918672][ T5486] RBP: 00007fa98f2f2090 R08: 0000000000000000 R09: 0000000000000000
[ 3399.926669][ T5486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3399.934682][ T5486] R13: 0000000000000000 R14: 00007fa98e735f80 R15: 00007ffe54a66e38
[ 3399.942724][ T5486]  </TASK>
[ 3399.946415][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3400.353790][ T5492] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3400.510034][ T5495] qnx4: no qnx4 filesystem (no root dir).
[ 3401.757828][ T5502] netlink: 76 bytes leftover after parsing attributes in process `syz.3.8638'.
[ 3401.814093][T28728] Bluetooth: hci3: command tx timeout
[ 3402.150321][ T5474] chnl_net:caif_netlink_parms(): no params data found
[ 3403.091966][ T5512] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 3403.289168][   T29] kauditd_printk_skb: 58 callbacks suppressed
[ 3403.289192][   T29] audit: type=1326 audit(1730353910.017:3962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5518 comm="syz.1.8644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa98e57e719 code=0x7ffc0000
[ 3403.518541][ T5529] netlink: 32 bytes leftover after parsing attributes in process `syz.3.8642'.
[ 3403.544903][   T29] audit: type=1326 audit(1730353910.017:3963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5518 comm="syz.1.8644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa98e57d0b0 code=0x7ffc0000
[ 3403.613855][ T5474] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3403.656890][ T5474] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3403.677000][   T29] audit: type=1326 audit(1730353910.017:3964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5518 comm="syz.1.8644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa98e57e719 code=0x7ffc0000
[ 3403.726160][ T5474] bridge_slave_0: entered allmulticast mode
[ 3403.780075][ T5474] bridge_slave_0: entered promiscuous mode
[ 3403.898853][ T5535] ubi: mtd0 is already attached to ubi0
[ 3403.922906][T28689] Bluetooth: hci3: command tx timeout
[ 3403.982683][ T5474] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3404.003029][   T29] audit: type=1326 audit(1730353910.087:3965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5518 comm="syz.1.8644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fa98e57e719 code=0x7ffc0000
[ 3404.112912][ T5474] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3404.129534][ T5474] bridge_slave_1: entered allmulticast mode
[ 3404.139264][   T29] audit: type=1326 audit(1730353910.127:3966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=5518 comm="syz.1.8644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa98e57e719 code=0x7ffc0000
[ 3404.163406][ T5540] FAULT_INJECTION: forcing a failure.
[ 3404.163406][ T5540] name failslab, interval 1, probability 0, space 0, times 0
[ 3404.176236][ T5540] CPU: 0 UID: 0 PID: 5540 Comm: syz.0.8648 Not tainted 6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[ 3404.186919][ T5540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 3404.196997][ T5540] Call Trace:
[ 3404.200283][ T5540]  <TASK>
[ 3404.203240][ T5540]  dump_stack_lvl+0x241/0x360
[ 3404.207950][ T5540]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3404.213159][ T5540]  ? __pfx__printk+0x10/0x10
[ 3404.217765][ T5540]  ? __lock_acquire+0x1384/0x2050
[ 3404.222816][ T5540]  should_fail_ex+0x3b0/0x4e0
[ 3404.227506][ T5540]  should_failslab+0xac/0x100
[ 3404.232231][ T5540]  ? __alloc_skb+0x1c3/0x440
[ 3404.236851][ T5540]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 3404.242678][ T5540]  __alloc_skb+0x1c3/0x440
[ 3404.247297][ T5540]  ? debug_object_activate+0x3e4/0x510
[ 3404.252760][ T5540]  ? do_raw_spin_lock+0x14f/0x370
[ 3404.257800][ T5540]  ? __pfx___alloc_skb+0x10/0x10
[ 3404.262760][ T5540]  tcp_make_synack+0x10f/0x2600
[ 3404.267636][ T5540]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 3404.273982][ T5540]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 3404.279995][ T5540]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3404.286350][ T5540]  ? __pfx_tcp_make_synack+0x10/0x10
[ 3404.291738][ T5540]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 3404.297659][ T5540]  ? lockdep_hardirqs_on+0x99/0x150
[ 3404.302891][ T5540]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 3404.308823][ T5540]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 3404.315183][ T5540]  ? rcu_is_watching+0x15/0xb0
[ 3404.319965][ T5540]  ? enqueue_timer+0x4be/0x570
[ 3404.324763][ T5540]  ? __pfx___mod_timer+0x10/0x10
[ 3404.329720][ T5540]  tcp_v6_send_synack+0xdf/0xe90
[ 3404.334683][ T5540]  ? init_timer_key+0x197/0x310
[ 3404.339562][ T5540]  ? __pfx_tcp_v6_send_synack+0x10/0x10
[ 3404.345123][ T5540]  ? inet_csk_reqsk_queue_hash_add+0x179/0x200
[ 3404.351309][ T5540]  ? __pfx_inet_csk_reqsk_queue_hash_add+0x10/0x10
[ 3404.357818][ T5540]  ? tcp_v6_init_seq+0xb0/0x2f0
[ 3404.362681][ T5540]  tcp_conn_request+0x20da/0x34a0
[ 3404.367744][ T5540]  ? __pfx_tcp_conn_request+0x10/0x10
[ 3404.373142][ T5540]  ? tcp_v6_conn_request+0x247/0x350
[ 3404.378447][ T5540]  ? tcp_rcv_state_process+0x20a/0x4570
[ 3404.384001][ T5540]  tcp_rcv_state_process+0x1bd7/0x4570
[ 3404.389493][ T5540]  ? __inet6_lookup_established+0xd28/0xdc0
[ 3404.395404][ T5540]  ? __pfx_tcp_rcv_state_process+0x10/0x10
[ 3404.401219][ T5540]  ? sk_filter_trim_cap+0x1b3/0xa80
[ 3404.406424][ T5540]  ? sk_filter_trim_cap+0x5bf/0xa80
[ 3404.411633][ T5540]  ? __pfx_tcp_inbound_hash+0x10/0x10
[ 3404.417013][ T5540]  ? inet6_lookup_listener+0x1d1/0x2d0
[ 3404.422482][ T5540]  tcp_v6_do_rcv+0x8bc/0x13a0
[ 3404.427166][ T5540]  ? __asan_memcpy+0x40/0x70
[ 3404.431794][ T5540]  ? tcp_v6_fill_cb+0x1e2/0x470
[ 3404.436657][ T5540]  tcp_v6_rcv+0x220a/0x2fb0
[ 3404.441199][ T5540]  ? __pfx_tcp_v6_rcv+0x10/0x10
[ 3404.446075][ T5540]  ? __pfx_tcp_v6_rcv+0x10/0x10
[ 3404.450937][ T5540]  ? __pfx_tcp_v6_rcv+0x10/0x10
[ 3404.455793][ T5540]  ip6_protocol_deliver_rcu+0xc79/0x1580
[ 3404.461450][ T5540]  ? ip6_input_finish+0xdc/0x2d0
[ 3404.466393][ T5540]  ip6_input_finish+0x187/0x2d0
[ 3404.471251][ T5540]  ? __pfx_ip6_input_finish+0x10/0x10
[ 3404.476629][ T5540]  NF_HOOK+0x3a4/0x450
[ 3404.480805][ T5540]  ? NF_HOOK+0x9a/0x450
[ 3404.484973][ T5540]  ? __pfx_NF_HOOK+0x10/0x10
[ 3404.489584][ T5540]  ? __pfx_ip6_input_finish+0x10/0x10
[ 3404.494990][ T5540]  ? __pfx_ip6_rcv_finish+0x10/0x10
[ 3404.500306][ T5540]  NF_HOOK+0x3a4/0x450
[ 3404.504410][ T5540]  ? skb_orphan+0x4b/0xd0
[ 3404.508761][ T5540]  ? NF_HOOK+0x9a/0x450
[ 3404.513027][ T5540]  ? __pfx_NF_HOOK+0x10/0x10
[ 3404.517633][ T5540]  ? __pfx_ip6_rcv_finish+0x10/0x10
[ 3404.523015][ T5540]  ? __pfx_ipv6_rcv+0x10/0x10
[ 3404.528026][ T5540]  __netif_receive_skb+0x1ea/0x650
[ 3404.533258][ T5540]  ? __pfx_lock_acquire+0x10/0x10
[ 3404.538324][ T5540]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[ 3404.544608][ T5540]  ? __pfx___netif_receive_skb+0x10/0x10
[ 3404.550286][ T5540]  ? __kasan_slab_alloc+0x66/0x80
[ 3404.555352][ T5540]  ? read_tsc+0x9/0x20
[ 3404.559540][ T5540]  ? timekeeping_get_ns+0x2c0/0x420
[ 3404.564771][ T5540]  ? netif_receive_skb+0x131/0x890
[ 3404.569904][ T5540]  ? netif_receive_skb+0x131/0x890
[ 3404.575040][ T5540]  netif_receive_skb+0x1e8/0x890
[ 3404.580002][ T5540]  ? tun_rx_batched+0x160/0x8f0
[ 3404.584881][ T5540]  ? __pfx_netif_receive_skb+0x10/0x10
[ 3404.590453][ T5540]  ? tun_rx_batched+0x160/0x8f0
[ 3404.595320][ T5540]  tun_rx_batched+0x1b7/0x8f0
[ 3404.600006][ T5540]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 3404.606363][ T5540]  ? __pfx_lock_acquire+0x10/0x10
[ 3404.611514][ T5540]  ? __pfx_tun_rx_batched+0x10/0x10
[ 3404.616754][ T5540]  tun_get_user+0x3056/0x47e0
[ 3404.621529][ T5540]  ? tun_get_user+0x2b44/0x47e0
[ 3404.626400][ T5540]  ? __lock_acquire+0x1384/0x2050
[ 3404.631454][ T5540]  ? __pfx_tun_get_user+0x10/0x10
[ 3404.636516][ T5540]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 3404.642005][ T5540]  ? tun_get+0x1e/0x2f0
[ 3404.646257][ T5540]  ? __pfx_lock_release+0x10/0x10
[ 3404.651315][ T5540]  ? tun_get+0x1e/0x2f0
[ 3404.655490][ T5540]  ? tun_get+0x27d/0x2f0
[ 3404.659745][ T5540]  tun_chr_write_iter+0x10d/0x1f0
[ 3404.664813][ T5540]  vfs_write+0xaeb/0xd30
[ 3404.669108][ T5540]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 3404.674850][ T5540]  ? __pfx_vfs_write+0x10/0x10
[ 3404.679653][ T5540]  ? fdget_pos+0x19a/0x320
[ 3404.684101][ T5540]  ksys_write+0x183/0x2b0
[ 3404.688453][ T5540]  ? __pfx_ksys_write+0x10/0x10
[ 3404.693319][ T5540]  ? do_syscall_64+0x100/0x230
[ 3404.698269][ T5540]  ? do_syscall_64+0xb6/0x230
[ 3404.702953][ T5540]  do_syscall_64+0xf3/0x230
[ 3404.707480][ T5540]  ? clear_bhb_loop+0x35/0x90
[ 3404.712191][ T5540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3404.718102][ T5540] RIP: 0033:0x7faf3ff7d1ff
[ 3404.722531][ T5540] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[ 3404.742254][ T5540] RSP: 002b:00007faf40d91000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 3404.750689][ T5540] RAX: ffffffffffffffda RBX: 00007faf40135f80 RCX: 00007faf3ff7d1ff
[ 3404.758665][ T5540] RDX: 0000000000000052 RSI: 0000000020000080 RDI: 00000000000000c8
[ 3404.766638][ T5540] RBP: 00007faf40d91090 R08: 0000000000000000 R09: 0000000000000000
[ 3404.774611][ T5540] R10: 0000000000000052 R11: 0000000000000293 R12: 0000000000000001
[ 3404.782600][ T5540] R13: 0000000000000000 R14: 00007faf40135f80 R15: 00007ffe5ec744b8
[ 3404.790611][ T5540]  </TASK>
[ 3404.793719][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3404.807745][ T5474] bridge_slave_1: entered promiscuous mode
[ 3404.825374][   T29] audit: type=1326 audit(1730353910.127:3967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=5518 comm="syz.1.8644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa98e57e719 code=0x7ffc0000
[ 3404.869156][   T29] audit: type=1326 audit(1730353910.207:3968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=5518 comm="syz.1.8644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fa98e57e719 code=0x7ffc0000
[ 3405.006759][ T5538] binder: 5533:5538 ioctl 40046205 0 returned -22
[ 3405.234706][   T29] audit: type=1326 audit(1730353910.207:3969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=5518 comm="syz.1.8644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa98e57e719 code=0x7ffc0000
[ 3405.267841][ T5474] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3405.307691][   T29] audit: type=1326 audit(1730353910.207:3970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=y pid=5518 comm="syz.1.8644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa98e57e719 code=0x7ffc0000
[ 3405.325165][ T5474] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3405.349288][T26216] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 3405.427480][ T5545] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3405.546881][T26216] usb 2-1: config 0 has an invalid interface number: 117 but max is 0
[ 3405.556786][T26216] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 3405.969811][T28689] Bluetooth: hci3: command tx timeout
[ 3406.001468][T26216] usb 2-1: config 0 has no interface number 0
[ 3406.021810][T26216] usb 2-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 3406.032249][T26216] usb 2-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 3406.068281][T26216] usb 2-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[ 3406.089444][T26216] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3406.097598][T26216] usb 2-1: Product: syz
[ 3406.110923][ T5474] team0: Port device team_slave_0 added
[ 3406.123693][ T5474] team0: Port device team_slave_1 added
[ 3406.133559][T26216] usb 2-1: Manufacturer: syz
[ 3406.138217][T26216] usb 2-1: SerialNumber: syz
[ 3406.184129][T26216] usb 2-1: config 0 descriptor??
[ 3406.262074][ T5474] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 3406.869968][ T5555] qnx4: no qnx4 filesystem (no root dir).
[ 3406.881347][ T5474] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3407.000529][ T5474] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 3407.012862][ T5552] netlink: 76 bytes leftover after parsing attributes in process `syz.3.8651'.
[ 3407.023967][ T5474] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 3407.034366][ T5474] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3407.069343][ T5474] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 3407.164364][ T5537] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8647'.
[ 3407.503916][ T5474] hsr_slave_0: entered promiscuous mode
[ 3408.509532][ T5474] hsr_slave_1: entered promiscuous mode
[ 3408.519258][T28689] Bluetooth: hci3: command tx timeout
[ 3408.691039][T26216] usbtouchscreen 2-1:0.117: probe with driver usbtouchscreen failed with error -71
[ 3408.712182][T26216] usb 2-1: USB disconnect, device number 20
[ 3408.774941][ T5474] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 3408.783109][ T5474] Cannot create hsr debugfs directory
[ 3409.149274][ T5585] ubi: mtd0 is already attached to ubi0
[ 3409.319744][ T5587] binder: 5577:5587 ioctl 40046205 0 returned -22
[ 3409.657404][ T5575] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8658'.
[ 3409.687494][ T5572] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8655'.
[ 3409.839273][ T1909] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 3410.049354][ T5597] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3410.652589][ T1909] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 3410.670532][ T1909] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3410.696031][ T1909] usb 2-1: config 0 descriptor??
[ 3410.711552][ T1909] cp210x 2-1:0.0: cp210x converter detected
[ 3411.128039][ T5604] netlink: 76 bytes leftover after parsing attributes in process `syz.0.8663'.
[ 3412.008448][ T1909] usb 2-1: cp210x converter now attached to ttyUSB0
[ 3412.189442][   T29] audit: type=1326 audit(1730353918.927:3971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5579 comm="syz.1.8657" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa98e57e719 code=0x0
[ 3412.528295][ T5620] qnx4: no qnx4 filesystem (no root dir).
[ 3412.531123][T28920] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3412.563110][ T5619] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 3413.190822][ T6705] tipc: Subscription rejected, illegal request
[ 3413.263836][T28920] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3413.457843][ T5625] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[ 3413.464430][ T5625] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 3413.483829][ T1909] usb 2-1: USB disconnect, device number 21
[ 3413.509150][ T5625] vhci_hcd vhci_hcd.0: Device attached
[ 3413.515202][ T1909] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 3413.541943][ T1909] cp210x 2-1:0.0: device disconnected
[ 3413.586859][T28920] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3413.831515][T28920] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3414.575479][   T25] vhci_hcd: vhci_device speed not set
[ 3414.639167][ T5886] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[ 3414.647250][   T25] usb 33-1: new full-speed USB device number 2 using vhci_hcd
[ 3414.759433][T28920] bridge_slave_1: left allmulticast mode
[ 3414.777326][T28920] bridge_slave_1: left promiscuous mode
[ 3414.791721][T28920] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3414.799477][ T5886] usb 1-1: device descriptor read/64, error -71
[ 3414.834268][T28920] bridge_slave_0: left allmulticast mode
[ 3414.849138][T28920] bridge_slave_0: left promiscuous mode
[ 3414.858561][T28920] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3415.080718][ T5886] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[ 3415.231323][ T5886] usb 1-1: device descriptor read/64, error -71
[ 3415.367235][ T5886] usb usb1-port1: attempt power cycle
[ 3416.064445][ T5886] usb 1-1: new high-speed USB device number 67 using dummy_hcd
[ 3416.280428][ T5886] usb 1-1: device descriptor read/8, error -71
[ 3416.314268][ T5645] ubi: mtd0 is already attached to ubi0
[ 3416.506270][ T5643] binder: 5639:5643 ioctl 40046205 0 returned -22
[ 3416.544754][ T5626] vhci_hcd: connection reset by peer
[ 3416.559412][   T11] vhci_hcd: stop threads
[ 3416.563720][   T11] vhci_hcd: release socket
[ 3416.594131][   T11] vhci_hcd: disconnect device
[ 3417.394360][ T5664] netlink: 32 bytes leftover after parsing attributes in process `syz.3.8673'.
