last executing test programs:

12m44.032680417s ago: executing program 3 (id=13):
r0 = socket$kcm(0xa, 0xd, 0x11)
setsockopt$sock_attach_bpf(r0, 0x29, 0x24, &(0x7f00000000c0), 0x4)
syz_emit_ethernet(0x46, &(0x7f0000000140)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x27}, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0x0, @dev={0xfe, 0x80, '\x00', 0x10}, @local, {[], {0x0, 0xe22, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}}}}}}}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, 0x0, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000000000004503"])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f00000000c0)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r5, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x93, 0x1, 0x1, 0xd59f80, 0x19ef, 0x7, 0x19ef, 0x3, 0x6, 0x27ff, 0x2800, 0x2, 0xbb6, 0x0, 0x8, {0x8, 0xffffffff}, 0xd0, 0x9}})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x89}]}}}, {0x1c, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)
r7 = syz_open_dev$vbi(&(0x7f0000004040), 0x3, 0x2)
ioctl$VIDIOC_G_OUTPUT(r7, 0x8004562e, &(0x7f0000004080))

12m41.94836553s ago: executing program 3 (id=14):
mkdir(&(0x7f0000000140)='./file1\x00', 0x1a0)
mount(0x0, 0x0, &(0x7f00000002c0)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x71)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
ptrace$ARCH_SHSTK_ENABLE(0x1e, r3, 0x0, 0x5001)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[], 0x50)
r6 = syz_open_dev$vim2m(&(0x7f0000000080), 0x10004, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f00000001c0)={0x2, @raw_data="3ba64ef20e50eaf74e56343228a35f692073376e6e8bc64df6b2fdf24368fa0b5ca5da9b3b40ce034e4d726edecb8038508002d6dc31050bf092312cecc3e766a24bf3714949327f8e0379dacebe19e48c604788bd8b1bdc89e8c3c7fd5e68c8b32f43aa3b108968b10015c2ea5e42412355eaae0f5755b65af797317dfe3808f93c22105dc99e4043654b348631be6e3d7ceb3fc86c1244f4208a3eeee6adc5bffef7581d0b6f2e6a5332b9fe290bf91504ee974b1aa05e138386e55f5b1232d202642f573eb60e"})
write$tcp_congestion(0xffffffffffffffff, 0x0, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f00000003c0)={0xfffffffffffdfffd, 0x4, 0x400041000, 0x40000476, 0x1, 0x9, 0x2, 0x0, 0xfefc})
fallocate(r0, 0x1, 0x9, 0x81)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
setresuid(0x0, 0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)

12m40.949401823s ago: executing program 2 (id=3):
r0 = socket$kcm(0x10, 0x3, 0x10)
r1 = socket(0x2, 0x80805, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x3b, 0x0, &(0x7f0000000000))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan0\x00'})
sendmsg$NL80211_CMD_LEAVE_MESH(r1, 0x0, 0x40000)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r7 = inotify_init()
read$FUSE(r7, &(0x7f0000001fc0)={0x2020}, 0x2020)
mkdir(&(0x7f0000000540)='./file0\x00', 0x108)
mkdir(0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000)={'#! ', './file0', [{0x20, 'llr\xf0'}, {0x20, 'ax\xe8\x9b^\xfb^$\r\'uij\r\xd9\xef\xd2Et^Q\v\x9fOFL\x95`Z\xae\xc3a\xfe%\x94\x1a\xebt\xc6\x06\x8fD,\xf7\xae#\x80\x80\xdf\xa3\xcaO\xc6\x8a\x91\x90\xadR\aW\xe1\xf3n\xca\xa3\x8f\xd6F\x03\x0e\x9b\xe5yb\xfc\xa19wUs\x83\xf1{&\n\x1d\x8e\x82y\x1a.B\x0e\xea\x17\xc7\xe7H\xa9\xd4\x8e\xe7 gD\x89*\xb5c<d\x1f\\\x10$o\x93\x02\x9c@\x9ddt\x8c\x875\xf7@\x9aM\xa3j\xfa\x1f\xe5\x81\xc9u<\xf0?w8P>\xc5\x8a\xe6R\xe5YGq\xf5\xb6\x95\xbc\x112\x9bno\xc8\x06\xb6\b\xcc\x03{Sn\x94G\x01\xb4\xffJQ8t\x99vY\xaaf\xc7,\x9f\xbb\x15G\x1cr\x19\xef\xab\n\xa8\xbc\xbd\xa2E\x16\x1cm\xbd=\x98\x7fU\xcbg\x15%\x95\xb11\x017\x83*\x14\xcbt\xc2\xcb\x04\x1e~?\xb9j\x18\x96\x84EA\xeaB\a\x83\xba\xdco<\x00'/256}]}, 0x111)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000001e80)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594011d24fc60", 0x14}], 0x1}, 0x0)

12m37.829282521s ago: executing program 3 (id=17):
r0 = fsopen(&(0x7f00000000c0)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
socket$inet6_sctp(0xa, 0x801, 0x84)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r1, 0x6, 0x15, &(0x7f0000000040)=0x8, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x8880, 0x0)
lseek(r5, 0x300, 0x2)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000000), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', <r7=>0x0})
sendmsg$can_bcm(r6, &(0x7f0000000200)={&(0x7f0000000040)={0x1d, r7}, 0x10, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x20048090}, 0x8000)
sendmsg$can_bcm(r6, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r7}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x1, 0x7ab0715dca68fed7, 0x0, {}, {}, {}, 0x4, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x20000600}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000540)={'vxcan1\x00', <r8=>0x0})
sendmsg$can_bcm(r6, &(0x7f0000000480)={&(0x7f0000000380)={0x1d, r8, 0x0, 0x4000}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)=ANY=[], 0x80}, 0x1, 0x0, 0x0, 0x4000}, 0x4044001)

12m37.746077797s ago: executing program 2 (id=18):
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r0 = creat(0x0, 0x0)
semget$private(0x0, 0x0, 0x587)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[])
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x10, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000006080)=[{{0x0, 0x0, 0x0}, 0x18000}], 0x1, 0x10142, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYRES64=r0], 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x4000004)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x2, 0x3}, @func_proto, @struct={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}}, 0x0, 0x3e, 0x0, 0x1}, 0x28)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$gtp(0x0, r3)
sendmsg$GTP_CMD_NEWPDP(r3, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x805}, 0x4000040)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'dummy0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x4000010)
accept4(0xffffffffffffffff, &(0x7f0000000240)=@vsock={0x28, 0x0, 0x0, @my}, &(0x7f00000002c0)=0x80, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000004140)={0x14, 0x4e, 0x400, 0x70bd34, 0x25dfdbfc, {0x19}}, 0x14}}, 0x40)
mount(&(0x7f0000000180)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)='xfs\x00', 0x8000, 0x0)
llistxattr(&(0x7f0000000080)='./cgroup\x00', &(0x7f00000000c0)=""/34, 0x22)

12m36.150414126s ago: executing program 3 (id=21):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000380)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r2, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r3, 0x0, 0x0, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r2, 0x3b89, &(0x7f00000002c0)={0x18, 0x3, r4, r5, <r6=>0x0, 0x0, 0xdead, 0x4, &(0x7f0000000280)})
r7 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00')
pread64(r7, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000000)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000d80)={@map=0x1, 0xc, 0x1, 0xffff, &(0x7f0000000180)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000cc0)=[0x0, 0x0], &(0x7f0000000d00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000d40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r8=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000dc0)={@map, r7, 0x1c, 0x11, 0xffffffffffffffff, @void, @value, @void, @void, r8}, 0x20)
ioctl$IOMMU_HWPT_SET_DIRTY_TRACKING(r2, 0x3b8b, &(0x7f0000000140)={0x10, 0x0, r6})
ioctl$TCSETSF(r1, 0x5457, 0x0)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000040)={0x4, 0xe, 0x2, 0xfffffff7, 0xfa, "308d95e88274e6f600", 0x0, 0x2})
r9 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_KICK(r9, 0x4008af20, &(0x7f0000000100)={0x1})
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000003feffff720a00fef8ffffff71a4f1ff0000000071302000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00ff040400007203000000000000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c", @ANYRESDEC=0x0, @ANYRES32, @ANYRESHEX, @ANYRES32], &(0x7f00000001c0)='GPL\x00', 0xd, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x1000}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r10 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r10, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_IRQ_LINE(r10, 0x4008ae61, &(0x7f00000000c0)={0x400, 0x9})
syz_kvm_setup_cpu$x86(r10, r11, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x60, 0x0, 0x0)
r12 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
write$vga_arbiter(r12, &(0x7f00000000c0)=ANY=[@ANYBLOB='unlock '], 0xe)
ioctl$KVM_SET_MP_STATE(r11, 0x4004ae99, &(0x7f0000000380)=0x4)
ioctl$KVM_GET_MP_STATE(r11, 0x8004ae98, 0x0)

12m30.304164939s ago: executing program 3 (id=23):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
r3 = syz_open_dev$usbfs(0x0, 0x77, 0x101301)
fcntl$setstatus(r3, 0x4, 0x40000)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB], 0x140}}, 0x0)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x81, 0x5, 0x0)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
munlockall()
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0585609, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x317, 0x1, 0x34, 0x9}, 0x9c)
prlimit64(0x0, 0xe, 0x0, 0x0)

12m20.45174502s ago: executing program 32 (id=18):
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r0 = creat(0x0, 0x0)
semget$private(0x0, 0x0, 0x587)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[])
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x10, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000006080)=[{{0x0, 0x0, 0x0}, 0x18000}], 0x1, 0x10142, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYRES64=r0], 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x4000004)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x2, 0x3}, @func_proto, @struct={0x0, 0x0, 0x0, 0x9, 0x0, 0x2}]}}, 0x0, 0x3e, 0x0, 0x1}, 0x28)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$gtp(0x0, r3)
sendmsg$GTP_CMD_NEWPDP(r3, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x805}, 0x4000040)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'dummy0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x4000010)
accept4(0xffffffffffffffff, &(0x7f0000000240)=@vsock={0x28, 0x0, 0x0, @my}, &(0x7f00000002c0)=0x80, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000004140)={0x14, 0x4e, 0x400, 0x70bd34, 0x25dfdbfc, {0x19}}, 0x14}}, 0x40)
mount(&(0x7f0000000180)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)='xfs\x00', 0x8000, 0x0)
llistxattr(&(0x7f0000000080)='./cgroup\x00', &(0x7f00000000c0)=""/34, 0x22)

12m16.871912133s ago: executing program 3 (id=30):
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = syz_open_dev$vim2m(0x0, 0x3, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x3, 0x0, 0x0, 0x0, 0x4, 0xc, 0x0, 0x5, 0xff, 0x1f, 0x0, 0x10000}, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x9}, {0x0, 0x0, 0x3c, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x1, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = fsopen(&(0x7f0000000080)='ext3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000100)='test_dummy_encryption', &(0x7f0000000240)='v2\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000180)=@multiplanar_mmap={0x0, 0x2, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'y)\x00'}, 0x0, 0x1, {0x0}, 0xea})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x10, &(0x7f0000000040)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@ldst={0x1, 0x0, 0x4}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001fc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)

12m0.943157488s ago: executing program 33 (id=30):
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = syz_open_dev$vim2m(0x0, 0x3, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x3, 0x0, 0x0, 0x0, 0x4, 0xc, 0x0, 0x5, 0xff, 0x1f, 0x0, 0x10000}, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x9}, {0x0, 0x0, 0x3c, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x1, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = fsopen(&(0x7f0000000080)='ext3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000100)='test_dummy_encryption', &(0x7f0000000240)='v2\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000180)=@multiplanar_mmap={0x0, 0x2, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'y)\x00'}, 0x0, 0x1, {0x0}, 0xea})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x10, &(0x7f0000000040)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@ldst={0x1, 0x0, 0x4}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001fc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)

11m16.842488868s ago: executing program 1 (id=77):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket(0x1e, 0x5, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0x3ff}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44045}, 0x40040830)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
r1 = syz_io_uring_setup(0x49f, 0x0, 0x0, &(0x7f0000000040)=<r2=>0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200), 0x20440, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
userfaultfd(0x801)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
syz_io_uring_setup(0x234, &(0x7f0000000580)={0x0, 0x3, 0x800, 0x1, 0x2}, &(0x7f0000000380)=<r5=>0x0, &(0x7f0000000340))
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r2, 0x0)
io_uring_enter(0xffffffffffffffff, 0x5e2, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
landlock_create_ruleset(0x0, 0x0, 0x0)
openat$mixer(0xffffffffffffff9c, &(0x7f0000001fc0), 0xa0000, 0x0)

11m3.379183053s ago: executing program 1 (id=84):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20020008008f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2, 0xa}}, 0xffffffffffffffdf)
openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/timer_list\x00', 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={&(0x7f0000000180), &(0x7f0000000440)=""/179, &(0x7f0000000500), &(0x7f00000006c0), 0x3, r4}, 0x38)
unshare(0x8000600)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/mdstat\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000000180)={0x2020}, 0x2024)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020a040007000000b6f1ffff0000854105001a"], 0x38}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e000000030000000000000405000600000000000a000000000000040000000000000000000000210000000000010000000000000200010001"], 0x70}}, 0x0)
sendmmsg(r6, &(0x7f0000000180), 0x3ef, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd60dd690b00442f00fc000000000000000000000000000000ff020000000000000000000000000001242081000000000000000800000086dd080088be81000000100000000100000000000000ff0022eb000000002000000002000000000000000000000008"], 0x0)
socket$inet6(0xa, 0x2, 0x0)

11m2.272975958s ago: executing program 1 (id=87):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0e00000004000000080000000100000000000000", @ANYRES32, @ANYBLOB="0000000000000001000000000700000000000000c91a98cb7248a3f747588140ed66d49a14f151f301c7244b37124220a55ff017bf8f8857ab171e633eba753e1c9bf581cd46c1f40d25e0931f25905dbd642c4cf6b580bba2da80afce5b163ba7a8056cd67c3c239daf3d2c21ff93b335e71830d2cc9276af00000000000075b0b98b82a9d33730875485c41e7176fa7ece308a5838f904f9b5ca24ef7a03e5572f0863920d380c47f887bbb6b2b9a28b9e7934871d8fae746119777f8acd146f5e640da0abe6c06c2e989dcce971aafd00000000f9ea44c7f16284afe8f2c7f747e31034928a98cb81da8146dad21b078bd1ae7533aefd7e962d5fb7dc53da4a9e1cc37ae0427422f92345639e80e97ae3e921cf12b5c050bc268cb8d1d4ce914ae8e8717a0103c1061290e0ae365e7872aeb2fe3b7cfdd96d", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000280)={0x2, 0x0, @local}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'none\x00', 0x2b, 0x8, 0x1e}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000095000000000001000000000000000000001000baca1e63f526e3831f7a926e5aabee1f73cc766dd4fb939f"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580), 0x1, 0x0, 0x50}, 0x41)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0xff07, &(0x7f0000000140)=[{&(0x7f0000000080)="22cb47666c2b00c137a004", 0x1}], 0x1}, 0x41)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x61)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000340)={0xa, 0xffffffffffffffff, 0x1})

11m0.113885739s ago: executing program 1 (id=89):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$inet6(0xa, 0x1, 0x8010000000000084)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)

10m58.51388331s ago: executing program 1 (id=91):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x0, &(0x7f0000000100)})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setfsuid(0x0)
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00"/11], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000140), 0x76, 0x1701)
r8 = openat$binfmt_register(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$binfmt_register(r8, &(0x7f0000000440)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2'}, 0x31)
ioctl$USBDEVFS_SUBMITURB(r7, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x44, &(0x7f0000000080)={0x40, 0x3, 0x17, 0xff81}, 0x8, 0x20, 0x3, 0x0, 0x4bf, 0x404, 0x0})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)

10m49.621654833s ago: executing program 1 (id=97):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00')
lseek(r2, 0x339, 0x0)
sendto$inet6(r0, &(0x7f0000000300)="f501", 0x2, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0xfffffff8, @rand_addr=' \x01\x00'}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r3, 0x40000000af01, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1000, &(0x7f00000003c0))
lsm_get_self_attr(0x64, &(0x7f0000000000), &(0x7f0000001280)=0xdb, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$VHOST_RESET_OWNER(r3, 0xaf02, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000301010100000000ecffffff0a0000010c001980080002000c08000018000280060001"], 0x38}, 0x1, 0x0, 0x0, 0x8004}, 0x20000800)
socket(0x2, 0x80805, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_exit\x00', r6}, 0x10)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x7)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8)

10m48.046812605s ago: executing program 34 (id=97):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
r1 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00')
lseek(r2, 0x339, 0x0)
sendto$inet6(r0, &(0x7f0000000300)="f501", 0x2, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0xfffffff8, @rand_addr=' \x01\x00'}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r3, 0x40000000af01, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1000, &(0x7f00000003c0))
lsm_get_self_attr(0x64, &(0x7f0000000000), &(0x7f0000001280)=0xdb, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$VHOST_RESET_OWNER(r3, 0xaf02, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000301010100000000ecffffff0a0000010c001980080002000c08000018000280060001"], 0x38}, 0x1, 0x0, 0x0, 0x8004}, 0x20000800)
socket(0x2, 0x80805, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_exit\x00', r6}, 0x10)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x7)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8)

9m18.423938494s ago: executing program 0 (id=114):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x33, 0x301, 0x270bd26, 0x25dfdbfc, {0x3, 0x0, 0x4000}}, 0x14}, 0x1, 0x8000000000000, 0x0, 0x80c0}, 0x8004)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x800)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r1, 0x4c80, 0xffffffffffffffb6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r7, 0x5608, 0x3)
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1d, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000fcffffef000000000000000085000000ae0000009500"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @lsm=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r8, &(0x7f0000000140)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r8, 0x8b)
ioctl$sock_TIOCOUTQ(r8, 0x5411, 0x0)

9m16.519659166s ago: executing program 0 (id=120):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000700)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e8, 0x0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x418, 0x3d8, 0x3d8, 0x418, 0x3d8, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @loopback}, @local, [0xff, 0xffffffff, 0x0, 0xff000000], [0xffffff00, 0xff000000], 'erspan0\x00', 'wlan0\x00', {}, {0xff}, 0x2b, 0x3, 0x3}, 0x0, 0x298, 0x2e0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x2, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, [0x0, 0x0, 0xff000000, 0xff], [0xffffff00, 0xffffff00, 0xff000000, 0xffffffff], 'team_slave_1\x00', 'veth1_virt_wifi\x00', {0xff}, {}, 0x886215f4d37bb4bb, 0x90, 0x1, 0x69}, 0x0, 0xd0, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x548)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
unshare(0x480)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
capset(&(0x7f0000000080)={0x20071026}, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r3, 0x7}}, 0x48)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={<r5=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000540)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0, r5}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r4, &(0x7f0000000140)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e23, 0xfffffffd, @empty, 0x5}, r5}}, 0x30)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="10000000000000000000000000000000000400"/28], 0x48)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000100)={<r8=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r7, &(0x7f0000000680)={0x14, 0x88, 0xfa00, {r8, 0x1c, 0x0, @in6={0xa, 0x4e23, 0x0, @empty, 0x4194}}}, 0x90)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r9=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYRES16=r6, @ANYBLOB="f0952001f46c773a85c5a45c70f8940939649830b943bc33b7119d4600b403891a63ad716d55e00968f75e47c05a8aca4be81a621110c2d72dfcc7900df7bfa91af2310c174878c3b0ff6defd9c32c121c4054bd208a29fee91faf018e7c0870899545da9f85a3044907aa09a8d793", @ANYRES16=r6, @ANYRES8, @ANYRESOCT=r7], 0x34}, 0x1, 0x0, 0x0, 0x800c000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x9, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', r9, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r7)

9m12.447151499s ago: executing program 0 (id=123):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x17c, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x100000000, 0xca8}, {}, 0x0, 0x0, 0x1}, [@tmpl={0xc4, 0x5, [{{@in=@local, 0x4d5, 0x3c}, 0x0, @in=@broadcast}, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x6c}, 0x0, @in=@local, 0x0, 0x0, 0x0, 0x80}, {{@in6=@ipv4={'\x00', '\xff\xff', @local}, 0x0, 0x33}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x3, 0x0, 0x0, 0x81}]}]}, 0x17c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
socket$unix(0x1, 0x1, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e8500000007000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @rand_addr=0x3}}}})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095001800000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff3d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba4580047a9dc88de358ce795731891a2031de4e09740c64e5506f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfadfe6d4421c49fb6641cbf56914e76702f673b586c767562a90a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a97677400ef0bd697d135324ce480c2960344de346bd511dea4ff7a07400b2d12dd1a8c4c300aee5f948777085ca142b79dfc3aca5fadaa0532ab0572169f68584ff2ee063bc7e75ecd5cc8973464629ba236e3ff97f6033d0800000000000000cef54a60aff12590a50ef147e3e640193d00263003a4ef412420a070dd0327e47c8c7abb77b4b53874788d7e2e5d554de4713db957afb56d4673f1b904c5a317d3670003000000183fb7d36e173044f4ab34"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x48)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r6)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r6)
sendmsg$NL802154_CMD_NEW_INTERFACE(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000001c0)={0x1c, r7, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000004}, 0x4000)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2a00a9, &(0x7f0000000040)={[{@grpquota_inode_hardlimit={'grpquota_inode_hardlimit', 0x3d, [0x36]}}]})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000440)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="14010000", @ANYRES16=0x0, @ANYBLOB="20002bbd7000fbdbdf253b0000000c009900ffffffff72000000080027000100000008002201160000000800a00006000000050019010f00000005001901060000005600cd000700ece1cc0507006e0304009e001000060000000800cd000900050008005700d803000032003300b0940200ffffffffffff080211000000ec9ebecf6d2b8ce10c00c900000004001600dd0a3a7fbed3723bf1e4a43b000041003300e0845300ffffffffffffffffffffffff08021100000099000a0085000c05640c3e01036512505050505050ffffffffffff08021100000068040400090000000008002201730100000800a1000600000008009f00000000000800a100060000000800a0000200000004006c00"], 0x114}, 0x1, 0x0, 0x0, 0x20000090}, 0x1)
socket$nl_route(0x10, 0x3, 0x0)

9m8.566062208s ago: executing program 0 (id=124):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x15, 0x20000800}, 0x0)
r3 = syz_io_uring_setup(0x466c, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000001340)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_RENAMEAT={0x23, 0x30, 0x0, r6, 0x0, 0x0, r6})
io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={[], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
chdir(&(0x7f00000003c0)='./bus\x00')
r8 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r8, &(0x7f0000001fc0)=""/184, 0x20002078)

9m5.802425937s ago: executing program 0 (id=129):
r0 = openat2(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x4d080, 0x41, 0xe}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000000080)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000a40)={{}, {0x0, 0x989680}}, &(0x7f0000000a80))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x4048aec9, &(0x7f0000000080)={[{0xfffffffc, 0x0, 0x0, 0x8, 0x0, 0x85, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0xfd, 0x0, 0x0, 0x0, 0x42}, {0x200003, 0xa, 0x21, 0x80, 0x40, 0x0, 0x5f, 0x1, 0x0, 0xfe, 0x0, 0x5, 0xfffffffffffffffd}], 0x1ffffff})
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020a040007000000b6f1ffff0000854105001a"], 0x38}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e000000030000000000000405000600000000000a0000000000000400000000000000000000002100000000000100000000000002000100010000000000010200fd000005000500000000000a"], 0x70}}, 0x0)
sendmmsg(r3, &(0x7f0000000180), 0x3ef, 0x0)
ioctl$HIDIOCGUSAGE(0xffffffffffffffff, 0xc018480b, &(0x7f00000001c0)={0x2, 0x100, 0x9, 0xc6da, 0x4, 0x9})
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc4c85512, &(0x7f0000000280)={{0x401, 0x5, 0x40, 0x4, 'syz0\x00', 0xfffffffc}, 0x0, 0x0, 0xb, 0x0, 0x0, 0x5, 'syz1\x00', 0x0})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000004c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r8, @ANYBLOB="08002700851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x4000804)
sendmsg$NL80211_CMD_ASSOCIATE(r0, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x14, r6, 0x300, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000)
bind$inet6(r5, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x1}, 0x2}, 0x1c)
listen(r5, 0x0)
getrlimit(0x2, &(0x7f0000000000))
syz_emit_ethernet(0x4a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08004a00003c1100000000069078ac1414bbac1414aa44140a010000000000000000ac141400000000fbffff0200c2f4a1f5bf49bad41eccc3cb56809c5dda", @ANYRES32=0x41424344, @ANYBLOB="5cc20000907800"], 0x0)

8m58.391297842s ago: executing program 0 (id=136):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a, 0x2})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000100)=[@increfs], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x400c630e, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002340)={&(0x7f0000003700)=ANY=[@ANYRES64], 0x0, 0x38, 0x0, 0x9, 0x3}, 0x28)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
r7 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r7, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmmsg$inet6(r7, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)

8m43.165423337s ago: executing program 35 (id=136):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a, 0x2})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000100)=[@increfs], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x400c630e, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002340)={&(0x7f0000003700)=ANY=[@ANYRES64], 0x0, 0x38, 0x0, 0x9, 0x3}, 0x28)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
r7 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r7, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmmsg$inet6(r7, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)

5m29.133702443s ago: executing program 5 (id=278):
syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
copy_file_range(r0, 0x0, r0, &(0x7f0000000080)=0x8800000, 0x1, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000300), 0xffffffffffffffff)
r1 = msgget$private(0x0, 0x3ac)
msgsnd(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="0300000012000000"], 0x8, 0x800)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$session_to_parent(0x12)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x48980, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0xf)
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$TCFLSH(r9, 0x400455c8, 0x20000000009)
ioctl$TIOCSTI(r8, 0x5412, &(0x7f0000000200)=0x6)
ioctl$KVM_SET_MSRS(r7, 0xc008ae88, 0x0)

5m25.18218625s ago: executing program 5 (id=282):
socket$l2tp6(0xa, 0x2, 0x73)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001640)={0x28, 0x37, 0x1, 0x7fffc, 0x4, {0x1}, [@nested={0x8, 0x6a, 0x0, 0x1, [@nested={0x4, 0x10}]}, @typed={0xc, 0x2, 0x0, 0x0, @u64}]}, 0x28}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
ioprio_set$uid(0x3, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
sendfile(r1, r0, 0x0, 0x7ffffffd)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$kcm(0x29, 0x7, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r3, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x7)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0x2004, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r5, 0x2, 0x1}, 0x50)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x60, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r7, 0x9c3fa077fa966179, 0x0, 0x700, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0xff}, @in=@empty, 0x0, 0x0, 0x1, 0x4, 0xa}, {0xbd1, 0x0, 0x3}, {0x81, 0x2}, 0x1fffffc, 0x0, 0x1, 0x0, 0x0, 0x2}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x8000, 0x33}, 0x0, @in6=@empty, 0x1, 0x0, 0x0, 0x7, 0x6, 0x0, 0x10000}}, 0xe8)
sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0xffe0)

