last executing test programs:

26m41.950296312s ago: executing program 32 (id=29):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3}, 0x94)

13m17.421052068s ago: executing program 4 (id=1600):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[], 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000500)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000027c0)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYBLOB="1801000000050000000000000000ea0485000000d000000095"], &(0x7f0000000a00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xa83b, 0x10, 0x2}, &(0x7f0000000340)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000100)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r0, 0x0})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)

13m15.751749131s ago: executing program 4 (id=1603):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r1=>0x0})
msgctl$MSG_STAT_ANY(0x0, 0xd, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f00000009c0), 0x80002, 0x0)
ioctl$FBIOPAN_DISPLAY(r4, 0x4606, &(0x7f0000000a00)={0x800, 0x258, 0x400, 0x1e0, 0x4da4, 0x7fffffff, 0x10, 0x2, {0x8000}, {0x9, 0xffff}, {0x7, 0xfffff737}, {0x7, 0x5, 0x1}, 0x0, 0x2, 0x6, 0x3ff, 0x1, 0xd, 0x2, 0x6, 0x8, 0x6, 0x8, 0x7f, 0x0, 0x200, 0x0, 0x6})
ioctl$TCFLSH(r2, 0x400455c8, 0x4)
syz_usb_connect(0x5, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
bind$can_j1939(r0, &(0x7f0000000340)={0x1d, r1, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r5, 0x0)
syslog(0x2, &(0x7f00000004c0)=""/164, 0xa4)

13m11.283977537s ago: executing program 4 (id=1614):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r0, 0x0, r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000540), 0x0, 0x0)
ioctl$sock_ifreq(0xffffffffffffffff, 0x8942, &(0x7f0000000040)={'ip6gre0\x00', @ifru_map={0x8, 0x10, 0x200, 0x80, 0xfa, 0xfb}})
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$vim2m(0x0, 0x6, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000540)={0x0, 0xfec3, 0x80, 0x1000007, 0x1e1}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000180)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x80800})
listen(r4, 0x5)
io_uring_enter(r5, 0x3517, 0xc2de, 0x9, 0x0, 0x0)

13m6.684340097s ago: executing program 4 (id=1620):
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r3, &(0x7f0000001fc0)=""/184, 0x20002078)

13m4.795181984s ago: executing program 4 (id=1625):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(r2, r3, 0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket(0x2, 0x80805, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r5, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000200)={<r6=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r5, 0x84, 0x7a, &(0x7f0000000340)={<r7=>r6, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f0000000000)={r7, 0x81}, &(0x7f00000000c0)=0x8)

13m2.812081761s ago: executing program 4 (id=1629):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, 0x0)
statx(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4000, 0x100, 0x0)
quotactl_fd$Q_SETINFO(0xffffffffffffffff, 0xffffffff80000601, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000a00)={&(0x7f0000000800), 0x0, 0x0, &(0x7f00000009c0)})
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
io_setup(0x400, 0x0)
io_submit(0x0, 0x0, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x50, 0x0, &(0x7f0000000080)=0x1b00)

12m47.777027668s ago: executing program 33 (id=1629):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, 0x0)
statx(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4000, 0x100, 0x0)
quotactl_fd$Q_SETINFO(0xffffffffffffffff, 0xffffffff80000601, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000a00)={&(0x7f0000000800), 0x0, 0x0, &(0x7f00000009c0)})
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
io_setup(0x400, 0x0)
io_submit(0x0, 0x0, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x50, 0x0, &(0x7f0000000080)=0x1b00)