[ 3418.143854][T28920] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3418.162348][T28920] bond_slave_0: left promiscuous mode
[ 3418.178360][T28920] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3418.192025][T28920] bond_slave_1: left promiscuous mode
[ 3418.207265][T28920] bond0 (unregistering): Released all slaves
[ 3418.236700][ T5635] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8669'.
[ 3418.319361][ T5886] usb 1-1: new high-speed USB device number 68 using dummy_hcd
[ 3418.349883][ T5886] usb 1-1: device descriptor read/8, error -71
[ 3418.397177][ T5474] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 3418.451803][T28920] tipc: Left network mode
[ 3418.452284][ T5474] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 3418.492445][ T5886] usb usb1-port1: unable to enumerate USB device
[ 3418.545731][ T5474] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 3418.624718][ T5670] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3419.408126][ T5672] netlink: 76 bytes leftover after parsing attributes in process `syz.1.8675'.
[ 3419.419240][ T5474] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 3419.639867][ T5675] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3419.799686][   T25] vhci_hcd: vhci_device speed not set
[ 3421.000797][ T5474] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3421.018758][ T5474] 8021q: adding VLAN 0 to HW filter on device team0
[ 3421.318337][T24472] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3421.325576][T24472] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3421.349252][ T5692] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 3421.368883][T24472] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3421.376318][T24472] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3421.429969][ T5689] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[ 3421.436620][ T5689] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 3421.451266][ T5698] qnx4: no qnx4 filesystem (no root dir).
[ 3421.473263][T24472] tipc: Subscription rejected, illegal request
[ 3421.551098][ T5689] vhci_hcd vhci_hcd.0: Device attached
[ 3421.609349][T26216] usb 1-1: new high-speed USB device number 69 using dummy_hcd
[ 3421.729915][T30215] vhci_hcd: vhci_device speed not set
[ 3421.740240][T26216] usb 1-1: device descriptor read/64, error -71
[ 3421.799120][T30215] usb 33-1: new full-speed USB device number 3 using vhci_hcd
[ 3421.888708][T28920] hsr_slave_0: left promiscuous mode
[ 3421.895332][T28920] hsr_slave_1: left promiscuous mode
[ 3421.903684][T28920] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 3421.911919][T28920] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 3421.920695][T28920] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 3421.929601][T28920] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 3421.980528][T28920] veth1_macvtap: left promiscuous mode
[ 3422.037792][T26216] usb 1-1: new high-speed USB device number 70 using dummy_hcd
[ 3422.075630][T28920] veth0_macvtap: left promiscuous mode
[ 3422.083719][ T5705] ubi: mtd0 is already attached to ubi0
[ 3422.242614][T28920] veth1_vlan: left promiscuous mode
[ 3422.329440][T28920] veth0_vlan: left promiscuous mode
[ 3422.412310][T26216] usb 1-1: device descriptor read/64, error -71
[ 3422.440360][ T5706] binder: 5702:5706 ioctl 40046205 0 returned -22
[ 3422.589766][T26216] usb usb1-port1: attempt power cycle
[ 3423.249305][T26216] usb 1-1: new high-speed USB device number 71 using dummy_hcd
[ 3423.269980][T26216] usb 1-1: device descriptor read/8, error -71
[ 3423.649245][T26216] usb 1-1: new high-speed USB device number 72 using dummy_hcd
[ 3423.704839][T26216] usb 1-1: device descriptor read/8, error -71
[ 3423.819366][T26216] usb usb1-port1: unable to enumerate USB device
[ 3424.299171][ T5691] vhci_hcd: connection reset by peer
[ 3424.305204][ T3558] vhci_hcd: stop threads
[ 3424.314843][ T3558] vhci_hcd: release socket
[ 3424.337285][ T3558] vhci_hcd: disconnect device
[ 3424.363654][T28920] team0 (unregistering): Port device team_slave_1 removed
[ 3424.431262][T28920] team0 (unregistering): Port device team_slave_0 removed
[ 3425.864382][T28920] lo (unregistering): left allmulticast mode
[ 3425.893449][ T5714] netlink: 76 bytes leftover after parsing attributes in process `syz.0.8685'.
[ 3426.012871][ T5474] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 3426.441130][ T5730] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3427.174510][T30215] vhci_hcd: vhci_device speed not set
[ 3427.336964][ T5744] netlink: 36 bytes leftover after parsing attributes in process `syz.1.8692'.
[ 3427.464197][ T5747] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 3427.480569][ T2905] tipc: Subscription rejected, illegal request
[ 3427.559981][ T5474] veth0_vlan: entered promiscuous mode
[ 3427.593446][ T5474] veth1_vlan: entered promiscuous mode
[ 3427.816973][ T5474] veth0_macvtap: entered promiscuous mode
[ 3427.834062][ T5474] veth1_macvtap: entered promiscuous mode
[ 3427.911742][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3427.921165][ T5752] qnx4: no qnx4 filesystem (no root dir).
[ 3427.962202][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3427.999671][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3428.041931][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3428.085228][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3428.226049][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3428.400793][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3428.606700][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3428.791542][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3428.879108][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3428.890617][ T5474] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 3428.898470][ T5756] netlink: 76 bytes leftover after parsing attributes in process `syz.3.8695'.
[ 3429.115966][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3429.240022][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3429.302847][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3429.357345][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3429.413307][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3429.471053][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3429.507493][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3429.518386][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3429.529484][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3429.549101][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3429.565121][ T5474] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 3429.584896][ T5474] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3429.594049][ T5474] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3429.620772][ T5474] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3429.649365][ T5474] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3430.002725][ T1783] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3430.016449][ T1783] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3430.091986][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3430.105159][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3430.197273][ T5775] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 3430.259424][ T1140] tipc: Subscription rejected, illegal request
[ 3430.765773][ T5786] netlink: 48 bytes leftover after parsing attributes in process `syz.4.8630'.
[ 3433.345546][ T5802] netlink: 76 bytes leftover after parsing attributes in process `syz.4.8707'.
[ 3433.819719][ T5804] overlayfs: failed to resolve './file1': -2
[ 3433.838761][ T5805] netlink: 32 bytes leftover after parsing attributes in process `syz.3.8706'.
[ 3434.441881][ T5807] netlink: 256 bytes leftover after parsing attributes in process `syz.0.8705'.
[ 3436.046833][ T5837] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8717'.
[ 3436.623787][ T5840] ubi: mtd0 is already attached to ubi0
[ 3437.510400][ T5852] netlink: 76 bytes leftover after parsing attributes in process `syz.4.8719'.
[ 3439.213790][ T5860] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3439.567223][ T5877] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8727'.
[ 3439.667339][ T5881] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8728'.
[ 3440.055918][ T5890] qnx4: no qnx4 filesystem (no root dir).
[ 3440.621917][ T5894] ubi: mtd0 is already attached to ubi0
[ 3441.274315][ T5900] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8732'.
[ 3441.785677][ T5893] binder: 5892:5893 ioctl 40046205 0 returned -22
[ 3441.943289][ T5909] netlink: 76 bytes leftover after parsing attributes in process `syz.1.8733'.
[ 3442.732801][ T5911] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3443.374550][ T5935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8743'.
[ 3443.535198][ T5940] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 3443.610890][   T35] tipc: Subscription rejected, illegal request
[ 3444.480213][ T5950] netlink: 76 bytes leftover after parsing attributes in process `syz.4.8746'.
[ 3444.498323][ T5948] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3445.569712][ T5956] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8747'.
[ 3446.259946][ T5963] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3446.452766][ T5955] ubi: mtd0 is already attached to ubi0
[ 3446.502056][ T5968] sctp: [Deprecated]: syz.2.8751 (pid 5968) Use of int in max_burst socket option.
[ 3446.502056][ T5968] Use struct sctp_assoc_value instead
[ 3446.517845][ T5959] binder: 5954:5959 ioctl 40046205 0 returned -22
[ 3446.534098][ T5968] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8751'.
[ 3447.457303][ T5979] netlink: 32 bytes leftover after parsing attributes in process `syz.3.8754'.
[ 3447.467125][ T5979] netem: unknown loss type 13
[ 3447.472624][ T5979] netem: change failed
[ 3447.606638][ T5981] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8753'.
[ 3449.629710][ T5999] netlink: 48 bytes leftover after parsing attributes in process `syz.1.8760'.
[ 3451.845263][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 3451.919293][ T6035] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8768'.
[ 3452.404222][ T6037] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3452.889427][ T6041] binder: 6025:6041 ioctl 40046205 0 returned -22
[ 3454.530070][ T6058] netlink: 48 bytes leftover after parsing attributes in process `syz.2.8777'.
[ 3455.480038][ T6070] xt_nat: multiple ranges no longer supported
[ 3455.512113][ T6070] netlink: 76 bytes leftover after parsing attributes in process `syz.3.8780'.
[ 3456.379265][ T1909] usb 3-1: new high-speed USB device number 120 using dummy_hcd
[ 3456.529322][ T1909] usb 3-1: Using ep0 maxpacket: 16
[ 3456.548858][ T1909] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 3456.566593][ T1909] usb 3-1: can't read configurations, error -61
[ 3456.729727][ T1909] usb 3-1: new high-speed USB device number 121 using dummy_hcd
[ 3456.865794][ T6090] xt_nat: multiple ranges no longer supported
[ 3456.894497][ T6090] netlink: 76 bytes leftover after parsing attributes in process `syz.0.8786'.
[ 3457.870539][ T1909] usb 3-1: Using ep0 maxpacket: 16
[ 3457.973279][ T1909] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 3457.981288][ T1909] usb 3-1: can't read configurations, error -61
[ 3457.991194][ T1909] usb usb3-port1: attempt power cycle
[ 3458.024552][ T6097] binder: 6094:6097 ioctl 40046205 0 returned -22
[ 3458.028333][ T6099] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3458.442249][ T6105] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3458.922975][ T1909] usb 3-1: new high-speed USB device number 122 using dummy_hcd
[ 3458.957838][ T1909] usb 3-1: Using ep0 maxpacket: 16
[ 3458.966329][ T1909] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 3458.974150][ T1909] usb 3-1: can't read configurations, error -61
[ 3459.129261][ T1909] usb 3-1: new high-speed USB device number 123 using dummy_hcd
[ 3459.200069][ T1909] usb 3-1: device descriptor read/8, error -71
[ 3459.309362][ T1909] usb usb3-port1: unable to enumerate USB device
[ 3459.409859][ T6120] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8797'.
[ 3459.610881][T30215] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[ 3459.643538][ T6123] netlink: 48 bytes leftover after parsing attributes in process `syz.4.8794'.
[ 3460.599947][ T6135] xt_nat: multiple ranges no longer supported
[ 3460.630539][ T6135] netlink: 76 bytes leftover after parsing attributes in process `syz.4.8800'.
[ 3460.815536][ T6136] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 3461.205975][ T6136] syzkaller0: tun_chr_ioctl cmd 2147767520
[ 3462.217944][T30215] usb 2-1: Using ep0 maxpacket: 8
[ 3462.224660][ T6141] binder: 6138:6141 ioctl 40046205 0 returned -22
[ 3462.300483][T30215] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[ 3462.308823][T30215] usb 2-1: config 179 has no interface number 0
[ 3462.316559][T30215] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 3462.344113][T30215] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 3462.443318][ T6149] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3462.571940][T30215] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 3462.583537][T30215] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 3462.597438][T30215] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 3462.606916][T30215] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3462.634098][T30215] usb 2-1: can't set config #179, error -71
[ 3462.666473][T30215] usb 2-1: USB disconnect, device number 22
[ 3463.375386][ T6163] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8808'.
[ 3463.491886][ T6167] xt_nat: multiple ranges no longer supported
[ 3463.520802][ T6167] netlink: 76 bytes leftover after parsing attributes in process `syz.0.8811'.
[ 3464.198411][ T6170] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8810'.
[ 3464.867475][ T6180] FAULT_INJECTION: forcing a failure.
[ 3464.867475][ T6180] name failslab, interval 1, probability 0, space 0, times 0
[ 3464.881858][ T6180] CPU: 1 UID: 0 PID: 6180 Comm: syz.4.8815 Not tainted 6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[ 3464.892771][ T6180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 3464.902879][ T6180] Call Trace:
[ 3464.906222][ T6180]  <TASK>
[ 3464.909208][ T6180]  dump_stack_lvl+0x241/0x360
[ 3464.913939][ T6180]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3464.919168][ T6180]  ? __pfx__printk+0x10/0x10
[ 3464.923776][ T6180]  ? __kmalloc_cache_noprof+0x44/0x2c0
[ 3464.929254][ T6180]  ? __pfx___might_resched+0x10/0x10
[ 3464.934565][ T6180]  should_fail_ex+0x3b0/0x4e0
[ 3464.939378][ T6180]  should_failslab+0xac/0x100
[ 3464.944075][ T6180]  ? raw_open+0x89/0x4d0
[ 3464.948330][ T6180]  __kmalloc_cache_noprof+0x6c/0x2c0
[ 3464.953632][ T6180]  ? kobject_get_unless_zero+0x22d/0x330
[ 3464.959287][ T6180]  raw_open+0x89/0x4d0
[ 3464.963370][ T6180]  ? __pfx_raw_open+0x10/0x10
[ 3464.968062][ T6180]  misc_open+0x2cc/0x340
[ 3464.972329][ T6180]  chrdev_open+0x521/0x600
[ 3464.976774][ T6180]  ? __pfx_chrdev_open+0x10/0x10
[ 3464.983343][ T6180]  ? security_file_open+0x513/0x990
[ 3464.988590][ T6180]  ? __pfx_chrdev_open+0x10/0x10
[ 3464.993562][ T6180]  do_dentry_open+0x978/0x1460
[ 3464.998361][ T6180]  vfs_open+0x3e/0x330
[ 3465.002454][ T6180]  path_openat+0x2c84/0x3590
[ 3465.007105][ T6180]  ? __pfx_path_openat+0x10/0x10
[ 3465.012080][ T6180]  do_filp_open+0x235/0x490
[ 3465.016603][ T6180]  ? __pfx_do_filp_open+0x10/0x10
[ 3465.021670][ T6180]  ? _raw_spin_unlock+0x28/0x50
[ 3465.026548][ T6180]  ? alloc_fd+0x5a1/0x640
[ 3465.030907][ T6180]  do_sys_openat2+0x13e/0x1d0
[ 3465.035597][ T6180]  ? __pfx_do_sys_openat2+0x10/0x10
[ 3465.041001][ T6180]  __x64_sys_openat+0x247/0x2a0
[ 3465.045868][ T6180]  ? __pfx___x64_sys_openat+0x10/0x10
[ 3465.051257][ T6180]  ? exc_page_fault+0x590/0x8c0
[ 3465.056133][ T6180]  ? do_syscall_64+0xb6/0x230
[ 3465.060828][ T6180]  do_syscall_64+0xf3/0x230
[ 3465.065357][ T6180]  ? clear_bhb_loop+0x35/0x90
[ 3465.070076][ T6180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3465.075981][ T6180] RIP: 0033:0x7faedd37d0b0
[ 3465.080424][ T6180] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[ 3465.100059][ T6180] RSP: 002b:00007faedcdfcef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 3465.108491][ T6180] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007faedd37d0b0
[ 3465.116588][ T6180] RDX: 0000000000000002 RSI: 00007faedd3f10c4 RDI: 00000000ffffff9c
[ 3465.124585][ T6180] RBP: 00007faedd3f10c4 R08: 0000000000000000 R09: 0000000000000000
[ 3465.132610][ T6180] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[ 3465.140598][ T6180] R13: 000000000000004d R14: 00000000200000c0 R15: 00007ffdcc62f9b8
[ 3465.148598][ T6180]  </TASK>
[ 3465.151714][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3465.447061][ T6190] binder: 6183:6190 ioctl 40046205 0 returned -22
[ 3466.921249][ T6209] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3467.436052][ T6705] Bluetooth: hci5: Frame reassembly failed (-84)
[ 3467.478602][ T6215] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8824'.