5m23.073380987s ago: executing program 5 (id=283):
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x10101)
write$uinput_user_dev(r1, &(0x7f0000000800)={'syz1\x00', {0x0, 0x0, 0x1}, 0x2004a, [0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x296, 0x970, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4, 0x0, 0x0, 0xf, 0x5], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x3, 0x800000, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x80000, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff], [0x11, 0x80000a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x3, 0x200, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x400], [0x0, 0x0, 0x74e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x930, 0x0, 0xa, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xbd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffe900, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]}, 0x45c)
ioctl$UI_DEV_CREATE(r1, 0x5501)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
writev(r2, &(0x7f0000000600)=[{&(0x7f0000000500)}, {&(0x7f00000003c0)="cad42b95eeb22fdd1b85a5d157aea1c58d646113136c56a0c1491ad1cb72b258caa9f6f57b8fb825c95dbd1cccecd29982d52d598ea533697818df73df03705a4c0345a3c0a93e40742a69c0676313b809e938769b61b3bac355fb237d06249379596d78ae7245e90a84654d41b139de71024d6d4d838980590b95f04ba60c8425f08639bc7d8d6733534737bd4d5a1131241e19cdf513fff591d6479c7efd0e1b4c87641caedbe73d41bd60af3c1f836b70961dc50c4a7a9ff219050a331c37ee1df5e8d2439ca554b259c5082f682bea0cac7987e3024af79594f2a9d51049432081f341cfc008e54e49efd1be68d5", 0xf0}, {&(0x7f0000001b00)="706b46f1e3f58054088ba9aeec94e550cd80576f37f4801bc3fd9b49aa05ed95d1e9b9aa071496abea19c36ac25bef433c75a1b55aa7d0a756b647c88f4e840314b54391c1bf1e00436f084cb360dd18916009ee4a6d6e5c1b9e09ab9b3318d8f17f73ca31ba40873b0bbfce1da6e72bd854eee5704cf7c20dd35b4a23123c14ab7d2d7e544df8a42cbc3ac5ad82e5827c3c2b9228104bff52616912469c4a0003a7e276d4353e0fa24726a084c851452e239c50fd360594e4bc417028d7384a8450dcc27f61fefd6f8bc854ed6d3a0d526cc3d0b705402869cca4d0b06662aa9703e450ad764f06177faf43b6e59fccb1d430f7c03f19552358a7ca347808acfe7a7d62878c24c5f133c470856bd0dc7db0fee7efb817aa02fdbce23ed3e4a5f37a936c9820976df9a943cd91e52003ff223d45daae6722911a25b23ecd901de1ccaf7073535fd32a4f61c349e60fd13b993268ef0fee812972eb8a6980c3b3140aa852e201a86c66697f225a5f7ae65de1cf63751d9f0a5b66a0ae804c8402b07e2545941211c98d7f86b414cd09318f3b365247b10a1570198fd44882af3e112270940b41efbfde55d2c45f4ae2edc0ace522eafe9efe77055adea96e00c8e090d6561353312811ebe0d4e98145b0f8f696c5cc04c74c3e21c5a6c5efbba85bd6f6432ac29b30740fd929f6a1ec9b6614914b8400be87c465dac074da04b899a6e830ec511660f1a155b5e680ff6dc9ac55659fc84a85752d5348dbf501eda18afa7887e1d11cb43519f4d15cc9cd78361739c14a795d7629126fb89e929a8be225873d70425acc662a6ef65e4f835fb18cb856c29d4fa5e8b736dc0d5c803c818b165e7063f60cd321d81f4fd090336c79df46631d6b6a01b22a2747f44bd0178bd7780bc889241ed163097090c17752337fed64ba687fd547150299d11de7d3ccf71166b24e8578654335259b419f1a10bb02799d0a5ee8006ef77722d46d337616dd2b85d90937d47885909ad81cce7647a30b153ffc6d3604e72595f12e2675ea13c5a8f40979e67228aa7237e586691f5476c2ed92dd211fc641a1ef42488a6581c21060ceea055f88c61f32dc35f7e567f1e6fa1c32127e8d1fca84bea56fd5c79ec6ba113d8140b61603545a645bb27ec80a3be95905ca5a330660d15c87c4af105191dc256dc855586a436fbcdae6c656c565b273315ee6fe0a4dfedd1313457b878e826a583da1ace9da303b697ace761a65f4c9b560ac03f5c30bc7d912ffded11715aecf440f484bf46e0d5d6585e02e5aa44ad10f30998e728d27c2a7d34d38e4b7e09991fc116b0cb6193bbc0600e8dbc17003cec3f8d9b04b476df3bcaae60374de0b5bcd715d80b53c97eb347c36e040aae555c50a924b5742130a59b5d4a3be82214bd1f057242c6478bd9b1eda190d984d2ff4d8e983", 0x400}], 0x3)
socket$key(0xf, 0x3, 0x2)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f00000010c0), 0x2, 0x0)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000280), 0x80a00, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000080)={0x1, "0600000000000000c64c3b6e6ff82a75e5318fca4288c2ffbdbec772020acd2c", <r5=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r5, 0xc0303e03, &(0x7f00000000c0)={"e50d1af80100007ea25edd00ff000000080000f6907ff16b7e00", r5, <r6=>0xffffffffffffffff})
r7 = epoll_create1(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x5, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x1ff, 0x80000000, 0x20000006, 0x4d, 0x6, 0x5d, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x7, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8c, 0x6, 0xffff, 0x0, 0x5, 0x4, 0x8008, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x2008004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2c0, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f2e, 0xd, 0x4e2, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x7, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xca, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x93a, 0x5, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x2000004, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0xfffffff9, 0xfffff000, 0x10000, 0x0, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x5, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f00000001c0))
dup3(r5, r4, 0x0)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000480)={{0x0, 0x3, 0x0, 0x3}, 'syz0\x00', 0x2})
ioctl$UI_DEV_CREATE(r3, 0x5501)

5m16.937384379s ago: executing program 5 (id=288):
syz_open_procfs(0x0, &(0x7f0000000100)='mountstats\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0003000000000000000000008000000000c800", @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000500), 0x0, 0x48004, &(0x7f0000000180)={0xa, 0x4e20, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7}, 0x1c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xc, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f0000000280)={{0x5}, 'syz1\x00', 0x10})
ioctl$UI_DEV_CREATE(r4, 0x5501)
syz_open_dev$evdev(&(0x7f0000000340), 0xaa54, 0x0)
lseek(r3, 0x9, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f00000001c0)=ANY=[@ANYBLOB="64796e2c0069e37bf4b94eeacd224739b537"])
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0xb)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2}, 0x50)

5m14.998683304s ago: executing program 5 (id=289):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10138, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=ANY=[@ANYBLOB="24001000fe04000600000020ce45b02066392241"], 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
timer_create(0x1, &(0x7f0000000100)={0x0, 0x37, 0x1, @tid=r0}, &(0x7f0000000180))
syz_clone3(&(0x7f00000002c0)={0x8040000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000)={0x9, [<r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000040)=0x28)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000340)={r5, @in={{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x4, 0x9a7, 0xcc7d, 0x3, 0x74, 0x5, 0x7f}, &(0x7f00000000c0)=0x9c)
syz_open_procfs(0x0, &(0x7f0000000f40)='fdinfo\x00')
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(0xffffffffffffffff, &(0x7f00000001c0)=""/37, 0x25)
getdents(r6, 0xfffffffffffffffd, 0xbb)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000340)={'bridge0\x00'})
socket(0x10, 0x80002, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000006280)={0x2020}, 0x2020)

5m13.496167184s ago: executing program 5 (id=290):
mkdir(&(0x7f0000000300)='./bus\x00', 0x120)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', 0x0, 0x0, 0x1400)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r5)
sendmsg$DEVLINK_CMD_RATE_GET(r5, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, r6, 0x303, 0x0, 0x25dfdbfd, {0x3d}}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
socket$kcm(0x10, 0x3, 0x10)
write$binfmt_misc(r7, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r7, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

4m55.294716081s ago: executing program 36 (id=290):
mkdir(&(0x7f0000000300)='./bus\x00', 0x120)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', 0x0, 0x0, 0x1400)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r5)
sendmsg$DEVLINK_CMD_RATE_GET(r5, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, r6, 0x303, 0x0, 0x25dfdbfd, {0x3d}}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
socket$kcm(0x10, 0x3, 0x10)
write$binfmt_misc(r7, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r7, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

1m9.376046215s ago: executing program 7 (id=99):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$inet6(0xa, 0x1, 0x8010000000000084)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)

1m9.109916229s ago: executing program 7 (id=437):
r0 = syz_open_dev$sndctrl(&(0x7f0000000600), 0x0, 0x8801)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0xd, 0x200200090}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r5, 0x0, 0x8}, 0x18)
r6 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x82, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r6, 0xc0045005, &(0x7f0000000080)=0x3)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r7=>0x0})
mount$tmpfs(0x0, &(0x7f0000000080)='.\x00', &(0x7f00000000c0), 0x0, 0x0)
r8 = syz_open_procfs(r2, &(0x7f00000002c0)='net/ip_mr_vif\x00')
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2982, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(r8, &(0x7f0000002900)={0x2020}, 0x2020)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@bridge_delneigh={0x30, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r7, 0x80, 0xf2}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}, @NDA_VLAN={0x6, 0x5, 0x1}]}, 0x30}}, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
r10 = socket$nl_generic(0x11, 0x3, 0x10)
sendmsg(r10, &(0x7f0000000080)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xf}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0xe}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1, 0x9}, 0x8)
sendmsg$nl_xfrm(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000f80)=ANY=[@ANYBLOB="3c010000190001000000000000000000ffffffff000000000000000000000000ac1414bb00000000000000000000000000000000000000000a000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x13c}}, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000001340)={{0x0, 0x0, 0x0, 0x8, 'syz0\x00'}, 0x3, 0x0, 0x8, 0x0, 0x3, 0x0, 'syz1\x00', &(0x7f0000000180)=['\x00', '-[\'\x00', 'r\x0e\x10\x00'/16], 0x15})

52.477742127s ago: executing program 37 (id=437):
r0 = syz_open_dev$sndctrl(&(0x7f0000000600), 0x0, 0x8801)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0xd, 0x200200090}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r5, 0x0, 0x8}, 0x18)
r6 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x82, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r6, 0xc0045005, &(0x7f0000000080)=0x3)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r7=>0x0})
mount$tmpfs(0x0, &(0x7f0000000080)='.\x00', &(0x7f00000000c0), 0x0, 0x0)
r8 = syz_open_procfs(r2, &(0x7f00000002c0)='net/ip_mr_vif\x00')
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2982, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(r8, &(0x7f0000002900)={0x2020}, 0x2020)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@bridge_delneigh={0x30, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r7, 0x80, 0xf2}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}, @NDA_VLAN={0x6, 0x5, 0x1}]}, 0x30}}, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
r10 = socket$nl_generic(0x11, 0x3, 0x10)
sendmsg(r10, &(0x7f0000000080)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xf}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0xe}], 0x1, 0x0, 0x0, 0x11000000}, 0x0)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040)={0x1, 0x9}, 0x8)
sendmsg$nl_xfrm(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000f80)=ANY=[@ANYBLOB="3c010000190001000000000000000000ffffffff000000000000000000000000ac1414bb00000000000000000000000000000000000000000a000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x13c}}, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000001340)={{0x0, 0x0, 0x0, 0x8, 'syz0\x00'}, 0x3, 0x0, 0x8, 0x0, 0x3, 0x0, 'syz1\x00', &(0x7f0000000180)=['\x00', '-[\'\x00', 'r\x0e\x10\x00'/16], 0x15})

30.295273473s ago: executing program 9 (id=475):
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x173)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000008c0)={0xc0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x100)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0xc000, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_ifreq(r2, 0x8943, &(0x7f00000034c0)={'netdevsim0\x00', @ifru_ivalue=0x400})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$unix(0x1, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(0xffffffffffffffff, 0x8914, &(0x7f0000000000))
syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000100)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x3, [@bcast, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r6=>0x0})
ioctl(0xffffffffffffffff, 0x1, &(0x7f0000000000))
sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000009c0)={0x50, r5, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(0xffffffffffffffff, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x200001}, {{0x0, 0x0, 0x0}, 0x2046}, {{0x0, 0x0, 0x0}, 0x421}, {{0x0, 0x0, 0x0}, 0x9}, {{0x0, 0x0, 0x0}, 0x40}, {{0x0, 0x0, 0x0}, 0x409}, {{0x0, 0x0, 0x0}, 0x8}], 0x7, 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0)='./file0\x00')
socket$packet(0x11, 0x7, 0x300)

29.47397226s ago: executing program 8 (id=477):
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'batadv_slave_1\x00', <r1=>0x0})
pipe(0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='GPL\x00'}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x40004)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x22002, 0x0)
ioctl$FBIOBLANK(r4, 0x4611, 0x2)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000280)="df", 0x0, 0x2}, 0x20)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x25, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
fremovexattr(0xffffffffffffffff, &(0x7f0000000380)=@known='system.advise\x00')
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x50, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_TUPLE_MASTER={0x24, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x50}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x1fffffe, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x0, 0x2}, {0xfff3, 0xf}}}, 0x24}}, 0x800)
socket$phonet_pipe(0x23, 0x5, 0x2)

27.596093052s ago: executing program 8 (id=478):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x82000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r3, 0xc0bc5310, &(0x7f0000000380))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000040)={0x1, 0x6}, 0x4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r7)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x2c, r8, 0x1, 0x4, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_SCAN_SUPP_RATES={0x8, 0x7d, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x4}]}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004014}, 0x4004000)
r10 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$inet6_mreq(r10, 0x29, 0x14, &(0x7f0000000180)={@dev={0xfe, 0x80, '\x00', 0x35}}, 0x14)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6, 0x37, 0x0, 0x7}]}, 0x10)
r11 = socket(0xa, 0x5, 0x0)
sendto$inet6(r11, &(0x7f0000000040)='\x00', 0x1, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c)
r12 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), r11)
sendmsg$TIPC_NL_MON_SET(r7, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000300)={&(0x7f0000000680)={0xc4, r12, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0x4c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x3e, 0x3, "2af8fedbe273c06526c1d7c86647243cc4c82338ee9183c73f8bf8952a6dc62950694f56186974e9f18ecc50ae723637c3e098117f2d0f564e70"}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x1ff}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7fffffff}]}, @TIPC_NLA_LINK={0x58, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xab}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x97e7}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x4008000}, 0x40000040)
write$RDMA_USER_CM_CMD_QUERY(r4, &(0x7f00000001c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000480), 0xffffffffffffffff, 0x2}}, 0x18)

24.451772921s ago: executing program 9 (id=480):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_netdev_private(r1, 0x8914, 0x0)
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r2, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
connect$rose(0xffffffffffffffff, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @default}, 0x1c)
connect$rose(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40046f41, &(0x7f0000000440)=0x1f)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @random="fcf4d5eaa000", @void, {@ipv6={0x86dd, @icmpv6={0x8, 0x6, "ec8d82", 0x18, 0x3a, 0xff, @dev={0xfe, 0x80, '\x00', 0xa}, @private1={0xfc, 0x1, '\x00', 0x1}, {[], @mld={0x82, 0x0, 0x0, 0x1000, 0x8, @empty}}}}}}, 0x0)