10m36.363875567s ago: executing program 0 (id=1897):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x5, 0x0, 0x0)
sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x4e20, @rand_addr=0x64010100}, 0x10, 0x0, 0x0, 0x0, 0xc0}, 0x0)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, &(0x7f0000000200)={'comedi_bond\x00', [0xffffffff, 0x80008000, 0x9, 0x2, 0x0, 0x0, 0x1, 0xf, 0xeb000000, 0x1, 0x7, 0x1, 0x1006, 0x4, 0x3, 0x6, 0xffffffa7, 0x40000009, 0x832, 0x30000, 0x3ff, 0x10000, 0x800, 0xe2df, 0x0, 0x1, 0x1, 0x525, 0x7, 0x5, 0x5]})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$video4linux(&(0x7f0000001600), 0x5, 0x20020)
r1 = openat$kvm(0xffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f00000000c0)={0x0, 0xa, {<r3=>0x0}, {0xffffffffffffffff}, 0x0, 0x100})
prlimit64(r3, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000600)={0x38, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x2a, 0x9, 0x9, 0x6, 0x8084, 0x3, 0x2, 0x2]}}]}]}]}, 0x38}}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

10m35.183527916s ago: executing program 0 (id=1900):
openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f00000001c0)='syzkaller\x00'}, 0x80)
socket$packet(0x11, 0x3, 0x300)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$ax25(0x3, 0x5, 0xcb)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
socket$inet(0x2, 0x3, 0x9)
pipe(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x800000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYRES32=r0], 0x0, 0x8, 0x28, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0}, 0x94)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

10m34.146784452s ago: executing program 0 (id=1903):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3, 0x0, 0x7}, 0x18)
socket(0x28, 0x803, 0x0)
syz_open_dev$video(&(0x7f0000000000), 0xc000, 0x0)
mkdir(0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000140)=[{&(0x7f00000000c0)="580000001500add427323b472545b4560a117fff0b0082001b59000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee0000000000000000020000", 0x56}, {&(0x7f0000000040)="abd9", 0x2}], 0x2)

10m32.065171826s ago: executing program 0 (id=1906):
mkdir(0x0, 0x0)
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
syz_io_uring_submit(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
getpid()
r3 = semget$private(0x0, 0x5, 0x401)
semctl$GETALL(r3, 0x0, 0xd, 0x0)
r4 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000080)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)
read(r4, &(0x7f0000000240)=""/28, 0xffd2)

10m30.531225056s ago: executing program 0 (id=1909):
r0 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0xe64, 0x3, @ipv4={'\x00', '\xff\xff', @empty}, 0x202}, 0x1c)
r1 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r1, &(0x7f0000000480)={0xa, 0xe64, 0x3, @empty, 0x2}, 0x1c)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x2)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0xfff)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r7, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r8, &(0x7f00000000c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f6400947e570028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), r8)

10m29.90326305s ago: executing program 0 (id=1912):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc14)
setresgid(0x0, 0xee01, 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x8000, &(0x7f00000024c0)=ANY=[@ANYBLOB='quota'])
r3 = openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x250942, 0x1cd)
fchown(0xffffffffffffffff, 0x0, 0x0)
quotactl_fd$Q_GETNEXTQUOTA(r3, 0xffffffff80000901, 0xee00, 0x0)

10m13.049724614s ago: executing program 34 (id=1912):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc14)
setresgid(0x0, 0xee01, 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x8000, &(0x7f00000024c0)=ANY=[@ANYBLOB='quota'])
r3 = openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x250942, 0x1cd)
fchown(0xffffffffffffffff, 0x0, 0x0)
quotactl_fd$Q_GETNEXTQUOTA(r3, 0xffffffff80000901, 0xee00, 0x0)

9m11.451926261s ago: executing program 2 (id=2051):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000140)=0x1)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x0)
setresuid(0x0, r4, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
kcmp(r5, r5, 0x3, 0xffffffffffffffff, 0xffffffffffffffff)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
r6 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$get_persistent(0x16, 0xffffffffffffffff, r6)

9m6.267095275s ago: executing program 2 (id=2062):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x1c)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000000)=r0, 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x40)

9m4.137465513s ago: executing program 2 (id=2065):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r2, 0x0, 0x0, 0x1001f0)
fallocate(r2, 0x3, 0x4, 0x101000)
ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2284, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x20008800}, 0x200488c0)
setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, 0x0, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r4, 0x0, 0x12, 0x0, 0x0)
sendto$inet(r4, &(0x7f0000000000)="f461c5bbd75c3583", 0x8, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
recvmmsg(r4, &(0x7f000000e280), 0x58a, 0x42, 0x0)