[ 3467.699164][ T2890] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[ 3467.902348][ T6222] xt_nat: multiple ranges no longer supported
[ 3467.920315][ T6222] netlink: 76 bytes leftover after parsing attributes in process `syz.4.8825'.
[ 3468.715253][ T6226] qnx4: no qnx4 filesystem (no root dir).
[ 3468.982293][ T2890] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 3468.992688][ T2890] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 3469.002906][ T2890] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 3469.034876][ T2890] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 3469.069170][ T2890] usb 4-1: SerialNumber: syz
[ 3469.496389][T28689] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 3469.506424][T28728] Bluetooth: hci5: command 0x1003 tx timeout
[ 3469.689912][ T2890] usb 4-1: 0:2 : does not exist
[ 3469.695420][ T2890] usb 4-1: unit 5 not found!
[ 3469.769267][ T2890] usb 4-1: USB disconnect, device number 51
[ 3470.272005][ T6239] netlink: 48 bytes leftover after parsing attributes in process `syz.4.8828'.
[ 3471.927361][ T6245] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 3472.001735][ T2905] tipc: Subscription rejected, illegal request
[ 3472.250218][ T6250] ubi: mtd0 is already attached to ubi0
[ 3472.549139][ T6257] binder: 6248:6257 ioctl 40046205 0 returned -22
[ 3472.555074][ T6256] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8835'.
[ 3472.730368][ T6261] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3474.727306][ T6270] xt_nat: multiple ranges no longer supported
[ 3474.745145][ T6270] netlink: 76 bytes leftover after parsing attributes in process `syz.1.8837'.
[ 3475.064862][ T6275] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 3475.074715][ T6278] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3475.289144][ T2890] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[ 3475.312084][ T6705] tipc: Subscription rejected, illegal request
[ 3475.433645][ T2890] usb 5-1: device descriptor read/64, error -71
[ 3476.179199][ T2890] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[ 3476.376135][ T2890] usb 5-1: device descriptor read/64, error -71
[ 3476.499734][ T2890] usb usb5-port1: attempt power cycle
[ 3476.561674][ T6297] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 3476.640741][ T1140] tipc: Subscription rejected, illegal request
[ 3477.209478][ T6301] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3478.202859][ T6306] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8849'.
[ 3478.470346][ T6311] qnx4: no qnx4 filesystem (no root dir).
[ 3479.565945][ T6321] xt_nat: multiple ranges no longer supported
[ 3479.583743][ T6321] netlink: 76 bytes leftover after parsing attributes in process `syz.2.8852'.
[ 3480.221124][ T6328] ubi: mtd0 is already attached to ubi0
[ 3480.513512][ T6329] binder: 6324:6329 ioctl 40046205 0 returned -22
[ 3481.375380][ T6338] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3481.433487][ T6340] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 3481.878880][ T6343] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8860'.
[ 3482.285630][ T6349] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8863'.
[ 3484.149570][ T6371] xt_nat: multiple ranges no longer supported
[ 3484.158540][ T6371] netlink: 76 bytes leftover after parsing attributes in process `syz.3.8866'.
[ 3484.337695][ T6363] binder: 6361:6363 ioctl c0306201 20000280 returned -14
[ 3484.381692][T12085] tipc: Subscription rejected, illegal request
[ 3485.579241][ T6385] ubi: mtd0 is already attached to ubi0
[ 3485.874250][ T6386] binder: 6378:6386 ioctl 40046205 0 returned -22
[ 3485.991996][ T6387] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8869'.
[ 3486.179157][ T1909] usb 3-1: new high-speed USB device number 124 using dummy_hcd
[ 3486.391516][ T6393] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3486.904654][ T1909] usb 3-1: Using ep0 maxpacket: 8
[ 3486.922620][ T1909] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 3486.935819][ T1909] usb 3-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[ 3486.945224][ T1909] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3486.964481][ T1909] usb 3-1: config 0 descriptor??
[ 3487.007396][ T1909] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 3487.372890][ T6374] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 3487.425102][ T6374] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 3487.433273][   T25] usb 2-1: new full-speed USB device number 23 using dummy_hcd
[ 3488.020478][ T6412] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8878'.
[ 3489.491215][   T25] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[ 3489.500500][   T25] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[ 3489.546161][   T25] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[ 3489.636036][   T25] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[ 3489.682492][   T25] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[ 3489.705996][   T25] usb 2-1: config 0 interface 0 has no altsetting 0
[ 3489.717594][   T25] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 3489.734683][   T25] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 3489.753155][   T25] usb 2-1: Product: syz
[ 3489.758256][   T25] usb 2-1: Manufacturer: syz
[ 3489.764791][   T25] usb 2-1: SerialNumber: syz
[ 3489.808260][ T6424] xt_nat: multiple ranges no longer supported
[ 3489.825650][ T6424] netlink: 76 bytes leftover after parsing attributes in process `syz.4.8880'.
[ 3489.898659][ T5886] usb 3-1: USB disconnect, device number 124
[ 3490.376618][   T25] usb 2-1: config 0 descriptor??
[ 3490.659305][   T25] usb 2-1: can't set config #0, error -71
[ 3490.717456][   T25] usb 2-1: USB disconnect, device number 23
[ 3491.305827][ T6439] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3491.412657][ T6428] ubi: mtd0 is already attached to ubi0
[ 3491.471925][ T6442] binder: 6427:6442 ioctl 40046205 0 returned -22
[ 3491.730793][ T6447] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8889'.
[ 3492.022856][ T6458] FAULT_INJECTION: forcing a failure.
[ 3492.022856][ T6458] name failslab, interval 1, probability 0, space 0, times 0
[ 3492.035668][ T6458] CPU: 1 UID: 0 PID: 6458 Comm: syz.1.8891 Not tainted 6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[ 3492.046381][ T6458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 3492.056557][ T6458] Call Trace:
[ 3492.059863][ T6458]  <TASK>
[ 3492.062913][ T6458]  dump_stack_lvl+0x241/0x360
[ 3492.067651][ T6458]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3492.072888][ T6458]  ? __pfx__printk+0x10/0x10
[ 3492.077531][ T6458]  should_fail_ex+0x3b0/0x4e0
[ 3492.082245][ T6458]  ? bm_init+0x45/0xef0
[ 3492.086438][ T6458]  should_failslab+0xac/0x100
[ 3492.091159][ T6458]  ? bm_init+0x45/0xef0
[ 3492.095357][ T6458]  __kmalloc_noprof+0xd8/0x400
[ 3492.100163][ T6458]  bm_init+0x45/0xef0
[ 3492.104188][ T6458]  ? xt_find_match+0x1d3/0x210
[ 3492.109000][ T6458]  ? lookup_ts_algo+0x1e/0x270
[ 3492.113898][ T6458]  ? lookup_ts_algo+0x250/0x270
[ 3492.118792][ T6458]  textsearch_prepare+0x81/0x170
[ 3492.123775][ T6458]  string_mt_check+0x174/0x260
[ 3492.128583][ T6458]  xt_check_match+0x368/0xa40
[ 3492.133302][ T6458]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 3492.139316][ T6458]  ? __pfx_xt_check_match+0x10/0x10
[ 3492.144568][ T6458]  ? xt_find_match+0x1d3/0x210
[ 3492.149379][ T6458]  translate_table+0x15c5/0x2260
[ 3492.154378][ T6458]  ? __pfx_translate_table+0x10/0x10
[ 3492.159701][ T6458]  ? __might_fault+0xaa/0x120
[ 3492.164416][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3492.169529][ T6458]  ? _copy_from_user+0xab/0xe0
[ 3492.174340][ T6458]  ? copy_from_sockptr_offset+0x6b/0xb0
[ 3492.180018][ T6458]  do_ipt_set_ctl+0xe3d/0x1250
[ 3492.184830][ T6458]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[ 3492.190066][ T6458]  ? __pfx_lock_release+0x10/0x10
[ 3492.195172][ T6458]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 3492.200849][ T6458]  ? irqentry_exit+0x63/0x90
[ 3492.205502][ T6458]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 3492.211527][ T6458]  ? nf_setsockopt+0xea/0x2c0
[ 3492.216248][ T6458]  ? nf_setsockopt+0xf3/0x2c0
[ 3492.220978][ T6458]  nf_setsockopt+0x295/0x2c0
[ 3492.225612][ T6458]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 3492.231541][ T6458]  do_sock_setsockopt+0x3af/0x720
[ 3492.236639][ T6458]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 3492.242237][ T6458]  ? __fget_files+0x29/0x470
[ 3492.246876][ T6458]  ? __fget_files+0x3f3/0x470
[ 3492.251683][ T6458]  ? __fget_files+0x29/0x470
[ 3492.256329][ T6458]  __sys_setsockopt+0x1a2/0x250
[ 3492.261229][ T6458]  __x64_sys_setsockopt+0xb5/0xd0
[ 3492.266291][ T6458]  do_syscall_64+0xf3/0x230
[ 3492.270833][ T6458]  ? clear_bhb_loop+0x35/0x90
[ 3492.275548][ T6458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3492.281483][ T6458] RIP: 0033:0x7fa98e57e719
[ 3492.286019][ T6458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3492.305663][ T6458] RSP: 002b:00007fa98f2b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 3492.314126][ T6458] RAX: ffffffffffffffda RBX: 00007fa98e736130 RCX: 00007fa98e57e719
[ 3492.322237][ T6458] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006
[ 3492.330246][ T6458] RBP: 00007fa98f2b0090 R08: 0000000000000360 R09: 0000000000000000
[ 3492.338248][ T6458] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[ 3492.346249][ T6458] R13: 0000000000000000 R14: 00007fa98e736130 R15: 00007ffe54a66e38
[ 3492.354275][ T6458]  </TASK>
[ 3492.422489][ T6454] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8888'.
[ 3493.439074][T26216] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[ 3493.681085][ T6470] xt_nat: multiple ranges no longer supported
[ 3493.698735][ T6470] netlink: 76 bytes leftover after parsing attributes in process `syz.0.8894'.
[ 3494.486849][T26216] usb 5-1: Using ep0 maxpacket: 32
[ 3494.559528][   T25] usb 3-1: new high-speed USB device number 125 using dummy_hcd
[ 3494.757802][T26216] usb 5-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[ 3494.767479][T26216] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3494.787861][T26216] usb 5-1: Product: syz
[ 3494.796817][ T6477] dummy0: entered promiscuous mode
[ 3494.802280][ T6477] vlan2: entered promiscuous mode
[ 3494.807427][T26216] usb 5-1: Manufacturer: syz
[ 3494.807582][ T6477] vlan2: entered allmulticast mode
[ 3494.817273][ T6477] dummy0: entered allmulticast mode
[ 3494.819100][T26216] usb 5-1: SerialNumber: syz
[ 3494.834731][ T6477] dummy0: left allmulticast mode
[ 3494.840380][ T6477] dummy0: left promiscuous mode
[ 3494.861742][T26216] usb 5-1: config 0 descriptor??
[ 3494.867443][T26216] usb 5-1: can't set config #0, error -71
[ 3494.878145][T26216] usb 5-1: USB disconnect, device number 89
[ 3495.444292][ T6486] ubi: mtd0 is already attached to ubi0
[ 3495.654778][ T6486] binder: 6482:6486 ioctl 40046205 0 returned -22
[ 3495.663239][ T6488] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8902'.
[ 3495.831288][ T6493] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3496.937884][ T6502] 9pnet_fd: Insufficient options for proto=fd
[ 3496.945743][ T6502] FAULT_INJECTION: forcing a failure.
[ 3496.945743][ T6502] name failslab, interval 1, probability 0, space 0, times 0
[ 3496.958438][ T6502] CPU: 1 UID: 0 PID: 6502 Comm: syz.4.8904 Not tainted 6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[ 3496.969159][ T6502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 3496.979301][ T6502] Call Trace:
[ 3496.982617][ T6502]  <TASK>
[ 3496.985578][ T6502]  dump_stack_lvl+0x241/0x360
[ 3496.990313][ T6502]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3496.995552][ T6502]  ? __pfx__printk+0x10/0x10
[ 3497.000271][ T6502]  ? fs_reclaim_acquire+0x93/0x130
[ 3497.005431][ T6502]  ? __pfx___might_resched+0x10/0x10
[ 3497.010769][ T6502]  should_fail_ex+0x3b0/0x4e0
[ 3497.015495][ T6502]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 3497.021275][ T6502]  should_failslab+0xac/0x100
[ 3497.026023][ T6502]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 3497.031789][ T6502]  __kmalloc_noprof+0xd8/0x400
[ 3497.036598][ T6502]  tomoyo_realpath_from_path+0xcf/0x5e0
[ 3497.042211][ T6502]  tomoyo_path_number_perm+0x23a/0x880
[ 3497.047737][ T6502]  ? tomoyo_path_number_perm+0x208/0x880
[ 3497.053426][ T6502]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 3497.059490][ T6502]  ? __fget_files+0x29/0x470
[ 3497.064124][ T6502]  ? __fget_files+0x3f3/0x470
[ 3497.068849][ T6502]  security_file_ioctl+0xc6/0x2a0
[ 3497.073927][ T6502]  __se_sys_ioctl+0x47/0x170
[ 3497.078562][ T6502]  do_syscall_64+0xf3/0x230
[ 3497.083105][ T6502]  ? clear_bhb_loop+0x35/0x90
[ 3497.087821][ T6502]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3497.093750][ T6502] RIP: 0033:0x7faedd37e719
[ 3497.098201][ T6502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3497.117855][ T6502] RSP: 002b:00007faedcdbd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3497.126316][ T6502] RAX: ffffffffffffffda RBX: 00007faedd536130 RCX: 00007faedd37e719
[ 3497.134347][ T6502] RDX: 00000000200002c0 RSI: 0000000000001269 RDI: 0000000000000008
[ 3497.142358][ T6502] RBP: 00007faedcdbd090 R08: 0000000000000000 R09: 0000000000000000
[ 3497.150365][ T6502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3497.158368][ T6502] R13: 0000000000000000 R14: 00007faedd536130 R15: 00007ffdcc62f9b8
[ 3497.166395][ T6502]  </TASK>
[ 3497.173740][ T6502] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 3498.827260][ T6512] xt_nat: multiple ranges no longer supported
[ 3498.836206][ T6512] netlink: 76 bytes leftover after parsing attributes in process `syz.3.8908'.
[ 3498.847254][ T6510] qnx4: no qnx4 filesystem (no root dir).
[ 3499.540433][ T6526] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8913'.
[ 3499.558816][ T6529] ubi: mtd0 is already attached to ubi0
[ 3499.744874][ T6534] binder: 6527:6534 ioctl 40046205 0 returned -22
[ 3500.245450][ T6538] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3500.901199][ T6542] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8917'.
[ 3502.886630][ T6563] xt_nat: multiple ranges no longer supported
[ 3502.896610][ T6563] netlink: 76 bytes leftover after parsing attributes in process `syz.1.8921'.
[ 3503.192084][ T6565] binder_alloc: binder_alloc_mmap_handler: 6555 20ffc000-20ffd000 already mapped failed -16
[ 3503.331675][ T6572] netlink: 'syz.3.8925': attribute type 1 has an invalid length.
[ 3503.341364][ T6572] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8925'.
[ 3503.564765][ T6577] qnx4: no qnx4 filesystem (no root dir).
[ 3504.241094][ T6578] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8922'.
[ 3504.946249][ T6586] ubi: mtd0 is already attached to ubi0
[ 3506.141827][ T6593] qnx4: no qnx4 filesystem (no root dir).
[ 3506.162547][ T6592] binder: 6583:6592 ioctl 40046205 0 returned -22
[ 3506.564927][ T6612] xt_nat: multiple ranges no longer supported
[ 3506.583174][ T6612] netlink: 76 bytes leftover after parsing attributes in process `syz.2.8936'.
[ 3507.811294][ T6627] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 3507.842810][ T1140] tipc: Subscription rejected, illegal request
[ 3510.434431][ T6647] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 3510.484670][ T6647] netlink: 'syz.2.8947': attribute type 10 has an invalid length.
[ 3510.499707][ T6647] bond0: (slave bond_slave_0): Releasing backup interface
[ 3511.259397][T28728] Bluetooth: hci3: command 0x0406 tx timeout
[ 3512.646605][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 3513.435478][ T6666] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 3513.460132][ T6705] tipc: Subscription rejected, illegal request
[ 3514.899171][ T6670] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 3515.840891][ T6677] loop5: detected capacity change from 0 to 16384
[ 3517.119422][ T6677] loop5: detected capacity change from 16384 to 16320
[ 3517.981195][ T6701] netlink: 'syz.3.8962': attribute type 4 has an invalid length.
[ 3518.123730][ T6702] netlink: 'syz.3.8962': attribute type 4 has an invalid length.
[ 3521.896003][   T29] audit: type=1326 audit(1730354028.637:3972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6710 comm="syz.4.8964" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faedd37e719 code=0x0
[ 3521.954169][T28728] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 3522.123493][T28728] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 3522.144967][T28728] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 3522.220775][T28728] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 3522.235562][T28728] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 3522.243909][T28728] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 3523.876753][ T6736] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8970'.