23.968487409s ago: executing program 8 (id=481):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb0182a49330c987e09d00300000003000000004000000000000000100000d0000"], 0x0, 0x4c}, 0x28)
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020}, 0x2020)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@local, 0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f0000006380)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000040)={0x50, 0x0, r5, {0x7, 0x1f, 0x8000, 0x1204020, 0x1, 0x3}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f00000021c0)="d56cea33946c0eae3241d3604bfce89adddb2eb96960338db7572fa254eb7c69dc0cb526989630e26224c258c8d70ccacc5564d67723f4756c0399174c5460c4995942d24092c36dc820e97344798b5bb45423f853bf50e374323abacf0388cd091016b7a3d7843f4d3ae1658bd34d967e3323a64908442788dbc99c1f4248da53fb5be2c8001236b994ca594e3b3c588beaf3cb1c32c072d768b9e665e7d87044fdfc1fd6452593e6793963153f3850bf85042a5c139799ba8f6cb8d877fc436c4f1601270d6e29d60a4c80d6315e46f4219494ce897127d0b76f5d681e90f4e9282468ef7993cd92076aed266c1db8b81b93adc4969c9b89b32b8768c9f39f2d148e933dbb651746a9364f49986ef73b4c29f647b82b83216bb8179fe5346fdacdc5fda4bd48875cd2f1cf57a0c9a91e059446bac310a6d68948675c35a8e442168fd84d78d9800e5b05bdbce3a6eac65bee7279a3628f2a08931d3d52ce490652c20f8ae529eaf24bf421dad976c68b234ee6f6210c9f9aac3a55c6939d6aa3805b95619546264ff3ff82d0dc690e8ead61b6ed528c3c117cd771a3b7feb214ce8d720640d97f14b399b7f46dc4aad83117e8e642ccb117d13f345536fc3801c124cfaf8aa7aafff6c8df3fdd4469c077eccbd8ddacad80d9113dfde26ae67b226185743b2d53667fb3016fe114f87484ab614ddf0887c4b2c85351ab21a0ece6c066a154b38b4d7c1792d2db2cc5f8ceb42078187949d354b7a08d1529f3d10814757179c860db031dad4a3dc13ca01d1013238ed5f7a9674fcc77f0d34e2118fb851c970d86ecf9de1cfdb8d3ab197480e263c3207c3d7ebe17f9547c7c56b08e83de875294d0fd68df1926ecac24350b2c70bd73e14122ed480c564353d34049e67c26036fc35d04022cd35d6ac00756d3b8550bb22ae80a4bd630a00268d07fa249b0bf545dfbf01bea2f12b30738c6e13156244eb24e6d69ba7c3acdbbefe8bbc06b821aebf836ca07a3cc7b6b24686ed8f3b23085c893e72188b797651c5ab5cceb1465414a325f793a3af6d06eed7eb734ad05bc1f6619e8485259f570a482a67273ee01fe15dd938afce026f1111c7a38ed6d1aba34f009ce1e99140fd0db2de74150541fd48dd2ec5b1d15669de2ffe3a198184b6186ccda31aa64c585ff8cb65b67fe1455753895a88b6ab4c6bf1bb8329739178147e6f15801bfa707bd9ec9da662573ce07af684bb7c880a7d63b0a0a7300881408c44e95c679ea32b0eab845d0b333f245e8d6006258678704aa8cccdaf80cc46138d5b7a0804fdfa34c91d61a0d2fa6c62e7d1a675e5743f845ab40ea5df0182d6eb9781905c94751c75a411699a76f48433142c5f109d5dfddcc0b1dc6254efd5ea50d6ffbc7b9ca031e1a0123844b63c48b964645c6d24707582825e219bcd61677ed4fc45ee1f4be91b4c1b856d65a86acf22b8b0d588bc473248ac040326b1490c2fea24bc0c0a721e2ed63e39973cd4d38df1001dba9b9d995c229655dd26f3cd3d64077ec111e2c370717cb4cd068e0d3a52f1027d3df953e1f1ac768a7215a3695722b1b6714ce43801451a9532212b651d073c780d61712aebadd145c1cd95c1dc0dcf51850046ae5771e365f45858a36e48afe563ec0afee3803ff6a35bc25217b53eda39bb813b8d3d728c21a0b80d014003143666c0d1398cc46a01aaaf97117edda217f984010e7c5cf32535a669d4f11f6b70e3a3b823987ef7c9f878415063bf05205e13bcf7acb287bd0bb0fce77529a711f0ed145ea2ecf2194658dff17c5681cf8c7ad8521d235a705292af4878b3f124be2df661026c091d6c07aae1a74c919f7478d1083f70b3a0fe00c2e220ab998b4595268b6f7cabbfc85e59dfb6ab7a794cd3fd70d5cc4d70ca933a4452df5a345cb31f3267de53519ba39c915d492cd4652843f1d30a5fb311e3b5d868347969f013c5e3b4841b22240abcb61a14ff567186766ce8f6ae64877f672835dbff4fcf19c8230d8a402397630effb698a8b0c9a28ae028d7938ffde488fd64113085bce504cd0551e0eb3730c3f781cbecf0c41d2338766d3f6096661c1f1bec3162b8a0c4099fccd9480e821df8782c2e070530befb62bccd8539fe9dc7d8d3f9bded1bb34db3f2d6050885c8f1d57f5e603f629de7491f5fd9fafcceb565abeaec838b10a763a00a4607d4330bdcedc066d8cf9790d806e03c219866bb8f053a6e602645436d1f469df1d5008f5dcd4bdb7ce5b76ec015a8f4693cb2a63ceb2be00bcf221f0ca32db4efaf8f7022622b335fa8dea4afdd86be10be6c4d66e5f57416add4480509cb98cf31cdda84644eeb782eea041d4bc0e005a20bccc3c4a08cefcdb91cc2c61d9231c4e36e96f6edd2133f9b34e7da90ce20d1c60ff223c6a204bb942766a359b923573bbbaf2a827d79e4f649e79a840216ac4ddb3409c94e71ff08d109bc3f0cf6583219de7d7131a956f835ecf5c131a0b1e056a86d800a0204243f3b695029578c064306a31db53f28a8f0c0302486cd05970904e9b5c53100ac1aabb3110a89820e4d8307c3d46084999d0456c53fec61a9242b486eb41a90f3300fdfd0d8a472e8da7a842588721d1df1f5e4cc425efebc75a904ef4cc881346a4bc23eef4d492e3efccebab86ae4213f42671370579ee7f8341396e9515619e100a8fae2c5cba0139a088579ece7a603c8b8bab9998223fe862dff8480aeaa5970c90b894e5f71c2784e4dfd50ed3e9ed91036e8356c09464de13b4a95227203133b2c2c71cd6323492f083bda58ad7721b6666b9cd93f93f0288482813fd8aade02cca81cd35257e023504ac4f86be1c7a810b67c6d7077f5cdbd305b618a05c03d196894bfb1a6ff511e59ac8ce45d16cee95e1de0797a543728caaa43e5ae42a12b6bb7910d18d4e1ea89d264491287eb23a76095a12a39c46a7c85349e2969edaed3c1fa6a2150494f63f4c98c65fcdd650ac7424ac1ae64421294356ac1e4dbf9d4c817f081f4f7751ebf56788d799bac29dc0bfe83ead7ab3e338b8b84df4cad2b549aaac4e6048a6fa8f8f6f1f7e0e51c8b3c872f18c466e590222b03230f46bc8e9a0171bbd2096c7a480d6a6f29bd74b60105bebda42e59cc830c4b31f6c52687b4ec2ba869149ae363d711d099f94ceade1ada193e931ed9aea0a280ed5f25ad5ab3b4083f140ca17b43e5f6aef2c24a28a0262c80a040187e052ea7d54a528b6fcc176ed3afc07fe6a661d050fb4a3a6abfa3dac5f3230540b45af060781cb5499c2894d6a4a2bf908ddd48d6b34207f56c31229e206c88db3552ceb6e82a0fa2bf7f97baf603d37d6a8b1f2b1f5f95b251129ed05351681908b7cf5cf6cc86dd854174cc19713b4d262b021952b6da5f20f57bbacca62f5b7124409aa625bbea59819baebc1bc2dd188feba48c998d0dbed60d44b8a4f0ac28f6c1c8c9998f7406f1a34e4ce902be2420f7ff51a5ab3b1faa86ab2ec1edbea2493cae090abde43ff27d685c993dedb24eb255772cc56fbd104f4f5275f10d54d7cacb8cbf188ae1a4d29ea880068fb2696b3ba6e8a7c15939e1f7c394ab4bd4c4bef2383121cbeb18646a8e013d570cee3eeecd7fbe84a619f8aa2e34f2e1e9b99d0c7d7d179d9df8d2e2f1cd7ba2c7e60166dc14e5e4ed9c41195935e2884b5bd0057ed0155a5d4c6482e8f554e4cd0d0aef7d6487801ab54d54eb41755d833ab83883b40f47595063ad2a0fee5c661f86b8ab04ad0047d988ad86b3c520eb78dc3d750a57e777f5d766349f1a687e090f744206cb5d048346061b414060f6826d8a884e93f73f1f1f4cb8bd6e8d1215d436d390dbda35b555f550e11e6d8008fce1c429bd9bbd04a1fbb9de28663c1be4d8d7e506bc681ada28a69014b972919b5f70cbb770349324c9af0b7ee7ff4cc8bfe807fb9faa0a69498448b22192d578a1e82582b943051beb543ddca8b643ee6c76ee32278aa8bc92b44a8439a24ed5040545349ab05e831d4511a8da03ca539659585b2267a73775f1cb7c2c5548d3508c896f99a8e5cb55160ab1267e320ac2d7c8f8b57079dd14d301636a1374e24541f8d453978998ed256b381bcf638bb372ce1ebefb341656c02f4092a7667ffec5505e4938dcb03d404654430e244f9f7f7d0fb4189a93f7c2bd7a4fcb3ccff79e41a98adcac3e4c19eebebaec15bd8cea1df0e509cdef62ae10c66734d162caf35a6e511baa717f769c2e449892224fa8ae78de9138cf6ea1d939998a8cb68b0e83cf604e03b99634796d3d495e4617f8fdd9764631e7ed6eafa797deb1159259777bf2915d48b63286f6d6528ad4ca5783609263d9a03aad41ec8ef1e2e1e77734d27229f801192be238468854945c20dab4e1baff9dd593361efda1de95e04561d33cd73a45dff5f85b2e85b0747a49345ac8d38add8ef9c14685eb3d3432f3f994e3ddd4e45b16005870485253afc4f08d8a6d8023b722284d11d56c6ff9209a5bacb7ce1708244bd21878b8cd5c13ab453bd589f6196322de9faede39ce6f94c75d008d2d7ced27a2375cc62c3d5c15c1c4301a01299d8f4c41e5a44e4130e9555a356d6b19728c7d3c86cb9a1ddf906ab63a9447f8233bcd09bd74cf9749f085f0c4689ef40dbc41a7a299f0f891d9d0d3e39409d4d774da53bfb6e8ce668ce50885558e909add2cb9bda2f7e9232541b1a7f742a99740f486ef4f7c98e4052f2da705c56a18d5a8289ae6cbb9dc7de13a8cf420b7a930abaae813b40517d84ae984dfc94cd1021e0e4a7a9e7de841018d474083ca28a829ee03fe625cafcbedadcdef6621ccd679fcd9c9a9ab2136211f8c9a679895aa39facf2d6668e5098b3dd8e0ad78d8caf250dc38f2c9518bccb353ef3418d3906827514c1959d58344ee11a0ef1c1424495cc1a9910187685a47d6dd91f07e5081c5ac3f1b6e363069694dd9072684c5ab0ba56157c10f5fa8409e5bc43b38b31f24a306ca5f7e3de9a392eac1984e877ecb3dfd044f1449b4ae9b586051b1780c0ce462919f4a4b54ad8011d013c3962fc6697d33c2dc6771fec664c82cb16144619b207deb4391866d6c1976b945c5959d19018f15376ce3b05666747743527f22b54171da4dabee2f4e469a5521067de4f92e2bad02e15e812b6cbd27ec88a9eccf600ce7f5643392da9ff6b6412f8e7c68d8c8b9e0006e41777e2a1363a9556befbbb110dff3a84b179da3838acde0b25f53798733a9fb463d76b630aef7c8a43f6219482b34b893fd99cf3a013ecefde7c5c6528e304c1868ff3fd8dd5aba348a05dc950b1c4c281cbb28b800d6d0da180fdee06ec3bad6f97180295ed1d77078156a885b5b0c501ea563e8871adb97dd6052de0ab369bf2d98f434bb2d172d9967bb73d3eba6b52bb8d55d8963bf58d310afedb51c0f94c7814b6da30fd8056ab7be74ac31b1b75c217e3ab93eadcb2d253e5d8bbe47c0f1a411a9e502cf4301d898d905cd5db828e56a722394fa11cca64a03a42e7fc1b3481b71ca0b6a3d9bd1fc8229f7f9d3e6aa0d48051942579fb759201d4715db9a2d399e0745a66dbbd571accf1f2e15573ce832e91bd1f042ab758d9ec13e354f38454cc42668c8d60358916f7e937015f6c38732bcf6131ecde001892cb20fe47153e7e23b1cd2fc4a22662e7bde09f7df10fcbf475783fe23a0fdcb2c3bd8b28453ce523ac19ff77e68c3e9fa0193b796ea68f44132b3a96adebc04181e503f52be4778ef422ce3e6ca38514fa18b500ca518590479e8c73a7942dc2e237d82cda953ae1b296b97ee8ed62e2e755d6ddea7c0334e1b8d76c278bdc454724003106cb6fdc85340d1e784ac8b6551eaabc33c502163ce0d401627bd22ba6be90089372bfa3f91ee745e45844ef8dc0fe3936bef07f9c1d3aadfa4c8e99be6b038bed6beb9597add881da2acc1a3a471f500d68f639cd2bf6f4afab919a2cf747bcbb42b95684e8741b485c3297cf07c7bd98d6653421b61f701a06b82be0fbeecd32eb00feca9c5732bb5e565bccf8c9feb27a50760a785bbb50402768cbd458811e284a604b3374faf3480e1736743665617de9c32fd10e37105ac6dd5303f1a6dc78950bce56215c2a2f9e0ccbc0bf9fe8ccf7647ed29e2aa4948689d681a7a9fe582631338f3eea3df846f28564038ab75aa2a8ee5416b66ceeda9d8f56ecefe07f6a21ace83a2e15ad408d0a480f56708e3d1c96020b124c58f6ff5247f73aff7f77d389167650b8a0b98c97f87a1e5d6c08fa99874ff144bfa905e9da3812f010eeee00f3c9b594450faab5342e1b6e98fed5714a802b67b3e5b1964a62606aacb8222efd4980823f076675ae859e64de7b08f7a0b3d8bc829e1a93eb3b4975b4761cd7fa743e393da537c91f658ea2b23c94244498cdc4bc32c8b9859b9d9792eeabdce635b2d61c311949204826054dba0880505e2b53cc3521fa8b68bbba2ec05050bd3244c02752af1555625ddf50a3656c0043005c43c26a2dc907d5dd67efa831ad974151067b436a75fe99b8c94c9ca9737279fa1aaa09b0108c48c79c7e4ec1eeccfd43aa8e7ab6cacf5a956fc47d4ce77fe719d6eec1730d3e3b3be71d313f644177b6d16df0180848c28b850fbf71168a1ee4e5639bc46f2555b3984dbb91520538dfa6a1905abfb7238ff344d0a7d760f040718a57cfb56634e7de7584097f69f87630693bcf410796266cc3f50302feacfb556bad2506b7191023817527dfe5973101712bda922472076633133a11a76e8bc7d763a2cdaa53fa8d47d442fcc572f791d66d10d8d6a9058ecbbcd6d3dbe45d67b75e1091dd0368bea33ef0f56ba68885630429c24800922062e1066f2d4c4b795332ab03239548df4e6e01c432fe5eb29e8e63f6c7ba4f2edefa208c69e781786e4717c2f71dc2032a98cf1e6d66c10831e17ee776edc6b060ae20d025dc570a88e17da771acd32b7b93d46e43a917b8e2ba8232ad2707324b9b04dd8ee50c3c5a4372c0b1461ab2b7424faf00c7162bd8e8ffc7fadcb055403b0fa7087226ba4330e746af97a3f915f0b9e105759e81fe94a0df0cd6c324fb0b871491b5516c2fbc82c77b07159e3f4c0b7952b74cb4e203a69f241485191e1afc76d12a56db065b0513a41582f655340603c73cb39b728c97d1e919ecf963b91ec2282d25dc426db873394055beb0f9ba20545e2465ce2d0d962f42e1e4c79bdea4cd2829269ff7ef650bbeb5083d39dc7aad668af0b01c521192c548857473b29991f7bb917b5814fe945f4c3ed9bbe0563f4004b391b76860e9fd6b7c0baae82e4ac033f62a2c6ce6a2311b8700b06b5215e604a9b99d37e00450fc7790e893176e9fecda220f838a078a8ef7da7d499b1fe0eb8780c4b9705a6a10674e61b5c228fae1c13488f98c10c1792fa40229dba44b1cb534f9fab6a14407687761d738c91f4b8d4371a1de1a47bde0563a6fc88c4886be5d48c4cb89078c255eb1639598379daf50a672cbf4d8add2d4af6c02aeb1d0f86b611abd363409c7c7fc0b66f307ad3df24241fe06d0f7617d6c3987bb9e5d8f1712aebf095fad19b3b4fcb9cc4fb39012f333c4b040666259ee7bc43cff299a527a8914d71324e91c774b84e9392e615453e9fc648c539059b66f780c888892fe8b30eba799ed18fab08ebc3b9da8bc12a249456351bc0ebafc9f54d5d24697fb53eeb5e734527d690620989f605f57dc65a15a754d304be592acc616cd528b6986064b4457b96cf1fb0ab383a0585acf9887b18e1d6d3aff1e7f2328ea0313a2b36f6f79d671d9ddc4d34fb8fb55a596b2a16c63757083fb4bd01be2e1d82e47c5a44e052279097c5a18feae9884e102cf087611a3b94467ad61635dae6275974f6e6ca7a42ded0ee4577574d56b142853a8c955d92d1eb780de11dc9289acd193214ed4c9f5f26d0481cb3c0c0b8d4c9ad929c61ffeed66bf2e4f7018049593b99358d93559847d55654cee93da30f6578d2e295909791d227a12c09cd4a0edec25d3155086b64a787997a53265cbffb7fe6a2bfd589e12b4d0e21a600276e920397888443584aa99a06d7cfef8e68eeab8fa739c3d8fb74581ceff295110742e763320bed3a4be982b3ebed15ecde37e849aaa91959327d25149f38854ea1137f870aff99979e5e74cc9e45be12e3f0f9912a0955e718a4917e835bca50f43ce92a6bc60ed006b8f623fbacebbfb3dcb4fabd9941a5487c6f637de9a2005a6bc4062e1210a08a51d6f8a5e3f6f97fe90dc7e2e21d4d2f038c0fbc1918aa00e230a4a0e5c41a4808fb9a731271fcc1e73713c9592aa4b2ddccd0d13c3cb68d51166623153445c9ec955c6870dc8543c0684883186082e34ea5714febf8b46921015c3623220d17529896e1a6edac6e32fea2ba30db203238300353602c17dddad7608cad8170b520f6d9d32cdf0156a1de4e9b9eea78f73255ddc6da6994a6018ff900d9886590602ca6a072d8aa5645e2adac0744e2d5b2e1038c746635d5814692c3498aa9043b68f8ce79c44678c5a7d5bc26c085475853b229b2af3dc822ec58047f313c778aae2b64995148174e42908f3ecacd3921855790c0c5a25814416930293010b4f917979d837f4ef9d2d6dce804f5c0926244097746252124a6e0055559ffab197c38778f717362152af8f6dbf7ee03df050ab9b8909556691c2c2775f0f9c26a545db7ba698a4ce37de877705ea97ac0a002db274ea8360a4aa732c2d5e7417138c60cbea69d3b4993ada6a9d8f51d851543a6500a31bac5a057dbef498001f08a44e3c4141900e18b6d73c28c8c67dca805edeb5376384cefe75be1f127225e4d9724b7047d68fa2ed4629e91711a37c80158a07dbce78918931402b472a98a5d5c6b66a2d116314577e94298c37bc441499a9ecea132d87c5d305a0f8f0b3ed16f3b820941082c73b28391d8482ca0cfa78e1e09aa588b0eb1849c6c7916a6bbe56134a6bd93ea306dec125982628dea1db6d022d210627959e1dc819c841f173ed25f356909222e481a1ebb31185fbaeacbd359d2779efe4554ccdac7f4bcc528f656a45049331e16e9c0c796423ec9c7cba15c69d4a8a7741699910f33cc9798a8bf1e48182f08029a14d0131654fd388225d7509e1d7a484e9c7df34d1680bfc6b8d1f6f3920cc4113509fe42dfbd6b261000da9651f7e18088f6c2564472046e5eb7e8c9f8b5286a7452741a7103ced710bfb8e699fb8b1a85c0ae887cc06ef2ff9e2a2b1a77bb4d44ddd4a4e1ba60afcb92baaef108b60486d409889cbb2b1cc77ddff7e4b6caf8cf3488764d84bf3605eb9df709ac6cb36d1a3de89cdd6657f0e6b4009e6dac5d9be14f4ed997cf61e5aaec932520c321359cf286adf6e2dc3094794ae61a4f16089d06e3dc62c958950e73213c1e865c894fe7b8a30de65f5534a1e9c5d19ed49397980126322cb9c72c46a86d7487571300d85b3b5661555f20ab63a78f846c1b8f51a19610a11ffee44f7ccf0f1d67f4148b2c828d74c7f3993965c9067114467a71d242113a68574e28601fce343a023ecc68a72d75259f9a5dce144a7f61ef327192f6474d2bbd06fde3049fe7fb306ba3f54337008d7dbdeaf28a37a224e38ade23adb076cefd3148efcb62539a96d4dfc53f369e34c3d493ac3a5e8c8881133be630a2a906703da62ce7cc02ace9f666d6c3d4b9763a83548825ee1efb54ee3475b09e2616c5bdde3d193181bf020e8ac9ac25f32604b6c11de8ad1a15b9f908c6d7e79181aad1d741b7434aa92597a835c53b9e4b61d6069fa4ee921824d17c98784a8c04590f8d2cf877662b410cae4ebd1ba3616074c020d8cb6099a095735635490d318821310ddd016150edb80370b8d4e2f05557fd619b17192c13353cdae76d495821c610c8641e5b3dff1e7f2ea77b17810ca7975b8e36b7f501a8710b326ef92672096ef66598510902fe663e2a9ef00c3a052f1cfb1739fccb4371f8f28bb92654de5bf87cc2863e92e6d7e4b45d773f90f434eafc8f8398a48527af829a6cae359e7af5941bef158f53798058351107ce58f79ed21036770f6e10e7da92bbca25f369ee83a0f894bbf366a1361f8125b4ffd8e8b4d47ec68cd6b37c840cc5beb8cf65b2269ea1a0e9c371a571f30458ff8ad9bbf8723c19ddae1de5ca7461a436ffcd103c01a20f3252ba0965ee928cfb0d002b9aa4d4f20c805b77e67c8d991c4d07e5419bec9626a32c115d28253dd5f16c17182c1779edf49bdfe3823d87fec88929801163a27bfaeddfd8cdccae8cc3bfd6a9f2e2fec5971fa560c434debd434ff4d0058dcb05d9f3ac5193c458472d6d1685f9f46c8864900c5edbaeeee08971ee1c087f2e11467ff4766743bccf9e3414feedd6dcb904b92a05eec5de8db95444b920c995c770edcedcf7bffc48836c8f30037dde47f0e66fd79550de0ebc3c0c3eba0b66e2a353542eeb20397800e5f41635c5ec2f9a271461bcee8e570ddf945b186f15ab5cabe2a3123189935c6b9010b31732c425a9b2582b097486a5a7b1880b2f16104484e1ca83fa9c278b87e30e4b0cf6ed66c87a979c05683ac94a295d1c53e6f0975a079dd9a2825fdd6ae0926ba1a69f3f69f408eea9d00fbd43235a52c53d11963a611b81dd9f5e05582e1822398873e883662a64c225be19e0b85e102e23fb73d5dcb11435a5437d7418b0409f2e60793038f55ed54c79882b3a17e74ae2148bd558d131dbf446edeb0d05353492534e216761cfcf6582d066a8235a2bd5eb383350a52d7fc2761514e27b6125cb3e387c103dd62e31f5b789c217811c80ccbe3f10fec7a19ad32dc9271368b6d6ba549c45dfd8018507c40962b6ac6468c3078edb71d8ec7f728be8cc23dea1139ac30c2e8d0fc077280e420fbbffc896863db5f1e76922d7dd8e4479c1be822e74212c6f74765e108f916a1b83f6efc8ea54080e9a28b1ba5813a1fefddbe2d0cda413ee1463985b51b59f818f440c9b6a10e4ebf71d37995ae9694ba5867ca2eb2f7bf4e58d26149f2b25943fba216beb3de1f954bcf1bd32ce358b5d23023ab456ebbc493ead41e25b62b5b4ace6c5c18c9a8d512a9cbb4dd59f33663f6138d6b06bc8eb1ec9caccc0077b2e68e7a09d412dfa352e7e5c3942b710ab1648e16d0adda424d9fc2d15c619f4e8093c2b9521e4cdb3f22e655f52ce0fcc1bfd94e56cba8decadb68214451be53f9286c82d2a4912bd2394d1133be908409d791d6d8c2194ca37a76a38d6d0a1fced6478848891d9264cfc08fa849d720339ce00977cad8d9738372184098a7333dd1564d1d7754b4aa4afd6217585804159d31f53017869cb78b718c837b7fd176ce19e3d6996b6f055ed3ba7cd55b0349676c0c113c33d070081ce4ef29af156c4ac8ce760013688d0295d90271e23ef3ca10ec2b3b889855a153c867ce79297a10a02d21e5e8995fbc10d2f4d4bf521565376053b80937bfafaac688108f9962b7c72cf0111874ac8ae27d024ee2f9d57f15b9910a7486ef7542c6629fb0520c93a445542d", 0x2000, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20, 0x0, 0x0, {0x0, 0x4c703729fbd4a280}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xca83, 0x2)
setxattr$security_ima(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x0, 0x1, 0x1)
creat(&(0x7f0000000040)='./bus\x00', 0x8)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

23.968081582s ago: executing program 6 (id=482):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
pwritev(r2, &(0x7f00000008c0)=[{&(0x7f0000000240)="01000000", 0x4}, {&(0x7f0000000200)="f697079a161cfb7702311e629acda76933ddd0c24174eb4d4d28f9", 0x1b}, {&(0x7f0000000340)="747369587e0a4e47adce", 0xa}], 0x3, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000800), 0x161200, 0x0)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x271d, 0x0, &(0x7f0000000000))
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'virt_wifi0\x00'})
r4 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_OUTPUT(r4, 0xc004562f, &(0x7f00000000c0)=0x1)
ioctl$VIDIOC_S_DV_TIMINGS(r4, 0xc0845657, &(0x7f0000000580)={0x0, @bt={0x13, 0x7c5, 0x1, 0x2800, 0xd59f82, 0x2, 0x5, 0xb, 0x8, 0x0, 0xbef, 0x1, 0x7, 0x9, 0x2b, 0x4, {0xffff945a, 0x1}, 0x9, 0xf1}})
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{0x0}, {&(0x7f00000004c0)}, {&(0x7f0000000740)}], 0x3)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000140)={{0x2, 0x1, 0xb, 0x3, 0x5, 0x0, 0x3, 0x80, 0x5, 0x4, 0x10, 0x8}, {0x8000000, 0x0, 0x4, 0x2, 0x12, 0x7, 0x5, 0xde, 0x35, 0x4, 0x2, 0xcb}, {0x3000, 0x3000, 0x4, 0x8, 0x8, 0x8, 0x3, 0x3, 0x9, 0x8, 0xe}, {0xd000, 0xeeee0000, 0x9, 0x3, 0x6, 0x80, 0x3, 0x1, 0xf5, 0x5, 0xf3, 0x40}, {0xf000, 0x8080000, 0xd, 0x1, 0xaa, 0x35, 0xff, 0x1, 0x0, 0x6, 0x4}, {0x100000, 0xdddd0000, 0x3, 0x2, 0x22, 0xbf, 0x0, 0xb0, 0x3, 0x81, 0xbd, 0x6}, {0x0, 0xeeee0000, 0x8, 0x3, 0x6, 0xc0, 0x7f, 0x8, 0x6, 0x8, 0x0, 0x60}, {0xf000, 0x100000, 0xe, 0xfd, 0x7c, 0x7, 0x4, 0x5, 0x2a, 0x3, 0x7, 0xf1}, {0x10000, 0x8}, {0xd5d50002, 0x63e4}, 0x10, 0x0, 0xf000, 0xa, 0xd, 0xc000, 0xeeee0000, [0x7, 0x3, 0x9, 0x80]})
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_MAP(r5, 0x3b85, &(0x7f00000004c0)={0x28, 0x5, r6, 0x0, &(0x7f00000003c0)="cff372e4", 0x4, 0xf})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r5, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r6, 0x0, 0x97, 0x8000000})
ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000140)={0x28, 0x6, r6, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xfffffffffffffffb})
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000300)={0x8, 0x2, 0x7, 0x800, 0x4})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000003500)={'veth1_macvtap\x00', <r7=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x3, {0x7, 0x0, 0x0, r7, 0x94, 0xe6, 0x4}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, 0x28}}, 0x800)

22.569401669s ago: executing program 4 (id=484):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xc, 0x86}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet(0x2b, 0x801, 0x0)
listen(r1, 0x0)
splice(r1, 0x0, r0, 0x0, 0x9, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
clock_gettime(0x0, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000001c0)=<r3=>0xffffffffffffffff)
socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000140), 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYRESOCT=r3])
chdir(&(0x7f0000000100)='./file0\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x2000000000000000}, 0x18)
readv(0xffffffffffffffff, &(0x7f0000001480)=[{&(0x7f0000000600)=""/240, 0xf0}], 0x1)
getrlimit(0x1, &(0x7f00000003c0))
r5 = syz_open_dev$vcsn(&(0x7f0000000180), 0x0, 0x26642)
fsetxattr$security_capability(r5, &(0x7f0000000280), &(0x7f0000000440)=@v3={0x3000000, [{0x5, 0x82}, {0x80000000, 0xffffaf0a}]}, 0x18, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000340)=@multiplanar_userptr={0x3, 0x4, 0x4, 0x100, 0xfffffffc, {0x0, 0x2710}, {0x4, 0x2, 0x90, 0xf8, 0x10, 0x5, "62d7c6c6"}, 0x3, 0x2, {&(0x7f0000000240)=[{0x6c5, 0x15, {&(0x7f00000000c0)}, 0x3}, {0x3, 0xde86, {&(0x7f0000000100)}, 0xa8b2}]}, 0xd69, 0x0, r5})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000001000000000000000000000850000005300000018010000207834b000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000a00ef00850000009b0000009500000000000000"], &(0x7f0000000080)='syzkaller\x00'}, 0x45)

20.762740089s ago: executing program 6 (id=485):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x1}], 0x1}}], 0x1, 0x24008094)
syz_io_uring_setup(0x9e, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffb3}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
r3 = syz_init_net_socket$ax25(0x3, 0x5, 0xcf)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')
read$qrtrtun(r4, &(0x7f00000004c0)=""/57, 0x39)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000000}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000300)={0x7f, <r6=>0x0}, 0x8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r7, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r8 = accept4$unix(r0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
recvfrom$unix(r8, &(0x7f0000000140)=""/263, 0x40000, 0x0, 0x0, 0x0)

20.722854697s ago: executing program 9 (id=486):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet(0x2, 0xa, 0x20)
r0 = socket$inet6(0xa, 0x3, 0x75)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in6=@dev={0xfe, 0x80, '\x00', 0x38}, 0x0, 0x1, 0x4, 0x0, 0x2, 0x0, 0x0, 0x2b}, {0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffff7}, {0x0, 0xfef2, 0xd, 0x40000000000}, 0x101, 0x1, 0x1, 0x0, 0x3, 0x1}, {{@in6=@empty, 0x4d4, 0x32}, 0x0, @in=@multicast1, 0xfffffffe, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x35ced141}}, 0xe8)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@remote, @in6=@mcast1, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20, 0x2f}, {0xfffffefffffffffd, 0xeca, 0x2d, 0x0, 0x0, 0x0, 0x400778e, 0xffff}, {0xfffffffffffffff7, 0x0, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x4d6, 0x3c}, 0x0, @in=@multicast1, 0x0, 0x4}}, 0xe8)
close(r0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x48081)
shutdown(0xffffffffffffffff, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'macvlan1\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="44000000100003052bbd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="1546040000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r3], 0x44}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000300)=ANY=[@ANYBLOB="280000001200010100000000e0ffffff07000000", @ANYRES32=0x0, @ANYBLOB="488400000040000008001d00c3000000fa0f57a54a30cdc31ed4efbccebe56193cce61caab83e21f804a175df90d07386fb3fafcea54e6aede045e0a94ace1a862639a5c6a79cdfe25853d999481e49f9373a864c7dca2d9189ee1f9dbaacbb9958ce8a3c1ec3b353d396a38b306e54c2c"], 0x28}, 0x1, 0x0, 0x0, 0x2000c840}, 0x80)

19.503992355s ago: executing program 4 (id=487):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000080)=0x48)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000003c0007010000000000000000010000000400fc800c00018008000600ffff0000080002800400728008000900"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = fsopen(&(0x7f0000000100)='binder\x00', 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x1c, r7, 0x1, 0x0, 0x8000000, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4810}, 0x10)
landlock_restrict_self(0xffffffffffffffff, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES32=r9, @ANYBLOB="070000000000000400000000", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x10)

19.184167877s ago: executing program 6 (id=488):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
connect$ax25(r1, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x55779000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
madvise(&(0x7f0000304000/0x3000)=nil, 0x3000, 0x9)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r6, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='mpol=interleave=stotic:,'])
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r8 = accept(r5, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0xc000}, 0x10)
recvfrom(r7, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0)
fsopen(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x0)

18.86837325s ago: executing program 8 (id=489):
syz_open_dev$admmidi(&(0x7f0000000300), 0x8000000000006, 0x1a9882)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
socket(0xa, 0x3, 0x3a)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = fsopen(&(0x7f0000000000)='jfs\x00', 0x1)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f0000000240)='resize', 0x0, r2)
chdir(&(0x7f0000000080)='./file1\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000dc0)={0x0, 0x3, 0x1000002, 0x0, 0xff, "d4e9002b2c000000ff00"})
sched_setaffinity(0x0, 0x0, 0x0)
shmat(0x0, &(0x7f0000ff7000/0x3000)=nil, 0x400c)
munmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000)
r5 = syz_open_pts(r4, 0x0)
r6 = dup(r5)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TIOCSLCKTRMIOS(r6, 0x5457, &(0x7f0000000100))
connect$vsock_stream(r6, &(0x7f0000000000), 0x10)
setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f0000000180)={0x5, 0xfffffffe}, 0x8)
close_range(r0, 0xffffffffffffffff, 0x0)

16.325126079s ago: executing program 4 (id=490):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x3741, 0x0, 0x1, 0xc}]})
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000e00)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
ioctl$FS_IOC_MEASURE_VERITY(r2, 0xc0046686, &(0x7f0000000100)={0x0, 0xb, "2b168bc123afd1c2a25cdb"})
socket$unix(0x1, 0x2, 0x0)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0x0, 0x0)
r5 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
close(r5)
sendto$inet6(r4, &(0x7f0000847fff), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmsg$netlink(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000e80)={&(0x7f0000000cc0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x1, 0x101}, 0x28)
mkdir(&(0x7f0000000180)='./file0\x00', 0x30)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r7, 0x303, 0x0, 0x0, {0x6}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)='jfs\x00', 0x0, &(0x7f00000000c0)='grpquota')

15.461981999s ago: executing program 6 (id=491):
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, 0x0, 0x0)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000340), 0x5a, 0x0)
ioctl$SG_GET_VERSION_NUM(r6, 0x2282, &(0x7f0000000380))
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x378, 0x0, 0x43, 0xa0, 0x1d0, 0x98, 0x318, 0x178, 0x178, 0x318, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1b0, 0x1d0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@helper={{0x48}, {0x0, 'ftp-20000\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xb0, 0x110, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@multicast1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x3d8)
r7 = syz_init_net_socket$ax25(0x3, 0x5, 0x7)
ioctl$SIOCAX25OPTRT(r7, 0x89e7, &(0x7f0000000040)={@default, @bcast, 0x2, 0x20})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[], 0x7c}}, 0x10)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r1, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000000914290727bd3596fedbdf250800010001000000080001000100000008000100020200"/48], 0xfffffcb6}, 0x1, 0x0, 0x0, 0x24004800}, 0x24004851)
r8 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000140)={0x10000042, 0x0, 0x2}, 0x10)
r9 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, &(0x7f0000000040)=0x8, 0x4)
bind$tipc(r9, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)

14.189974855s ago: executing program 8 (id=492):
r0 = socket$kcm(0x10, 0x2, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
shutdown(0xffffffffffffffff, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
r2 = shmget$private(0x0, 0x3000, 0x400, &(0x7f0000ffd000/0x3000)=nil)
shmat(r2, &(0x7f0000ffc000/0x2000)=nil, 0x5000)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x3)
unshare(0x28020480)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040), 0x0, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1}, 0x10320)
openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, 0x0)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
ioperm(0x0, 0x2, 0x2)
getpriority(0x0, 0x18)
add_key$user(&(0x7f0000000000), &(0x7f0000000100)={'syz', 0x0}, &(0x7f00000009c0)="a97028fa973938c545a54b218271b11f9600cc27481b08d1e70c20db67ad8791fbc007ab3dca5ee9c8b5e4e89a329acab861b54f1dd2ec5e25bd6ae8543882cd7785fd1a217ad20a1dd86448209a5e7052bbf4f49f7c5aaf9e05adee7f981ed03bad54f357cc51d2785dbf761657fc2769161852919d2ee8c5e434a45207080624049d9e48084f7801d8f2e913f5b8e590d4945e47bab59c355ff6470a88b69577b13c04b04de2dfb3d110fcd5ca455959fd2b0f89e4d8eaa2feb23551b06551af1464dc5ab3bef6ae754cc58e24a950fa453565fde3d22c7994735bd11eecd9dd74b18d7fb113b9399449612516beb9d91c5068ca187d89059177bc3442b10b80418c79fe6fcd311c2dea2e772117b7123253e072c4cf87e141ad16689c0eecb7d6619b8afba680b230cf3c3283e9d67dc686e2ab05c67e3cb8d0d4b89d460b22d68b7b65b57a11bb25e43839f3e13ca4599a18c9a64fa21388ac4409257218d8dac52a9ee4819849eaece8efe303580c6722dc9556f5c25192f380334e351c63901cf5956c4cfe602ecac13619a27d10ba27da01431ff6e25f833febe1eeff47ad0187b3f320aa97b15f64af2d683b625c2355cebc2bbe2c57001e006585bea77b8f7a12e37c905b26890a9332f528e22c246771b3913b37f07a2a3d0a78bff3639c1faa6850686f2b8bffa2fb234bf3410c12c04e0a8608ec7549d49662cc64c7373a7af49cc6845c9bd6657184d76570d2f43d4433a09f27809df0702d9c0988b5ce4e665b6d41e4de8684eecbca4b7056f6d8bc4f3c034685064769ad76d2d7d3d9572274edf897f1850fba5029633ffe709e2fe4d1824a85629ba56a8aadcd533252016c94485ea92fb5ba440819a4020e46a6b568a56ac653957675fe1914125fa6f43fbe77357a8db3cd18ee7e19e039c881cb71bbcb171ff9b9e619020dd54855d44d3dce46a7a3da4a5241bb3ba1a0040da3beb044a0dffccdfda4e9b7507a221f8ea31ceccd1775fc8defd4bfcd201841cb42748fcadc119c391a2c7fca6c70c02b93142ad98d20f5ef099387c1e4d95f0485c86673958859919bfd2f46bc5fa32ebd5718e84a141af0bbc990d7c01f53df3fc43691ed86cbc334ebca4c2ca7fc3be216ecec0fc299c028e13feeb2b12093d401b440afa571c8a93ffdfed5a7eb7689d14ca7aa1d06228693223f9ef1d5ac7a7f6f5325c7c0c5d06befb9fddf6b6100fe6d79fc84b25c7cbc01adc6f622894dd6f57511cbc3a7fcde7a3f8c09ec27689974a6f8d67e4df2c49ff6be656c737c77480a332af9d83bc40a9446ef429386969f035012daf68b739d269eeea47760c57a8ab1c94c622a1b81663f8485a6eca99c2c90c200260a0b0b93e5d118e2df350f6c0065aa18f080f1b5628d64402c713f5101f5b41a49d45359ccaf90b60ef29869c56f0ef536b6940f74d8fa099b3728ca22c3f095f3f7208414798b625a145836e8b099d89736590be9a49ce33b654e41251f7cf3a5611032bddf393873d290172a193b58b48b7e5e981a018902008cb3e2abc8bcbbea4b0fbe24b1717e7547957c417fd3874dca5dba938e9c30d61b46b9974c982b403de3f641130c01287e0a696cb24f660472cffb2d528fca32b57bf900968ef26c3471184958292aae1e7bee6284f51fca98784ee0d95a6b1368cd19ee7b223c7bc37a3376d31315d01c029ef67c65a358c6cf79a05b39bfbf6fa9406b0d547cce1e8fade639ee4b566fefc20738fe3f1e1e6b39d911d75a15b09d1fcd7e999709602b7de458d6fcf8885f4abbdcce1c57aa9baea0fdcd85549a3b440fc14fb072583513827bb9b9e0d707c7efc1957eaa479ba734072e7e46e16face43e89ad560479232b70de58ca302a53c2589620252c7ca37d0bcd4c9dab1d371f0944ec3c4c6238f71e86516874223b3c3d63b9eb30086f62526fc9975d92a996313b9c17248b7c0d72cd60676708cc855a8083f68d698bf27df523ee148dcd022ddb31a5f324801cc026907e7264206ac93fcdf06a0a1803c0e1fb7655c999f4850a884109366a238c53d9da678e95d9b34c8d2c34c05a9fd7d411834918875152f922a5058dc69b29a80fb434807403120933f70eab98990da187c0fc67c641542bc3de14dcd0a64d8d4ea21fe3c718a6ba5ea19ea61abf77df6d9cfcd97125b16741ba7e488a53175d92ffdf4b049072ec6b31d998b999296762550d68cac716cba08a3e2d6cbf17e7648eb2e2d557fd2f099e0b6606886b9d4f971b322007dca26a747ef82c33341ac0e407718d45153ffb814bc13a3200babe793396e62cd1305ada704581fac4ac8321ce4542436fc872f6220e2f18f1ae33afa88d284979ffe193284b49c52af0c8b3053fa6085be166af048b3e81a5c3271d325510e827842a1800292eca753e56420cd20a18c70c58539fc4c9f9bfbd2af4212125e171df8dcb102a026eacd9fc908db3853aa0b9fe947401ba182af3dac4302d810b920576686826f4f0c33850", 0x6f8, 0xfffffffffffffff8)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x10049014)
socket$nl_route(0x10, 0x3, 0x0)