8m54.542216144s ago: executing program 2 (id=2084):
socket$packet(0x11, 0x3, 0x300)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000040)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x5, 0x14, 0x0, &(0x7f0000000100)="259a53f271a76d2608fff74588a80a3888ca2f15", 0x0, 0xd11, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r1 = syz_open_dev$vcsa(&(0x7f0000000040), 0x1, 0x40002)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x7, 0x6, 0x81, '\x00', 0x3c})
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
close(r5)
socket$nl_route(0x10, 0x3, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe1b)
splice(r4, 0x0, r5, 0x0, 0x4ffe6, 0x0)
writev(r1, &(0x7f0000000c40)=[{0x0}, {&(0x7f0000000080)="00ce00", 0x3}, {&(0x7f00000000c0)="b706000000e438dfd7d3ad000000da8800000000000000000000dddccfa80d304adb0f5303a5761e11fc1063931890acaad0c2040e2c9abdaa5803f784d631b4deea922e811394846dc5e92975b7e334935804ddae35721d77e5f4102d37c18ed5ad80ea7d25d046d14d2dea8a1a50509de8665e1837bf7bbb07a07a76b181feb8708e08c0e51d6475e7df00b2528e0003ad8be0f3edd03233c427af35216492f7ab4d89aca069e3a4830ccb9b5625450df13256aebc2bff669e93614a6d1733ded073b15b06543c82162f62fb6c44c5a78a088529b91acbac1038b15ea70018bdb5c19d109064f23c", 0xe9}, {&(0x7f0000000000)="320ba43d6ee3f1791b2d588894ee2b3e21a4a4dfafb307d38055020c0969b89eb684db2280", 0x25}], 0x4)
read$msr(r1, &(0x7f00000001c0)=""/91, 0x5b)

8m49.142172224s ago: executing program 2 (id=2092):
r0 = syz_open_dev$video(&(0x7f0000000040), 0x7, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x25dfdbfe, {{@in=@broadcast, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x71c, 0x4e23, 0x2, 0x0, 0x0, 0x0, 0xff}, {@in6=@private2, 0x4d6, 0x6c}, @in=@private=0x8010101, {0x0, 0x192, 0x9ba3, 0x2, 0x251c, 0x3, 0xfffffffffffffffc}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0xfffffffa, 0xfffffffc}, 0x80, 0x3502, 0xa, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x4000)
sendmsg$nl_xfrm(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="d80100001c0001"], 0x1d8}}, 0x0)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f0000000180)=0x2, 0x4)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05640, &(0x7f0000000340)={0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xfeedcafe, 0x3, 0x6, 0x2}})

8m46.978589664s ago: executing program 2 (id=2095):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
getpriority(0x2, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000700)=ANY=[@ANYRES32, @ANYRES32, @ANYRESOCT, @ANYBLOB="178be143e0028418740c74c4761439d79435bc8286e0e0ef1d1178bc7d5081dbbe8ab40db89c7f791208034f45d5ca5ed9754198a9418c461fefd198ed651697690a1c8fdd94346451dd4d0a9864a366e7948a7153b7dd2e25703551b507573ff9af994b6e65", @ANYRES64=0x0, @ANYRESDEC=r0, @ANYRES64], 0x20)
r1 = syz_open_dev$radio(&(0x7f0000001640), 0x0, 0x2)
r2 = syz_open_dev$radio(&(0x7f0000000000), 0x0, 0x2)
dup2(r2, r2)
preadv(r1, &(0x7f00000033c0)=[{&(0x7f00000031c0)=""/207, 0xcf}], 0x1, 0x6, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r3, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="340000003e000701fefffffffcefffff017c000008004280040008000c0001800621f000800a00000c00028006001780b82f0000c7f7b8d60d19c42e12fac57287783451779d76f990f7081ed0566a75c6706ac0527c651dd594c576ba25ef1055d936aae076cb7f9c48080e79ae6a94fb5e350e95faa2d9f67df8aa0d304fca91fbc209f8562d65837e6b87127f47d3edaa53aef0e3f11d93830a8d5d4433827fbc29b17e1dd699f599b868437f1484fb6dad1077ea4dfcf0369e5c33"], 0x34}, 0x1, 0x0, 0x0, 0x4000c000}, 0xc000)
r5 = socket$key(0xf, 0x3, 0x2)
ioctl$sock_SIOCGIFCONF(r5, 0x8912, &(0x7f0000006000)=@req={0x28, &(0x7f0000005fc0)={'ip6gretap0\x00', @ifru_addrs=@nfc={0x27, 0x0, 0x0, 0x7}}})