[ 3524.359819][T28728] Bluetooth: hci5: command tx timeout
[ 3525.128801][ T3558] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3525.259190][ T1909] usb 3-1: new high-speed USB device number 126 using dummy_hcd
[ 3525.414519][ T3558] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3525.429235][ T1909] usb 3-1: Using ep0 maxpacket: 8
[ 3525.458884][ T1909] usb 3-1: config 0 interface 0 altsetting 252 endpoint 0x81 has an invalid bInterval 253, changing to 11
[ 3525.545403][ T1909] usb 3-1: config 0 interface 0 altsetting 252 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3525.829630][ T1909] usb 3-1: config 0 interface 0 altsetting 252 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 3525.942248][ T6724] chnl_net:caif_netlink_parms(): no params data found
[ 3526.050227][ T6743] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 3526.062867][ T1909] usb 3-1: config 0 interface 0 has no altsetting 0
[ 3526.082215][ T6743] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 3526.099216][ T1909] usb 3-1: New USB device found, idVendor=11ff, idProduct=3331, bcdDevice= 0.00
[ 3526.152150][ T1909] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3526.182782][ T3558] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3526.194576][ T1909] usb 3-1: config 0 descriptor??
[ 3526.369614][T28728] Bluetooth: hci5: command tx timeout
[ 3526.410195][ T3558] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3526.478573][ T6743] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 3526.494339][ T6743] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 3526.570869][ T6762] netlink: 48 bytes leftover after parsing attributes in process `syz.1.8977'.
[ 3527.260929][ T6749] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8975'.
[ 3527.306412][ T1909] usbhid 3-1:0.0: can't add hid device: -71
[ 3527.312886][ T1909] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 3527.332914][ T1909] usb 3-1: USB disconnect, device number 126
[ 3527.447593][ T6743] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 3527.466408][ T6743] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[ 3527.479132][ T6724] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3527.488438][ T6724] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3527.499450][ T6724] bridge_slave_0: entered allmulticast mode
[ 3527.529344][ T6724] bridge_slave_0: entered promiscuous mode
[ 3527.599137][ T6724] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3527.606263][ T6724] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3527.638768][ T6724] bridge_slave_1: entered allmulticast mode
[ 3527.657825][ T6724] bridge_slave_1: entered promiscuous mode
[ 3527.781922][ T6724] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3527.819475][ T3558] bridge_slave_1: left allmulticast mode
[ 3527.825206][ T3558] bridge_slave_1: left promiscuous mode
[ 3527.839383][ T3558] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3527.858337][ T3558] bridge_slave_0: left allmulticast mode
[ 3527.879629][ T3558] bridge_slave_0: left promiscuous mode
[ 3527.887823][ T3558] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3528.795103][   T25] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[ 3528.989074][   T25] usb 4-1: Using ep0 maxpacket: 32
[ 3529.019639][   T25] usb 4-1: config 0 has no interfaces?
[ 3529.029100][   T25] usb 4-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[ 3529.079023][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3529.093021][   T25] usb 4-1: config 0 descriptor??
[ 3529.476234][ T6780] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 3529.488135][ T6780] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 3529.520697][ T6780] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8980'.
[ 3529.600250][   T25] usb 4-1: USB disconnect, device number 52
[ 3529.639375][T26216] usb 3-1: new full-speed USB device number 127 using dummy_hcd
[ 3529.805904][T26216] usb 3-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[ 3529.828343][T26216] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3529.849124][T26216] usb 3-1: Product: syz
[ 3529.859359][T26216] usb 3-1: Manufacturer: syz
[ 3529.864056][T26216] usb 3-1: SerialNumber: syz
[ 3529.903148][T26216] usb 3-1: config 0 descriptor??
[ 3530.080489][ T3558] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3530.173411][ T3558] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3530.190692][ T6812] delete_channel: no stack
[ 3530.513318][ T3558] bond0 (unregistering): Released all slaves
[ 3530.805383][ T6809] delete_channel: no stack
[ 3530.841695][ T6724] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3530.967391][T26216] rtl8150 3-1:0.0: couldn't reset the device
[ 3530.973909][T26216] rtl8150 3-1:0.0: probe with driver rtl8150 failed with error -5
[ 3531.004284][T26216] usb 3-1: USB disconnect, device number 127
[ 3531.085755][ T6816] FAULT_INJECTION: forcing a failure.
[ 3531.085755][ T6816] name failslab, interval 1, probability 0, space 0, times 0
[ 3531.098585][ T6816] CPU: 1 UID: 0 PID: 6816 Comm: syz.3.8991 Not tainted 6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[ 3531.109301][ T6816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 3531.119398][ T6816] Call Trace:
[ 3531.122722][ T6816]  <TASK>
[ 3531.125678][ T6816]  dump_stack_lvl+0x241/0x360
[ 3531.130406][ T6816]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3531.135659][ T6816]  ? __pfx__printk+0x10/0x10
[ 3531.140292][ T6816]  ? fs_reclaim_acquire+0x93/0x130
[ 3531.145447][ T6816]  ? __pfx___might_resched+0x10/0x10
[ 3531.150805][ T6816]  should_fail_ex+0x3b0/0x4e0
[ 3531.155525][ T6816]  ? tomoyo_encode+0x26f/0x540
[ 3531.160334][ T6816]  should_failslab+0xac/0x100
[ 3531.165092][ T6816]  ? tomoyo_encode+0x26f/0x540
[ 3531.169900][ T6816]  __kmalloc_noprof+0xd8/0x400
[ 3531.174775][ T6816]  tomoyo_encode+0x26f/0x540
[ 3531.179387][ T6816]  tomoyo_realpath_from_path+0x59e/0x5e0
[ 3531.185043][ T6816]  tomoyo_path_number_perm+0x23a/0x880
[ 3531.190532][ T6816]  ? tomoyo_path_number_perm+0x208/0x880
[ 3531.196183][ T6816]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 3531.202211][ T6816]  ? __fget_files+0x29/0x470
[ 3531.206838][ T6816]  ? __fget_files+0x3f3/0x470
[ 3531.211624][ T6816]  security_file_ioctl+0xc6/0x2a0
[ 3531.216668][ T6816]  __se_sys_ioctl+0x47/0x170
[ 3531.221277][ T6816]  do_syscall_64+0xf3/0x230
[ 3531.225819][ T6816]  ? clear_bhb_loop+0x35/0x90
[ 3531.230508][ T6816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3531.236423][ T6816] RIP: 0033:0x7fd952f7e719
[ 3531.240845][ T6816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3531.260487][ T6816] RSP: 002b:00007fd953df4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3531.268946][ T6816] RAX: ffffffffffffffda RBX: 00007fd953135f80 RCX: 00007fd952f7e719
[ 3531.277050][ T6816] RDX: 0000000020001140 RSI: 00000000c058560f RDI: 0000000000000003
[ 3531.285044][ T6816] RBP: 00007fd953df4090 R08: 0000000000000000 R09: 0000000000000000
[ 3531.293032][ T6816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3531.301018][ T6816] R13: 0000000000000000 R14: 00007fd953135f80 R15: 00007ffdf228f698
[ 3531.309035][ T6816]  </TASK>
[ 3531.312180][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3531.320403][ T6816] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 3531.425756][ T6724] team0: Port device team_slave_0 added
[ 3531.695503][ T6827] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8995'.
[ 3532.477864][ T3558] tipc: Left network mode
[ 3532.501178][ T6724] team0: Port device team_slave_1 added
[ 3532.731143][ T6724] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 3532.770551][ T6724] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3532.796839][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3532.819995][   T25] usb 2-1: new full-speed USB device number 24 using dummy_hcd
[ 3532.889428][ T6724] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 3532.916163][ T6724] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 3532.923574][ T6724] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3532.950733][ T6724] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 3533.072537][   T25] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 512, setting to 64
[ 3533.078189][ T6846] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8999'.
[ 3533.103842][   T25] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 3533.134257][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3533.157215][   T25] usb 2-1: Product: syz
[ 3533.171332][   T25] usb 2-1: Manufacturer: syz
[ 3533.191081][   T25] usb 2-1: SerialNumber: syz
[ 3533.297609][ T6834] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 3533.731806][   T25] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 24 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 3533.842824][ T6850] delete_channel: no stack
[ 3534.375288][ T6834] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 3534.395751][ T6834] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 3534.406548][   T25] usb 2-1: USB disconnect, device number 24
[ 3534.416065][ T6848] delete_channel: no stack
[ 3534.439266][   T25] usblp0: removed
[ 3534.510124][ T6724] hsr_slave_0: entered promiscuous mode
[ 3534.516926][ T6724] hsr_slave_1: entered promiscuous mode
[ 3534.539134][ T6724] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 3534.556523][ T6724] Cannot create hsr debugfs directory
[ 3534.842384][ T3558] hsr_slave_0: left promiscuous mode
[ 3534.858711][ T3558] hsr_slave_1: left promiscuous mode
[ 3534.888865][ T3558] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 3534.910691][ T3558] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 3534.967515][ T3558] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 3534.989180][ T3558] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 3535.094517][ T3558] veth1_macvtap: left promiscuous mode
[ 3535.109097][ T3558] veth0_macvtap: left promiscuous mode
[ 3535.116341][ T3558] veth1_vlan: left promiscuous mode
[ 3535.125091][ T3558] veth0_vlan: left promiscuous mode
[ 3535.153104][ T6871] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 3535.163143][ T1909] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[ 3535.291187][ T6871] nbd: must specify a size in bytes for the device
[ 3535.385702][ T6876] netlink: 48 bytes leftover after parsing attributes in process `syz.3.9006'.
[ 3536.149034][ T1909] usb 5-1: Using ep0 maxpacket: 8
[ 3536.158920][ T1909] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 15
[ 3536.168249][ T1909] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 3536.201291][ T1909] usb 5-1: New USB device found, idVendor=077d, idProduct=04aa, bcdDevice=5b.d8
[ 3536.221007][ T1909] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3536.229399][ T1909] usb 5-1: Product: syz
[ 3536.233611][ T1909] usb 5-1: Manufacturer: syz
[ 3536.238309][ T1909] usb 5-1: SerialNumber: syz
[ 3536.255809][ T1909] usb 5-1: config 0 descriptor??
[ 3536.267503][ T1909] powermate 5-1:0.0: probe with driver powermate failed with error -5
[ 3536.489250][ T2890] usb 5-1: USB disconnect, device number 90
[ 3537.265392][ T6891] tmpfs: Bad value for 'mpol'
[ 3537.324652][ T6893] siw: device registration error -23
[ 3537.524237][ T6900] delete_channel: no stack
[ 3538.154851][ T6895] delete_channel: no stack
[ 3538.988678][ T3558] team0 (unregistering): Port device team_slave_1 removed
[ 3539.080579][ T3558] team0 (unregistering): Port device team_slave_0 removed
[ 3539.817733][ T6901] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9010'.
[ 3539.840824][ T6901] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 3539.850251][ T6901] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 3539.859163][ T6901] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 3539.867890][ T6901] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 3539.880048][ T6901] vxlan0: entered promiscuous mode
[ 3539.906079][ T6907] ip6tnl1: entered promiscuous mode
[ 3539.919031][ T6908] netlink: 'syz.4.9013': attribute type 10 has an invalid length.
[ 3539.968341][ T6908] team0: Device ipvlan1 failed to register rx_handler
[ 3541.066733][ T1909] IPVS: starting estimator thread 0...
[ 3541.169187][ T6922] IPVS: using max 16 ests per chain, 38400 per kthread
[ 3541.283806][ T6937] input: syz0 as /devices/virtual/input/input80
[ 3541.329119][ T6930] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9022'.
[ 3541.612192][ T6944] delete_channel: no stack
[ 3542.237774][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3542.337294][ T6949] 9pnet: Could not find request transport: 
[ 3542.343789][ T6935] delete_channel: no stack
[ 3544.090881][   T29] audit: type=1326 audit(1730354050.777:3973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6973 comm="syz.3.9034" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd952f7e719 code=0x0
[ 3544.505053][T26216] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 3544.675901][ T6724] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 3544.813465][ T6724] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 3544.821365][T26216] usb 3-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[ 3544.833545][T26216] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3544.843121][   T29] audit: type=1326 audit(1730354051.577:3974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6977 comm="syz.4.9035" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faedd37e719 code=0x0
[ 3544.867645][ T6724] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 3544.887517][T26216] usb 3-1: config 0 descriptor??
[ 3544.899756][ T6724] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 3545.005338][ T6724] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3545.232513][ T6990] xt_nat: multiple ranges no longer supported
[ 3545.989168][ T6724] 8021q: adding VLAN 0 to HW filter on device team0
[ 3546.001267][T26216] pegasus 3-1:0.0: probe with driver pegasus failed with error -32
[ 3546.320516][ T6990] netlink: 76 bytes leftover after parsing attributes in process `syz.3.9038'.
[ 3546.449822][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3546.456990][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3546.664599][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3546.672274][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3547.135633][T26216] usb 3-1: USB disconnect, device number 2
[ 3547.416693][ T7011] netlink: 'syz.1.9041': attribute type 12 has an invalid length.
[ 3547.518794][ T6724] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 3548.126673][ T7027] delete_channel: no stack
[ 3548.686158][ T6724] veth0_vlan: entered promiscuous mode
[ 3548.692067][ T7022] delete_channel: no stack
[ 3548.775559][ T6724] veth1_vlan: entered promiscuous mode
[ 3548.934469][ T6724] veth0_macvtap: entered promiscuous mode
[ 3549.091206][ T6724] veth1_macvtap: entered promiscuous mode
[ 3549.424778][ T6724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3549.459207][ T6724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3549.485682][ T6724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3549.511525][ T6724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3549.532221][ T6724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3549.555717][ T6724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3549.576182][ T6724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3549.596588][ T6724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3549.627304][ T6724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3549.645490][ T6724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3549.657469][ T6724] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 3549.693790][ T6724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3549.708535][ T6724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3549.709635][ T5699] IPVS: starting estimator thread 0...
[ 3549.730566][ T7039] IPVS: nq: SCTP 127.0.0.1:0 - no destination available
[ 3549.747140][ T6724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3549.779815][ T6724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3549.810651][ T6724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3549.838420][ T6724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3549.866261][ T6724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3549.889309][ T6724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3549.902082][ T7040] IPVS: using max 17 ests per chain, 40800 per kthread
[ 3549.973601][ T7045] xt_nat: multiple ranges no longer supported
[ 3550.178572][ T6724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3550.321644][ T6724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3550.334527][ T7047] IPVS: nq: SCTP 127.0.0.1:0 - no destination available
[ 3550.705168][ T6724] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 3550.725429][ T6724] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3550.759935][ T6724] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3550.778974][ T6724] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3550.788635][ T6724] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3550.803645][ T7045] netlink: 76 bytes leftover after parsing attributes in process `syz.2.9049'.
[ 3551.252027][ T7050] 9pnet_fd: Insufficient options for proto=fd
[ 3551.279245][ T7055] IPVS: nq: SCTP 127.0.0.1:0 - no destination available
[ 3551.306507][ T7050] tmpfs: Bad value for 'mpol'
[ 3551.376297][ T1783] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3551.522133][ T1783] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3551.650308][ T3558] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3551.663332][ T3558] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3551.664488][ T7058] overlayfs: failed to get index nlink (file1/file0, err=-61)
[ 3552.863673][ T7071] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 3553.970882][ T7073] delete_channel: no stack
[ 3554.196730][ T7077] overlay: ./file0\ is not a directory
[ 3554.225723][ T7065] delete_channel: no stack
[ 3554.235331][ T7079] netlink: 96 bytes leftover after parsing attributes in process `syz.1.9056'.
[ 3554.341806][ T7077] overlay: ./file0\ is not a directory
[ 3554.529243][   T25] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[ 3554.836514][   T25] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 3554.880583][   T25] usb 2-1: New USB device found, idVendor=1bc7, idProduct=9010, bcdDevice=36.53
[ 3554.925754][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3554.995261][   T25] usb 2-1: config 0 descriptor??
[ 3555.023375][   T25] option 2-1:0.0: GSM modem (1-port) converter detected
[ 3555.630206][   T25] usb 2-1: USB disconnect, device number 25
[ 3555.650107][   T25] option 2-1:0.0: device disconnected
[ 3555.715639][ T7092] xt_nat: multiple ranges no longer supported
[ 3555.733426][ T7092] netlink: 76 bytes leftover after parsing attributes in process `syz.2.9061'.
[ 3556.732909][ T7106] FAULT_INJECTION: forcing a failure.