14.185680708s ago: executing program 9 (id=493):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x40201, 0x0)
pwritev(r3, 0x0, 0x0, 0x6156, 0x5)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x400)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6})
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r7, 0x0, 0x484, &(0x7f0000000000)=""/108, &(0x7f0000000080)=0x18)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x18, 0x8, 0x40, 0x42, 0x1}, 0x48)
setresgid(0xee00, 0xee01, 0x0)
r8 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

14.182040174s ago: executing program 4 (id=501):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10138, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=ANY=[@ANYBLOB="24001000fe04000600000020ce45b02066392241"], 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
timer_create(0x1, &(0x7f0000000100)={0x0, 0x37, 0x1, @tid=r0}, &(0x7f0000000180))
syz_clone3(&(0x7f00000002c0)={0x8040000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000)={0x9, [<r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000040)=0x28)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000340)={r5, @in={{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x4, 0x9a7, 0xcc7d, 0x3, 0x74, 0x5, 0x7f}, &(0x7f00000000c0)=0x9c)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(0xffffffffffffffff, &(0x7f00000001c0)=""/37, 0x25)
getdents(r6, 0xfffffffffffffffd, 0xbb)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r8=>0x0})
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r8}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4, 0x5, 0x0, 0x0, [{0x8, 0x0, 0x0, 0x0, 0x123e}, {0x8, 0x5}, {0x8}]}}]}]}, 0x44}}, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000006280)={0x2020}, 0x2020)

12.736776716s ago: executing program 9 (id=494):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
pwritev(r2, &(0x7f00000008c0)=[{&(0x7f0000000240)="01000000", 0x4}, {&(0x7f0000000200)="f697079a161cfb7702311e629acda76933ddd0c24174eb4d4d28f9", 0x1b}, {&(0x7f0000000340)="747369587e0a4e47adce", 0xa}], 0x3, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000800), 0x161200, 0x0)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x271d, 0x0, &(0x7f0000000000))
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'virt_wifi0\x00'})
r4 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_OUTPUT(r4, 0xc004562f, &(0x7f00000000c0)=0x1)
ioctl$VIDIOC_S_DV_TIMINGS(r4, 0xc0845657, &(0x7f0000000580)={0x0, @bt={0x13, 0x7c5, 0x1, 0x2800, 0xd59f82, 0x2, 0x5, 0xb, 0x8, 0x0, 0xbef, 0x1, 0x7, 0x9, 0x2b, 0x4, {0xffff945a, 0x1}, 0x9, 0xf1}})
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{0x0}, {&(0x7f00000004c0)}, {&(0x7f0000000740)}], 0x3)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000140)={{0x2, 0x1, 0xb, 0x3, 0x5, 0x0, 0x3, 0x80, 0x5, 0x4, 0x10, 0x8}, {0x8000000, 0x0, 0x4, 0x2, 0x12, 0x7, 0x5, 0xde, 0x35, 0x4, 0x2, 0xcb}, {0x3000, 0x3000, 0x4, 0x8, 0x8, 0x8, 0x3, 0x3, 0x9, 0x8, 0xe}, {0xd000, 0xeeee0000, 0x9, 0x3, 0x6, 0x80, 0x3, 0x1, 0xf5, 0x5, 0xf3, 0x40}, {0xf000, 0x8080000, 0xd, 0x1, 0xaa, 0x35, 0xff, 0x1, 0x0, 0x6, 0x4}, {0x100000, 0xdddd0000, 0x3, 0x2, 0x22, 0xbf, 0x0, 0xb0, 0x3, 0x81, 0xbd, 0x6}, {0x0, 0xeeee0000, 0x8, 0x3, 0x6, 0xc0, 0x7f, 0x8, 0x6, 0x8, 0x0, 0x60}, {0xf000, 0x100000, 0xe, 0xfd, 0x7c, 0x7, 0x4, 0x5, 0x2a, 0x3, 0x7, 0xf1}, {0x10000, 0x8}, {0xd5d50002, 0x63e4}, 0x10, 0x0, 0xf000, 0xa, 0xd, 0xc000, 0xeeee0000, [0x7, 0x3, 0x9, 0x80]})
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_MAP(r5, 0x3b85, &(0x7f00000004c0)={0x28, 0x5, r6, 0x0, &(0x7f00000003c0)="cff372e4", 0x4, 0xf})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r5, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r6, 0x0, 0x97, 0x8000000})
ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000140)={0x28, 0x6, r6, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xfffffffffffffffb})
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000300)={0x8, 0x2, 0x7, 0x800, 0x4})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000003500)={'veth1_macvtap\x00', <r7=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x3, {0x7, 0x0, 0x0, r7, 0x94, 0xe6, 0x4}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, 0x28}}, 0x800)

12.7222752s ago: executing program 6 (id=495):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_netdev_private(r1, 0x8914, 0x0)
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r2, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
connect$rose(0xffffffffffffffff, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @default}, 0x1c)
connect$rose(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40046f41, &(0x7f0000000440)=0x1f)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @random="fcf4d5eaa000", @void, {@ipv6={0x86dd, @icmpv6={0x8, 0x6, "ec8d82", 0x18, 0x3a, 0xff, @dev={0xfe, 0x80, '\x00', 0xa}, @private1={0xfc, 0x1, '\x00', 0x1}, {[], @mld={0x82, 0x0, 0x0, 0x1000, 0x8, @empty}}}}}}, 0x0)

10.833848833s ago: executing program 4 (id=496):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
pipe(&(0x7f0000019480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)='\b', 0x1}], 0x1, 0x1)
close(r1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r3, &(0x7f0000000280)='g', 0x1, 0x4008891, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f00000000c0)={0xb, 0x4, 0xfe, 0x2, 0x3, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x5}, 0xe)
setsockopt$sock_int(r3, 0x1, 0x28, &(0x7f0000000000)=0xf66, 0x4)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_buf(r4, 0x0, 0x8008000000010, &(0x7f0000000080)="17000000020001000003d68c5ee17688a2003c08020300ecff3f0200000300000a00000c89f1608558134fcf9f98c1811900009afc5ad9485bbb6a880000d6c8db0000dba67e060180000a0000f10607bdff59100ac45761407a681f009cee4a5acb3da400001fb700674f19b44e09f9315033bf79ac2dff060115003901000000000000ea000000000000000009ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68", 0xb8)
r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
write$nbd(r5, 0x0, 0x40)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
pread64(r6, &(0x7f0000001440)=""/126, 0x7e, 0x41)
lseek(r6, 0x9, 0x0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000800000000000000000000000000000002"])
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r7, 0x0)
getsockopt$inet6_mptcp_buf(r7, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x6, 0x10, &(0x7f0000000940)=ANY=[@ANYBLOB="850000006a0000001838000004000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000000000008500000086000000852100000100000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000852000000500000085100000fcffffff9560200001000000"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x9, &(0x7f0000000500)=""/9, 0x41000, 0x3, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000580)={0xa, 0x1}, 0x8, 0x10, &(0x7f00000005c0)={0x5, 0x10000000, 0x4, 0x8}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000600), &(0x7f0000000780)=[{0x5, 0x1, 0xb, 0x3}, {0x1, 0x1, 0x6, 0x4}, {0x3, 0x3, 0x10, 0x4}, {0x4, 0x1, 0x7, 0x4}, {0x3, 0x4, 0x7, 0x3}], 0x10, 0x1}, 0x94)
r8 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000a80)=@raw={'raw\x00', 0x8, 0x3, 0x438, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x368, 0xffffffff, 0xffffffff, 0x368, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {0xff}}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [0x0, 0xff000000], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x298, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x8, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x2, 0x24, "74da157150445affea123f5ef01537fc77b067aafc038415821fe07d79cc"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x498)

9.451066932s ago: executing program 8 (id=497):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xc, 0x86}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet(0x2b, 0x801, 0x0)
listen(r1, 0x0)
splice(r1, 0x0, r0, 0x0, 0x9, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
clock_gettime(0x0, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000001c0)=<r3=>0xffffffffffffffff)
socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000140), 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYRESOCT=r3])
chdir(&(0x7f0000000100)='./file0\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x2000000000000000}, 0x18)
readv(0xffffffffffffffff, &(0x7f0000001480)=[{&(0x7f0000000600)=""/240, 0xf0}], 0x1)
getrlimit(0x1, &(0x7f00000003c0))
r5 = syz_open_dev$vcsn(&(0x7f0000000180), 0x0, 0x26642)
fsetxattr$security_capability(r5, &(0x7f0000000280), &(0x7f0000000440)=@v3={0x3000000, [{0x5, 0x82}, {0x80000000, 0xffffaf0a}]}, 0x18, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f0000000340)=@multiplanar_userptr={0x3, 0x4, 0x4, 0x100, 0xfffffffc, {0x0, 0x2710}, {0x4, 0x2, 0x90, 0xf8, 0x10, 0x5, "62d7c6c6"}, 0x3, 0x2, {&(0x7f0000000240)=[{0x6c5, 0x15, {&(0x7f00000000c0)}, 0x3}, {0x3, 0xde86, {&(0x7f0000000100)}, 0xa8b2}]}, 0xd69, 0x0, r5})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000001000000000000000000000850000005300000018010000207834b000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000a00ef00850000009b0000009500000000000000"], &(0x7f0000000080)='syzkaller\x00'}, 0x45)

7.366148ms ago: executing program 9 (id=498):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x1}], 0x1}}], 0x1, 0x24008094)
syz_io_uring_setup(0x9e, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffb3}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
r3 = syz_init_net_socket$ax25(0x3, 0x5, 0xcf)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')
read$qrtrtun(r4, &(0x7f00000004c0)=""/57, 0x39)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_DESTROY_ID(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000000}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000300)={0x7f, <r6=>0x0}, 0x8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r7, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r8 = accept4$unix(r0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
recvfrom$unix(r8, &(0x7f0000000140)=""/263, 0x40000, 0x0, 0x0, 0x0)

940.023µs ago: executing program 6 (id=499):
r0 = syz_io_uring_setup(0x3a, 0x0, &(0x7f0000000240), 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x21, 0x0, 0x1)
writev(r0, &(0x7f0000000440)=[{0x0}, {&(0x7f0000000100)="b6ff819269042ffc3d4e2250da53e28b71f967f8863a5003a090583bc7033e0627ab2a6553a1ebf167b7560203398fc11cadbdaebcb1ed419e4d3d3c6f2a0df2fc8e2f5b6417a4ee83997700f90894f8fcd26fa5c9a9b681e9f190eb27654f4a0aae0e589c18dc", 0x67}, {&(0x7f0000000180)="37e6ee081081cf3e51e0ca91961d4935885bb8352f2994b08e9abfc6f7c2da990f7ad5562a72d6c2bcdb916c7655a854eec2219d4045e91b66c0b1ac8f3b3235a5ea8b6665cf4215988b3e019e2b4dabd919a086b53640efa95313041220f09a730f10e611c2af991c0dd2b3d4fb9819d27f758e0c63dd9012645da4135332e61d76efcaeede67069ac164b60ce01df40f184ea02b565091faa4ff0fee8d729dbdc3e6a7c17aa9f973e451b7797469cb9422c9f897eb3738aaa351d07e451f33622af989b6c7bad95b4918484b46fda9346045c6c8824ed7688bcf2f907ebe6a5f5412f59858f2427e8a8586118bb59167", 0xf1}, {&(0x7f0000000280)="21934bff40f093059eaa76719f313c02900daba0d5cf716dbd4f25d6abfa6940f01bfe70b227d32178de700a4488b85001c865b52b6bc043b87e0756bedaba213c91db94dc1a346be6ed08b31766b901f7f2257877411097407ca00c273a01ef62b6f9d4c35a55d77f36fa55a759aff30d4edc8e143b49f67e2ff22c2cb718d1f444c3efa295ec59d849037213d3391033915aadac4166ffeef4185d97a500565f6564488971ed07b5fa0c2a253c42a640ba0037e64489516427badd062a237f17ade3e485b71c5b250227dafd65516f4f3e4501b249ca53c6a3", 0xda}, {0x0}], 0x5)
openat$dlm_control(0xffffffffffffff9c, 0x0, 0xa080, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
fcntl$setsig(0xffffffffffffffff, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r1, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000540)='/sys/kernel/debug/sync/info\x00'}, 0x30)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
close(r4)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000100)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000002, 0x5d032, 0xffffffffffffffff, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r5, 0xc018643a, &(0x7f0000000140)={0x1, 0x101})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000740)={0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "65366a50432b7ee2c7feddd91df868e7cfc6fa7272f3bf0a71b5d0c19323a260"}})
ioctl$KDSETMODE(0xffffffffffffffff, 0x4b3a, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x4b3a, 0x2)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r7, &(0x7f0000000500)=[{&(0x7f0000000040)=@in={0x2, 0xb, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000800)=[{&(0x7f00000000c0)='l', 0x1}, {&(0x7f0000000240)}, {0x0}], 0x3, &(0x7f0000000000)=[@init={0x18, 0x84, 0x0, {0x7ff, 0x0, 0x3}}, @dstaddrv4={0x18, 0x84, 0x7, @broadcast}], 0x30, 0x14001}], 0x1, 0x4044040)

0s ago: executing program 4 (id=508):
syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), 0xffffffffffffffff)
r0 = landlock_create_ruleset(&(0x7f00000005c0)={0x0, 0x2, 0x1}, 0x18, 0x0)
r1 = landlock_create_ruleset(0x0, 0x0, 0x0)
landlock_restrict_self(r1, 0x0)
open(&(0x7f0000000280)='.\x00', 0x141080, 0x0)
landlock_restrict_self(r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
get_mempolicy(0x0, 0x0, 0x1000, &(0x7f0000ff9000/0x4000)=nil, 0x3)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f0000000280), 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r5, 0x84, 0x15, &(0x7f00000000c0), 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r5, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
writev(r5, 0x0, 0x0)
r6 = socket(0x11, 0x800000003, 0x0)
r7 = socket$phonet(0x23, 0x2, 0x1)
ioctl$SIOCPNDELRESOURCE(r7, 0x89ef, &(0x7f0000000180)=0x7)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r6)

kernel console output (not intermixed with test programs):