8m31.436264419s ago: executing program 35 (id=2095):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
getpriority(0x2, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000700)=ANY=[@ANYRES32, @ANYRES32, @ANYRESOCT, @ANYBLOB="178be143e0028418740c74c4761439d79435bc8286e0e0ef1d1178bc7d5081dbbe8ab40db89c7f791208034f45d5ca5ed9754198a9418c461fefd198ed651697690a1c8fdd94346451dd4d0a9864a366e7948a7153b7dd2e25703551b507573ff9af994b6e65", @ANYRES64=0x0, @ANYRESDEC=r0, @ANYRES64], 0x20)
r1 = syz_open_dev$radio(&(0x7f0000001640), 0x0, 0x2)
r2 = syz_open_dev$radio(&(0x7f0000000000), 0x0, 0x2)
dup2(r2, r2)
preadv(r1, &(0x7f00000033c0)=[{&(0x7f00000031c0)=""/207, 0xcf}], 0x1, 0x6, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r3, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="340000003e000701fefffffffcefffff017c000008004280040008000c0001800621f000800a00000c00028006001780b82f0000c7f7b8d60d19c42e12fac57287783451779d76f990f7081ed0566a75c6706ac0527c651dd594c576ba25ef1055d936aae076cb7f9c48080e79ae6a94fb5e350e95faa2d9f67df8aa0d304fca91fbc209f8562d65837e6b87127f47d3edaa53aef0e3f11d93830a8d5d4433827fbc29b17e1dd699f599b868437f1484fb6dad1077ea4dfcf0369e5c33"], 0x34}, 0x1, 0x0, 0x0, 0x4000c000}, 0xc000)
r5 = socket$key(0xf, 0x3, 0x2)
ioctl$sock_SIOCGIFCONF(r5, 0x8912, &(0x7f0000006000)=@req={0x28, &(0x7f0000005fc0)={'ip6gretap0\x00', @ifru_addrs=@nfc={0x27, 0x0, 0x0, 0x7}}})

7m4.79507554s ago: executing program 1 (id=2281):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x1c0)
landlock_create_ruleset(0x0, 0x0, 0x0)
sendmsg$NFT_MSG_GETFLOWTABLE(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x4)
syz_emit_ethernet(0x101e, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0xba01, 0x0, 0x801}, 0x0)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000280), 0x42000, 0x0)
read$FUSE(r1, 0x0, 0x0)
getpriority(0x2, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000001500))
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001580)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
r3 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback, 0x3}, 0x31)
sendmmsg$inet6(r3, &(0x7f0000002940), 0x40000000000017d, 0x888)

7m1.475188248s ago: executing program 1 (id=2287):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x14, 0x20, 0x301, 0x0, 0x0, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r5, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000002900)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x3}, @IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x60}}, 0x40000010)
write$FUSE_INIT(r5, &(0x7f0000004200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x0, 0xffffffff80802840}}, 0x50)
openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getxattr(&(0x7f00000013c0)='.\x00', &(0x7f0000001400)=@known='system.posix_acl_default\x00', 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

6m57.960565265s ago: executing program 1 (id=2289):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffe6, 0xb}, {0xffe0, 0x3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x0, 0x97, 0x6, 0x4, 0x2, 0x25}, [@TCA_NETEM_JITTER64={0xc}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

6m56.212453728s ago: executing program 1 (id=2293):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6(0xa, 0x1, 0x8010000000000084)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)