[ 3556.732909][ T7106] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3556.746522][ T7106] CPU: 0 UID: 0 PID: 7106 Comm: syz.1.9066 Not tainted 6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[ 3556.757257][ T7106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 3556.767345][ T7106] Call Trace:
[ 3556.770655][ T7106]  <TASK>
[ 3556.773655][ T7106]  dump_stack_lvl+0x241/0x360
[ 3556.778388][ T7106]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3556.783630][ T7106]  ? __pfx__printk+0x10/0x10
[ 3556.788271][ T7106]  ? snprintf+0xda/0x120
[ 3556.792566][ T7106]  should_fail_ex+0x3b0/0x4e0
[ 3556.797293][ T7106]  _copy_to_user+0x31/0xb0
[ 3556.801757][ T7106]  simple_read_from_buffer+0xca/0x150
[ 3556.807178][ T7106]  proc_fail_nth_read+0x1e9/0x250
[ 3556.812260][ T7106]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 3556.817861][ T7106]  ? rw_verify_area+0x568/0x6f0
[ 3556.822763][ T7106]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 3556.828359][ T7106]  vfs_read+0x1fc/0xb70
[ 3556.832578][ T7106]  ? fdget_pos+0x24e/0x320
[ 3556.837044][ T7106]  ? __pfx_vfs_read+0x10/0x10
[ 3556.841770][ T7106]  ? __fget_files+0x3f3/0x470
[ 3556.846507][ T7106]  ? fdget_pos+0x24e/0x320
[ 3556.850985][ T7106]  ksys_read+0x183/0x2b0
[ 3556.855276][ T7106]  ? __pfx_ksys_read+0x10/0x10
[ 3556.860083][ T7106]  ? do_syscall_64+0x100/0x230
[ 3556.864891][ T7106]  ? do_syscall_64+0xb6/0x230
[ 3556.869680][ T7106]  do_syscall_64+0xf3/0x230
[ 3556.874210][ T7106]  ? clear_bhb_loop+0x35/0x90
[ 3556.878910][ T7106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3556.884841][ T7106] RIP: 0033:0x7fa98e57d15c
[ 3556.889275][ T7106] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 3556.908899][ T7106] RSP: 002b:00007fa98f2f2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 3556.917348][ T7106] RAX: ffffffffffffffda RBX: 00007fa98e735f80 RCX: 00007fa98e57d15c
[ 3556.925353][ T7106] RDX: 000000000000000f RSI: 00007fa98f2f20a0 RDI: 0000000000000004
[ 3556.933483][ T7106] RBP: 00007fa98f2f2090 R08: 0000000000000000 R09: 0000000000000000
[ 3556.941498][ T7106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3556.949510][ T7106] R13: 0000000000000000 R14: 00007fa98e735f80 R15: 00007ffe54a66e38
[ 3556.957533][ T7106]  </TASK>
[ 3556.960939][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3557.232655][ T7117] netlink: 40 bytes leftover after parsing attributes in process `syz.3.9070'.
[ 3557.309239][ T7120] vlan2: entered promiscuous mode
[ 3557.316992][ T7120] vlan2: entered allmulticast mode
[ 3557.419118][ T7119] delete_channel: no stack
[ 3558.655317][ T7118] delete_channel: no stack
[ 3560.529947][   T29] audit: type=1800 audit(1730354067.267:3975): pid=7147 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.9077" name="/" dev="fuse" ino=1 res=0 errno=0
[ 3561.685637][ T7155] syzkaller0: entered promiscuous mode
[ 3561.691703][ T7155] syzkaller0: entered allmulticast mode
[ 3561.698777][T24472] syzkaller0: tun_net_xmit 48
[ 3563.800295][ T7167] tipc: Started in network mode
[ 3563.805248][ T7167] tipc: Node identity 1, cluster identity 4711
[ 3563.811796][ T7167] tipc: Node number set to 1
[ 3564.073726][ T7170] IPVS: nq: SCTP 127.0.0.1:0 - no destination available
[ 3565.905029][ T7177] delete_channel: no stack
[ 3566.271316][ T7194] overlayfs: missing 'workdir'
[ 3567.122946][ T7169] delete_channel: no stack
[ 3567.277913][ T2890] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[ 3567.466837][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3567.659089][ T2890] usb 2-1: Using ep0 maxpacket: 8
[ 3567.668271][ T2890] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee
[ 3567.677762][ T2890] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3567.686826][ T2890] usb 2-1: Product: syz
[ 3567.691233][ T2890] usb 2-1: Manufacturer: syz
[ 3567.695931][ T2890] usb 2-1: SerialNumber: syz
[ 3568.448999][ T2890] usb 2-1: config 0 descriptor??
[ 3568.693051][ T2890] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 3569.530095][ T2890] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[ 3569.541280][ T2890] usb 2-1: USB disconnect, device number 26
[ 3574.118793][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 3574.141132][ T7221] netlink: 48 bytes leftover after parsing attributes in process `syz.4.9093'.
[ 3574.427405][ T7226] netlink: 48 bytes leftover after parsing attributes in process `syz.3.9095'.
[ 3576.518377][ T7238] tipc: Started in network mode
[ 3576.523507][ T7238] tipc: Node identity 1, cluster identity 4711
[ 3576.529874][ T7238] tipc: Node number set to 1
[ 3577.267957][ T7247] unknown channel width for channel at 909000KHz?
[ 3577.765274][   T29] audit: type=1326 audit(1730354084.507:3976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7253 comm="syz.4.9103" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faedd37e719 code=0x0
[ 3579.235132][ T7275] netlink: 48 bytes leftover after parsing attributes in process `syz.3.9109'.
[ 3580.125455][ T7282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9111'.
[ 3580.497570][   T29] audit: type=1326 audit(1730354087.217:3977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7269 comm="syz.8.9108" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe335b7e719 code=0x0
[ 3581.000070][T28689] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 3581.013730][ T7294] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[ 3581.024622][T28689] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 3581.057379][T28689] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 3581.125133][ T7297] xt_nat: multiple ranges no longer supported
[ 3582.069993][T28689] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 3582.081977][T28689] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 3582.089829][T28689] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 3584.149164][T28689] Bluetooth: hci4: command tx timeout
[ 3586.949091][T28689] Bluetooth: hci4: command tx timeout
[ 3587.151966][ T7322] xt_NFQUEUE: number of queues (5055) out of range (got 69102)
[ 3587.277271][ T7330] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3587.815186][   T29] audit: type=1326 audit(1730354094.547:3978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7326 comm="syz.8.9124" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe335b7e719 code=0x0
[ 3587.996773][T28920] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3588.081912][ T7289] chnl_net:caif_netlink_parms(): no params data found
[ 3588.161772][ T7338] bridge0: port 1(gretap0) entered blocking state
[ 3588.172778][ T7338] bridge0: port 1(gretap0) entered disabled state
[ 3588.177862][ T7346] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9127'.
[ 3588.179656][ T7338] gretap0: entered allmulticast mode
[ 3588.195620][ T7338] gretap0: entered promiscuous mode
[ 3588.252808][T28920] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3589.060027][T28689] Bluetooth: hci4: command tx timeout
[ 3589.095029][T28920] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3589.835695][ T7289] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3589.843121][ T7289] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3589.850570][ T7289] bridge_slave_0: entered allmulticast mode
[ 3589.857735][ T7289] bridge_slave_0: entered promiscuous mode
[ 3589.866168][ T7289] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3589.873594][ T7289] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3589.881012][ T7289] bridge_slave_1: entered allmulticast mode
[ 3589.888130][ T7289] bridge_slave_1: entered promiscuous mode
[ 3590.944644][ T7289] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3591.206587][T28689] Bluetooth: hci4: command tx timeout
[ 3591.648616][T28920] netdevsim netdevsim2 netdevsim0 (unregistering): left promiscuous mode
[ 3592.236613][ T7378] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 3592.305569][ T7381] devpts: called with bogus options
[ 3592.401865][T28920] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3592.602054][ T7289] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3592.654302][ T7389] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 3592.799850][ T7289] team0: Port device team_slave_0 added
[ 3592.829921][ T7289] team0: Port device team_slave_1 added
[ 3592.850205][   T11] tipc: Subscription rejected, illegal request
[ 3592.940123][ T7289] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 3592.947166][ T7289] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3593.003737][ T7289] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 3593.033685][ T7289] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 3593.049018][ T7289] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3593.147753][ T7289] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 3593.891826][ T7399] netlink: 'syz.8.9141': attribute type 9 has an invalid length.
[ 3594.093881][ T7289] hsr_slave_0: entered promiscuous mode
[ 3594.125153][ T7289] hsr_slave_1: entered promiscuous mode
[ 3594.170016][T28920] 
€Â: left allmulticast mode
[ 3594.189091][T28920] 
€Â: left promiscuous mode
[ 3594.207758][T28920] bridge0: port 1(
€Â) entered disabled state
[ 3594.262340][T28920] bridge_slave_1: left allmulticast mode
[ 3594.268394][T28920] bridge_slave_1: left promiscuous mode
[ 3594.289452][T28920] bridge1: port 1(bridge_slave_1) entered disabled state
[ 3597.947815][ T7433] qnx4: no qnx4 filesystem (no root dir).
[ 3601.707901][T28920] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3601.732549][T28920] bond0 (unregistering): Released all slaves
[ 3601.754892][   T29] audit: type=1326 audit(1730354108.467:3979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7447 comm="syz.4.9153" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faedd37e719 code=0x0
[ 3602.122811][T28920] tipc: Left network mode
[ 3605.803268][ T7474] qnx4: no qnx4 filesystem (no root dir).
[ 3607.109852][ T7488] FAULT_INJECTION: forcing a failure.
[ 3607.109852][ T7488] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3607.151388][ T7488] CPU: 1 UID: 0 PID: 7488 Comm: syz.1.9164 Not tainted 6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[ 3607.162145][ T7488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 3607.172237][ T7488] Call Trace:
[ 3607.175548][ T7488]  <TASK>
[ 3607.178504][ T7488]  dump_stack_lvl+0x241/0x360
[ 3607.183235][ T7488]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3607.188472][ T7488]  ? __pfx__printk+0x10/0x10
[ 3607.193109][ T7488]  ? snprintf+0xda/0x120
[ 3607.197399][ T7488]  should_fail_ex+0x3b0/0x4e0
[ 3607.202124][ T7488]  _copy_to_user+0x31/0xb0
[ 3607.206590][ T7488]  simple_read_from_buffer+0xca/0x150
[ 3607.212014][ T7488]  proc_fail_nth_read+0x1e9/0x250
[ 3607.217081][ T7488]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 3607.222653][ T7488]  ? rw_verify_area+0x568/0x6f0
[ 3607.227532][ T7488]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 3607.233088][ T7488]  vfs_read+0x1fc/0xb70
[ 3607.237250][ T7488]  ? fdget_pos+0x24e/0x320
[ 3607.241692][ T7488]  ? __pfx_vfs_read+0x10/0x10
[ 3607.246508][ T7488]  ? __fget_files+0x3f3/0x470
[ 3607.251244][ T7488]  ? fdget_pos+0x24e/0x320
[ 3607.255752][ T7488]  ksys_read+0x183/0x2b0
[ 3607.260129][ T7488]  ? __pfx_ksys_read+0x10/0x10
[ 3607.265037][ T7488]  ? do_syscall_64+0x100/0x230
[ 3607.269848][ T7488]  ? do_syscall_64+0xb6/0x230
[ 3607.274572][ T7488]  do_syscall_64+0xf3/0x230
[ 3607.279119][ T7488]  ? clear_bhb_loop+0x35/0x90
[ 3607.283849][ T7488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3607.289767][ T7488] RIP: 0033:0x7fa98e57d15c
[ 3607.294193][ T7488] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 3607.313810][ T7488] RSP: 002b:00007fa98f2d1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 3607.322239][ T7488] RAX: ffffffffffffffda RBX: 00007fa98e736058 RCX: 00007fa98e57d15c
[ 3607.330226][ T7488] RDX: 000000000000000f RSI: 00007fa98f2d10a0 RDI: 0000000000000003
[ 3607.338209][ T7488] RBP: 00007fa98f2d1090 R08: 0000000000000000 R09: 0000000000000000
[ 3607.346192][ T7488] R10: 0000000040000262 R11: 0000000000000246 R12: 0000000000000001
[ 3607.354178][ T7488] R13: 0000000000000000 R14: 00007fa98e736058 R15: 00007ffe54a66e38
[ 3607.362175][ T7488]  </TASK>
[ 3607.613223][ T7492] netlink: 48 bytes leftover after parsing attributes in process `syz.8.9163'.
[ 3608.677431][T28920] hsr_slave_0: left promiscuous mode
[ 3608.694961][T28920] hsr_slave_1: left promiscuous mode
[ 3609.583891][ T7516] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 3610.334329][T28920] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 3610.386686][T28920] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 3611.052111][T28920] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 3611.060262][T28920] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 3611.126485][T28920] veth1_macvtap: left promiscuous mode
[ 3611.234881][T28920] veth0_macvtap: left promiscuous mode
[ 3611.255646][T28920] veth1_vlan: left promiscuous mode
[ 3611.267369][T28920] veth0_vlan: left promiscuous mode
[ 3611.463037][ T7521] netlink: 44 bytes leftover after parsing attributes in process `syz.3.9170'.
[ 3612.335649][T28920] team0 (unregistering): Port device team_slave_1 removed
[ 3612.417307][T28920] team0 (unregistering): Port device team_slave_0 removed
[ 3614.560411][ T7539] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9175'.
[ 3614.575986][ T7539] pim6reg: entered allmulticast mode
[ 3614.583439][ T7539] pim6reg: left allmulticast mode
[ 3616.842671][ T7558] netlink: 48 bytes leftover after parsing attributes in process `syz.3.9180'.
[ 3617.553172][ T7289] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 3617.573285][ T7289] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 3617.651974][ T7289] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 3617.717622][ T7289] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 3617.815412][T28920] IPVS: stop unused estimator thread 0...
[ 3617.912257][ T7289] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3617.951458][ T7289] 8021q: adding VLAN 0 to HW filter on device team0
[ 3617.976345][ T6886] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3617.983553][ T6886] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3618.036093][ T6886] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3618.043345][ T6886] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3618.336772][ T7289] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 3618.502818][ T7608] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9199'.
[ 3619.037885][ T7289] veth0_vlan: entered promiscuous mode
[ 3619.090365][ T7289] veth1_vlan: entered promiscuous mode
[ 3619.168619][ T7289] veth0_macvtap: entered promiscuous mode
[ 3619.197502][ T7289] veth1_macvtap: entered promiscuous mode
[ 3619.246013][ T7289] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3619.273738][ T7289] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3619.293721][ T7289] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3619.307439][ T7289] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3619.325118][ T7289] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3619.337648][ T7289] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3619.348205][ T7289] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3619.359841][ T7289] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3619.370142][ T7289] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3619.382464][ T7289] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3619.394322][ T7289] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 3619.417935][ T7632] sp0: Synchronizing with TNC
[ 3619.421360][ T7289] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3619.436447][ T7289] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3619.456644][ T7289] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3619.467819][ T7289] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3619.478652][ T7289] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3619.489995][ T7289] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3619.499907][ T7289] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3619.510675][ T7289] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3619.526898][ T7289] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3619.537692][ T7289] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3619.558410][ T7289] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 3619.589225][ T7636] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9208'.
[ 3619.612801][ T7636] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[ 3619.639422][ T7636] macsec1: entered promiscuous mode
[ 3619.660457][ T7289] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3619.688969][ T7289] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3619.697742][ T7289] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3619.736517][ T7289] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3619.919513][ T6886] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3619.929295][ T6886] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3619.976121][T28920] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3619.984144][T28920] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3620.287441][ T7661] can: request_module (can-proto-0) failed.
[ 3620.379263][ T5699] usb 2-1: new full-speed USB device number 27 using dummy_hcd
[ 3620.534215][ T5699] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 3620.556420][ T5699] usb 2-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[ 3620.569303][ T5699] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3620.577748][ T5699] usb 2-1: Product: syz
[ 3620.582323][ T5699] usb 2-1: Manufacturer: syz
[ 3620.587048][ T5699] usb 2-1: SerialNumber: syz
[ 3620.595539][ T5699] usb 2-1: config 0 descriptor??
[ 3620.602816][ T5699] hub 2-1:0.0: bad descriptor, ignoring hub
[ 3620.609828][ T5699] hub 2-1:0.0: probe with driver hub failed with error -5
[ 3620.620302][ T5699] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 3620.644132][ T5699] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -2
[ 3620.920583][T19498] usb 2-1: USB disconnect, device number 27
[ 3621.017418][T19498] kernel write not supported for file /snd/seq (pid: 19498 comm: kworker/0:7)
[ 3621.439877][   T25] usb 7-1: new low-speed USB device number 105 using dummy_hcd
[ 3621.591052][   T25] usb 7-1: config 5 has an invalid interface number: 241 but max is 0
[ 3621.604084][   T25] usb 7-1: config 5 has no interface number 0
[ 3621.613065][   T25] usb 7-1: config 5 interface 241 has no altsetting 0
[ 3621.623459][   T25] usb 7-1: string descriptor 0 read error: -22
[ 3621.631435][   T25] usb 7-1: New USB device found, idVendor=07ca, idProduct=8150, bcdDevice=31.92
[ 3621.642446][   T25] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3621.855406][ T7685] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 3621.876597][T19498] usb 7-1: USB disconnect, device number 105
[ 3622.101630][ T7707] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9234'.