[  240.028823][ T6397]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.028849][ T6397]  ? clear_bhb_loop+0x60/0xb0
[  240.028878][ T6397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.028904][ T6397] RIP: 0033:0x7fa3b53aebe9
[  240.028941][ T6397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.028963][ T6397] RSP: 002b:00007fa3b360e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  240.028992][ T6397] RAX: ffffffffffffffda RBX: 00007fa3b55d5fa0 RCX: 00007fa3b53aebe9
[  240.029011][ T6397] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000008
[  240.029027][ T6397] RBP: 00007fa3b5431e19 R08: 0000000000000052 R09: 0000000000000000
[  240.029145][ T6397] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  240.029169][ T6397] R13: 00007fa3b55d6038 R14: 00007fa3b55d5fa0 R15: 00007ffe9fc24d48
[  240.029215][ T6397]  </TASK>
[  240.029239][ T6397] Mem-Info:
[  240.029261][ T6397] active_anon:255 inactive_anon:5587 isolated_anon:0
[  240.029261][ T6397]  active_file:5431 inactive_file:37588 isolated_file:0
[  240.029261][ T6397]  unevictable:768 dirty:179 writeback:0
[  240.029261][ T6397]  slab_reclaimable:11584 slab_unreclaimable:101203
[  240.029261][ T6397]  mapped:24629 shmem:1361 pagetables:1053
[  240.029261][ T6397]  sec_pagetables:0 bounce:0
[  240.029261][ T6397]  kernel_misc_reclaimable:0
[  240.029261][ T6397]  free:1343987 free_pcp:6260 free_cma:0
[  240.029333][ T6397] Node 0 active_anon:1020kB inactive_anon:22348kB active_file:21520kB inactive_file:150352kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98516kB dirty:716kB writeback:0kB shmem:3908kB kernel_stack:13028kB pagetables:4084kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  240.029397][ T6397] Node 1 active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  240.029450][ T6397] Node 0 DMA free:15344kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  240.029529][ T6397] lowmem_reserve[]: 0 2512 2513 2513 2513
[  240.029576][ T6397] Node 0 DMA32 free:1456884kB boost:0kB min:3940kB low:6484kB high:9028kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1016kB inactive_anon:22308kB active_file:20500kB inactive_file:150284kB unevictable:1536kB writepending:712kB present:3129332kB managed:2572332kB mlocked:0kB bounce:0kB free_pcp:25040kB local_pcp:20380kB free_cma:0kB
[  240.029652][ T6397] lowmem_reserve[]: 0 0 1 1 1
[  240.029696][ T6397] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:1020kB inactive_file:68kB unevictable:0kB writepending:4kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  240.029765][ T6397] lowmem_reserve[]: 0 0 0 0 0
[  240.029806][ T6397] Node 1 Normal free:3903720kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  240.029879][ T6397] lowmem_reserve[]: 0 0 0 0 0
[  240.029911][ T6397] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15344kB
[  240.030912][ T6397] Node 0 DMA32: 199*4kB (UME) 339*8kB (UME) 174*16kB (UME) 183*32kB (UME) 111*64kB (UME) 67*128kB (UME) 78*256kB (UME) 68*512kB (UME) 34*1024kB (UME) 6*2048kB (UM) 324*4096kB (M) = 1456820kB
[  240.031123][ T6397] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  240.031266][ T6397] Node 1 Normal: 186*4kB (UE) 44*8kB (UME) 34*16kB (UME) 228*32kB (UME) 100*64kB (UME) 32*128kB (UME) 15*256kB (UME) 7*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 945*4096kB (M) = 3903720kB
[  240.031478][ T6397] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  240.031502][ T6397] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  240.031524][ T6397] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  240.031546][ T6397] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  240.031567][ T6397] 44376 total pagecache pages
[  240.031581][ T6397] 0 pages in swap cache
[  240.031591][ T6397] Free swap  = 124996kB
[  240.031601][ T6397] Total swap = 124996kB
[  240.031611][ T6397] 2097051 pages RAM
[  240.031620][ T6397] 0 pages HighMem/MovableOnly
[  240.031629][ T6397] 422070 pages reserved
[  240.031638][ T6397] 0 pages cma reserved
[  240.050674][ T6399] netlink: 56 bytes leftover after parsing attributes in process `syz.4.100'.
[  240.789939][ T6399] trusted_key: syz.4.100 sent an empty control message without MSG_MORE.
[  241.021186][  T145] hsr_slave_0: left promiscuous mode
[  241.140693][  T145] hsr_slave_1: left promiscuous mode
[  241.149508][  T145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  241.149624][  T145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  241.325095][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  241.352121][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  241.354174][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  241.356251][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  241.357311][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  241.518341][  T145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  241.518381][  T145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  242.942529][    C0] vkms_vblank_simulate: vblank timer overrun
[  243.704440][    C0] vkms_vblank_simulate: vblank timer overrun
[  243.773165][    C0] vkms_vblank_simulate: vblank timer overrun
[  243.799848][ T5840] Bluetooth: hci4: command tx timeout
[  244.160896][    C0] vkms_vblank_simulate: vblank timer overrun
[  244.308388][    C0] vkms_vblank_simulate: vblank timer overrun
[  244.365832][  T145] veth1_macvtap: left promiscuous mode
[  244.366152][  T145] veth0_macvtap: left promiscuous mode
[  244.366513][  T145] veth1_vlan: left promiscuous mode
[  244.366920][  T145] veth0_vlan: left promiscuous mode
[  244.820684][    C0] vkms_vblank_simulate: vblank timer overrun
[  245.262620][ T6422] loop8: detected capacity change from 0 to 7
[  245.687861][ T6422] Dev loop8: unable to read RDB block 7
[  245.688084][ T6422]  loop8: AHDI p1 p2 p3
[  245.688255][ T6422] loop8: partition table partially beyond EOD, truncated
[  245.703311][ T6422] loop8: p1 start 1601398130 is beyond EOD, truncated
[  245.703396][ T6422] loop8: p2 start 1702059890 is beyond EOD, truncated
[  245.760313][    C0] vkms_vblank_simulate: vblank timer overrun
[  245.840621][ T5840] Bluetooth: hci4: command tx timeout
[  245.992610][    C0] vkms_vblank_simulate: vblank timer overrun
[  246.481093][    C0] vkms_vblank_simulate: vblank timer overrun
[  247.176240][    C0] vkms_vblank_simulate: vblank timer overrun
[  247.611964][    C0] vkms_vblank_simulate: vblank timer overrun
[  247.673394][    C0] vkms_vblank_simulate: vblank timer overrun
[  247.922504][ T5840] Bluetooth: hci4: command tx timeout
[  248.456570][ T6437] syz.4.106 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  250.000595][ T5840] Bluetooth: hci4: command tx timeout
[  251.443000][  T145] team0 (unregistering): Port device team_slave_1 removed
[  251.676736][  T145] team0 (unregistering): Port device team_slave_0 removed
[  254.218040][ T6334] lo speed is unknown, defaulting to 1000
[  254.281153][ T6375] lo speed is unknown, defaulting to 1000
[  254.574343][ T6406] lo speed is unknown, defaulting to 1000
[  255.684993][ T6334] chnl_net:caif_netlink_parms(): no params data found
[  255.964561][ T6375] chnl_net:caif_netlink_parms(): no params data found
[  256.364136][ T6406] chnl_net:caif_netlink_parms(): no params data found
[  256.660575][ T6334] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.660836][ T6334] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.661130][ T6334] bridge_slave_0: entered allmulticast mode
[  256.665968][ T6334] bridge_slave_0: entered promiscuous mode
[  256.717024][ T6334] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.717171][ T6334] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.717754][ T6334] bridge_slave_1: entered allmulticast mode
[  256.743689][ T6334] bridge_slave_1: entered promiscuous mode
[  257.600328][  T145] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.675877][ T6375] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.676354][ T6375] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.676581][ T6375] bridge_slave_0: entered allmulticast mode
[  257.679492][ T6375] bridge_slave_0: entered promiscuous mode
[  257.719234][ T6334] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  257.774002][ T6375] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.774184][ T6375] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.774415][ T6375] bridge_slave_1: entered allmulticast mode
[  257.777572][ T6375] bridge_slave_1: entered promiscuous mode
[  257.813114][ T6334] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  258.303926][  T145] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  258.847794][ T6375] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  258.858728][ T6334] team0: Port device team_slave_0 added
[  259.046082][  T145] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.192074][ T6406] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.192251][ T6406] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.192420][ T6406] bridge_slave_0: entered allmulticast mode
[  259.194411][ T6406] bridge_slave_0: entered promiscuous mode
[  259.199020][ T6375] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  259.240062][ T6334] team0: Port device team_slave_1 added
[  259.255905][ T6406] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.256076][ T6406] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.256280][ T6406] bridge_slave_1: entered allmulticast mode
[  259.265317][ T6406] bridge_slave_1: entered promiscuous mode
[  259.588929][  T145] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.965931][ T6375] team0: Port device team_slave_0 added
[  259.968756][ T6334] batman_adv: batadv0: Adding interface: batadv_slave_0
[  259.968771][ T6334] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.968800][ T6334] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  259.984283][ T6406] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  259.987041][ T6334] batman_adv: batadv0: Adding interface: batadv_slave_1
[  259.987059][ T6334] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.987090][ T6334] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  260.033437][ T6406] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  260.337116][ T6375] team0: Port device team_slave_1 added
[  260.767269][ T6406] team0: Port device team_slave_0 added
[  260.786628][ T6334] hsr_slave_0: entered promiscuous mode
[  260.788376][ T6334] hsr_slave_1: entered promiscuous mode
[  260.789928][ T6334] debugfs: 'hsr0' already exists in 'hsr'
[  260.789959][ T6334] Cannot create hsr debugfs directory
[  260.973076][ T6406] team0: Port device team_slave_1 added
[  260.992702][ T6375] batman_adv: batadv0: Adding interface: batadv_slave_0
[  260.992723][ T6375] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.992753][ T6375] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  261.298693][ T6375] batman_adv: batadv0: Adding interface: batadv_slave_1
[  261.298715][ T6375] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  261.298746][ T6375] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  261.452400][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  261.452488][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  261.696587][ T6406] batman_adv: batadv0: Adding interface: batadv_slave_0
[  261.696613][ T6406] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  261.696643][ T6406] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  261.837660][ T6406] batman_adv: batadv0: Adding interface: batadv_slave_1
[  261.837682][ T6406] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  261.837712][ T6406] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  262.394390][ T6375] hsr_slave_0: entered promiscuous mode
[  262.395748][ T6375] hsr_slave_1: entered promiscuous mode
[  262.396661][ T6375] debugfs: 'hsr0' already exists in 'hsr'
[  262.396686][ T6375] Cannot create hsr debugfs directory
[  262.786566][  T145] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.854185][ T6406] hsr_slave_0: entered promiscuous mode
[  262.855289][ T6406] hsr_slave_1: entered promiscuous mode
[  262.856038][ T6406] debugfs: 'hsr0' already exists in 'hsr'
[  262.856058][ T6406] Cannot create hsr debugfs directory
[  263.290030][  T145] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.790920][  T145] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.179842][  T145] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.986969][ T6334] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  265.114120][ T6334] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  265.176271][ T6334] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  265.271165][ T6334] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  265.543077][  T145] bridge_slave_1: left allmulticast mode
[  265.543116][  T145] bridge_slave_1: left promiscuous mode
[  265.543587][  T145] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.625471][  T145] bridge_slave_0: left allmulticast mode
[  265.625516][  T145] bridge_slave_0: left promiscuous mode
[  265.625819][  T145] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.729012][  T145] bridge_slave_1: left allmulticast mode
[  265.729056][  T145] bridge_slave_1: left promiscuous mode
[  265.729358][  T145] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.822488][  T145] bridge_slave_0: left allmulticast mode
[  265.822532][  T145] bridge_slave_0: left promiscuous mode
[  265.822836][  T145] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.736908][  T145] bond0 (unregistering): Released all slaves
[  268.261554][  T145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  268.321474][  T145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  268.375448][  T145] bond0 (unregistering): Released all slaves
[  268.584068][  T145] bond0 (unregistering): Released all slaves
[  269.172123][   T59] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  269.178030][   T59] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  269.179268][   T59] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  269.180988][   T59] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  269.182686][   T59] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  270.704601][  T145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  270.763168][  T145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  270.786052][  T145] bond0 (unregistering): Released all slaves
[  270.843332][ T6334] kthread_run failed with err -4
[  271.196815][ T6375] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  271.290824][ T5840] Bluetooth: hci5: command tx timeout
[  271.423045][ T6375] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  271.494553][ T6527] lo speed is unknown, defaulting to 1000
[  271.499681][ T6375] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  271.756207][ T6375] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  273.361817][ T5840] Bluetooth: hci5: command tx timeout
[  273.730886][ T6406] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  273.789110][ T6406] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  273.880150][ T6406] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  273.963084][ T6406] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  275.242183][  T145] hsr_slave_0: left promiscuous mode
[  275.280865][  T145] hsr_slave_1: left promiscuous mode
[  275.281681][  T145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  275.281707][  T145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  275.332065][  T145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  275.332099][  T145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  275.440702][ T5840] Bluetooth: hci5: command tx timeout
[  275.562941][  T145] hsr_slave_0: left promiscuous mode
[  275.606359][  T145] hsr_slave_1: left promiscuous mode
[  275.608031][  T145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  275.608067][  T145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  275.662049][  T145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  275.662086][  T145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  275.948715][  T145] veth1_macvtap: left promiscuous mode
[  275.948860][  T145] veth0_macvtap: left promiscuous mode
[  275.949178][  T145] veth1_vlan: left promiscuous mode
[  275.978098][  T145] veth0_vlan: left promiscuous mode
[  276.098292][  T145] veth1_macvtap: left promiscuous mode
[  276.098386][  T145] veth0_macvtap: left promiscuous mode
[  276.098596][  T145] veth1_vlan: left promiscuous mode
[  276.098746][  T145] veth0_vlan: left promiscuous mode
[  277.520833][ T5840] Bluetooth: hci5: command tx timeout
[  279.173426][  T145] team0 (unregistering): Port device team_slave_1 removed
[  279.491709][  T145] team0 (unregistering): Port device team_slave_0 removed
[  284.371629][  T145] team0 (unregistering): Port device team_slave_1 removed
[  284.633103][  T145] team0 (unregistering): Port device team_slave_0 removed
[  287.046049][ T6527] chnl_net:caif_netlink_parms(): no params data found
[  287.719045][ T6527] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.719236][ T6527] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.719601][ T6527] bridge_slave_0: entered allmulticast mode
[  287.745216][ T6527] bridge_slave_0: entered promiscuous mode
[  287.759003][ T6527] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.759205][ T6527] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.759495][ T6527] bridge_slave_1: entered allmulticast mode
[  287.780924][ T6527] bridge_slave_1: entered promiscuous mode
[  288.270032][ T6527] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  288.361956][ T6527] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  288.767251][ T6527] team0: Port device team_slave_0 added
[  288.790058][ T6527] team0: Port device team_slave_1 added
[  288.925418][   T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  288.939581][   T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  288.960307][   T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  288.985001][   T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  288.991742][   T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  289.600195][ T6527] batman_adv: batadv0: Adding interface: batadv_slave_0
[  289.600215][ T6527] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.600240][ T6527] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  289.640830][ T6527] batman_adv: batadv0: Adding interface: batadv_slave_1
[  289.640856][ T6527] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.640890][ T6527] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  289.752231][ T6406] 8021q: adding VLAN 0 to HW filter on device bond0
[  290.099188][ T6527] hsr_slave_0: entered promiscuous mode
[  290.109375][ T6527] hsr_slave_1: entered promiscuous mode
[  290.119780][ T6590] lo speed is unknown, defaulting to 1000
[  290.511233][ T6406] 8021q: adding VLAN 0 to HW filter on device team0
[  290.731971][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.732644][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[  290.910718][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.910881][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[  291.120731][ T5840] Bluetooth: hci0: command tx timeout
[  291.283889][  T145] IPVS: stop unused estimator thread 0...
[  292.749483][ T6590] chnl_net:caif_netlink_parms(): no params data found
[  293.200649][ T5840] Bluetooth: hci0: command tx timeout
[  294.102463][ T6590] bridge0: port 1(bridge_slave_0) entered blocking state
[  294.102617][ T6590] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.102965][ T6590] bridge_slave_0: entered allmulticast mode
[  294.120661][ T6590] bridge_slave_0: entered promiscuous mode
[  294.398669][ T6590] bridge0: port 2(bridge_slave_1) entered blocking state
[  294.398827][ T6590] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.399264][ T6590] bridge_slave_1: entered allmulticast mode
[  294.403868][ T6590] bridge_slave_1: entered promiscuous mode
[  294.816414][ T6590] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  294.874035][ T6590] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  295.078384][ T6527] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  295.280543][ T5840] Bluetooth: hci0: command tx timeout
[  295.457761][ T6527] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  295.499811][ T6590] team0: Port device team_slave_0 added
[  295.520507][ T6527] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  295.563358][ T6590] team0: Port device team_slave_1 added
[  295.615445][ T6527] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  295.881649][ T6590] batman_adv: batadv0: Adding interface: batadv_slave_0
[  295.881669][ T6590] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  295.881698][ T6590] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  295.953200][ T6590] batman_adv: batadv0: Adding interface: batadv_slave_1
[  295.953221][ T6590] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  295.953250][ T6590] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  295.957313][ T6406] 8021q: adding VLAN 0 to HW filter on device batadv0
[  296.296762][  T145] bridge_slave_1: left allmulticast mode
[  296.296879][  T145] bridge_slave_1: left promiscuous mode
[  296.297098][  T145] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.384196][  T145] bridge_slave_0: left allmulticast mode
[  296.384238][  T145] bridge_slave_0: left promiscuous mode
[  296.384571][  T145] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.468658][  T145] bridge_slave_1: left allmulticast mode
[  296.468691][  T145] bridge_slave_1: left promiscuous mode
[  296.468912][  T145] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.532482][  T145] bridge_slave_0: left allmulticast mode
[  296.532525][  T145] bridge_slave_0: left promiscuous mode
[  296.532850][  T145] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.360849][ T5840] Bluetooth: hci0: command tx timeout
[  297.662093][  T145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  297.743620][  T145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  297.805777][  T145] bond0 (unregistering): Released all slaves
[  298.111499][  T145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  298.191670][  T145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  298.256073][  T145] bond0 (unregistering): Released all slaves
[  298.514800][ T6590] hsr_slave_0: entered promiscuous mode
[  298.516352][ T6590] hsr_slave_1: entered promiscuous mode
[  298.517403][ T6590] debugfs: 'hsr0' already exists in 'hsr'
[  298.517430][ T6590] Cannot create hsr debugfs directory
[  299.033739][  T145] hsr_slave_0: left promiscuous mode
[  299.051020][  T145] hsr_slave_1: left promiscuous mode
[  299.055055][  T145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  299.093603][  T145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  299.287400][  T145] hsr_slave_0: left promiscuous mode
[  299.320839][  T145] hsr_slave_1: left promiscuous mode
[  299.321991][  T145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  299.346059][  T145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  300.243932][  T145] team0 (unregistering): Port device team_slave_1 removed
[  300.481005][  T145] team0 (unregistering): Port device team_slave_0 removed
[  300.693132][   T59] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  300.704964][   T59] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  300.714722][   T59] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  300.731676][   T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  300.732587][   T59] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  302.015157][  T145] team0 (unregistering): Port device team_slave_1 removed
[  302.163201][  T145] team0 (unregistering): Port device team_slave_0 removed
[  302.880817][   T59] Bluetooth: hci1: command tx timeout
[  303.319203][ T6650] lo speed is unknown, defaulting to 1000
[  304.414307][ T6527] 8021q: adding VLAN 0 to HW filter on device bond0
[  304.675961][ T6527] 8021q: adding VLAN 0 to HW filter on device team0
[  304.855688][ T3649] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.855835][ T3649] bridge0: port 1(bridge_slave_0) entered forwarding state
[  304.960625][   T59] Bluetooth: hci1: command tx timeout
[  304.994822][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.995132][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  305.339433][ T6650] chnl_net:caif_netlink_parms(): no params data found
[  305.870873][ T6590] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  306.013766][ T6590] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  306.220727][ T6590] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  306.377138][ T6590] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  306.417007][ T6650] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.417273][ T6650] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.417538][ T6650] bridge_slave_0: entered allmulticast mode
[  306.422597][ T6650] bridge_slave_0: entered promiscuous mode
[  306.462035][ T6650] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.462223][ T6650] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.462540][ T6650] bridge_slave_1: entered allmulticast mode
[  306.465720][ T6650] bridge_slave_1: entered promiscuous mode
[  306.802297][ T6650] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  307.040647][   T59] Bluetooth: hci1: command tx timeout
[  307.150133][ T6650] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  307.616297][ T6650] team0: Port device team_slave_0 added
[  307.627423][ T6650] team0: Port device team_slave_1 added
[  308.108882][ T6650] batman_adv: batadv0: Adding interface: batadv_slave_0
[  308.108903][ T6650] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.108929][ T6650] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  308.140174][ T6650] batman_adv: batadv0: Adding interface: batadv_slave_1
[  308.140206][ T6650] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.140239][ T6650] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  308.862619][ T6650] hsr_slave_0: entered promiscuous mode
[  308.882818][ T6650] hsr_slave_1: entered promiscuous mode
[  308.883892][ T6650] debugfs: 'hsr0' already exists in 'hsr'
[  308.883921][ T6650] Cannot create hsr debugfs directory
[  309.120658][   T59] Bluetooth: hci1: command tx timeout
[  309.674658][ T6527] 8021q: adding VLAN 0 to HW filter on device batadv0
[  309.810164][  T145] bridge_slave_1: left allmulticast mode
[  309.810199][  T145] bridge_slave_1: left promiscuous mode
[  309.811690][  T145] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.912990][  T145] bridge_slave_0: left allmulticast mode
[  309.913037][  T145] bridge_slave_0: left promiscuous mode
[  309.913305][  T145] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.592909][  T145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  311.662839][  T145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  311.685514][  T145] bond0 (unregistering): Released all slaves
[  312.227563][  T145] hsr_slave_0: left promiscuous mode
[  312.267654][  T145] hsr_slave_1: left promiscuous mode
[  312.272025][  T145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  312.291729][  T145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  313.527453][  T145] team0 (unregistering): Port device team_slave_1 removed
[  313.731455][  T145] team0 (unregistering): Port device team_slave_0 removed
[  315.984699][ T6590] 8021q: adding VLAN 0 to HW filter on device bond0
[  316.155551][ T6590] 8021q: adding VLAN 0 to HW filter on device team0
[  316.205572][ T3564] bridge0: port 1(bridge_slave_0) entered blocking state
[  316.205889][ T3564] bridge0: port 1(bridge_slave_0) entered forwarding state
[  316.268731][ T3564] bridge0: port 2(bridge_slave_1) entered blocking state
[  316.268890][ T3564] bridge0: port 2(bridge_slave_1) entered forwarding state
[  316.416707][ T6527] veth0_vlan: entered promiscuous mode
[  316.492876][ T6527] veth1_vlan: entered promiscuous mode
[  316.906958][ T6527] veth0_macvtap: entered promiscuous mode
[  317.071477][ T6527] veth1_macvtap: entered promiscuous mode
[  317.367163][ T6527] batman_adv: batadv0: Interface activated: batadv_slave_0
[  317.401729][ T6650] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  317.440305][ T6650] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  317.525606][ T6527] batman_adv: batadv0: Interface activated: batadv_slave_1
[  317.527496][ T6650] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  317.615010][ T6650] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  317.695169][ T6320] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  317.717957][ T6320] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  317.749197][ T6320] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  317.753827][ T6590] 8021q: adding VLAN 0 to HW filter on device batadv0
[  317.772243][ T6320] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  318.524401][  T145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  318.524427][  T145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  318.733557][ T6320] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  318.733582][ T6320] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  318.888322][ T6650] 8021q: adding VLAN 0 to HW filter on device bond0
[  319.036727][ T6590] veth0_vlan: entered promiscuous mode
[  319.059013][ T6650] 8021q: adding VLAN 0 to HW filter on device team0
[  319.546509][ T4527] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.546904][ T4527] bridge0: port 1(bridge_slave_0) entered forwarding state
[  320.638203][ T6762] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  321.487070][ T6590] veth1_vlan: entered promiscuous mode
[  321.615574][ T3564] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.615739][ T3564] bridge0: port 2(bridge_slave_1) entered forwarding state
[  323.240104][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  323.240295][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  323.380866][ T6781] netlink: 452 bytes leftover after parsing attributes in process `syz.0.118'.
[  324.111497][ T6590] veth0_macvtap: entered promiscuous mode
[  324.192623][ T6590] veth1_macvtap: entered promiscuous mode
[  324.419715][ T6590] batman_adv: batadv0: Interface activated: batadv_slave_0
[  324.491377][ T6590] batman_adv: batadv0: Interface activated: batadv_slave_1
[  325.486195][    C0] vkms_vblank_simulate: vblank timer overrun
[  325.499484][ T6794] netlink: 8 bytes leftover after parsing attributes in process `syz.0.109'.
[  326.157261][    C0] vkms_vblank_simulate: vblank timer overrun
[  326.340476][ T3649] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  326.350768][ T3649] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  326.374825][ T4527] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  326.379300][ T4527] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  326.774735][    C0] vkms_vblank_simulate: vblank timer overrun
[  326.836118][    C0] vkms_vblank_simulate: vblank timer overrun
[  326.971221][    C0] vkms_vblank_simulate: vblank timer overrun
[  327.067679][    C0] vkms_vblank_simulate: vblank timer overrun
[  327.139002][    C0] vkms_vblank_simulate: vblank timer overrun
[  327.244974][    C0] vkms_vblank_simulate: vblank timer overrun
[  327.743399][   T38] audit: type=1804 audit(1756225833.166:2): pid=6813 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.5.110" name="/newroot/3/file0" dev="tmpfs" ino=33 res=1 errno=0
[  329.307529][ T3564] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  329.307555][ T3564] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  329.544467][ T6650] 8021q: adding VLAN 0 to HW filter on device batadv0
[  329.850220][    C0] vkms_vblank_simulate: vblank timer overrun
[  330.460168][    C0] vkms_vblank_simulate: vblank timer overrun
[  331.313620][ T4527] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  331.313649][ T4527] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  337.537192][ T6867] hub 8-0:1.0: USB hub found