6m52.856658503s ago: executing program 1 (id=2299):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x28}}, 0x6, 0x2, 0x3, 0x6, 0xfffe, 0x3}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getdents64(0xffffffffffffffff, &(0x7f0000000080)=""/147, 0x93)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
lseek(0xffffffffffffffff, 0x2004, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x5, &(0x7f0000000100)=@framed={{}, [@map_idx={0x18, 0x0, 0x5, 0x0, 0xfffffffe}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x94)
sendmsg$NFT_BATCH(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a24000000020a01080000000000000000050000060800024000000003080002400000000014000000110001"], 0x4c}}, 0xc050)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x11)
r4 = syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
syz_usb_control_io$uac1(r4, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

6m50.555027881s ago: executing program 1 (id=2302):
sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, 0x0, 0x24050)
r0 = socket$inet6(0xa, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240))
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000000)=0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x5}, 0x8)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x400448ca, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x36)
socket$kcm(0x10, 0x3, 0x4)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000180)={0x3, {{0xa, 0x4e20, 0xa3f, @mcast2, 0xbfd}}, {{0xa, 0x4e24, 0x20, @loopback, 0xfffffe01}}}, 0x108)
bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
getsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000180)=""/214, &(0x7f0000000080)=0xd6)

6m49.234911069s ago: executing program 36 (id=2302):
sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, 0x0, 0x24050)
r0 = socket$inet6(0xa, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240))
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000000)=0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x5}, 0x8)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x400448ca, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x36)
socket$kcm(0x10, 0x3, 0x4)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000180)={0x3, {{0xa, 0x4e20, 0xa3f, @mcast2, 0xbfd}}, {{0xa, 0x4e24, 0x20, @loopback, 0xfffffe01}}}, 0x108)
bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
getsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000180)=""/214, &(0x7f0000000080)=0xd6)

4m18.502912156s ago: executing program 5 (id=2561):
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000048c0), 0x0, 0x20000001)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x400)
pipe(0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0x2c020400)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg$sock(r0, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0)
shutdown(r0, 0x1)

4m15.331526524s ago: executing program 5 (id=2566):
r0 = syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22)
rmdir(&(0x7f0000000080)='./cgroup/../file0\x00')
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000804)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x6, 0x0, 0x0, 0x0)
r4 = socket(0x40000000015, 0x5, 0x0)
close(r4)
r5 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r5)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x10)
fchown(r6, 0x0, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000540)={{{@in6=@dev, @in=@multicast2}}, {{@in=@multicast2}, 0x0, @in=@private}}, &(0x7f0000000380)=0xe8)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000040)={<r7=>0x0, 0x7, 0x22, 0x8}, &(0x7f00000000c0)=0x10)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000140)={0xfffd, 0x3, 0x0, 0x1, 0x0, 0x7, 0x8f1, 0x48e80, r7}, 0x20)
r8 = fsmount(r3, 0x0, 0x0)
r9 = openat$cgroup_subtree(r8, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000980)={[{0x2d, 'pids'}]}, 0x1f)

4m12.545921637s ago: executing program 5 (id=2571):
ioctl$KVM_MEMORY_ENCRYPT_REG_REGION(0xffffffffffffffff, 0x8010aebb, &(0x7f0000000040)={0x100000, 0xd7b78bf4f725329})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioperm(0x7, 0x81, 0x2)
mremap(&(0x7f0000041000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00004c3000/0x2000)=nil)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000140)={'full'}, 0xfffffdef)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
shutdown(r4, 0x1)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f00004c4000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100)=0x40)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x7, &(0x7f0000000340), 0x4)
fcntl$setsig(r0, 0xa, 0x26)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="030000000000000000d75b000000000000000400000000000000a5030000000000000100000000000000170101c001000002087b37ff00001b000000feeee1d9c78e096810eee256dde26901a2bf3b1e0654db449be18fb01b316959bd28ae7a89cde8"])

4m10.543736421s ago: executing program 5 (id=2575):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc14)
setresgid(0x0, 0xee01, 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x8000, &(0x7f00000024c0)=ANY=[@ANYBLOB='quota'])
r3 = openat(0xffffffffffffff9c, 0x0, 0x250942, 0x1cd)
fchown(0xffffffffffffffff, 0x0, 0x0)
quotactl_fd$Q_GETNEXTQUOTA(r3, 0xffffffff80000901, 0xee00, 0x0)