[ 3622.331298][ T7713] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4154471757 (8308943514 ns) > initial count (334709606 ns). Using initial count to start timer.
[ 3622.361450][ T7721] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 3623.097661][   T29] audit: type=1326 audit(1730354129.837:3980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7757 comm="syz.8.9257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe335b7e719 code=0x7ffc0000
[ 3623.159795][ T7747] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9250'.
[ 3623.185100][   T29] audit: type=1326 audit(1730354129.837:3981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7757 comm="syz.8.9257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe335b7e719 code=0x7ffc0000
[ 3623.250260][   T29] audit: type=1326 audit(1730354129.837:3982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7757 comm="syz.8.9257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7fe335b7e719 code=0x7ffc0000
[ 3623.296862][   T29] audit: type=1326 audit(1730354129.837:3983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7757 comm="syz.8.9257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe335b7e719 code=0x7ffc0000
[ 3623.357090][   T29] audit: type=1326 audit(1730354129.837:3984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7757 comm="syz.8.9257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe335b7e719 code=0x7ffc0000
[ 3623.429787][   T29] audit: type=1326 audit(1730354129.987:3985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7759 comm="syz.4.9261" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7faedd37e719 code=0x0
[ 3623.848490][ T7784] batman_adv: batadv0: Adding interface: dummy0
[ 3623.872670][ T7784] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3623.899198][ T7783] [U] 
[ 3623.930450][ T7784] batman_adv: batadv0: Interface activated: dummy0
[ 3623.952820][ T7791] batadv0: mtu less than device minimum
[ 3623.973976][ T7791] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 3623.987802][ T7791] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 3624.000173][ T7791] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 3624.012755][ T7791] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 3624.025440][ T7791] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 3624.038129][ T7791] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 3624.050946][ T7791] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 3624.063584][ T7791] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 3624.076271][ T7791] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 3624.136835][ T7787] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9271'.
[ 3624.551836][ T7813] ip6gretap1: entered allmulticast mode
[ 3625.067968][ T7839] batman_adv: batadv0: Adding interface: dummy0
[ 3625.135349][ T7839] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3625.299018][ T7839] batman_adv: batadv0: Interface activated: dummy0
[ 3626.181488][ T7854] vlan2: entered promiscuous mode
[ 3626.206968][ T7854] vlan2: entered allmulticast mode
[ 3626.849549][ T5886] usb 7-1: new high-speed USB device number 106 using dummy_hcd
[ 3627.029212][ T5886] usb 7-1: Using ep0 maxpacket: 16
[ 3627.032279][ T5886] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 3627.032320][ T5886] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 3627.032365][ T5886] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 3627.032396][ T5886] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3627.034645][ T5886] usb 7-1: config 0 descriptor??
[ 3627.141074][ T7891] netlink: 'syz.4.9313': attribute type 1 has an invalid length.
[ 3627.829055][T19498] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[ 3627.985864][ T7913] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9322'.
[ 3628.009057][T19498] usb 2-1: Using ep0 maxpacket: 8
[ 3628.017848][T19498] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 3628.036290][T19498] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 3628.079222][T19498] usb 2-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[ 3628.088640][T19498] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3628.139709][T19498] usb 2-1: config 0 descriptor??
[ 3628.142882][T19498] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 3628.451519][ T5699] usb 2-1: USB disconnect, device number 28
[ 3629.485279][ T7978] netlink: 16 bytes leftover after parsing attributes in process `syz.8.9353'.
[ 3629.643460][ T5886] usbhid 7-1:0.0: can't add hid device: -71
[ 3629.689049][ T5886] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 3629.713742][ T5886] usb 7-1: USB disconnect, device number 106
[ 3629.825487][   T29] audit: type=1326 audit(1730354136.567:3986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7986 comm="syz.1.9359" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa98e57e719 code=0x0
[ 3631.178199][T19498] hid-generic 0000:0000:0000.004B: unknown main item tag 0x0
[ 3631.196345][T19498] hid-generic 0000:0000:0000.004B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 3631.550574][ T8045] cgroup: Unknown subsys name 'cpuset'
[ 3632.267329][ T8090] xt_NFQUEUE: number of queues (2) out of range (got 65536)
[ 3632.327083][ T8092] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[ 3632.598643][ T8108] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9410'.
[ 3633.314940][ T8143] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9423'.
[ 3633.439980][ T8149] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 3633.809522][ T2890] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[ 3633.999640][ T2890] usb 4-1: Using ep0 maxpacket: 16
[ 3634.018393][ T2890] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 3634.039307][ T2890] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3634.070919][ T2890] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 3634.117467][ T2890] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 3634.168567][ T2890] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3634.190669][T19498] usb 5-1: new full-speed USB device number 91 using dummy_hcd
[ 3634.210519][ T2890] usb 4-1: config 0 descriptor??
[ 3634.527180][T19498] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 3634.550641][T19498] usb 5-1: not running at top speed; connect to a high speed hub
[ 3634.571838][T19498] usb 5-1: config 1 interface 0 has no altsetting 0
[ 3634.588676][T19498] usb 5-1: New USB device found, idVendor=0c45, idProduct=5112, bcdDevice= 0.40
[ 3634.598271][T19498] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3634.606761][T19498] usb 5-1: Product: syz
[ 3634.611960][T19498] usb 5-1: Manufacturer: syz
[ 3634.632071][ T2890] microsoft 0003:045E:07DA.004C: No inputs registered, leaving
[ 3634.639105][T19498] usb 5-1: SerialNumber: syz
[ 3634.672008][ T2890] microsoft 0003:045E:07DA.004C: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[ 3634.699129][ T2890] microsoft 0003:045E:07DA.004C: no inputs found
[ 3634.719821][ T2890] microsoft 0003:045E:07DA.004C: could not initialize ff, continuing anyway
[ 3634.833588][ T2890] usb 4-1: USB disconnect, device number 53
[ 3634.875429][T19498] usbhid 5-1:1.0: can't add hid device: -71
[ 3634.881888][T19498] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[ 3634.908385][T19498] usb 5-1: USB disconnect, device number 91
[ 3635.179314][   T25] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[ 3635.261314][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 3635.330834][   T25] usb 2-1: config 0 has an invalid interface number: 39 but max is 0
[ 3635.347746][   T25] usb 2-1: config 0 has no interface number 0
[ 3635.374180][   T25] usb 2-1: New USB device found, idVendor=0a46, idProduct=8515, bcdDevice=df.0c
[ 3635.403931][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3635.427027][   T25] usb 2-1: Product: syz
[ 3635.441723][   T25] usb 2-1: Manufacturer: syz
[ 3635.487535][   T25] usb 2-1: SerialNumber: syz
[ 3635.508843][   T25] usb 2-1: config 0 descriptor??
[ 3635.532261][   T25] dm9601 2-1:0.39: probe with driver dm9601 failed with error -22
[ 3635.751879][ T5886] usb 2-1: USB disconnect, device number 29
[ 3636.002595][ T8240] netlink: 'syz.3.9468': attribute type 9 has an invalid length.
[ 3636.251491][ T8246] KVM: debugfs: duplicate directory 8246-4
[ 3636.615011][ T8259] net_ratelimit: 31 callbacks suppressed
[ 3636.615037][ T8259] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[ 3637.078749][T28728] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 3637.098473][T28728] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 3637.110031][T28728] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 3637.119676][T28728] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 3637.127510][T28728] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 3637.137638][T28728] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 3637.475305][ T8276] chnl_net:caif_netlink_parms(): no params data found
[ 3637.689065][ T3241] syz_tun: left promiscuous mode
[ 3637.746933][ T3241] team0: Port device vlan0 removed
[ 3637.839611][ T8276] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3637.869177][ T8276] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3637.886807][ T8276] bridge_slave_0: entered allmulticast mode
[ 3637.913539][ T8276] bridge_slave_0: entered promiscuous mode
[ 3638.042372][ T1783] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 3638.059421][ T1783] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3638.090826][ T8276] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3638.108287][ T8276] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3638.123016][ T8276] bridge_slave_1: entered allmulticast mode
[ 3638.159198][ T8276] bridge_slave_1: entered promiscuous mode
[ 3638.277877][ T1783] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 3638.297265][ T1783] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3638.336179][ T8276] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3638.367978][ T8276] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3638.493518][ T1783] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 3638.522936][ T1783] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3638.729395][ T1783] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 3638.740587][ T1783] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3638.777754][ T8276] team0: Port device team_slave_0 added
[ 3638.813913][ T8276] team0: Port device team_slave_1 added
[ 3638.950553][ T8276] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 3638.957584][ T8276] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3638.983626][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3638.993014][ T8276] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 3639.012382][ T8276] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 3639.024934][ T8276] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 3639.050954][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3639.088487][ T8276] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 3639.250210][T28728] Bluetooth: hci1: command tx timeout
[ 3639.281436][ T8276] hsr_slave_0: entered promiscuous mode
[ 3639.291148][ T8276] hsr_slave_1: entered promiscuous mode
[ 3639.304885][ T8276] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 3639.305684][ T8363] input: syz0 as /devices/virtual/input/input85
[ 3639.312799][ T8276] Cannot create hsr debugfs directory
[ 3639.494901][ T1783] gretap0: left allmulticast mode
[ 3639.500490][ T1783] gretap0: left promiscuous mode
[ 3639.509549][ T1783] bridge0: port 1(gretap0) entered disabled state
[ 3640.752281][ T1783] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3640.761357][ T8397] usb usb8: usbfs: process 8397 (syz.3.9535) did not claim interface 16 before use
[ 3640.776923][ T1783] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3640.828446][ T1783] bond0 (unregistering): Released all slaves
[ 3640.852826][ T1783] bond1 (unregistering): Released all slaves
[ 3640.909197][ T8400] netlink: 20 bytes leftover after parsing attributes in process `syz.6.9536'.
[ 3641.047507][ T1783] tipc: Left network mode
[ 3641.345135][T28689] Bluetooth: hci1: command tx timeout
[ 3641.479061][ T5886] usb 7-1: new high-speed USB device number 107 using dummy_hcd
[ 3641.659838][ T5886] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 3641.699030][ T5886] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 3641.708604][ T5886] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 3641.739122][ T5886] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3641.748264][ T5886] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3641.773331][ T5886] usb 7-1: Product: syz
[ 3641.777591][ T5886] usb 7-1: Manufacturer: syz
[ 3641.837624][ T5886] usb 7-1: SerialNumber: syz
[ 3641.857741][ T5886] cdc_ncm 7-1:1.0: invalid descriptor buffer length
[ 3641.871034][ T8430] netlink: 20 bytes leftover after parsing attributes in process `syz.8.9550'.
[ 3641.898937][ T5886] cdc_ncm 7-1:1.0: CDC Union missing and no IAD found
[ 3641.905900][ T5886] cdc_ncm 7-1:1.0: bind() failure
[ 3642.064240][ T5886] usb 7-1: USB disconnect, device number 107
[ 3642.102835][ T1783] hsr_slave_0: left promiscuous mode
[ 3642.118366][ T1783] hsr_slave_1: left promiscuous mode
[ 3642.169824][ T1783] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 3642.189264][ T1783] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 3642.203805][ T1783] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 3642.220141][ T1783] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 3642.279252][ T1783] veth1_macvtap: left promiscuous mode
[ 3642.284841][ T1783] veth0_macvtap: left promiscuous mode
[ 3642.307974][ T1783] veth1_vlan: left promiscuous mode
[ 3642.318236][ T1783] veth0_vlan: left promiscuous mode
[ 3642.519386][ T1783] pimreg (unregistering): left allmulticast mode
[ 3643.112663][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3643.426915][T28689] Bluetooth: hci1: command 0x040f tx timeout
[ 3643.621859][ T1783] team0 (unregistering): Port device team_slave_1 removed
[ 3643.762231][ T1783] team0 (unregistering): Port device team_slave_0 removed
[ 3644.039167][ T5699] usb 5-1: new high-speed USB device number 92 using dummy_hcd
[ 3644.233443][ T5699] usb 5-1: Using ep0 maxpacket: 8
[ 3644.252603][ T5699] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 3644.286840][ T5699] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3644.296869][ T5699] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 3644.341019][ T5699] usb 5-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[ 3644.358962][ T5699] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3644.389951][ T5699] usb 5-1: config 0 descriptor??
[ 3644.824692][ T5699] hid-picolcd 0003:04D8:C002.004D: item fetching failed at offset 6/7
[ 3644.839693][ T5699] hid-picolcd 0003:04D8:C002.004D: device report parse failed
[ 3644.847456][ T5699] hid-picolcd 0003:04D8:C002.004D: probe with driver hid-picolcd failed with error -22
[ 3645.026640][ T5886] usb 5-1: USB disconnect, device number 92
[ 3645.340322][ T8276] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 3645.410266][ T8276] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 3645.430480][ T8276] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 3645.458557][ T8276] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 3645.528431][T28728] Bluetooth: hci1: command 0x040f tx timeout
[ 3645.689843][ T8507] syz_tun: entered promiscuous mode
[ 3645.818615][ T8507] syz_tun (unregistering): left promiscuous mode
[ 3645.851188][ T8276] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3645.902633][ T8276] 8021q: adding VLAN 0 to HW filter on device team0
[ 3645.977302][ T8276] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 3645.987834][ T8276] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 3646.013118][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3646.020361][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3646.032217][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3646.039505][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3646.101421][ T8524] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9594'.
[ 3646.219455][   T25] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[ 3646.292761][ T8276] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 3646.342796][ T8276] veth0_vlan: entered promiscuous mode
[ 3646.365519][ T8276] veth1_vlan: entered promiscuous mode
[ 3646.383155][   T25] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 3646.393588][   T25] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 3646.425478][   T25] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 3646.437113][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 3646.454891][   T25] usb 4-1: SerialNumber: syz
[ 3646.490655][ T8276] veth0_macvtap: entered promiscuous mode
[ 3646.549467][ T8276] veth1_macvtap: entered promiscuous mode
[ 3646.595042][ T8276] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3646.616853][ T8276] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3646.633649][ T8276] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3646.655617][ T8276] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3646.671303][ T8276] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3646.692765][   T25] usb 4-1: 0:2 : does not exist
[ 3646.705368][ T8276] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3646.726288][   T25] usb 4-1: USB disconnect, device number 54
[ 3646.736164][ T8276] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3646.766510][ T8276] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3646.783848][ T8276] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 3646.803776][ T8276] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3646.828254][ T8276] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 3646.847728][ T8544] netlink: 'syz.4.9600': attribute type 4 has an invalid length.
[ 3646.875412][ T8276] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3646.896345][ T8276] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3646.916818][ T8276] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3646.936613][ T8276] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3646.956073][ T8276] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3646.971617][ T8276] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3646.987190][ T8276] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3646.997834][ T8276] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3647.007863][ T8276] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 3647.018816][ T8276] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 3647.034509][ T8276] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 3647.086206][ T8276] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3647.097315][ T8276] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3647.106143][ T8276] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3647.115039][ T8276] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3647.333043][T28920] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3647.342579][T28920] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3647.561375][ T1783] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3647.571418][T28728] Bluetooth: hci1: command 0x040f tx timeout
[ 3647.622408][ T1783] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3648.149735][ T2890] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[ 3648.177260][ T8599] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9623'.
[ 3648.202841][ T8602] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9625'.
[ 3648.334828][ T2890] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 3648.366540][ T2890] usb 4-1: New USB device found, idVendor=061c, idProduct=c0a4, bcdDevice=e9.c7
[ 3648.378158][ T2890] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3648.409344][ T2890] usb 4-1: Product: syz
[ 3648.413670][ T2890] usb 4-1: Manufacturer: syz
[ 3648.437123][ T2890] usb 4-1: SerialNumber: syz
[ 3648.456474][ T2890] usb 4-1: config 0 descriptor??
[ 3648.711182][ T2890] usb 4-1: USB disconnect, device number 55
[ 3648.939849][ T5699] usb 7-1: new high-speed USB device number 109 using dummy_hcd
[ 3649.005961][ T8635] "syz.8.9640" (8635) uses obsolete ecb(arc4) skcipher
[ 3649.149380][ T5699] usb 7-1: Using ep0 maxpacket: 8
[ 3649.156817][ T5699] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3649.167113][ T5699] usb 7-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[ 3649.177212][ T5699] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3649.202629][ T5699] usb 7-1: config 0 descriptor??
[ 3649.219077][ T2890] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[ 3649.221605][ T5699] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[ 3649.408795][ T8662] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9651'.
[ 3649.427755][ T2890] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 3649.445719][ T2890] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3649.479344][ T2890] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 3649.499412][ T2890] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3649.510235][ T2890] usb 5-1: config 0 descriptor??