[  337.548275][ T6867] hub 8-0:1.0: 1 port detected
[  342.564459][ T6894] No source specified
[  343.917539][ T6650] veth0_vlan: entered promiscuous mode
[  344.309158][ T6650] veth1_vlan: entered promiscuous mode
[  349.795367][ T6650] veth0_macvtap: entered promiscuous mode
[  350.030398][ T5920] libceph: connect (1)[c::]:6789 error -101
[  350.111642][ T6912] ceph: No mds server is up or the cluster is laggy
[  350.199041][ T5920] libceph: mon0 (1)[c::]:6789 connect error
[  350.752417][ T3118] libceph: connect (1)[c::]:6789 error -101
[  350.752636][ T3118] libceph: mon0 (1)[c::]:6789 connect error
[  351.311111][ T3118] libceph: connect (1)[c::]:6789 error -101
[  351.311353][ T3118] libceph: mon0 (1)[c::]:6789 connect error
[  351.324654][   T38] audit: type=1326 audit(1756225856.846:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1755ebe9 code=0x7ffc0000
[  351.324713][   T38] audit: type=1326 audit(1756225856.856:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1755ebe9 code=0x7ffc0000
[  351.324955][ T6650] veth1_macvtap: entered promiscuous mode
[  351.330154][   T38] audit: type=1326 audit(1756225856.856:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fab1755ebe9 code=0x7ffc0000
[  351.330214][   T38] audit: type=1326 audit(1756225856.856:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fab1755ec23 code=0x7ffc0000
[  351.330257][   T38] audit: type=1326 audit(1756225856.856:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fab1755ec23 code=0x7ffc0000
[  351.330662][   T38] audit: type=1326 audit(1756225856.856:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1755ebe9 code=0x7ffc0000
[  351.330716][   T38] audit: type=1326 audit(1756225856.856:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1755ebe9 code=0x7ffc0000
[  351.334173][   T38] audit: type=1326 audit(1756225856.866:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fab1755ebe9 code=0x7ffc0000
[  351.334226][   T38] audit: type=1326 audit(1756225856.866:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1755ebe9 code=0x7ffc0000
[  351.334259][   T38] audit: type=1326 audit(1756225856.866:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6917 comm="syz.4.135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab1755ebe9 code=0x7ffc0000
[  351.922889][ T6650] batman_adv: batadv0: Interface activated: batadv_slave_0
[  352.057268][   T44] hid-generic 0005:0C45:1010.0001: item fetching failed at offset 0/1
[  352.058209][   T44] hid-generic 0005:0C45:1010.0001: probe with driver hid-generic failed with error -22
[  354.152318][ T6650] batman_adv: batadv0: Interface activated: batadv_slave_1
[  356.069043][ T6944] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  356.668501][   T13] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  357.010841][   T13] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  357.128677][   T57] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  357.189034][ T3185] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  358.873790][ T6950] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  359.603565][ T6949] warning: `syz.4.140' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  360.116243][ T6955] netlink: 452 bytes leftover after parsing attributes in process `syz.6.141'.
[  360.432819][ T3081] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  360.432839][ T3081] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  363.520729][ T5920] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  364.458711][ T5920] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  364.458753][ T5920] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  364.458805][ T5920] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  364.458830][ T5920] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.564218][ T5920] usb 7-1: config 0 descriptor??
[  367.718587][   T59] Bluetooth: hci3: ISO packet too small
[  368.287346][   T59] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  368.305747][   T59] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  368.308171][   T59] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  368.311216][ T5920] usb 7-1: string descriptor 0 read error: -71
[  368.330736][ T5920] uclogic 0003:256C:006D.0002: failed retrieving string descriptor #200: -71
[  368.330820][ T5920] uclogic 0003:256C:006D.0002: failed retrieving pen parameters: -71
[  368.330839][ T5920] uclogic 0003:256C:006D.0002: failed probing pen v2 parameters: -71
[  368.330892][ T5920] uclogic 0003:256C:006D.0002: failed probing parameters: -71
[  368.331016][ T5920] uclogic 0003:256C:006D.0002: probe with driver uclogic failed with error -71
[  368.409776][   T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  368.541243][   T59] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  369.226222][ T5920] usb 7-1: USB disconnect, device number 2
[  375.693725][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  375.712125][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  375.715099][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  375.720807][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  375.729690][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  375.993024][    C1] vkms_vblank_simulate: vblank timer overrun
[  376.383079][ T7019] binder: 7016:7019 ioctl 4018620d 0 returned -22
[  376.385496][ T7019] binder: 7016:7019 ioctl c0306201 0 returned -14
[  376.389048][    C1] vkms_vblank_simulate: vblank timer overrun
[  376.510908][    C1] vkms_vblank_simulate: vblank timer overrun
[  377.103571][    C1] vkms_vblank_simulate: vblank timer overrun
[  377.372403][    C1] vkms_vblank_simulate: vblank timer overrun
[  377.680665][   T59] Bluetooth: hci1: command tx timeout
[  378.080612][   T59] Bluetooth: hci4: command tx timeout
[  379.702935][ T7031] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  379.702976][ T7031] CIFS mount error: No usable UNC path provided in device string!
[  379.702976][ T7031] 
[  379.703269][ T7031] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  379.760489][   T59] Bluetooth: hci1: command tx timeout
[  380.160476][   T59] Bluetooth: hci4: command tx timeout
[  380.513735][    C1] vkms_vblank_simulate: vblank timer overrun
[  381.926997][   T59] Bluetooth: hci1: command tx timeout
[  382.306624][   T59] Bluetooth: hci4: command tx timeout
[  383.455329][ T7045] netlink: 20 bytes leftover after parsing attributes in process `syz.4.157'.
[  384.264966][   T59] Bluetooth: hci1: command tx timeout
[  389.231572][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  389.237476][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  389.248623][   T59] Bluetooth: hci4: command tx timeout
[  391.731001][ T7062] netlink: 'syz.4.160': attribute type 2 has an invalid length.
[  391.731030][ T7062] netlink: 'syz.4.160': attribute type 1 has an invalid length.
[  391.732088][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.4.160'.
[  392.603720][   T59] Bluetooth: hci5: command 0x0406 tx timeout
[  393.117681][ T7068] CIFS mount error: No usable UNC path provided in device string!
[  393.117681][ T7068] 
[  393.117742][ T7068] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  393.803165][ T6270] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  395.600945][ T6997] lo speed is unknown, defaulting to 1000
[  395.810596][ T7012] lo speed is unknown, defaulting to 1000
[  398.253599][ T6270] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.411772][ T7092] bpq0: entered allmulticast mode
[  399.566848][    C1] vkms_vblank_simulate: vblank timer overrun
[  399.592044][ T7115] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  400.607160][    C1] vkms_vblank_simulate: vblank timer overrun
[  401.085091][ T6270] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.258931][    C1] vkms_vblank_simulate: vblank timer overrun
[  402.172946][ T5840] Bluetooth: hci3: command 0x0406 tx timeout
[  403.426314][    C1] vkms_vblank_simulate: vblank timer overrun
[  405.308845][    C1] vkms_vblank_simulate: vblank timer overrun
[  406.468683][    C1] vkms_vblank_simulate: vblank timer overrun
[  411.436875][ T6270] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  412.668333][   T59] Bluetooth: hci0: command 0x0406 tx timeout
[  417.455189][    C0] vkms_vblank_simulate: vblank timer overrun
[  417.648306][ T7172] kernel profiling enabled (shift: 17)
[  417.656121][ T7172] netlink: zone id is out of range
[  417.656139][ T7172] netlink: zone id is out of range
[  417.656148][ T7172] netlink: zone id is out of range
[  417.656156][ T7172] netlink: zone id is out of range
[  417.656164][ T7172] netlink: zone id is out of range
[  417.656173][ T7172] netlink: zone id is out of range
[  417.656181][ T7172] netlink: zone id is out of range
[  417.656189][ T7172] netlink: zone id is out of range
[  417.656198][ T7172] netlink: zone id is out of range
[  417.656206][ T7172] netlink: zone id is out of range
[  417.741383][    C0] vkms_vblank_simulate: vblank timer overrun
[  418.086190][    C0] vkms_vblank_simulate: vblank timer overrun
[  418.741257][    C0] vkms_vblank_simulate: vblank timer overrun
[  419.765586][    C0] vkms_vblank_simulate: vblank timer overrun
[  421.854491][ T6997] chnl_net:caif_netlink_parms(): no params data found
[  422.224455][ T7199] ptrace attach of "./syz-executor exec"[6527] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  422.731247][ T7200] syz_tun: entered allmulticast mode
[  422.899420][ T6270] bridge_slave_1: left allmulticast mode
[  422.899464][ T6270] bridge_slave_1: left promiscuous mode
[  422.899771][ T6270] bridge0: port 2(bridge_slave_1) entered disabled state
[  423.112479][ T6270] bridge_slave_0: left allmulticast mode
[  423.112523][ T6270] bridge_slave_0: left promiscuous mode
[  423.112902][ T6270] bridge0: port 1(bridge_slave_0) entered disabled state
[  425.822430][   T59] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  425.849036][   T59] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  425.890636][   T59] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  425.960576][   T59] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  426.062189][   T59] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  427.443893][   T59] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  427.457515][   T59] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  427.463623][   T59] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  427.473185][   T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  427.479402][   T59] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  428.121468][ T6270] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  428.160940][   T59] Bluetooth: hci2: command tx timeout
[  428.217205][ T6270] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  428.236655][ T6270] bond0 (unregistering): Released all slaves
[  428.396466][ T7196] syz_tun: left allmulticast mode
[  429.620517][   T59] Bluetooth: hci1: command tx timeout
[  430.796780][   T59] Bluetooth: hci2: command tx timeout
[  430.877133][    C1] vkms_vblank_simulate: vblank timer overrun
[  431.111933][    C1] vkms_vblank_simulate: vblank timer overrun
[  431.565089][    C1] vkms_vblank_simulate: vblank timer overrun
[  431.886396][    C1] vkms_vblank_simulate: vblank timer overrun
[  432.596185][   T59] Bluetooth: hci1: command tx timeout
[  432.606370][    C1] vkms_vblank_simulate: vblank timer overrun
[  432.887430][   T59] Bluetooth: hci2: command tx timeout
[  432.980564][    C1] vkms_vblank_simulate: vblank timer overrun
[  433.747352][    C1] vkms_vblank_simulate: vblank timer overrun
[  434.641986][   T59] Bluetooth: hci1: command tx timeout
[  434.924208][ T7219] lo speed is unknown, defaulting to 1000
[  434.960480][   T59] Bluetooth: hci2: command tx timeout
[  435.222638][    C1] vkms_vblank_simulate: vblank timer overrun
[  435.840315][    C1] vkms_vblank_simulate: vblank timer overrun
[  435.919772][    C1] vkms_vblank_simulate: vblank timer overrun
[  436.040037][ T7222] lo speed is unknown, defaulting to 1000
[  436.720532][   T59] Bluetooth: hci1: command tx timeout
[  441.341221][ T7277] CIFS mount error: No usable UNC path provided in device string!
[  441.341221][ T7277] 
[  441.341462][ T7277] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  445.336948][ T7291] block nbd6: Attempted send on invalid socket
[  445.336977][ T7291] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  445.356971][ T7291] (syz.6.199,7291,0):ocfs2_get_sector:1714 ERROR: status = -5
[  445.357146][ T7291] (syz.6.199,7291,0):ocfs2_sb_probe:753 ERROR: status = -5
[  445.357172][ T7291] (syz.6.199,7291,0):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  445.357315][ T7291] (syz.6.199,7291,0):ocfs2_fill_super:1177 ERROR: status = -5
[  445.769177][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  445.769436][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  453.422371][ T7327] tmpfs: Bad value for 'mpol'
[  456.882652][ T6270] hsr_slave_0: left promiscuous mode
[  457.350404][ T7342] Bluetooth: MGMT ver 1.23
[  458.541930][ T6270] hsr_slave_1: left promiscuous mode
[  458.543068][ T6270] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  458.543099][ T6270] batman_adv: batadv0: Removing interface: batadv_slave_0
[  459.955931][ T7349] netlink: 8 bytes leftover after parsing attributes in process `syz.5.209'.
[  459.981550][ T7349] netlink: 68 bytes leftover after parsing attributes in process `syz.5.209'.
[  460.066061][ T7347] netlink: 'syz.5.209': attribute type 1 has an invalid length.
[  460.066339][ T7347] netlink: 4 bytes leftover after parsing attributes in process `syz.5.209'.
[  460.472401][ T6270] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  460.472440][ T6270] batman_adv: batadv0: Removing interface: batadv_slave_1
[  461.180076][ T6270] veth1_macvtap: left promiscuous mode
[  461.180214][ T6270] veth0_macvtap: left promiscuous mode
[  461.196647][ T6270] veth1_vlan: left promiscuous mode
[  461.196813][ T6270] veth0_vlan: left promiscuous mode
[  461.608123][ T7358] netlink: 4 bytes leftover after parsing attributes in process `syz.6.210'.
[  464.171859][ T6270] team0 (unregistering): Port device team_slave_1 removed
[  464.461779][ T6270] team0 (unregistering): Port device team_slave_0 removed
[  468.552549][ T7219] chnl_net:caif_netlink_parms(): no params data found
[  474.310833][ T7394] overlayfs: failed to resolve './file0': -2
[  479.379837][ T7394] netlink: 76 bytes leftover after parsing attributes in process `syz.5.219'.
[  479.570123][ T7219] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.636651][   T44] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  479.660423][ T7219] bridge0: port 1(bridge_slave_0) entered disabled state
[  479.660737][ T7219] bridge_slave_0: entered allmulticast mode
[  479.687088][ T7219] bridge_slave_0: entered promiscuous mode
[  479.723795][ T7219] bridge0: port 2(bridge_slave_1) entered blocking state
[  479.723958][ T7219] bridge0: port 2(bridge_slave_1) entered disabled state
[  479.724247][ T7219] bridge_slave_1: entered allmulticast mode
[  479.739290][ T7219] bridge_slave_1: entered promiscuous mode
[  481.258292][ T7422] block nbd5: Attempted send on invalid socket
[  481.258319][ T7422] I/O error, dev nbd5, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  481.258623][ T7422] block nbd5: Attempted send on invalid socket
[  481.258641][ T7422] I/O error, dev nbd5, sector 120 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  481.258742][ T7422] Mount JFS Failure: -5
[  483.325793][ T7222] chnl_net:caif_netlink_parms(): no params data found
[  486.264662][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  486.287420][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  486.299959][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  486.326090][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  486.328097][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  486.996774][   T38] kauditd_printk_skb: 18 callbacks suppressed
[  486.996834][   T38] audit: type=1326 audit(1756225992.526:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7442 comm="syz.6.227" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f35b00cebe9 code=0x0
[  487.942113][    C0] vkms_vblank_simulate: vblank timer overrun
[  488.442975][    C0] vkms_vblank_simulate: vblank timer overrun
[  488.490545][    C0] vkms_vblank_simulate: vblank timer overrun
[  488.605770][ T5840] Bluetooth: hci4: command tx timeout
[  488.799959][    C0] vkms_vblank_simulate: vblank timer overrun
[  489.835320][    C0] vkms_vblank_simulate: vblank timer overrun
[  490.088231][    C0] vkms_vblank_simulate: vblank timer overrun
[  490.172142][    C0] vkms_vblank_simulate: vblank timer overrun
[  490.640390][ T5840] Bluetooth: hci4: command tx timeout
[  492.720519][ T5840] Bluetooth: hci4: command tx timeout
[  493.865429][ T7463] lo speed is unknown, defaulting to 1000
[  494.800550][ T5840] Bluetooth: hci4: command tx timeout
[  495.523546][   T59] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  495.761642][   T59] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  495.797588][   T59] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  495.885278][   T38] audit: type=1326 audit(1756226001.386:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7492 comm="syz.6.232" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f35b00cebe9 code=0x0
[  497.800222][   T59] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  498.112472][   T59] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  499.201724][ T7505] binder: BINDER_SET_CONTEXT_MGR already set
[  499.201738][ T7505] binder: 7501:7505 ioctl 4018620d 2000000000c0 returned -16
[  500.302243][   T59] Bluetooth: hci2: command tx timeout
[  501.079926][    C0] vkms_vblank_simulate: vblank timer overrun
[  501.392436][    C0] vkms_vblank_simulate: vblank timer overrun
[  501.592224][    C0] vkms_vblank_simulate: vblank timer overrun
[  501.831549][    C0] vkms_vblank_simulate: vblank timer overrun
[  501.905999][    C0] vkms_vblank_simulate: vblank timer overrun
[  501.963056][    C0] vkms_vblank_simulate: vblank timer overrun
[  502.046670][    C0] vkms_vblank_simulate: vblank timer overrun
[  502.175772][    C0] vkms_vblank_simulate: vblank timer overrun
[  502.447149][    C0] vkms_vblank_simulate: vblank timer overrun
[  502.449701][   T59] Bluetooth: hci2: command tx timeout
[  502.630998][ T7534] netlink: 80 bytes leftover after parsing attributes in process `syz.4.237'.
[  503.033266][    C0] vkms_vblank_simulate: vblank timer overrun
[  503.267524][    C0] vkms_vblank_simulate: vblank timer overrun
[  503.431760][    C0] vkms_vblank_simulate: vblank timer overrun
[  503.475194][ T7534] XFS (nullb0): Invalid superblock magic number
[  503.486422][    C0] vkms_vblank_simulate: vblank timer overrun
[  503.541267][    C0] vkms_vblank_simulate: vblank timer overrun
[  504.145037][    C0] vkms_vblank_simulate: vblank timer overrun
[  504.283133][    C0] vkms_vblank_simulate: vblank timer overrun
[  504.377110][    C0] vkms_vblank_simulate: vblank timer overrun
[  504.506956][    C0] vkms_vblank_simulate: vblank timer overrun
[  504.513867][   T59] Bluetooth: hci2: command tx timeout
[  504.587741][    C0] vkms_vblank_simulate: vblank timer overrun
[  505.756506][    C0] vkms_vblank_simulate: vblank timer overrun
[  506.807903][    C0] vkms_vblank_simulate: vblank timer overrun
[  506.811495][   T59] Bluetooth: hci2: command tx timeout
[  506.891400][ T6270] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  506.903523][    C0] vkms_vblank_simulate: vblank timer overrun
[  507.050074][    C0] vkms_vblank_simulate: vblank timer overrun
[  507.210293][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  507.210441][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  507.488701][    C0] vkms_vblank_simulate: vblank timer overrun
[  508.411249][    C0] vkms_vblank_simulate: vblank timer overrun
[  508.435904][    C0] vkms_vblank_simulate: vblank timer overrun
[  508.609484][    C0] vkms_vblank_simulate: vblank timer overrun
[  509.209756][ T6270] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  510.359120][ T7572] netlink: 'syz.5.244': attribute type 1 has an invalid length.
[  510.359163][ T7572] netlink: 4 bytes leftover after parsing attributes in process `syz.5.244'.
[  510.896770][ T7493] lo speed is unknown, defaulting to 1000
[  515.379565][ T6270] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.702955][ T6270] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.710856][ T7616] netlink: 28 bytes leftover after parsing attributes in process `syz.5.250'.
[  519.711010][ T7616] netlink: 32 bytes leftover after parsing attributes in process `syz.5.250'.
[  519.711031][ T7616] netlink: 28 bytes leftover after parsing attributes in process `syz.5.250'.
[  527.363540][ T7463] chnl_net:caif_netlink_parms(): no params data found
[  527.966926][ T7493] chnl_net:caif_netlink_parms(): no params data found
[  532.666837][ T7686] IPVS: set_ctl: invalid protocol: 29 0.0.0.0:20000
[  534.321252][ T7689] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  534.605776][ T6270] bridge_slave_1: left allmulticast mode
[  534.605810][ T6270] bridge_slave_1: left promiscuous mode
[  534.606055][ T6270] bridge0: port 2(bridge_slave_1) entered disabled state
[  534.743862][ T6270] bridge_slave_0: left allmulticast mode
[  534.743905][ T6270] bridge_slave_0: left promiscuous mode
[  534.744254][ T6270] bridge0: port 1(bridge_slave_0) entered disabled state
[  535.548977][ T7697] netlink: 'syz.4.263': attribute type 4 has an invalid length.
[  535.548995][ T7697] netlink: 152 bytes leftover after parsing attributes in process `syz.4.263'.
[  537.149137][ T6270] bond0 (unregistering): Released all slaves
[  538.009377][ T6270] bond0 (unregistering): Released all slaves
[  542.861734][ T7721] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  542.862079][ T7721] (syz.6.267,7721,1):ocfs2_get_sector:1714 ERROR: status = -5
[  542.862099][ T7721] (syz.6.267,7721,1):ocfs2_sb_probe:753 ERROR: status = -5
[  542.862115][ T7721] (syz.6.267,7721,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  542.862130][ T7721] (syz.6.267,7721,1):ocfs2_fill_super:1177 ERROR: status = -5
[  543.254409][ T6270] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  543.662152][ T6270] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  543.776258][ T6270] bond0 (unregistering): Released all slaves
[  543.917661][ T7697] : renamed from bond0 (while UP)
[  544.019395][ T7724] netlink: 800 bytes leftover after parsing attributes in process `syz.6.268'.
[  544.019431][ T7724] netlink: 1301 bytes leftover after parsing attributes in process `syz.6.268'.
[  544.668076][ T7732] netlink: 36 bytes leftover after parsing attributes in process `syz.5.269'.
[  547.048110][ T3615] Bluetooth: hci1: Frame reassembly failed (-84)
[  548.398851][ T7750] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  548.939606][ T7746] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  549.051240][ T5840] Bluetooth: hci1: command 0x1003 tx timeout
[  549.052318][   T59] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  556.491057][    C0] vkms_vblank_simulate: vblank timer overrun
[  556.662042][    C0] vkms_vblank_simulate: vblank timer overrun
[  557.715269][ T7763] smb3: Unexpected value for 'rdma'
[  557.848704][    C0] vkms_vblank_simulate: vblank timer overrun
[  558.059545][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  558.108954][ T7770] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  558.133169][    C0] vkms_vblank_simulate: vblank timer overrun
[  558.135011][ T7770] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  558.159407][ T7770] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  558.164337][ T7770] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  558.193567][ T7770] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  558.217399][ T7770] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  558.250937][ T7770] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  558.287271][ T7772] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  558.299340][ T7772] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  558.717232][    C0] vkms_vblank_simulate: vblank timer overrun
[  559.595318][ T7777] Bluetooth: hci4: Frame reassembly failed (-84)
[  559.610560][    C0] vkms_vblank_simulate: vblank timer overrun
[  559.674214][  T145] Bluetooth: hci4: Frame reassembly failed (-84)
[  559.733627][    C0] vkms_vblank_simulate: vblank timer overrun
[  560.448914][ T5840] Bluetooth: hci2: command tx timeout
[  560.449755][ T5840] Bluetooth: hci1: command tx timeout
[  561.592801][    C0] vkms_vblank_simulate: vblank timer overrun
[  561.721825][ T7772] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  561.825078][    C0] vkms_vblank_simulate: vblank timer overrun
[  562.490450][ T7772] Bluetooth: hci1: command tx timeout
[  562.490495][ T7772] Bluetooth: hci2: command tx timeout
[  562.728059][ T7767] lo speed is unknown, defaulting to 1000
[  564.093723][    C0] vkms_vblank_simulate: vblank timer overrun
[  564.224611][    C0] vkms_vblank_simulate: vblank timer overrun
[  564.233367][ T7794] batadv_slave_1: entered promiscuous mode
[  564.371980][    C0] vkms_vblank_simulate: vblank timer overrun
[  564.495315][ T7795] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[  564.495356][ T7795] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[  564.495376][ T7795] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  564.520975][   T38] audit: type=1800 audit(1756226070.026:33): pid=7795 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.5.282" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  564.521164][    C0] vkms_vblank_simulate: vblank timer overrun
[  564.560637][ T7772] Bluetooth: hci1: command tx timeout
[  564.563482][   T59] Bluetooth: hci2: command tx timeout
[  564.636114][ T7797] batadv_slave_1: left promiscuous mode
[  564.639349][ T7768] lo speed is unknown, defaulting to 1000
[  564.874688][ T7803] input input6: cannot allocate more than FF_MAX_EFFECTS effects
[  565.603408][ T7803] input: syz0 as /devices/virtual/input/input7
[  566.640692][   T59] Bluetooth: hci1: command tx timeout
[  566.650550][   T59] Bluetooth: hci2: command tx timeout
[  568.454395][ T7820] netlink: 'syz.4.286': attribute type 11 has an invalid length.
[  568.454480][ T7820] netlink: 224 bytes leftover after parsing attributes in process `syz.4.286'.
[  569.185861][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  569.186218][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  569.337443][ T7824] capability: warning: `syz.6.287' uses 32-bit capabilities (legacy support in use)
[  570.546393][ T6270] hsr_slave_0: left promiscuous mode
[  570.590684][ T6270] hsr_slave_1: left promiscuous mode
[  570.596509][ T6270] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  570.596651][ T6270] batman_adv: batadv0: Removing interface: batadv_slave_0
[  570.804569][ T6270] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  570.804603][ T6270] batman_adv: batadv0: Removing interface: batadv_slave_1
[  571.111918][ T6270] veth1_macvtap: left promiscuous mode
[  571.112053][ T6270] veth0_macvtap: left promiscuous mode
[  571.112365][ T6270] veth1_vlan: left promiscuous mode
[  571.112600][ T6270] veth0_vlan: left promiscuous mode
[  574.804348][ T7839] loop8: detected capacity change from 0 to 7
[  575.095339][ T7839] Dev loop8: unable to read RDB block 7
[  575.095384][ T7839]  loop8: AHDI p1 p2 p3
[  575.095426][ T7839] loop8: partition table partially beyond EOD, truncated
[  575.095774][ T7839] loop8: p1 start 1601398130 is beyond EOD, truncated
[  575.095796][ T7839] loop8: p2 start 1702059890 is beyond EOD, truncated
[  577.721296][ T6270] team0 (unregistering): Port device team_slave_1 removed
[  578.011405][ T6270] team0 (unregistering): Port device team_slave_0 removed
[  581.625921][    T9] lo speed is unknown, defaulting to 1000
[  581.626072][    T9] s: Port: 1 Link DOWN
[  582.249774][ T7847] hugetlbfs: syz.4.291 (7847): Using mlock ulimits for SHM_HUGETLB is obsolete
[  582.795227][ T7850] overlayfs: missing 'lowerdir'
[  583.299067][ T7852] Mount JFS Failure: -22
[  593.058322][ T7861] netlink: 132 bytes leftover after parsing attributes in process `syz.4.294'.
[  594.840935][ T7870] netlink: 4 bytes leftover after parsing attributes in process `syz.4.296'.
[  595.675633][ T7772] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  595.700774][ T7772] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  595.861790][ T7772] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  595.888062][ T7772] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  595.900924][ T7772] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  597.384648][ T7884] usb usb1: usbfs: interface 0 claimed by hub while 'syz.6.298' sets config #0
[  597.385003][ T7884] usb usb1: usbfs: interface 0 claimed by hub while 'syz.6.298' sets config #1
[  598.432768][ T7772] Bluetooth: hci4: command tx timeout
[  599.695045][ T7894] delete_channel: no stack
[  599.835596][ T7896] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  599.995099][ T7768] chnl_net:caif_netlink_parms(): no params data found
[  600.222551][ T7767] chnl_net:caif_netlink_parms(): no params data found
[  600.552554][ T7772] Bluetooth: hci4: command tx timeout
[  601.686929][ T7910] netlink: 8 bytes leftover after parsing attributes in process `syz.6.302'.
[  602.012082][ T7908] netlink: 8 bytes leftover after parsing attributes in process `syz.6.302'.
[  602.621834][ T7772] Bluetooth: hci4: command tx timeout
[  605.178570][ T7772] Bluetooth: hci4: command tx timeout
[  605.938771][ T7768] bridge0: port 1(bridge_slave_0) entered blocking state
[  605.939038][ T7768] bridge0: port 1(bridge_slave_0) entered disabled state
[  605.939331][ T7768] bridge_slave_0: entered allmulticast mode
[  605.963525][ T7768] bridge_slave_0: entered promiscuous mode
[  606.006640][ T7768] bridge0: port 2(bridge_slave_1) entered blocking state
[  606.006835][ T7768] bridge0: port 2(bridge_slave_1) entered disabled state
[  606.007095][ T7768] bridge_slave_1: entered allmulticast mode
[  606.013027][ T7768] bridge_slave_1: entered promiscuous mode
[  608.529150][ T7768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  609.472693][ T7946] netlink: 8 bytes leftover after parsing attributes in process `syz.6.309'.
[  609.555514][ T7946] IPVS: Error joining to the multicast group
[  612.554115][   T59] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  612.571255][   T59] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  612.585492][   T59] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  612.592369][   T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  612.595655][   T59] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  612.684185][ T5840] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  612.705172][ T5840] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  612.724577][ T5840] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  612.764294][ T5840] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  612.789611][ T5840] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  614.494416][ T7965] syz.4.311 (7965) used greatest stack depth: 16872 bytes left
[  614.495492][    C1] vkms_vblank_simulate: vblank timer overrun
[  614.807401][    C1] vkms_vblank_simulate: vblank timer overrun
[  614.807614][ T7772] Bluetooth: hci1: command tx timeout
[  614.880484][ T7772] Bluetooth: hci5: command tx timeout
[  615.246243][    C1] vkms_vblank_simulate: vblank timer overrun
[  615.411281][    C1] vkms_vblank_simulate: vblank timer overrun
[  615.715533][    C1] vkms_vblank_simulate: vblank timer overrun
[  615.737999][    C1] vkms_vblank_simulate: vblank timer overrun
[  615.804324][    C1] vkms_vblank_simulate: vblank timer overrun
[  616.401298][ T7973] block nbd4: Attempted send on invalid socket