4m6.314798193s ago: executing program 5 (id=2580):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0x1, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffe6, 0xb}, {0xffe0, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

4m5.318191838s ago: executing program 5 (id=2583):
socket$inet(0x2, 0x1, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="fc00000019000100000000000000000000000000000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000b93760000000000000000000000000000000000000000000200000000000000010000000000000044000500ac141400000000000000000000000000000000003c00000000000000000000000000000000000000000000000000000001"], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x20040000)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@updpolicy={0xc4, 0x19, 0x1, 0xfffffffc, 0x0, {{@in=@dev={0xac, 0x14, 0x14, 0x2c}, @in6=@local, 0x4e22, 0x0, 0x4e24, 0x0, 0xa, 0x0, 0x60}, {0x0, 0x1000000000000401, 0xfffffffffffffffe, 0x40000000, 0x0, 0x1a, 0x1, 0xfffffffffffffffe}, {0x7a, 0x5, 0x0, 0x7fff}, 0x8, 0x0, 0x1, 0x0, 0x3}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x8044)
sendto$inet6(r3, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2)

3m49.80722679s ago: executing program 37 (id=2583):
socket$inet(0x2, 0x1, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_udp(0xa, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="fc00000019000100000000000000000000000000000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000b93760000000000000000000000000000000000000000000200000000000000010000000000000044000500ac141400000000000000000000000000000000003c00000000000000000000000000000000000000000000000000000001"], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x20040000)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@updpolicy={0xc4, 0x19, 0x1, 0xfffffffc, 0x0, {{@in=@dev={0xac, 0x14, 0x14, 0x2c}, @in6=@local, 0x4e22, 0x0, 0x4e24, 0x0, 0xa, 0x0, 0x60}, {0x0, 0x1000000000000401, 0xfffffffffffffffe, 0x40000000, 0x0, 0x1a, 0x1, 0xfffffffffffffffe}, {0x7a, 0x5, 0x0, 0x7fff}, 0x8, 0x0, 0x1, 0x0, 0x3}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x8044)
sendto$inet6(r3, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2)

3m14.003371926s ago: executing program 8 (id=2664):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0x339e, 0x0, &(0x7f0000002480), 0x0)
r1 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000000)={"6e5f236b8c70f03fa12ac19b650094cb", 0x0, <r2=>0x0, {0x4, 0x7}, {0x8, 0x5}, 0x0, [0x7fff, 0x0, 0x7, 0x414d, 0x3, 0x6, 0x7, 0x1b, 0x5, 0x5, 0x7fffffff, 0x5, 0xffffffff00000000, 0xf4, 0x7, 0x4]})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f00000024c0)={{r1}, r2, 0x1a, @inherit={0x68, &(0x7f0000001880)={0x0, 0x4, 0xe57, 0x9138, {0x3, 0x3, 0x6, 0x96e1, 0xa}, [0x6, 0xfffffffffffffff7, 0x6, 0x7]}}, @devid})
ioctl$BTRFS_IOC_DEV_INFO(r1, 0xd000941e, 0x0)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000900)={0x7, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_DQEVENT(r5, 0xc0506107, 0x0)
ioctl$CEC_DQEVENT(r5, 0xc0506107, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000800)={0x44, r3, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'syz_tun\x00'}]}]}]}]}, 0x44}}, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, r0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x66e, &(0x7f0000000500)={0x0, 0x0, 0x10100, 0x2, 0x20000}, 0x0, &(0x7f0000000200)=<r6=>0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)})

3m12.117547929s ago: executing program 8 (id=2668):
socket$nl_generic(0x10, 0x3, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x141842, 0x1c2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
copy_file_range(r1, 0x0, r2, 0x0, 0xffffffffa003e45c, 0x700000000000000)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000002380)=[@in={0x2, 0x4e21, @remote}, @in={0x2, 0x4e24, @private=0xa010101}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, @in={0x2, 0x2, @local}, @in={0x2, 0x4e24, @broadcast}], 0x70)
ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000009c0)=ANY=[@ANYBLOB="180000002d00090026bd7000000000000400000004"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x84)