[ 3649.640743][   T25] usb 7-1: USB disconnect, device number 109
[ 3650.144949][ T2890] hid-led 0003:27B8:01ED.004E: item fetching failed at offset 2/5
[ 3650.154218][ T2890] hid-led 0003:27B8:01ED.004E: probe with driver hid-led failed with error -22
[ 3650.213057][ T5699] usb 5-1: USB disconnect, device number 93
[ 3653.699093][ T2890] usb 5-1: new full-speed USB device number 94 using dummy_hcd
[ 3653.769055][   T29] audit: type=1326 audit(1730354160.507:3987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8829 comm="syz.8.9724" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe335b7e719 code=0x0
[ 3653.852310][ T2890] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 3653.863580][ T2890] usb 5-1: not running at top speed; connect to a high speed hub
[ 3653.874101][ T2890] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 1023, setting to 64
[ 3653.890076][ T2890] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3653.899692][ T2890] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3653.907917][ T2890] usb 5-1: Product: syz
[ 3653.912588][ T2890] usb 5-1: Manufacturer: syz
[ 3653.917406][ T2890] usb 5-1: SerialNumber: syz
[ 3653.927811][ T8817] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 3654.152355][ T2890] usb 5-1: bad CDC descriptors
[ 3654.170537][ T2890] usb 5-1: USB disconnect, device number 94
[ 3654.499025][ T5699] usb 7-1: new high-speed USB device number 110 using dummy_hcd
[ 3654.682544][ T5699] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 3654.691578][ T5699] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 3654.703679][ T5699] usb 7-1: config 1 has an invalid descriptor of length 36, skipping remainder of the config
[ 3654.715216][ T5699] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid maxpacket 33653, setting to 1024
[ 3654.769437][ T5699] usb 7-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 3654.842042][ T5699] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 3654.861980][ T5699] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3654.898290][ T5699] usb 7-1: Product: syz
[ 3654.912917][ T5699] usb 7-1: Manufacturer: syz
[ 3654.917592][ T5699] usb 7-1: SerialNumber: syz
[ 3655.067043][ T8881] netlink: 24 bytes leftover after parsing attributes in process `syz.4.9746'.
[ 3655.094954][ T8881] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 3655.267242][ T5699] usb 7-1: USB disconnect, device number 110
[ 3655.518655][ T8902] netlink: 32 bytes leftover after parsing attributes in process `syz.1.9756'.
[ 3655.700062][ T8911] input: syz1 as /devices/virtual/input/input89
[ 3655.887349][ T8921] netlink: 56 bytes leftover after parsing attributes in process `syz.1.9765'.
[ 3655.919258][ T8921] netlink: 56 bytes leftover after parsing attributes in process `syz.1.9765'.
[ 3656.373648][ T8950] netlink: 60 bytes leftover after parsing attributes in process `syz.6.9778'.
[ 3656.835128][ T8965] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9785'.
[ 3657.089117][ T5886] usb 7-1: new high-speed USB device number 111 using dummy_hcd
[ 3657.353475][ T5886] usb 7-1: New USB device found, idVendor=1de1, idProduct=c102, bcdDevice=7d.08
[ 3657.366349][ T5886] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3657.377774][ T5886] usb 7-1: Product: syz
[ 3657.395019][ T5886] usb 7-1: Manufacturer: syz
[ 3657.432218][ T5886] usb 7-1: SerialNumber: syz
[ 3657.465867][ T5886] usb 7-1: config 0 descriptor??
[ 3657.470072][ T8986] 
[ 3657.473215][ T8986] =====================================================
[ 3657.480158][ T8986] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[ 3657.487625][ T8986] 6.12.0-rc5-syzkaller-00047-g4236f913808c #0 Not tainted
[ 3657.494739][ T8986] -----------------------------------------------------
[ 3657.501672][ T8986] syz.1.9795/8986 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[ 3657.509311][ T8986] ffffffff8e60a058 (tasklist_lock){.+.+}-{2:2}, at: send_sigio+0x108/0x390
[ 3657.517962][ T8986] 
[ 3657.517962][ T8986] and this task is already holding:
[ 3657.525338][ T8986] ffff888056affe20 (&f_owner->lock){....}-{2:2}, at: send_sigio+0x37/0x390
[ 3657.533982][ T8986] which would create a new lock dependency:
[ 3657.539871][ T8986]  (&f_owner->lock){....}-{2:2} -> (tasklist_lock){.+.+}-{2:2}
[ 3657.547465][ T8986] 
[ 3657.547465][ T8986] but this new dependency connects a SOFTIRQ-irq-safe lock:
[ 3657.556912][ T8986]  (&dev->event_lock#2){..-.}-{2:2}
[ 3657.556951][ T8986] 
[ 3657.556951][ T8986] ... which became SOFTIRQ-irq-safe at:
[ 3657.569845][ T8986]   lock_acquire+0x1ed/0x550
[ 3657.574455][ T8986]   _raw_spin_lock_irqsave+0xd5/0x120
[ 3657.579854][ T8986]   input_inject_event+0xc5/0x340
[ 3657.584910][ T8986]   led_trigger_event+0x138/0x210
[ 3657.589945][ T8986]   kbd_bh+0x1b5/0x290
[ 3657.594018][ T8986]   tasklet_action_common+0x321/0x4d0
[ 3657.599403][ T8986]   handle_softirqs+0x2c5/0x980
[ 3657.604262][ T8986]   __irq_exit_rcu+0xf4/0x1c0
[ 3657.608948][ T8986]   irq_exit_rcu+0x9/0x30
[ 3657.613284][ T8986]   sysvec_apic_timer_interrupt+0xa6/0xc0
[ 3657.619007][ T8986]   asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 3657.625081][ T8986]   preempt_schedule_irq+0xf6/0x1c0
[ 3657.630309][ T8986]   irqentry_exit+0x5e/0x90
[ 3657.634820][ T8986]   asm_sysvec_reschedule_ipi+0x1a/0x20
[ 3657.640375][ T8986]   __tasklet_schedule_common+0x1fd/0x270
[ 3657.646115][ T8986]   vt_set_leds_compute_shiftstate+0x68/0x90
[ 3657.652109][ T8986]   redraw_screen+0x97c/0xe90
[ 3657.656796][ T8986]   complete_change_console+0xd1/0x730
[ 3657.662388][ T8986]   console_callback+0x17b/0x460
[ 3657.667368][ T8986]   process_scheduled_works+0xa63/0x1850
[ 3657.673030][ T8986]   worker_thread+0x870/0xd30
[ 3657.677739][ T8986]   kthread+0x2f0/0x390
[ 3657.681919][ T8986]   ret_from_fork+0x4b/0x80
[ 3657.686448][ T8986]   ret_from_fork_asm+0x1a/0x30
[ 3657.691349][ T8986] 
[ 3657.691349][ T8986] to a SOFTIRQ-irq-unsafe lock:
[ 3657.698371][ T8986]  (tasklist_lock){.+.+}-{2:2}
[ 3657.698403][ T8986] 
[ 3657.698403][ T8986] ... which became SOFTIRQ-irq-unsafe at:
[ 3657.711160][ T8986] ...
[ 3657.711170][ T8986]   lock_acquire+0x1ed/0x550
[ 3657.718364][ T8986]   _raw_read_lock+0x36/0x50
[ 3657.722979][ T8986]   __do_wait+0x12d/0x850
[ 3657.727603][ T8986]   do_wait+0x1e9/0x560
[ 3657.731768][ T8986]   kernel_wait+0xe9/0x240
[ 3657.736215][ T8986]   call_usermodehelper_exec_work+0xbd/0x230
[ 3657.742209][ T8986]   process_scheduled_works+0xa63/0x1850
[ 3657.747856][ T8986]   worker_thread+0x870/0xd30
[ 3657.752551][ T8986]   kthread+0x2f0/0x390
[ 3657.756711][ T8986]   ret_from_fork+0x4b/0x80
[ 3657.761229][ T8986]   ret_from_fork_asm+0x1a/0x30
[ 3657.766092][ T8986] 
[ 3657.766092][ T8986] other info that might help us debug this:
[ 3657.766092][ T8986] 
[ 3657.776326][ T8986] Chain exists of:
[ 3657.776326][ T8986]   &dev->event_lock#2 --> &f_owner->lock --> tasklist_lock
[ 3657.776326][ T8986] 
[ 3657.789399][ T8986]  Possible interrupt unsafe locking scenario:
[ 3657.789399][ T8986] 
[ 3657.797724][ T8986]        CPU0                    CPU1
[ 3657.803092][ T8986]        ----                    ----
[ 3657.808460][ T8986]   lock(tasklist_lock);
[ 3657.812742][ T8986]                                local_irq_disable();
[ 3657.819502][ T8986]                                lock(&dev->event_lock#2);
[ 3657.826758][ T8986]                                lock(&f_owner->lock);
[ 3657.833640][ T8986]   <Interrupt>
[ 3657.837104][ T8986]     lock(&dev->event_lock#2);
[ 3657.842170][ T8986] 
[ 3657.842170][ T8986]  *** DEADLOCK ***
[ 3657.842170][ T8986] 
[ 3657.850773][ T8986] 6 locks held by syz.1.9795/8986:
[ 3657.855899][ T8986]  #0: ffff88804c228420 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90
[ 3657.865083][ T8986]  #1: ffffffff8eaa28f0 (file_rwsem){++++}-{0:0}, at: __break_lease+0x3b3/0x1820
[ 3657.874282][ T8986]  #2: ffff88803256a9b8 (&ctx->flc_lock){+.+.}-{2:2}, at: __break_lease+0x3c0/0x1820
[ 3657.883802][ T8986]  #3: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x54/0x4f0
[ 3657.892935][ T8986]  #4: ffff888033ed2d38 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x199/0x4f0
[ 3657.902101][ T8986]  #5: ffff888056affe20 (&f_owner->lock){....}-{2:2}, at: send_sigio+0x37/0x390
[ 3657.911189][ T8986] 
[ 3657.911189][ T8986] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[ 3657.921642][ T8986]    -> (&dev->event_lock#2){..-.}-{2:2} {
[ 3657.927496][ T8986]       IN-SOFTIRQ-W at:
[ 3657.931743][ T8986]                           lock_acquire+0x1ed/0x550
[ 3657.938436][ T8986]                           _raw_spin_lock_irqsave+0xd5/0x120
[ 3657.945928][ T8986]                           input_inject_event+0xc5/0x340
[ 3657.953072][ T8986]                           led_trigger_event+0x138/0x210
[ 3657.960209][ T8986]                           kbd_bh+0x1b5/0x290
[ 3657.966472][ T8986]                           tasklet_action_common+0x321/0x4d0
[ 3657.974644][ T8986]                           handle_softirqs+0x2c5/0x980
[ 3657.981594][ T8986]                           __irq_exit_rcu+0xf4/0x1c0
[ 3657.988371][ T8986]                           irq_exit_rcu+0x9/0x30
[ 3657.994801][ T8986]                           sysvec_apic_timer_interrupt+0xa6/0xc0
[ 3658.002620][ T8986]                           asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 3658.010803][ T8986]                           preempt_schedule_irq+0xf6/0x1c0
[ 3658.018098][ T8986]                           irqentry_exit+0x5e/0x90
[ 3658.024717][ T8986]                           asm_sysvec_reschedule_ipi+0x1a/0x20
[ 3658.032650][ T8986]                           __tasklet_schedule_common+0x1fd/0x270
[ 3658.040484][ T8986]                           vt_set_leds_compute_shiftstate+0x68/0x90
[ 3658.048660][ T8986]                           redraw_screen+0x97c/0xe90
[ 3658.055432][ T8986]                           complete_change_console+0xd1/0x730
[ 3658.062986][ T8986]                           console_callback+0x17b/0x460
[ 3658.070022][ T8986]                           process_scheduled_works+0xa63/0x1850
[ 3658.077807][ T8986]                           worker_thread+0x870/0xd30
[ 3658.084602][ T8986]                           kthread+0x2f0/0x390
[ 3658.090865][ T8986]                           ret_from_fork+0x4b/0x80
[ 3658.097718][ T8986]                           ret_from_fork_asm+0x1a/0x30
[ 3658.104715][ T8986]       INITIAL USE at:
[ 3658.108899][ T8986]                          lock_acquire+0x1ed/0x550
[ 3658.115620][ T8986]                          _raw_spin_lock_irqsave+0xd5/0x120
[ 3658.123060][ T8986]                          input_inject_event+0xc5/0x340
[ 3658.130211][ T8986]                          kbd_led_trigger_activate+0xb8/0x100
[ 3658.137804][ T8986]                          led_trigger_set+0x582/0x9c0
[ 3658.144759][ T8986]                          led_trigger_set_default+0x229/0x260
[ 3658.152320][ T8986]                          led_classdev_register_ext+0x6e6/0x8a0
[ 3658.160060][ T8986]                          input_leds_connect+0x489/0x630
[ 3658.167193][ T8986]                          input_register_device+0xd3b/0x1110
[ 3658.174659][ T8986]                          atkbd_connect+0x752/0xa00
[ 3658.181346][ T8986]                          serio_driver_probe+0x7f/0xa0
[ 3658.188294][ T8986]                          really_probe+0x2b8/0xad0
[ 3658.194901][ T8986]                          __driver_probe_device+0x1a2/0x390
[ 3658.202293][ T8986]                          driver_probe_device+0x50/0x430
[ 3658.209863][ T8986]                          __driver_attach+0x45f/0x710
[ 3658.216828][ T8986]                          bus_for_each_dev+0x239/0x2b0
[ 3658.223783][ T8986]                          serio_handle_event+0x1c7/0x920
[ 3658.230907][ T8986]                          process_scheduled_works+0xa63/0x1850
[ 3658.238562][ T8986]                          worker_thread+0x870/0xd30
[ 3658.245256][ T8986]                          kthread+0x2f0/0x390
[ 3658.251414][ T8986]                          ret_from_fork+0x4b/0x80
[ 3658.257929][ T8986]                          ret_from_fork_asm+0x1a/0x30
[ 3658.264794][ T8986]     }
[ 3658.267561][ T8986]     ... key      at: [<ffffffff9a71e6a0>] input_allocate_device.__key.5+0x0/0x20
[ 3658.276862][ T8986]   -> (&client->buffer_lock){....}-{2:2} {
[ 3658.282817][ T8986]      INITIAL USE at:
[ 3658.286981][ T8986]                        lock_acquire+0x1ed/0x550
[ 3658.293456][ T8986]                        _raw_spin_lock+0x2e/0x40
[ 3658.299893][ T8986]                        evdev_pass_values+0xf2/0xad0
[ 3658.306751][ T8986]                        evdev_events+0x1c2/0x300
[ 3658.313175][ T8986]                        input_pass_values+0x286/0x860
[ 3658.320035][ T8986]                        input_event_dispose+0x30f/0x600
[ 3658.327084][ T8986]                        input_handle_event+0xa71/0xbe0
[ 3658.334031][ T8986]                        input_inject_event+0x22f/0x340
[ 3658.340988][ T8986]                        evdev_write+0x5fd/0x790
[ 3658.347328][ T8986]                        vfs_write+0x2a3/0xd30
[ 3658.353492][ T8986]                        ksys_write+0x183/0x2b0
[ 3658.359743][ T8986]                        do_syscall_64+0xf3/0x230
[ 3658.366168][ T8986]                        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3658.373981][ T8986]    }
[ 3658.376656][ T8986]    ... key      at: [<ffffffff9a71e940>] evdev_open.__key.24+0x0/0x20
[ 3658.385001][ T8986]    ... acquired at:
[ 3658.388979][ T8986]    lock_acquire+0x1ed/0x550
[ 3658.393669][ T8986]    _raw_spin_lock+0x2e/0x40
[ 3658.398382][ T8986]    evdev_pass_values+0xf2/0xad0
[ 3658.403421][ T8986]    evdev_events+0x1c2/0x300
[ 3658.408132][ T8986]    input_pass_values+0x286/0x860
[ 3658.413258][ T8986]    input_event_dispose+0x30f/0x600
[ 3658.418555][ T8986]    input_handle_event+0xa71/0xbe0
[ 3658.423768][ T8986]    input_inject_event+0x22f/0x340
[ 3658.428981][ T8986]    evdev_write+0x5fd/0x790
[ 3658.433580][ T8986]    vfs_write+0x2a3/0xd30
[ 3658.438008][ T8986]    ksys_write+0x183/0x2b0