[  616.401381][ T7973] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  616.403885][ T7973] (syz.4.312,7973,1):ocfs2_get_sector:1714 ERROR: status = -5
[  616.403917][ T7973] (syz.4.312,7973,1):ocfs2_sb_probe:753 ERROR: status = -5
[  616.404433][ T7973] (syz.4.312,7973,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  616.404512][ T7973] (syz.4.312,7973,1):ocfs2_fill_super:1177 ERROR: status = -5
[  616.905709][ T7772] Bluetooth: hci1: command tx timeout
[  616.964599][ T5840] Bluetooth: hci5: command tx timeout
[  619.050882][ T7772] Bluetooth: hci1: command tx timeout
[  619.051029][ T5840] Bluetooth: hci5: command tx timeout
[  619.584270][    C1] vkms_vblank_simulate: vblank timer overrun
[  619.647814][ T6270] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  620.098341][ T6270] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  620.255237][ T7871] chnl_net:caif_netlink_parms(): no params data found
[  620.394557][    C1] vkms_vblank_simulate: vblank timer overrun
[  620.443407][ T6270] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  620.804040][ T6270] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  621.135999][ T5840] Bluetooth: hci5: command tx timeout
[  621.136066][ T7772] Bluetooth: hci1: command tx timeout
[  621.344110][ T7871] bridge0: port 1(bridge_slave_0) entered blocking state
[  621.344431][ T7871] bridge0: port 1(bridge_slave_0) entered disabled state
[  621.345116][ T7871] bridge_slave_0: entered allmulticast mode
[  621.350030][ T7871] bridge_slave_0: entered promiscuous mode
[  621.504280][ T7871] bridge0: port 2(bridge_slave_1) entered blocking state
[  621.504430][ T7871] bridge0: port 2(bridge_slave_1) entered disabled state
[  621.505016][ T7871] bridge_slave_1: entered allmulticast mode
[  621.508714][ T7871] bridge_slave_1: entered promiscuous mode
[  621.881944][ T7871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  622.021992][ T7871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  622.532540][ T7871] team0: Port device team_slave_0 added
[  622.555004][ T7959] chnl_net:caif_netlink_parms(): no params data found
[  622.579971][ T6270] bridge_slave_1: left allmulticast mode
[  622.580013][ T6270] bridge_slave_1: left promiscuous mode
[  622.594827][ T6270] bridge0: port 2(bridge_slave_1) entered disabled state
[  622.662002][ T6270] bridge_slave_0: left allmulticast mode
[  622.662045][ T6270] bridge_slave_0: left promiscuous mode
[  622.662333][ T6270] bridge0: port 1(bridge_slave_0) entered disabled state
[  622.754828][ T6270] bridge_slave_1: left allmulticast mode
[  622.754871][ T6270] bridge_slave_1: left promiscuous mode
[  622.755178][ T6270] bridge0: port 2(bridge_slave_1) entered disabled state
[  622.832495][ T6270] bridge_slave_0: left allmulticast mode
[  622.832537][ T6270] bridge_slave_0: left promiscuous mode
[  622.832854][ T6270] bridge0: port 1(bridge_slave_0) entered disabled state
[  623.401630][ T6270] bond0 (unregistering): Released all slaves
[  625.830898][ T6270] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  625.894371][ T6270] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  625.921181][ T6270] bond0 (unregistering): Released all slaves
[  626.143652][ T6270] bond0 (unregistering): Released all slaves
[  626.343704][ T6270] bond0 (unregistering): Released all slaves
[  626.552276][ T6270] bond0 (unregistering): Released all slaves
[  626.751367][ T6270] bond0 (unregistering): Released all slaves
[  626.814942][ T7871] team0: Port device team_slave_1 added
[  626.815970][ T7957] chnl_net:caif_netlink_parms(): no params data found
[  627.557847][ T7871] batman_adv: batadv0: Adding interface: batadv_slave_0
[  627.557866][ T7871] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  627.557890][ T7871] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  627.850591][ T7871] batman_adv: batadv0: Adding interface: batadv_slave_1
[  627.850607][ T7871] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  627.850628][ T7871] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  629.192115][ T7959] bridge0: port 1(bridge_slave_0) entered blocking state
[  629.192379][ T7959] bridge0: port 1(bridge_slave_0) entered disabled state
[  629.192612][ T7959] bridge_slave_0: entered allmulticast mode
[  629.199230][ T7959] bridge_slave_0: entered promiscuous mode
[  629.377192][ T7957] bridge0: port 1(bridge_slave_0) entered blocking state
[  629.377363][ T7957] bridge0: port 1(bridge_slave_0) entered disabled state
[  629.377687][ T7957] bridge_slave_0: entered allmulticast mode
[  629.382585][ T7957] bridge_slave_0: entered promiscuous mode
[  629.393351][ T7959] bridge0: port 2(bridge_slave_1) entered blocking state
[  629.393487][ T7959] bridge0: port 2(bridge_slave_1) entered disabled state
[  629.393769][ T7959] bridge_slave_1: entered allmulticast mode
[  629.399930][ T7959] bridge_slave_1: entered promiscuous mode
[  629.416066][ T7871] hsr_slave_0: entered promiscuous mode
[  629.417906][ T7871] hsr_slave_1: entered promiscuous mode
[  629.430452][ T7871] debugfs: 'hsr0' already exists in 'hsr'
[  629.430489][ T7871] Cannot create hsr debugfs directory
[  629.435748][ T7957] bridge0: port 2(bridge_slave_1) entered blocking state
[  629.435926][ T7957] bridge0: port 2(bridge_slave_1) entered disabled state
[  629.436410][ T7957] bridge_slave_1: entered allmulticast mode
[  629.452082][ T7957] bridge_slave_1: entered promiscuous mode
[  630.091790][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  630.091858][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  630.216056][ T7959] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  630.233426][ T7957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  630.255822][ T7959] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  630.263943][ T7957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  630.842262][ T7959] team0: Port device team_slave_0 added
[  630.846104][ T7957] team0: Port device team_slave_0 added
[  630.873342][ T7959] team0: Port device team_slave_1 added
[  630.877627][ T7957] team0: Port device team_slave_1 added
[  631.232916][ T7959] batman_adv: batadv0: Adding interface: batadv_slave_0
[  631.232934][ T7959] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  631.232963][ T7959] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  631.236817][ T7957] batman_adv: batadv0: Adding interface: batadv_slave_0
[  631.236836][ T7957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  631.236862][ T7957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  631.412680][ T7959] batman_adv: batadv0: Adding interface: batadv_slave_1
[  631.412698][ T7959] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  631.412725][ T7959] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  631.415886][ T7957] batman_adv: batadv0: Adding interface: batadv_slave_1
[  631.415901][ T7957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  631.415928][ T7957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  631.570608][ T6270] hsr_slave_0: left promiscuous mode
[  631.621957][ T6270] hsr_slave_1: left promiscuous mode
[  631.623912][ T6270] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  631.623943][ T6270] batman_adv: batadv0: Removing interface: batadv_slave_0
[  631.661985][ T6270] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  631.662018][ T6270] batman_adv: batadv0: Removing interface: batadv_slave_1
[  631.838331][ T6270] veth1_macvtap: left promiscuous mode
[  631.838475][ T6270] veth0_macvtap: left promiscuous mode
[  631.838804][ T6270] veth1_vlan: left promiscuous mode
[  631.839029][ T6270] veth0_vlan: left promiscuous mode
[  635.291507][ T6270] team0 (unregistering): Port device team_slave_1 removed
[  635.622620][ T6270] team0 (unregistering): Port device team_slave_0 removed
[  641.237694][ T7959] hsr_slave_0: entered promiscuous mode
[  641.239359][ T7959] hsr_slave_1: entered promiscuous mode
[  641.270081][ T7957] hsr_slave_0: entered promiscuous mode
[  641.273483][ T7957] hsr_slave_1: entered promiscuous mode
[  641.274883][ T7957] debugfs: 'hsr0' already exists in 'hsr'
[  641.274920][ T7957] Cannot create hsr debugfs directory
[  642.461896][ T7871] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  642.654202][ T7871] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  642.824509][ T7871] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  643.030679][ T7871] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  644.399281][ T7871] 8021q: adding VLAN 0 to HW filter on device bond0
[  644.830556][ T7871] 8021q: adding VLAN 0 to HW filter on device team0
[  644.856209][ T3081] bridge0: port 1(bridge_slave_0) entered blocking state
[  644.856837][ T3081] bridge0: port 1(bridge_slave_0) entered forwarding state
[  644.948425][  T145] bridge0: port 2(bridge_slave_1) entered blocking state
[  644.948581][  T145] bridge0: port 2(bridge_slave_1) entered forwarding state
[  646.203578][ T7959] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  646.302690][ T7959] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  646.362646][ T7959] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  646.460309][ T7959] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  646.837476][ T7871] 8021q: adding VLAN 0 to HW filter on device batadv0
[  647.110344][ T7957] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  647.179180][ T7957] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  647.300652][ T7957] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  647.384118][ T7957] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  647.889760][ T7871] veth0_vlan: entered promiscuous mode
[  648.105565][ T7959] 8021q: adding VLAN 0 to HW filter on device bond0
[  648.106175][ T6270] bridge_slave_1: left allmulticast mode
[  648.106272][ T6270] bridge_slave_1: left promiscuous mode
[  648.106564][ T6270] bridge0: port 2(bridge_slave_1) entered disabled state
[  648.202191][ T6270] bridge_slave_0: left allmulticast mode
[  648.202226][ T6270] bridge_slave_0: left promiscuous mode
[  648.202552][ T6270] bridge0: port 1(bridge_slave_0) entered disabled state
[  648.599196][ T6270] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  648.658758][ T6270] bond0 (unregistering): Released all slaves
[  648.697305][ T7871] veth1_vlan: entered promiscuous mode
[  648.829586][ T7959] 8021q: adding VLAN 0 to HW filter on device team0
[  648.891310][ T4527] bridge0: port 1(bridge_slave_0) entered blocking state
[  648.891681][ T4527] bridge0: port 1(bridge_slave_0) entered forwarding state
[  648.912875][   T67] bridge0: port 2(bridge_slave_1) entered blocking state
[  648.914138][   T67] bridge0: port 2(bridge_slave_1) entered forwarding state
[  648.929841][ T7957] 8021q: adding VLAN 0 to HW filter on device bond0
[  648.999076][ T7871] veth0_macvtap: entered promiscuous mode
[  649.429409][ T7871] veth1_macvtap: entered promiscuous mode
[  649.458853][ T7957] 8021q: adding VLAN 0 to HW filter on device team0
[  649.498080][  T145] bridge0: port 1(bridge_slave_0) entered blocking state
[  649.498373][  T145] bridge0: port 1(bridge_slave_0) entered forwarding state
[  649.535893][   T67] bridge0: port 2(bridge_slave_1) entered blocking state
[  649.536056][   T67] bridge0: port 2(bridge_slave_1) entered forwarding state
[  649.593741][ T7871] batman_adv: batadv0: Interface activated: batadv_slave_0
[  649.707622][ T7871] batman_adv: batadv0: Interface activated: batadv_slave_1
[  649.716386][ T7959] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  649.841499][   T67] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  649.844628][ T3591] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  649.845482][ T3591] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  649.846787][ T3591] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  650.843610][   T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  650.843635][   T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  650.898709][ T7959] 8021q: adding VLAN 0 to HW filter on device batadv0
[  651.007265][  T145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  651.007289][  T145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  651.161351][ T7957] 8021q: adding VLAN 0 to HW filter on device batadv0
[  652.438859][    C1] vkms_vblank_simulate: vblank timer overrun
[  652.871445][    C1] vkms_vblank_simulate: vblank timer overrun
[  653.083706][    C1] vkms_vblank_simulate: vblank timer overrun
[  654.028054][    C1] vkms_vblank_simulate: vblank timer overrun
[  654.436017][ T8115] netlink: 8 bytes leftover after parsing attributes in process `syz.6.316'.
[  654.516968][    C1] vkms_vblank_simulate: vblank timer overrun
[  654.712107][    C1] vkms_vblank_simulate: vblank timer overrun
[  654.795235][    C1] vkms_vblank_simulate: vblank timer overrun
[  654.828882][    C1] vkms_vblank_simulate: vblank timer overrun
[  654.985898][    C1] vkms_vblank_simulate: vblank timer overrun
[  655.276852][    C1] vkms_vblank_simulate: vblank timer overrun
[  655.725945][    C1] vkms_vblank_simulate: vblank timer overrun
[  656.166440][ T8120] macsec1: entered allmulticast mode
[  656.166464][ T8120] macvlan1: entered allmulticast mode
[  656.166478][ T8120] veth1_vlan: entered allmulticast mode
[  656.729241][    C1] vkms_vblank_simulate: vblank timer overrun
[  657.311325][ T8125] Bluetooth: hci0: Opcode 0x080f failed: -4
[  657.372976][ T8120] macvlan1: left allmulticast mode
[  657.373002][ T8120] veth1_vlan: left allmulticast mode
[  657.707006][    C1] vkms_vblank_simulate: vblank timer overrun
[  661.081308][    C1] vkms_vblank_simulate: vblank timer overrun
[  661.134925][ T7772] Bluetooth: hci0: command 0x0406 tx timeout
[  661.153144][    C1] vkms_vblank_simulate: vblank timer overrun
[  661.500024][ T7957] veth0_vlan: entered promiscuous mode
[  661.778934][    C1] vkms_vblank_simulate: vblank timer overrun
[  662.645303][    C1] vkms_vblank_simulate: vblank timer overrun
[  662.738057][    C1] vkms_vblank_simulate: vblank timer overrun
[  662.863005][ T7957] veth1_vlan: entered promiscuous mode
[  663.788520][    C1] vkms_vblank_simulate: vblank timer overrun
[  663.827818][ T7959] veth0_vlan: entered promiscuous mode
[  664.284567][    C1] vkms_vblank_simulate: vblank timer overrun
[  664.373338][    C1] vkms_vblank_simulate: vblank timer overrun
[  664.748335][    C1] vkms_vblank_simulate: vblank timer overrun
[  665.384440][ T7959] veth1_vlan: entered promiscuous mode
[  665.553997][ T7957] veth0_macvtap: entered promiscuous mode
[  665.601344][ T7957] veth1_macvtap: entered promiscuous mode
[  665.613143][    C1] vkms_vblank_simulate: vblank timer overrun
[  666.232415][    C1] vkms_vblank_simulate: vblank timer overrun
[  666.291518][ T7959] veth0_macvtap: entered promiscuous mode
[  666.589154][    C1] vkms_vblank_simulate: vblank timer overrun
[  667.283382][ T7957] batman_adv: batadv0: Interface activated: batadv_slave_0
[  667.363266][ T7957] batman_adv: batadv0: Interface activated: batadv_slave_1
[  667.414353][ T6910] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  667.431856][ T7053] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  667.432255][ T7053] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  667.432359][ T7053] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  668.218759][    C1] vkms_vblank_simulate: vblank timer overrun
[  668.462473][    C1] vkms_vblank_simulate: vblank timer overrun
[  668.719040][    C1] vkms_vblank_simulate: vblank timer overrun
[  669.218442][    C1] vkms_vblank_simulate: vblank timer overrun
[  675.620279][ T8173] ALSA: mixer_oss: invalid OSS volume ''
[  675.747078][    C1] vkms_vblank_simulate: vblank timer overrun
[  675.917241][    C1] vkms_vblank_simulate: vblank timer overrun
[  676.260859][    C1] vkms_vblank_simulate: vblank timer overrun
[  676.509918][    C1] vkms_vblank_simulate: vblank timer overrun
[  676.854029][    C1] vkms_vblank_simulate: vblank timer overrun
[  677.319069][    C1] vkms_vblank_simulate: vblank timer overrun
[  677.381626][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  677.401489][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  677.405209][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  677.465031][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  677.500921][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  677.603890][    C1] vkms_vblank_simulate: vblank timer overrun
[  678.134827][    C1] vkms_vblank_simulate: vblank timer overrun
[  678.301351][    C1] vkms_vblank_simulate: vblank timer overrun
[  678.373427][    C1] vkms_vblank_simulate: vblank timer overrun
[  678.516368][    C1] vkms_vblank_simulate: vblank timer overrun
[  678.561456][    C1] vkms_vblank_simulate: vblank timer overrun
[  678.947321][    C1] vkms_vblank_simulate: vblank timer overrun
[  679.208074][    C1] vkms_vblank_simulate: vblank timer overrun
[  679.355799][    C1] vkms_vblank_simulate: vblank timer overrun
[  679.680739][ T5840] Bluetooth: hci2: command tx timeout
[  679.880596][ T8163] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  679.908263][ T8213] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  680.862813][ T8163] usb 5-1: config 0 has an invalid interface number: 168 but max is 0
[  680.862845][ T8163] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  680.862864][ T8163] usb 5-1: config 0 has no interface number 0
[  680.862920][ T8163] usb 5-1: config 0 interface 168 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  680.862943][ T8163] usb 5-1: config 0 interface 168 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 16
[  680.862988][ T8163] usb 5-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=48.98
[  680.863012][ T8163] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  680.869389][ T8163] usb 5-1: config 0 descriptor??
[  681.235169][    C1] vkms_vblank_simulate: vblank timer overrun
[  681.990118][    C1] vkms_vblank_simulate: vblank timer overrun
[  681.991571][ T5840] Bluetooth: hci2: command tx timeout
[  682.153898][ T8222] vivid-004: disconnect
[  682.303065][ T8222] vivid-004: reconnect
[  682.585329][    C1] vkms_vblank_simulate: vblank timer overrun
[  682.758676][ T8163] HFC-S_USB 5-1:0.168: probe with driver HFC-S_USB failed with error -5
[  682.996303][ T8163] usb 5-1: USB disconnect, device number 2
[  683.328908][    C1] vkms_vblank_simulate: vblank timer overrun
[  683.712364][    C1] vkms_vblank_simulate: vblank timer overrun
[  684.137558][ T8235] netlink: 36 bytes leftover after parsing attributes in process `syz.6.340'.
[  684.610509][ T7772] Bluetooth: hci2: command tx timeout
[  684.702835][ T7772] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  684.708289][ T7772] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  684.718787][ T7772] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  684.755833][ T7772] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  684.833154][ T7772] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  686.250634][ T7224] usb 10-1: new low-speed USB device number 2 using dummy_hcd
[  687.259355][ T5840] Bluetooth: hci2: command tx timeout
[  687.663890][ T7224] usb 10-1: device descriptor read/64, error -71
[  687.675933][ T5840] Bluetooth: hci1: command tx timeout
[  689.690386][ T5840] Bluetooth: hci1: command tx timeout
[  691.540683][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  691.540787][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  691.892595][ T5840] Bluetooth: hci1: command tx timeout
[  693.168086][ T8283] netlink: 8 bytes leftover after parsing attributes in process `syz.6.348'.
[  693.931861][ T5840] Bluetooth: hci1: command tx timeout
[  695.918213][ T5840] Bluetooth: Frame is too long (len 18, expected len 4)
[  697.517716][ T8303] Bluetooth: hci0: Opcode 0x080f failed: -4
[  699.602248][ T5840] Bluetooth: hci0: command 0x0406 tx timeout
[  704.556638][ T8342] netlink: 8 bytes leftover after parsing attributes in process `syz.4.358'.
[  712.327790][ T8380] ceph: No mds server is up or the cluster is laggy
[  712.328846][ T5824] libceph: connect (1)[c::]:6789 error -101
[  712.329121][ T5824] libceph: mon0 (1)[c::]:6789 connect error
[  713.424572][ T6910] bridge_slave_1: left allmulticast mode
[  713.424649][ T6910] bridge_slave_1: left promiscuous mode
[  713.466969][ T6910] bridge0: port 2(bridge_slave_1) entered disabled state
[  714.121695][ T6910] bridge_slave_0: left allmulticast mode
[  714.121736][ T6910] bridge_slave_0: left promiscuous mode
[  714.122151][ T6910] bridge0: port 1(bridge_slave_0) entered disabled state
[  715.807498][ T8409] netlink: 4 bytes leftover after parsing attributes in process `syz.6.370'.
[  716.519585][ T8410] netlink: 'syz.6.370': attribute type 11 has an invalid length.
[  716.519611][ T8410] netlink: 224 bytes leftover after parsing attributes in process `syz.6.370'.
[  719.222235][ T5840] Bluetooth: hci4: command 0x0406 tx timeout
[  720.795371][    C0] vkms_vblank_simulate: vblank timer overrun
[  721.005818][    C0] vkms_vblank_simulate: vblank timer overrun
[  721.087980][    C0] vkms_vblank_simulate: vblank timer overrun
[  721.337890][ T6910] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  721.468987][ T6910] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  721.527263][ T6910] bond0 (unregistering): Released all slaves
[  721.940726][    C0] vkms_vblank_simulate: vblank timer overrun
[  722.010762][ T8193] chnl_net:caif_netlink_parms(): no params data found
[  722.175470][ T8229] chnl_net:caif_netlink_parms(): no params data found
[  723.108268][ T8434] Bluetooth: hci0: Opcode 0x080f failed: -4
[  723.688366][    C0] vkms_vblank_simulate: vblank timer overrun
[  723.843483][    C0] vkms_vblank_simulate: vblank timer overrun
[  724.370533][    C0] vkms_vblank_simulate: vblank timer overrun
[  724.725985][    C0] vkms_vblank_simulate: vblank timer overrun
[  724.861214][ T7772] Bluetooth: hci0: command 0x0406 tx timeout
[  726.164716][ T8453] CIFS mount error: No usable UNC path provided in device string!
[  726.164716][ T8453] 
[  726.164808][ T8453] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  728.218473][ T7772] Bluetooth: hci3: unexpected event for opcode 0x041b
[  730.212188][ T6910] hsr_slave_0: left promiscuous mode
[  730.250534][ T6910] hsr_slave_1: left promiscuous mode
[  730.251657][ T6910] batman_adv: batadv0: Removing interface: batadv_slave_0
[  730.305116][ T6910] batman_adv: batadv0: Removing interface: batadv_slave_1
[  730.478844][ T6910] veth0_macvtap: left promiscuous mode
[  730.479238][ T6910] veth1_vlan: left promiscuous mode
[  730.479467][ T6910] veth0_vlan: left promiscuous mode
[  733.738067][ T8488] Bluetooth: hci0: Opcode 0x080f failed: -4
[  734.455911][ T5840] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  734.486146][ T5840] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  734.496503][ T5840] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  734.528949][ T5840] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  734.556562][ T5840] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  734.966591][ T7772] Bluetooth: hci0: command 0x0406 tx timeout
[  735.579677][ T8504] CIFS mount error: No usable UNC path provided in device string!
[  735.579677][ T8504] 
[  735.579703][ T8504] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  736.961146][ T7772] Bluetooth: hci5: command tx timeout
[  736.967027][ T6910] team0 (unregistering): Port device team_slave_1 removed
[  737.323788][ T8513] block nbd4: Attempted send on invalid socket
[  737.323944][ T8513] I/O error, dev nbd4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  737.360653][ T8513] block nbd4: Attempted send on invalid socket
[  737.360730][ T8513] I/O error, dev nbd4, sector 120 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  737.374203][ T8513] Mount JFS Failure: -5
[  737.374276][ T8513] jfs_mount failed w/return code = -5
[  738.333753][ T6910] team0 (unregistering): Port device team_slave_0 removed
[  738.799996][ T5840] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  738.812002][ T5840] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  738.816826][ T5840] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  738.839336][ T5840] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  738.844448][ T5840] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  739.228843][ T7772] Bluetooth: hci5: command tx timeout
[  740.901315][ T7772] Bluetooth: hci6: command tx timeout
[  741.280457][ T7772] Bluetooth: hci5: command tx timeout
[  742.931481][ T8511] netlink: 168 bytes leftover after parsing attributes in process `syz.6.391'.
[  743.186957][ T7772] Bluetooth: hci6: command tx timeout
[  743.191383][ T8229] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg0": -EINTR
[  743.237685][ T8193] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wg2": -EINTR
[  743.390397][ T7772] Bluetooth: hci5: command tx timeout
[  745.243037][ T7772] Bluetooth: hci6: command tx timeout
[  745.306597][ T8535] Bluetooth: hci0: Opcode 0x080f failed: -4
[  746.072532][ T8557] binder: BINDER_SET_CONTEXT_MGR already set
[  746.072577][ T8557] binder: 8552:8557 ioctl 4018620d 200000000040 returned -16
[  746.181356][ T7772] Bluetooth: hci0: command 0x0406 tx timeout
[  747.283577][ T7772] Bluetooth: hci6: command tx timeout
[  747.823186][ T8569] Falling back ldisc for ptm0.
[  748.060541][ T8564] netlink: 800 bytes leftover after parsing attributes in process `syz.4.399'.
[  748.060587][ T8564] netlink: 1301 bytes leftover after parsing attributes in process `syz.4.399'.
[  748.060882][ T8566] binder: BINDER_SET_CONTEXT_MGR already set
[  748.060896][ T8566] binder: 8561:8566 ioctl 4018620d 200000000040 returned -16
[  748.283873][ T8569] ucma_write: process 424 (syz.6.401) changed security contexts after opening file descriptor, this is not allowed.
[  753.272248][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  753.272335][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  757.019757][ T7772] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  757.019808][ T7772] CPU: 1 UID: 0 PID: 7772 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  757.019837][ T7772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  757.019852][ T7772] Workqueue: hci4 hci_rx_work
[  757.019891][ T7772] Call Trace:
[  757.019901][ T7772]  <TASK>
[  757.019911][ T7772]  dump_stack_lvl+0x189/0x250
[  757.019953][ T7772]  ? __pfx_dump_stack_lvl+0x10/0x10
[  757.019986][ T7772]  ? __pfx__printk+0x10/0x10
[  757.020019][ T7772]  ? kernfs_path_from_node+0x2c/0x280
[  757.020042][ T7772]  ? kernfs_path_from_node+0x243/0x280
[  757.020065][ T7772]  ? kernfs_path_from_node+0x2c/0x280
[  757.020094][ T7772]  sysfs_create_dir_ns+0x259/0x280
[  757.020136][ T7772]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  757.020159][ T7772]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  757.020198][ T7772]  ? rt_spin_unlock+0x65/0x80
[  757.020226][ T7772]  kobject_add_internal+0x5a5/0xb50
[  757.020268][ T7772]  kobject_add+0x155/0x220
[  757.020305][ T7772]  ? __pfx_kobject_add+0x10/0x10
[  757.020344][ T7772]  ? get_device_parent+0x370/0x3a0
[  757.020384][ T7772]  device_add+0x408/0xb50
[  757.020422][ T7772]  hci_conn_add_sysfs+0xd5/0x1e0
[  757.020462][ T7772]  le_conn_complete_evt+0xc3a/0x1220
[  757.020505][ T7772]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  757.020534][ T7772]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  757.020565][ T7772]  ? lockdep_hardirqs_on+0x9c/0x150
[  757.020599][ T7772]  ? skb_pull_data+0xfb/0x200
[  757.020637][ T7772]  hci_le_conn_complete_evt+0x187/0x450
[  757.020677][ T7772]  hci_event_packet+0x78c/0x1200
[  757.020717][ T7772]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  757.020747][ T7772]  ? __pfx_hci_event_packet+0x10/0x10
[  757.020784][ T7772]  ? __pfx_migrate_enable+0x10/0x10
[  757.020822][ T7772]  ? hci_send_to_monitor+0xe2/0x570
[  757.020857][ T7772]  hci_rx_work+0x46a/0xe80
[  757.020889][ T7772]  ? process_scheduled_works+0x9ef/0x17b0
[  757.020921][ T7772]  process_scheduled_works+0xade/0x17b0
[  757.020985][ T7772]  ? __pfx_process_scheduled_works+0x10/0x10
[  757.021032][ T7772]  worker_thread+0x8a0/0xda0
[  757.021065][ T7772]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  757.021105][ T7772]  ? __kthread_parkme+0x7b/0x200
[  757.021147][ T7772]  kthread+0x711/0x8a0
[  757.021186][ T7772]  ? __pfx_worker_thread+0x10/0x10
[  757.021213][ T7772]  ? __pfx_kthread+0x10/0x10
[  757.021255][ T7772]  ? __pfx_kthread+0x10/0x10
[  757.021290][ T7772]  ret_from_fork+0x3fc/0x770
[  757.021322][ T7772]  ? __pfx_ret_from_fork+0x10/0x10
[  757.021356][ T7772]  ? __switch_to_asm+0x39/0x70
[  757.021377][ T7772]  ? __switch_to_asm+0x33/0x70
[  757.021397][ T7772]  ? __pfx_kthread+0x10/0x10
[  757.021432][ T7772]  ret_from_fork_asm+0x1a/0x30
[  757.021474][ T7772]  </TASK>
[  757.038261][ T7772] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  757.038330][ T7772] Bluetooth: hci4: failed to register connection device
[  758.791896][ T8636] netlink: 132 bytes leftover after parsing attributes in process `syz.6.417'.
[  759.035709][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.097105][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.175289][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.211508][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.275910][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.309934][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.375649][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.676356][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.837224][ T8517] chnl_net:caif_netlink_parms(): no params data found
[  760.061051][    C0] vkms_vblank_simulate: vblank timer overrun
[  760.502660][    C0] vkms_vblank_simulate: vblank timer overrun
[  762.369961][    C0] vkms_vblank_simulate: vblank timer overrun
[  762.473837][    C0] vkms_vblank_simulate: vblank timer overrun
[  763.020339][    C0] vkms_vblank_simulate: vblank timer overrun
[  763.044575][    C0] vkms_vblank_simulate: vblank timer overrun
[  763.188440][    C0] vkms_vblank_simulate: vblank timer overrun
[  763.461237][    C0] vkms_vblank_simulate: vblank timer overrun
[  764.016093][ T8669] fuse: Bad value for 'fd'
[  764.560819][ T5840] Bluetooth: hci4: command 0x0406 tx timeout
[  766.430403][ T8698] netlink: 132 bytes leftover after parsing attributes in process `syz.9.428'.
[  767.630256][ T8706] afs: Unknown parameter '01777777777777777777777'
[  767.807831][ T8707] mmap: syz.6.430 (8707) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  778.345426][ T6910] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  780.361019][ T8738] program syz.9.435 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  780.471724][ T8496] chnl_net:caif_netlink_parms(): no params data found
[  780.505667][ T8517] bridge0: port 1(bridge_slave_0) entered blocking state
[  780.505821][ T8517] bridge0: port 1(bridge_slave_0) entered disabled state
[  780.506075][ T8517] bridge_slave_0: entered allmulticast mode
[  780.509113][ T8517] bridge_slave_0: entered promiscuous mode
[  780.787774][ T6910] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  780.841283][ T8517] bridge0: port 2(bridge_slave_1) entered blocking state
[  780.841444][ T8517] bridge0: port 2(bridge_slave_1) entered disabled state
[  780.841713][ T8517] bridge_slave_1: entered allmulticast mode
[  780.844919][ T8517] bridge_slave_1: entered promiscuous mode
[  781.317857][ T6910] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  781.368243][ T8517] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  781.399354][ T8517] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  781.736815][ T6910] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  782.015295][ T8517] team0: Port device team_slave_0 added
[  782.016056][ T8496] bridge0: port 1(bridge_slave_0) entered blocking state
[  782.016216][ T8496] bridge0: port 1(bridge_slave_0) entered disabled state
[  782.016430][ T8496] bridge_slave_0: entered allmulticast mode