3m7.329713044s ago: executing program 8 (id=2676):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
r2 = userfaultfd(0x801)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x3000)=nil, 0x301f}, 0x3})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = add_key$keyring(0x0, &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x1c, 0x8, 0x40, 0x42, 0x1}, 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000500)={r6, &(0x7f0000000340), 0x0}, 0x20)
add_key(0x0, 0x0, &(0x7f0000000d80), 0x0, r5)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2003041, 0x0)

3m5.464210325s ago: executing program 8 (id=2679):
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x24000000)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001f80)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x7}, {}, {0x7, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff)
syz_open_dev$dri(&(0x7f0000000000), 0xe, 0x20c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_CONN_TIMEOUT(r8, 0x10f, 0x82, &(0x7f0000000100), &(0x7f0000003800)=0x4)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000003040)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_TP_METER(r2, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f0000003080)={0x30, r3, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x44}}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r9}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000050}, 0x20040084)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b30, &(0x7f00000000c0)={'wlan0\x00'})

3m3.185237935s ago: executing program 8 (id=2682):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, 0x0, 0x4040000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x800)
getrusage(0xffffffffffffffff, &(0x7f0000000140))
r4 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x21041, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0xe)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r5, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
setsockopt$MRT_DEL_VIF(r5, 0x0, 0xcb, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x3, 0x81, @vifc_lcl_addr=@local, @multicast1}, 0x10)
fcntl$lock(r5, 0x6, &(0x7f0000000080)={0x3, 0x1, 0x42, 0xfffffffffffffff8})

3m0.403229799s ago: executing program 8 (id=2686):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000025e40)=ANY=[@ANYBLOB], 0x90}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000014c0)={0x18, 0xb, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x52, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
fsopen(&(0x7f0000000100)='ocfs2_dlmfs\x00', 0x0)
recvmmsg(r1, 0x0, 0x0, 0x101, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x100, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x94)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000034c0)={0x2020}, 0xcac)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000001400)={'vlan0\x00', 0x0})
r3 = socket(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write(r3, &(0x7f0000000040)="effd00001000ff00fd4344c007110000f3050a00dbfd010000000001ffdf00", 0xfe00)
syz_usb_connect(0x2, 0x24, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

2m48.858795811s ago: executing program 6 (id=2703):
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000100)={0x5b, 0xa, 0x0, "93bba551042af768810fa32fa3ccbaf1121823a6dc898168d8b3c3945d8636cf"})
socket$nl_rdma(0x10, 0x3, 0x14)
socket$l2tp6(0xa, 0x2, 0x73)
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x101000)
socket$qrtr(0x2a, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
syz_emit_ethernet(0xbe, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_vs\x00')
r2 = openat$smackfs_load(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/smackfs/load-self2\x00', 0x2, 0x0)
lseek(r2, 0x5, 0x1)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r4, 0xaf01, 0x0)
r5 = eventfd2(0x4, 0x1)
ioctl$VHOST_SET_VRING_ERR(r4, 0x4008af22, &(0x7f00000001c0)={0x0, r5})
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000000))
close_range(r3, 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

2m46.75779208s ago: executing program 6 (id=2705):
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getpid()
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
r5 = creat(&(0x7f0000000240)='./bus\x00', 0xc2)
io_setup(0x7f, &(0x7f0000000100)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000000380)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x0, r5, 0x0, 0x3b}])
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000100), r0)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x20, r7, 0x821, 0x70bd2c, 0x2ddfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40480c4)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="02c820260022000100061d04008b0665030afb0247a93336cd"], 0x2b)
fallocate(0xffffffffffffffff, 0x10, 0x0, 0xbc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)