[ 3658.442535][ T8986]    do_syscall_64+0xf3/0x230
[ 3658.447323][ T8986]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3658.453434][ T8986] 
[ 3658.455761][ T8986]  -> (&new->fa_lock){....}-{2:2} {
[ 3658.461016][ T8986]     INITIAL USE at:
[ 3658.465010][ T8986]                      lock_acquire+0x1ed/0x550
[ 3658.471380][ T8986]                      _raw_write_lock_irq+0xd3/0x120
[ 3658.478175][ T8986]                      fasync_remove_entry+0xff/0x1d0
[ 3658.485250][ T8986]                      sock_fasync+0x87/0x100
[ 3658.491432][ T8986]                      __fput+0x71b/0x880
[ 3658.497175][ T8986]                      task_work_run+0x24f/0x310
[ 3658.503550][ T8986]                      syscall_exit_to_user_mode+0x168/0x370
[ 3658.510956][ T8986]                      do_syscall_64+0x100/0x230
[ 3658.517387][ T8986]                      entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3658.525046][ T8986]     INITIAL READ USE at:
[ 3658.529494][ T8986]                           lock_acquire+0x1ed/0x550
[ 3658.536203][ T8986]                           _raw_read_lock_irqsave+0xdd/0x130
[ 3658.543680][ T8986]                           kill_fasync+0x199/0x4f0
[ 3658.550311][ T8986]                           sock_wake_async+0x147/0x170
[ 3658.557263][ T8986]                           sk_wake_async+0x183/0x280
[ 3658.564063][ T8986]                           unix_release_sock+0x727/0xd00
[ 3658.571188][ T8986]                           unix_release+0x91/0xc0
[ 3658.577698][ T8986]                           sock_close+0xbc/0x240
[ 3658.584148][ T8986]                           __fput+0x23f/0x880
[ 3658.590322][ T8986]                           task_work_run+0x24f/0x310
[ 3658.597440][ T8986]                           get_signal+0x15e8/0x1740
[ 3658.604219][ T8986]                           arch_do_signal_or_restart+0x96/0x860
[ 3658.611958][ T8986]                           syscall_exit_to_user_mode+0xc9/0x370
[ 3658.619699][ T8986]                           do_syscall_64+0x100/0x230
[ 3658.626474][ T8986]                           entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3658.634546][ T8986]   }
[ 3658.637136][ T8986]   ... key      at: [<ffffffff9a40eec0>] fasync_insert_entry.__key+0x0/0x20
[ 3658.645916][ T8986]   ... acquired at:
[ 3658.649807][ T8986]    lock_acquire+0x1ed/0x550
[ 3658.654499][ T8986]    _raw_read_lock_irqsave+0xdd/0x130
[ 3658.659985][ T8986]    kill_fasync+0x199/0x4f0
[ 3658.664601][ T8986]    evdev_pass_values+0x58a/0xad0
[ 3658.669724][ T8986]    evdev_events+0x1c2/0x300
[ 3658.674441][ T8986]    input_pass_values+0x286/0x860
[ 3658.679587][ T8986]    input_event_dispose+0x30f/0x600
[ 3658.684900][ T8986]    input_handle_event+0xa71/0xbe0
[ 3658.690149][ T8986]    input_inject_event+0x22f/0x340
[ 3658.695393][ T8986]    evdev_write+0x5fd/0x790
[ 3658.699993][ T8986]    vfs_write+0x2a3/0xd30
[ 3658.704440][ T8986]    ksys_write+0x183/0x2b0
[ 3658.708961][ T8986]    do_syscall_64+0xf3/0x230
[ 3658.713662][ T8986]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3658.719745][ T8986] 
[ 3658.722074][ T8986] -> (&f_owner->lock){....}-{2:2} {
[ 3658.727305][ T8986]    INITIAL USE at:
[ 3658.731241][ T8986]                    lock_acquire+0x1ed/0x550
[ 3658.737325][ T8986]                    _raw_write_lock_irq+0xd3/0x120
[ 3658.743921][ T8986]                    __f_setown+0x6b/0x380
[ 3658.749756][ T8986]                    f_setown+0x243/0x310
[ 3658.755480][ T8986]                    do_fcntl+0x115/0x1a60
[ 3658.761295][ T8986]                    __se_sys_fcntl+0xd2/0x1e0
[ 3658.767456][ T8986]                    do_syscall_64+0xf3/0x230
[ 3658.773532][ T8986]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3658.781781][ T8986]    INITIAL READ USE at:
[ 3658.786140][ T8986]                         lock_acquire+0x1ed/0x550
[ 3658.792656][ T8986]                         _raw_read_lock_irqsave+0xdd/0x130
[ 3658.799986][ T8986]                         send_sigio+0x37/0x390
[ 3658.806247][ T8986]                         kill_fasync+0x256/0x4f0
[ 3658.812681][ T8986]                         sock_wake_async+0x147/0x170
[ 3658.819478][ T8986]                         sk_wake_async+0x183/0x280
[ 3658.826095][ T8986]                         unix_release_sock+0x727/0xd00
[ 3658.833078][ T8986]                         unix_release+0x91/0xc0
[ 3658.839425][ T8986]                         sock_close+0xbc/0x240
[ 3658.845684][ T8986]                         __fput+0x23f/0x880
[ 3658.851681][ T8986]                         task_work_run+0x24f/0x310
[ 3658.858282][ T8986]                         get_signal+0x15e8/0x1740
[ 3658.864811][ T8986]                         arch_do_signal_or_restart+0x96/0x860
[ 3658.872385][ T8986]                         syscall_exit_to_user_mode+0xc9/0x370
[ 3658.880056][ T8986]                         do_syscall_64+0x100/0x230
[ 3658.886685][ T8986]                         entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3658.894598][ T8986]  }
[ 3658.897105][ T8986]  ... key      at: [<ffffffff9a40eea0>] file_f_owner_allocate.__key+0x0/0x20
[ 3658.905964][ T8986]  ... acquired at:
[ 3658.909777][ T8986]    lock_acquire+0x1ed/0x550
[ 3658.914473][ T8986]    _raw_read_lock_irqsave+0xdd/0x130
[ 3658.919944][ T8986]    send_sigio+0x37/0x390
[ 3658.924388][ T8986]    kill_fasync+0x256/0x4f0
[ 3658.928990][ T8986]    sock_wake_async+0x147/0x170
[ 3658.933937][ T8986]    sk_wake_async+0x183/0x280
[ 3658.938717][ T8986]    unix_release_sock+0x727/0xd00
[ 3658.943836][ T8986]    unix_release+0x91/0xc0
[ 3658.948345][ T8986]    sock_close+0xbc/0x240
[ 3658.952776][ T8986]    __fput+0x23f/0x880
[ 3658.956944][ T8986]    task_work_run+0x24f/0x310
[ 3658.961721][ T8986]    get_signal+0x15e8/0x1740
[ 3658.966429][ T8986]    arch_do_signal_or_restart+0x96/0x860
[ 3658.972185][ T8986]    syscall_exit_to_user_mode+0xc9/0x370
[ 3658.977928][ T8986]    do_syscall_64+0x100/0x230
[ 3658.982725][ T8986]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3658.988814][ T8986] 
[ 3658.991152][ T8986] 
[ 3658.991152][ T8986] the dependencies between the lock to be acquired
[ 3658.991165][ T8986]  and SOFTIRQ-irq-unsafe lock:
[ 3659.004689][ T8986] -> (tasklist_lock){.+.+}-{2:2} {
[ 3659.009843][ T8986]    HARDIRQ-ON-R at:
[ 3659.013834][ T8986]                     lock_acquire+0x1ed/0x550
[ 3659.020100][ T8986]                     _raw_read_lock+0x36/0x50
[ 3659.026273][ T8986]                     __do_wait+0x12d/0x850
[ 3659.032195][ T8986]                     do_wait+0x1e9/0x560
[ 3659.037920][ T8986]                     kernel_wait+0xe9/0x240
[ 3659.043910][ T8986]                     call_usermodehelper_exec_work+0xbd/0x230
[ 3659.051473][ T8986]                     process_scheduled_works+0xa63/0x1850
[ 3659.058679][ T8986]                     worker_thread+0x870/0xd30
[ 3659.064933][ T8986]                     kthread+0x2f0/0x390
[ 3659.070843][ T8986]                     ret_from_fork+0x4b/0x80
[ 3659.076928][ T8986]                     ret_from_fork_asm+0x1a/0x30
[ 3659.083361][ T8986]    SOFTIRQ-ON-R at:
[ 3659.087350][ T8986]                     lock_acquire+0x1ed/0x550
[ 3659.093536][ T8986]                     _raw_read_lock+0x36/0x50
[ 3659.099705][ T8986]                     __do_wait+0x12d/0x850
[ 3659.105617][ T8986]                     do_wait+0x1e9/0x560
[ 3659.111374][ T8986]                     kernel_wait+0xe9/0x240
[ 3659.117381][ T8986]                     call_usermodehelper_exec_work+0xbd/0x230
[ 3659.124954][ T8986]                     process_scheduled_works+0xa63/0x1850
[ 3659.132169][ T8986]                     worker_thread+0x870/0xd30
[ 3659.138421][ T8986]                     kthread+0x2f0/0x390
[ 3659.144143][ T8986]                     ret_from_fork+0x4b/0x80
[ 3659.150225][ T8986]                     ret_from_fork_asm+0x1a/0x30
[ 3659.156654][ T8986]    INITIAL USE at:
[ 3659.160555][ T8986]                    lock_acquire+0x1ed/0x550
[ 3659.166643][ T8986]                    _raw_write_lock_irq+0xd3/0x120
[ 3659.173236][ T8986]                    copy_process+0x2267/0x3d50
[ 3659.179491][ T8986]                    kernel_clone+0x223/0x880
[ 3659.185575][ T8986]                    user_mode_thread+0x132/0x1a0
[ 3659.192005][ T8986]                    rest_init+0x23/0x300
[ 3659.197737][ T8986]                    start_kernel+0x47f/0x500
[ 3659.203816][ T8986]                    x86_64_start_reservations+0x2a/0x30
[ 3659.210853][ T8986]                    x86_64_start_kernel+0x9f/0xa0
[ 3659.217368][ T8986]                    common_startup_64+0x13e/0x147
[ 3659.223888][ T8986]    INITIAL READ USE at:
[ 3659.228231][ T8986]                         lock_acquire+0x1ed/0x550
[ 3659.234751][ T8986]                         _raw_read_lock+0x36/0x50
[ 3659.241291][ T8986]                         __do_wait+0x12d/0x850
[ 3659.247539][ T8986]                         do_wait+0x1e9/0x560
[ 3659.253620][ T8986]                         kernel_wait+0xe9/0x240
[ 3659.259959][ T8986]                         call_usermodehelper_exec_work+0xbd/0x230
[ 3659.267883][ T8986]                         process_scheduled_works+0xa63/0x1850
[ 3659.275457][ T8986]                         worker_thread+0x870/0xd30
[ 3659.282085][ T8986]                         kthread+0x2f0/0x390
[ 3659.288190][ T8986]                         ret_from_fork+0x4b/0x80
[ 3659.294623][ T8986]                         ret_from_fork_asm+0x1a/0x30
[ 3659.301398][ T8986]  }
[ 3659.303898][ T8986]  ... key      at: [<ffffffff8e60a058>] tasklist_lock+0x18/0x40
[ 3659.311729][ T8986]  ... acquired at:
[ 3659.315543][ T8986]    lock_acquire+0x1ed/0x550
[ 3659.320243][ T8986]    _raw_read_lock+0x36/0x50
[ 3659.324945][ T8986]    send_sigio+0x108/0x390
[ 3659.329458][ T8986]    kill_fasync+0x256/0x4f0
[ 3659.334054][ T8986]    lease_break_callback+0x26/0x30
[ 3659.339260][ T8986]    __break_lease+0x6d5/0x1820
[ 3659.344124][ T8986]    do_dentry_open+0x8d4/0x1460
[ 3659.349151][ T8986]    vfs_open+0x3e/0x330
[ 3659.353413][ T8986]    path_openat+0x2c84/0x3590
[ 3659.358205][ T8986]    do_filp_open+0x235/0x490
[ 3659.362976][ T8986]    do_sys_openat2+0x13e/0x1d0
[ 3659.367833][ T8986]    __x64_sys_creat+0x123/0x170
[ 3659.372793][ T8986]    do_syscall_64+0xf3/0x230
[ 3659.377486][ T8986]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3659.383561][ T8986] 
[ 3659.385885][ T8986] 
[ 3659.385885][ T8986] stack backtrace:
[ 3659.391781][ T8986] CPU: 0 UID: 0 PID: 8986 Comm: syz.1.9795 Not tainted 6.12.0-rc5-syzkaller-00047-g4236f913808c #0
[ 3659.402456][ T8986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 3659.412513][ T8986] Call Trace:
[ 3659.415796][ T8986]  <TASK>
[ 3659.418744][ T8986]  dump_stack_lvl+0x241/0x360
[ 3659.423441][ T8986]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3659.428712][ T8986]  ? __pfx__printk+0x10/0x10
[ 3659.433317][ T8986]  ? print_shortest_lock_dependencies+0xf2/0x160
[ 3659.439668][ T8986]  validate_chain+0x4ebd/0x5920
[ 3659.444539][ T8986]  ? __pfx_validate_chain+0x10/0x10
[ 3659.449748][ T8986]  ? __pfx_validate_chain+0x10/0x10
[ 3659.454963][ T8986]  ? __lock_acquire+0x1384/0x2050
[ 3659.460005][ T8986]  ? mark_lock+0x9a/0x360
[ 3659.464344][ T8986]  __lock_acquire+0x1384/0x2050
[ 3659.469219][ T8986]  lock_acquire+0x1ed/0x550
[ 3659.473738][ T8986]  ? send_sigio+0x108/0x390
[ 3659.478254][ T8986]  ? __pfx_lock_acquire+0x10/0x10
[ 3659.483311][ T8986]  ? __pfx_lock_acquire+0x10/0x10
[ 3659.488358][ T8986]  ? do_raw_read_lock+0x3c/0x90
[ 3659.493221][ T8986]  ? _raw_read_lock_irqsave+0xe9/0x130
[ 3659.498692][ T8986]  ? __pfx__raw_read_lock_irqsave+0x10/0x10
[ 3659.504601][ T8986]  ? _raw_read_lock_irqsave+0xe9/0x130
[ 3659.510063][ T8986]  _raw_read_lock+0x36/0x50
[ 3659.514577][ T8986]  ? send_sigio+0x108/0x390
[ 3659.519114][ T8986]  send_sigio+0x108/0x390
[ 3659.523464][ T8986]  kill_fasync+0x256/0x4f0
[ 3659.527891][ T8986]  ? kill_fasync+0x54/0x4f0
[ 3659.532412][ T8986]  lease_break_callback+0x26/0x30
[ 3659.537447][ T8986]  __break_lease+0x6d5/0x1820
[ 3659.542164][ T8986]  ? __pfx___break_lease+0x10/0x10
[ 3659.547312][ T8986]  ? tomoyo_file_open+0x165/0x220
[ 3659.552342][ T8986]  ? bpf_lsm_file_open+0x9/0x10
[ 3659.557195][ T8986]  ? security_file_open+0x509/0x990
[ 3659.562407][ T8986]  do_dentry_open+0x8d4/0x1460
[ 3659.567179][ T8986]  vfs_open+0x3e/0x330
[ 3659.571258][ T8986]  path_openat+0x2c84/0x3590
[ 3659.575877][ T8986]  ? __pfx_path_openat+0x10/0x10
[ 3659.580842][ T8986]  do_filp_open+0x235/0x490
[ 3659.585356][ T8986]  ? __pfx_do_filp_open+0x10/0x10
[ 3659.590525][ T8986]  ? _raw_spin_unlock+0x28/0x50
[ 3659.595436][ T8986]  ? alloc_fd+0x5a1/0x640
[ 3659.599849][ T8986]  do_sys_openat2+0x13e/0x1d0
[ 3659.604557][ T8986]  ? __pfx_do_futex+0x10/0x10
[ 3659.609264][ T8986]  ? __pfx_do_sys_openat2+0x10/0x10
[ 3659.614568][ T8986]  __x64_sys_creat+0x123/0x170
[ 3659.619348][ T8986]  ? __pfx___x64_sys_creat+0x10/0x10
[ 3659.624662][ T8986]  ? do_syscall_64+0x100/0x230
[ 3659.629445][ T8986]  ? do_syscall_64+0xb6/0x230
[ 3659.634159][ T8986]  do_syscall_64+0xf3/0x230
[ 3659.638707][ T8986]  ? clear_bhb_loop+0x35/0x90
[ 3659.643440][ T8986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3659.649375][ T8986] RIP: 0033:0x7f047a57e719
[ 3659.653809][ T8986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3659.673447][ T8986] RSP: 002b:00007f047b327038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[ 3659.681884][ T8986] RAX: ffffffffffffffda RBX: 00007f047a735f80 RCX: 00007f047a57e719
[ 3659.689878][ T8986] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100
[ 3659.697960][ T8986] RBP: 00007f047a5f132e R08: 0000000000000000 R09: 0000000000000000
[ 3659.705955][ T8986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 3659.713968][ T8986] R13: 0000000000000000 R14: 00007f047a735f80 R15: 00007fffce775d68
[ 3659.721978][ T8986]  </TASK>
[ 3659.725029][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3659.811152][ T5886] usb 7-1: can't set config #0, error -71
[ 3659.825335][ T5886] usb 7-1: USB disconnect, device number 111