[  782.019326][ T8496] bridge_slave_0: entered promiscuous mode
[  782.051350][ T8517] team0: Port device team_slave_1 added
[  782.052534][ T8496] bridge0: port 2(bridge_slave_1) entered blocking state
[  782.052720][ T8496] bridge0: port 2(bridge_slave_1) entered disabled state
[  782.052985][ T8496] bridge_slave_1: entered allmulticast mode
[  782.062593][ T8496] bridge_slave_1: entered promiscuous mode
[  782.374058][ T8517] batman_adv: batadv0: Adding interface: batadv_slave_0
[  782.374079][ T8517] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  782.374104][ T8517] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  782.441233][ T8496] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  782.444691][ T8517] batman_adv: batadv0: Adding interface: batadv_slave_1
[  782.444711][ T8517] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  782.444743][ T8517] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  782.521767][ T8496] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  783.017059][ T8496] team0: Port device team_slave_0 added
[  783.216088][ T8496] team0: Port device team_slave_1 added
[  783.295499][ T8517] hsr_slave_0: entered promiscuous mode
[  783.297408][ T8517] hsr_slave_1: entered promiscuous mode
[  783.509619][ T8496] batman_adv: batadv0: Adding interface: batadv_slave_0
[  783.509641][ T8496] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  783.509670][ T8496] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  783.645861][ T8496] batman_adv: batadv0: Adding interface: batadv_slave_1
[  783.645883][ T8496] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  783.645913][ T8496] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  783.671359][ T6910] bridge_slave_1: left allmulticast mode
[  783.671411][ T6910] bridge_slave_1: left promiscuous mode
[  783.671818][ T6910] bridge0: port 2(bridge_slave_1) entered disabled state
[  783.772281][ T6910] bridge_slave_0: left allmulticast mode
[  783.772322][ T6910] bridge_slave_0: left promiscuous mode
[  783.772645][ T6910] bridge0: port 1(bridge_slave_0) entered disabled state
[  784.377012][ T6910] bond0 (unregistering): Released all slaves
[  784.573882][ T6910] bond0 (unregistering): Released all slaves
[  786.866663][ T6910] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  786.932948][ T6910] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  786.955668][ T6910] bond0 (unregistering): Released all slaves
[  787.608231][ T8496] hsr_slave_0: entered promiscuous mode
[  787.610781][ T8496] hsr_slave_1: entered promiscuous mode
[  787.611742][ T8496] debugfs: 'hsr0' already exists in 'hsr'
[  787.611770][ T8496] Cannot create hsr debugfs directory
[  788.590665][ T6910] hsr_slave_0: left promiscuous mode
[  788.610259][ T6910] hsr_slave_1: left promiscuous mode
[  788.611464][ T6910] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  788.611516][ T6910] batman_adv: batadv0: Removing interface: batadv_slave_0
[  788.663514][ T6910] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  788.663556][ T6910] batman_adv: batadv0: Removing interface: batadv_slave_1
[  788.778735][ T6910] veth1_macvtap: left promiscuous mode
[  788.778885][ T6910] veth0_macvtap: left promiscuous mode
[  788.779212][ T6910] veth1_vlan: left promiscuous mode
[  788.779459][ T6910] veth0_vlan: left promiscuous mode
[  792.311566][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  792.316695][ T5840] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  792.335647][ T5840] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  792.337010][ T5840] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  792.338850][ T5840] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  792.591407][ T6910] team0 (unregistering): Port device team_slave_1 removed
[  792.997037][ T6910] team0 (unregistering): Port device team_slave_0 removed
[  794.400405][ T5840] Bluetooth: hci1: command tx timeout
[  796.492307][ T5840] Bluetooth: hci1: command tx timeout
[  798.558144][ T8758] chnl_net:caif_netlink_parms(): no params data found
[  798.570455][ T5840] Bluetooth: hci1: command tx timeout
[  798.622744][ T7772] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  798.668339][ T7772] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  798.687664][ T7772] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  798.709650][ T7772] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  798.770668][ T7772] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  800.065221][ T8758] bridge0: port 1(bridge_slave_0) entered blocking state
[  800.065914][ T8758] bridge0: port 1(bridge_slave_0) entered disabled state
[  800.066170][ T8758] bridge_slave_0: entered allmulticast mode
[  800.110615][ T8758] bridge_slave_0: entered promiscuous mode
[  800.138231][ T8758] bridge0: port 2(bridge_slave_1) entered blocking state
[  800.138429][ T8758] bridge0: port 2(bridge_slave_1) entered disabled state
[  800.138723][ T8758] bridge_slave_1: entered allmulticast mode
[  800.169847][ T8758] bridge_slave_1: entered promiscuous mode
[  800.627064][ T8758] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  800.640385][ T7772] Bluetooth: hci1: command tx timeout
[  800.687641][ T8758] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  800.810643][ T7772] Bluetooth: hci2: command tx timeout
[  801.070091][ T8758] team0: Port device team_slave_0 added
[  801.104856][ T8758] team0: Port device team_slave_1 added
[  801.628304][ T8758] batman_adv: batadv0: Adding interface: batadv_slave_0
[  801.628327][ T8758] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  801.628358][ T8758] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  801.655065][ T8758] batman_adv: batadv0: Adding interface: batadv_slave_1
[  801.655093][ T8758] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  801.655129][ T8758] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  802.194190][ T8758] hsr_slave_0: entered promiscuous mode
[  802.195782][ T8758] hsr_slave_1: entered promiscuous mode
[  802.196885][ T8758] debugfs: 'hsr0' already exists in 'hsr'
[  802.196917][ T8758] Cannot create hsr debugfs directory
[  802.233682][ T6910] bridge_slave_1: left allmulticast mode
[  802.233724][ T6910] bridge_slave_1: left promiscuous mode
[  802.234014][ T6910] bridge0: port 2(bridge_slave_1) entered disabled state
[  802.342102][ T6910] bridge_slave_0: left allmulticast mode
[  802.342144][ T6910] bridge_slave_0: left promiscuous mode
[  802.342484][ T6910] bridge0: port 1(bridge_slave_0) entered disabled state
[  802.427741][ T6910] bridge_slave_1: left allmulticast mode
[  802.427788][ T6910] bridge_slave_1: left promiscuous mode
[  802.428103][ T6910] bridge0: port 2(bridge_slave_1) entered disabled state
[  802.532194][ T6910] bridge_slave_0: left allmulticast mode
[  802.532244][ T6910] bridge_slave_0: left promiscuous mode
[  802.532547][ T6910] bridge0: port 1(bridge_slave_0) entered disabled state
[  802.890541][ T7772] Bluetooth: hci2: command tx timeout
[  803.091434][ T6910] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  803.241499][ T6910] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  803.307301][ T6910] bond0 (unregistering): Released all slaves
[  803.632508][ T6910] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  803.721755][ T6910] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  803.794853][ T6910] bond0 (unregistering): Released all slaves
[  804.433656][ T8767] chnl_net:caif_netlink_parms(): no params data found
[  804.721623][ T6910] hsr_slave_0: left promiscuous mode
[  804.760637][ T6910] hsr_slave_1: left promiscuous mode
[  804.761714][ T6910] batman_adv: batadv0: Removing interface: batadv_slave_0
[  804.823634][ T6910] batman_adv: batadv0: Removing interface: batadv_slave_1
[  804.920518][ T6910] hsr_slave_0: left promiscuous mode
[  804.948401][ T6910] hsr_slave_1: left promiscuous mode
[  804.951249][ T6910] batman_adv: batadv0: Removing interface: batadv_slave_0
[  804.960370][ T7772] Bluetooth: hci2: command tx timeout
[  804.986287][ T6910] batman_adv: batadv0: Removing interface: batadv_slave_1
[  805.891237][ T6910] team0 (unregistering): Port device team_slave_1 removed
[  806.031330][ T6910] team0 (unregistering): Port device team_slave_0 removed
[  807.050543][ T7772] Bluetooth: hci2: command tx timeout
[  807.361664][ T6910] team0 (unregistering): Port device team_slave_1 removed
[  807.554288][ T6910] team0 (unregistering): Port device team_slave_0 removed
[  809.169699][ T8767] bridge0: port 1(bridge_slave_0) entered blocking state
[  809.169989][ T8767] bridge0: port 1(bridge_slave_0) entered disabled state
[  809.185294][ T8767] bridge_slave_0: entered allmulticast mode
[  809.188455][ T8767] bridge_slave_0: entered promiscuous mode
[  809.300595][ T8767] bridge0: port 2(bridge_slave_1) entered blocking state
[  809.300758][ T8767] bridge0: port 2(bridge_slave_1) entered disabled state
[  809.301051][ T8767] bridge_slave_1: entered allmulticast mode
[  809.304139][ T8767] bridge_slave_1: entered promiscuous mode
[  809.977591][ T8767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  810.285653][ T8767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  810.989360][ T8767] team0: Port device team_slave_0 added
[  811.019855][ T8767] team0: Port device team_slave_1 added
[  811.502422][ T8767] batman_adv: batadv0: Adding interface: batadv_slave_0
[  811.502443][ T8767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  811.502477][ T8767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  811.505368][ T8767] batman_adv: batadv0: Adding interface: batadv_slave_1
[  811.505388][ T8767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  811.505418][ T8767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  812.043320][ T8767] hsr_slave_0: entered promiscuous mode
[  812.044835][ T8767] hsr_slave_1: entered promiscuous mode
[  812.618920][ T8758] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  812.752669][ T8758] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  812.828189][ T8758] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  813.019181][ T8758] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  813.449608][ T8767] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  813.488112][ T8767] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  813.532227][ T8767] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  813.568256][ T8767] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  813.723032][ T8758] 8021q: adding VLAN 0 to HW filter on device bond0
[  813.810023][ T8758] 8021q: adding VLAN 0 to HW filter on device team0
[  813.840509][ T1178] bridge0: port 1(bridge_slave_0) entered blocking state
[  813.840729][ T1178] bridge0: port 1(bridge_slave_0) entered forwarding state
[  813.894209][ T1178] bridge0: port 2(bridge_slave_1) entered blocking state
[  813.894370][ T1178] bridge0: port 2(bridge_slave_1) entered forwarding state
[  813.992365][ T8767] 8021q: adding VLAN 0 to HW filter on device bond0
[  814.131890][ T8767] 8021q: adding VLAN 0 to HW filter on device team0
[  814.159447][   T67] bridge0: port 1(bridge_slave_0) entered blocking state
[  814.160034][   T67] bridge0: port 1(bridge_slave_0) entered forwarding state
[  814.225345][ T4527] bridge0: port 2(bridge_slave_1) entered blocking state
[  814.225515][ T4527] bridge0: port 2(bridge_slave_1) entered forwarding state
[  814.408992][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  814.409084][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  814.889181][ T8758] 8021q: adding VLAN 0 to HW filter on device batadv0
[  815.099688][ T8767] 8021q: adding VLAN 0 to HW filter on device batadv0
[  816.039003][ T8758] veth0_vlan: entered promiscuous mode
[  816.079941][ T8758] veth1_vlan: entered promiscuous mode
[  816.175783][ T8767] veth0_vlan: entered promiscuous mode
[  816.253846][ T8767] veth1_vlan: entered promiscuous mode
[  816.296364][ T8758] veth0_macvtap: entered promiscuous mode
[  816.371987][ T8758] veth1_macvtap: entered promiscuous mode
[  816.478659][ T8758] batman_adv: batadv0: Interface activated: batadv_slave_0
[  816.538006][ T8758] batman_adv: batadv0: Interface activated: batadv_slave_1
[  816.549244][ T8767] veth0_macvtap: entered promiscuous mode
[  816.605511][ T8767] veth1_macvtap: entered promiscuous mode
[  816.607795][   T67] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  816.608179][   T67] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  816.608864][   T67] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  816.609444][   T67] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  816.839273][ T8767] batman_adv: batadv0: Interface activated: batadv_slave_0
[  816.992821][ T8767] batman_adv: batadv0: Interface activated: batadv_slave_1
[  817.329839][ T3615] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  817.342094][ T3615] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  817.342841][ T3615] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  817.343372][ T3615] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  817.529032][ T8221] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  817.529073][ T8221] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  817.934860][ T1112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  817.934888][ T1112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  818.101937][   T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  818.101965][   T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  818.312856][ T3615] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  818.312873][ T3615] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  822.065693][ T5973] IPVS: starting estimator thread 0...
[  822.180764][ T8980] IPVS: using max 6 ests per chain, 14400 per kthread
[  837.081993][ T7218] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  837.591743][    C0] vkms_vblank_simulate: vblank timer overrun
[  838.668841][    C0] vkms_vblank_simulate: vblank timer overrun
[  840.442985][ T9056] Bluetooth: hci0: Opcode 0x080f failed: -4
[  841.181194][    C0] vkms_vblank_simulate: vblank timer overrun
[  842.400182][ T7772] Bluetooth: hci0: command 0x0406 tx timeout
[  842.472237][ T7218] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  843.287525][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  843.329765][ T5840] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  843.338421][ T5840] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  843.359547][ T5840] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  843.376190][ T5840] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  843.622476][ T5973] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  845.007364][ T5973] usb 10-1: config 0 has an invalid interface number: 168 but max is 0
[  845.007406][ T5973] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  845.007429][ T5973] usb 10-1: config 0 has no interface number 0
[  845.007488][ T5973] usb 10-1: config 0 interface 168 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  845.007514][ T5973] usb 10-1: config 0 interface 168 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 16
[  845.007561][ T5973] usb 10-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=48.98
[  845.007586][ T5973] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  845.523986][ T7772] Bluetooth: hci1: command tx timeout
[  845.757346][ T5973] usb 10-1: config 0 descriptor??
[  846.133890][ T5973] usb 10-1: can't set config #0, error -71
[  846.198013][ T5973] usb 10-1: USB disconnect, device number 4
[  848.546767][ T7772] Bluetooth: hci1: command tx timeout
[  849.123223][ T9104] binder: BINDER_SET_CONTEXT_MGR already set
[  849.123268][ T9104] binder: 9097:9104 ioctl 4018620d 200000000040 returned -16
[  849.385499][ T7218] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  850.493214][ T9094] macsec1: entered allmulticast mode
[  850.493235][ T9094] macvlan1: entered allmulticast mode
[  850.493245][ T9094] veth1_vlan: entered allmulticast mode
[  850.841494][ T5840] Bluetooth: hci1: command tx timeout
[  852.105651][ T9094] macvlan1: left allmulticast mode
[  852.105671][ T9094] veth1_vlan: left allmulticast mode
[  854.685354][ T5840] Bluetooth: hci1: command tx timeout
[  858.970781][ T9153] fuse: Bad value for 'fd'
[  859.055562][ T9157] netlink: 'syz.6.476': attribute type 20 has an invalid length.
[  859.559065][ T7218] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  859.587869][ T9151] netlink: 4 bytes leftover after parsing attributes in process `syz.8.477'.
[  859.632996][ T9151] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  859.783423][ T9151] batman_adv: batadv0: Removing interface: batadv_slave_1
[  865.584759][ T9196] afs: Unknown parameter '01777777777777777777777'
[  867.049388][ T9072] chnl_net:caif_netlink_parms(): no params data found
[  868.289693][ T9207] macsec1: entered allmulticast mode
[  868.289711][ T9207] macvlan1: entered allmulticast mode
[  868.289720][ T9207] veth1_vlan: entered allmulticast mode
[  868.735661][ T9207] macvlan1: left allmulticast mode
[  868.735679][ T9207] veth1_vlan: left allmulticast mode
[  870.135634][ T9217] : entered promiscuous mode
[  870.315795][ T9224] tmpfs: Bad value for 'mpol'
[  872.702765][ T9241] block nbd4: Attempted send on invalid socket
[  872.702901][ T9241] I/O error, dev nbd4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  872.781865][ T9241] block nbd4: Attempted send on invalid socket
[  872.782003][ T9241] I/O error, dev nbd4, sector 120 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  872.783112][ T9241] Mount JFS Failure: -5
[  872.783130][ T9241] jfs_mount failed w/return code = -5
[  876.453145][ T7218] bridge_slave_1: left allmulticast mode
[  876.453397][ T7218] bridge_slave_1: left promiscuous mode
[  876.579837][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  876.583459][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  876.618943][ T7218] bridge0: port 2(bridge_slave_1) entered disabled state
[  877.895338][ T7218] bridge_slave_0: left allmulticast mode
[  877.895368][ T7218] bridge_slave_0: left promiscuous mode
[  877.895589][ T7218] bridge0: port 1(bridge_slave_0) entered disabled state
[  878.627667][ T9281] afs: Unknown parameter '01777777777777777777777'
[  888.406307][    C1] vkms_vblank_simulate: vblank timer overrun
[  888.699959][ T9294] 
[  888.699978][ T9294] ======================================================
[  888.699988][ T9294] WARNING: possible circular locking dependency detected
[  888.700006][ T9294] syzkaller #0 Not tainted
[  888.700020][ T9294] ------------------------------------------------------
[  888.700030][ T9294] syz.6.499/9294 is trying to acquire lock:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  888.700044][ T9294] ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  888.700118][ T9294] 
[  888.700118][ T9294] but task is already holding lock:
[  888.700126][ T9294] ffff88802479c3a0 (&dev->vblank_time_lock){+.+.}-{3:3}, at: drm_vblank_disable_and_save+0x7f/0x380
[  888.700179][ T9294] 
[  888.700179][ T9294] which lock already depends on the new lock.
[  888.700179][ T9294] 
[  888.700188][ T9294] 
[  888.700188][ T9294] the existing dependency chain (in reverse order) is:
[  888.700196][ T9294] 
[  888.700196][ T9294] -> #4 (&dev->vblank_time_lock){+.+.}-{3:3}:
[  888.700225][ T9294]        lock_acquire+0x120/0x360
[  888.700255][ T9294]        rt_spin_lock+0x88/0x2c0
[  888.700276][ T9294]        drm_crtc_vblank_on_config+0x2cd/0x860
[  888.700301][ T9294]        drm_crtc_vblank_on+0x88/0xc0
[  888.700324][ T9294]        drm_atomic_helper_commit_modeset_enables+0x602/0xe10
[  888.700349][ T9294]        vkms_atomic_commit_tail+0x69/0x210
[  888.700374][ T9294]        commit_tail+0x281/0x3a0
[  888.700397][ T9294]        drm_atomic_helper_commit+0xa6b/0xb10
[  888.700421][ T9294]        drm_atomic_commit+0x262/0x2c0
[  888.700442][ T9294]        drm_client_modeset_commit_atomic+0x620/0x760
[  888.700477][ T9294]        drm_client_modeset_commit_locked+0xce/0x4d0
[  888.700510][ T9294]        drm_client_modeset_commit+0x4a/0x70
[  888.700542][ T9294]        __drm_fb_helper_restore_fbdev_mode_unlocked+0x9d/0x1b0
[  888.700568][ T9294]        drm_fb_helper_set_par+0xaf/0x100
[  888.700591][ T9294]        fbcon_init+0x1255/0x2370
[  888.700619][ T9294]        visual_init+0x2ef/0x650
[  888.700644][ T9294]        do_bind_con_driver+0x890/0xf70
[  888.700671][ T9294]        do_take_over_console+0x899/0xa10
[  888.700700][ T9294]        do_fbcon_takeover+0x118/0x200
[  888.700726][ T9294]        fbcon_fb_registered+0x35e/0x610
[  888.700753][ T9294]        register_framebuffer+0x70f/0x890
[  888.700794][ T9294]        __drm_fb_helper_initial_config_and_unlock+0x130a/0x18a0
[  888.700822][ T9294]        drm_fbdev_client_hotplug+0x16f/0x230
[  888.700849][ T9294]        drm_client_register+0x16f/0x210
[  888.700878][ T9294]        drm_fbdev_client_setup+0x19f/0x3f0
[  888.700903][ T9294]        drm_client_setup+0x10a/0x230
[  888.700928][ T9294]        vkms_init+0x3e0/0x4b0
[  888.700956][ T9294]        do_one_initcall+0x233/0x820
[  888.700975][ T9294]        do_initcall_level+0x104/0x190
[  888.701009][ T9294]        do_initcalls+0x59/0xa0
[  888.701041][ T9294]        kernel_init_freeable+0x334/0x4b0
[  888.701076][ T9294]        kernel_init+0x1d/0x1d0
[  888.701093][ T9294]        ret_from_fork+0x3fc/0x770
[  888.701120][ T9294]        ret_from_fork_asm+0x1a/0x30
[  888.701140][ T9294] 
[  888.701140][ T9294] -> #3 (&dev->vbl_lock){+.+.}-{3:3}:
[  888.701169][ T9294]        lock_acquire+0x120/0x360
[  888.701196][ T9294]        rt_spin_lock+0x88/0x2c0
[  888.701215][ T9294]        vblank_disable_fn+0x72/0x190
[  888.701235][ T9294]        call_timer_fn+0x17b/0x5f0
[  888.701264][ T9294]        __run_timer_base+0x648/0x970
[  888.701289][ T9294]        run_timer_softirq+0xb7/0x180
[  888.701313][ T9294]        handle_softirqs+0x22c/0x710
[  888.701339][ T9294]        run_ktimerd+0xcf/0x190
[  888.701368][ T9294]        smpboot_thread_fn+0x542/0xa60
[  888.701395][ T9294]        kthread+0x711/0x8a0
[  888.701426][ T9294]        ret_from_fork+0x3fc/0x770
[  888.701452][ T9294]        ret_from_fork_asm+0x1a/0x30
[  888.701472][ T9294] 
[  888.701472][ T9294] -> #2 ((&vblank->disable_timer)){+...}-{0:0}:
[  888.701503][ T9294]        lock_acquire+0x120/0x360
[  888.701530][ T9294]        call_timer_fn+0xdb/0x5f0
[  888.701557][ T9294]        __run_timer_base+0x648/0x970
[  888.701582][ T9294]        run_timer_softirq+0xb7/0x180
[  888.701607][ T9294]        handle_softirqs+0x22c/0x710
[  888.701633][ T9294]        run_ktimerd+0xcf/0x190
[  888.701663][ T9294]        smpboot_thread_fn+0x542/0xa60
[  888.701690][ T9294]        kthread+0x711/0x8a0
[  888.701718][ T9294]        ret_from_fork+0x3fc/0x770
[  888.701745][ T9294]        ret_from_fork_asm+0x1a/0x30
[  888.701775][ T9294] 
[  888.701775][ T9294] -> #1 (&base->expiry_lock){+...}-{3:3}:
[  888.701807][ T9294]        lock_acquire+0x120/0x360
[  888.701836][ T9294]        rt_spin_lock+0x88/0x2c0
[  888.701855][ T9294]        __run_timer_base+0x114/0x970
[  888.701880][ T9294]        run_timer_softirq+0x67/0x180
[  888.701906][ T9294]        handle_softirqs+0x22c/0x710
[  888.701933][ T9294]        run_ktimerd+0xcf/0x190
[  888.701961][ T9294]        smpboot_thread_fn+0x542/0xa60
[  888.701988][ T9294]        kthread+0x711/0x8a0
[  888.702018][ T9294]        ret_from_fork+0x3fc/0x770
[  888.702042][ T9294]        ret_from_fork_asm+0x1a/0x30
[  888.702060][ T9294] 
[  888.702060][ T9294] -> #0 ((softirq_ctrl.lock)){+.+.}-{3:3}:
[  888.702091][ T9294]        validate_chain+0xb9b/0x2140
[  888.702124][ T9294]        __lock_acquire+0xab9/0xd20
[  888.702151][ T9294]        reacquire_held_locks+0x127/0x1d0
[  888.702185][ T9294]        lock_release+0x1b4/0x3e0
[  888.702212][ T9294]        __local_bh_enable_ip+0x10c/0x270
[  888.702239][ T9294]        hrtimer_cancel+0x39/0x60
[  888.702268][ T9294]        drm_vblank_disable_and_save+0x1bc/0x380
[  888.702379][ T9294]        drm_crtc_vblank_off+0x22e/0x820
[  888.702408][ T9294]        drm_atomic_helper_commit_modeset_disables+0xc89/0x2010
[  888.702436][ T9294]        vkms_atomic_commit_tail+0x51/0x210
[  888.702461][ T9294]        commit_tail+0x281/0x3a0
[  888.702483][ T9294]        drm_atomic_helper_commit+0xa6b/0xb10
[  888.702506][ T9294]        drm_atomic_commit+0x262/0x2c0
[  888.702527][ T9294]        drm_atomic_helper_set_config+0xe2/0x160
[  888.702551][ T9294]        drm_mode_setcrtc+0x9a4/0x1c50
[  888.702599][ T9294]        drm_ioctl_kernel+0x2d2/0x3a0
[  888.702627][ T9294]        drm_ioctl+0x685/0xb20
[  888.702652][ T9294]        __se_sys_ioctl+0xfc/0x170
[  888.702674][ T9294]        do_syscall_64+0xfa/0x3b0
[  888.702702][ T9294]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  888.702723][ T9294] 
[  888.702723][ T9294] other info that might help us debug this:
[  888.702723][ T9294] 
[  888.702732][ T9294] Chain exists of:
[  888.702732][ T9294]   (softirq_ctrl.lock) --> &dev->vbl_lock --> &dev->vblank_time_lock
[  888.702732][ T9294] 
[  888.702772][ T9294]  Possible unsafe locking scenario:
[  888.702772][ T9294] 
[  888.702779][ T9294]        CPU0                    CPU1
[  888.702786][ T9294]        ----                    ----
[  888.702793][ T9294]   lock(&dev->vblank_time_lock);
[  888.702817][ T9294]                                lock(&dev->vbl_lock);
[  888.702834][ T9294]                                lock(&dev->vblank_time_lock);
[  888.702852][ T9294]   lock((softirq_ctrl.lock));
[  888.702867][ T9294] 
[  888.702867][ T9294]  *** DEADLOCK ***
[  888.702867][ T9294] 
[  888.702873][ T9294] 8 locks held by syz.6.499/9294:
[  888.702887][ T9294]  #0: ffffc90005277b20 (crtc_ww_class_acquire){+.+.}-{0:0}, at: drm_mode_setcrtc+0x555/0x1c50
[  888.702990][ T9294]  #1: ffffc90005277b48 (crtc_ww_class_mutex){+.+.}-{4:4}, at: drm_mode_setcrtc+0x555/0x1c50
[  888.703051][ T9294]  #2: ffff88802479c4b8 (&dev->event_lock){+.+.}-{3:3}, at: drm_crtc_vblank_off+0xe4/0x820
[  888.703104][ T9294]  #3: ffffffff8d9a8b80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  888.703155][ T9294]  #4: ffff88802479c420 (&dev->vbl_lock){+.+.}-{3:3}, at: drm_crtc_vblank_off+0xf5/0x820
[  888.703218][ T9294]  #5: ffffffff8d9a8b80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  888.703269][ T9294]  #6: ffff88802479c3a0 (&dev->vblank_time_lock){+.+.}-{3:3}, at: drm_vblank_disable_and_save+0x7f/0x380
[  888.703321][ T9294]  #7: ffffffff8d9a8b80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  888.703369][ T9294] 
[  888.703369][ T9294] stack backtrace:
[  888.703385][ T9294] CPU: 1 UID: 0 PID: 9294 Comm: syz.6.499 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  888.703411][ T9294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  888.703426][ T9294] Call Trace:
[  888.703438][ T9294]  <TASK>
[  888.703450][ T9294]  dump_stack_lvl+0x189/0x250
[  888.703487][ T9294]  ? __pfx_dump_stack_lvl+0x10/0x10
[  888.703520][ T9294]  ? __pfx__printk+0x10/0x10
[  888.703546][ T9294]  ? print_lock_name+0xde/0x100
[  888.703571][ T9294]  print_circular_bug+0x2ee/0x310
[  888.703596][ T9294]  check_noncircular+0x134/0x160
[  888.703637][ T9294]  validate_chain+0xb9b/0x2140
[  888.703672][ T9294]  ? preempt_schedule+0xae/0xc0
[  888.703699][ T9294]  ? preempt_schedule_common+0x83/0xd0
[  888.703726][ T9294]  ? preempt_schedule+0xae/0xc0
[  888.703752][ T9294]  ? __pfx_preempt_schedule+0x10/0x10
[  888.703784][ T9294]  __lock_acquire+0xab9/0xd20
[  888.703816][ T9294]  reacquire_held_locks+0x127/0x1d0
[  888.703849][ T9294]  ? __local_bh_disable_ip+0x264/0x400
[  888.703882][ T9294]  lock_release+0x1b4/0x3e0
[  888.703911][ T9294]  ? __local_bh_enable_ip+0x100/0x270
[  888.703948][ T9294]  __local_bh_enable_ip+0x10c/0x270
[  888.703976][ T9294]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  888.704008][ T9294]  ? rt_spin_unlock+0x65/0x80
[  888.704031][ T9294]  ? hrtimer_cancel_wait_running+0xe5/0x180
[  888.704066][ T9294]  ? hrtimer_cancel_wait_running+0x142/0x180
[  888.704100][ T9294]  ? __pfx_vkms_disable_vblank+0x10/0x10
[  888.704130][ T9294]  hrtimer_cancel+0x39/0x60
[  888.704162][ T9294]  drm_vblank_disable_and_save+0x1bc/0x380
[  888.704189][ T9294]  drm_crtc_vblank_off+0x22e/0x820
[  888.704219][ T9294]  ? drm_atomic_bridge_chain_disable+0x157/0x180
[  888.704254][ T9294]  ? __pfx_vkms_crtc_atomic_disable+0x10/0x10
[  888.704283][ T9294]  drm_atomic_helper_commit_modeset_disables+0xc89/0x2010
[  888.704320][ T9294]  vkms_atomic_commit_tail+0x51/0x210
[  888.704345][ T9294]  ? read_tsc+0x9/0x20
[  888.704371][ T9294]  ? __pfx_vkms_atomic_commit_tail+0x10/0x10
[  888.704396][ T9294]  commit_tail+0x281/0x3a0
[  888.704427][ T9294]  drm_atomic_helper_commit+0xa6b/0xb10
[  888.704457][ T9294]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  888.704483][ T9294]  drm_atomic_commit+0x262/0x2c0
[  888.704507][ T9294]  ? __pfx_drm_atomic_commit+0x10/0x10
[  888.704528][ T9294]  ? __pfx___drm_printfn_info+0x10/0x10
[  888.704567][ T9294]  ? drm_atomic_state_init+0x231/0x310
[  888.704604][ T9294]  drm_atomic_helper_set_config+0xe2/0x160
[  888.704634][ T9294]  drm_mode_setcrtc+0x9a4/0x1c50
[  888.704682][ T9294]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  888.704711][ T9294]  ? lockdep_hardirqs_on+0x9c/0x150
[  888.704743][ T9294]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  888.704788][ T9294]  ? rt_spin_unlock+0x65/0x80
[  888.704813][ T9294]  ? drm_is_current_master+0x1a2/0x210
[  888.704840][ T9294]  drm_ioctl_kernel+0x2d2/0x3a0
[  888.704871][ T9294]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  888.704901][ T9294]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  888.704943][ T9294]  drm_ioctl+0x685/0xb20
[  888.704972][ T9294]  ? smk_tskacc+0x2fc/0x370
[  888.705008][ T9294]  ? __pfx_drm_mode_setcrtc+0x10/0x10
[  888.705050][ T9294]  ? __pfx_drm_ioctl+0x10/0x10
[  888.705092][ T9294]  ? __pfx_drm_ioctl+0x10/0x10
[  888.705122][ T9294]  __se_sys_ioctl+0xfc/0x170
[  888.705147][ T9294]  do_syscall_64+0xfa/0x3b0
[  888.705177][ T9294]  ? lockdep_hardirqs_on+0x9c/0x150
[  888.705204][ T9294]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  888.705227][ T9294]  ? clear_bhb_loop+0x60/0xb0
[  888.705252][ T9294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  888.705289][ T9294] RIP: 0033:0x7f35b00cebe9
[  888.705310][ T9294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  888.705331][ T9294] RSP: 002b:00007f35adec9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  888.705356][ T9294] RAX: ffffffffffffffda RBX: 00007f35b02f6270 RCX: 00007f35b00cebe9
[  888.705374][ T9294] RDX: 0000200000000740 RSI: 00000000c06864a2 RDI: 0000000000000005
[  888.705389][ T9294] RBP: 00007f35b0151e19 R08: 0000000000000000 R09: 0000000000000000
[  888.705404][ T9294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  888.705419][ T9294] R13: 00007f35b02f6308 R14: 00007f35b02f6270 R15: 00007ffeac118c38
[  888.705446][ T9294]  </TASK>
[  892.191986][ T7218] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  892.271525][ T7218] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  892.291810][ T7218] bond0 (unregistering): Released all slaves
[  894.640480][ T7218] hsr_slave_0: left promiscuous mode
[  894.680325][ T7218] hsr_slave_1: left promiscuous mode
[  894.681037][ T7218] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  894.681063][ T7218] batman_adv: batadv0: Removing interface: batadv_slave_0
[  894.745202][ T7218] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  894.745231][ T7218] batman_adv: batadv0: Removing interface: batadv_slave_1
[  894.823991][ T7218] veth1_macvtap: left promiscuous mode
[  894.824074][ T7218] veth0_macvtap: left promiscuous mode
[  894.824232][ T7218] veth1_vlan: left promiscuous mode
[  894.824344][ T7218] veth0_vlan: left promiscuous mode
[  896.570929][ T7218] team0 (unregistering): Port device team_slave_1 removed
[  896.792820][ T7218] team0 (unregistering): Port device team_slave_0 removed