2m44.847552299s ago: executing program 38 (id=2686):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000025e40)=ANY=[@ANYBLOB], 0x90}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000014c0)={0x18, 0xb, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x52, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
fsopen(&(0x7f0000000100)='ocfs2_dlmfs\x00', 0x0)
recvmmsg(r1, 0x0, 0x0, 0x101, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x100, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x94)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000034c0)={0x2020}, 0xcac)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000001400)={'vlan0\x00', 0x0})
r3 = socket(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write(r3, &(0x7f0000000040)="effd00001000ff00fd4344c007110000f3050a00dbfd010000000001ffdf00", 0xfe00)
syz_usb_connect(0x2, 0x24, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

2m42.906485779s ago: executing program 6 (id=2710):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r3 = gettid()
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000))
kcmp$KCMP_EPOLL_TFD(r3, r3, 0x7, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1900"], 0x48)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f00000000c0)={'pim6reg1\x00', @local})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710447000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
ioctl$sock_bt_hci(r4, 0x400448c9, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
r5 = socket$netlink(0x10, 0x3, 0x15)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xts-twofish-avx,camellia-asm,cbcmac(aes))\x00'}, 0x58)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="04010000100053"], 0x104}, 0x1, 0x0, 0x0, 0x20040890}, 0x200080c0)

2m38.959251921s ago: executing program 6 (id=2717):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_int(r3, 0x0, 0xa, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10)
syz_emit_ethernet(0x32, &(0x7f00000009c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x7, 0x10, 0x0, @gue={{0x2, 0x1, 0x3, 0xfd, 0x100, @val=0x80}}}}}}}, 0x0)
r5 = shmget(0x1, 0x4000, 0x200, &(0x7f0000ffb000/0x4000)=nil)
r6 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')
read$qrtrtun(r6, &(0x7f00000004c0)=""/57, 0x39)
fsopen(&(0x7f0000000000)='msdos\x00', 0x1)
read$FUSE(0xffffffffffffffff, &(0x7f0000002140)={0x2020, 0x0, 0x0, 0x0, <r7=>0x0}, 0x2020)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000004300)="afe28a28263ffd9dbc5af980196765a3c1f82c4a1fae7a322fdf0f6eec50303f6104db417704a701a8d6c5e7f5c99a5cf3eed4e0e1c82545122d6933469933ec605aaf61a5b8b1f8aacbafca498796976da62837e4a0d818ea71474d0412cfe162a7260456c425f2604cbd262e2aef92d09d6d2e105b7e7d377c95ccfe1d0f9af9f7e6a6d85d4a8ebee6fa703efd8c4a106793205a405938d47f97266eaa5fda88f11a03a8305399889ccc48f85c4b6a7747f489dc76c93b06be84635190224018e13954cd2fe714fec88f6aac3c57d5fec99307b8c8327e8854000e81d781e2f5bc37e96bbc3077555f696c6fadd199d9bfbf0997e76925fe17923ac5976e32f52ee407c43070cd8a709a2326ac96b94051cd0cc8f29b43edbc4ed850ae7a30b45db7e72114aeb46bd3a91775582c9206a638456a0e3da847a7be2e21620df89ea7e2da53f77f39cf0eb2d0b601d507d4dd57a534b5c77076052cdb03dd0c241f75f442fdb07624ad9d9fcbba92a4f20b20b424e3c9c92f2831e5efe0be454f3b4dbb9dbe6152bb152206ff0451edeffdbaba54deb39f00e74297c676effb60950dce7a847031ca85a1b3690f573bc31094d6e7d95f5821c0eae6a2685958619d94108eefcbc0dc5dda47ca509878dd8caa875d69af6c88997b5d67e5c67bf9daf89547a55061eb0cc55e2c696b71c7384ba16928fa81f7394a048329c467ef813df172236464f9d1418e5d5386b0eb6d5c4f765d0246ee91ab39c07310b61680788e3a57dab96d1eabe1a0efc2b6c882aed50d993d15f8561bc1f6bde7e79b711bb206685344aae196c1c4b97cd515911341cd60c6ad108e0013f87d063385ea5f057de4315284cb6f8545436981ce1c4bbf13f178e3a504bc0c8b1bead105f7e7622c288aca7206ee18dbb97b1b393d102d9c65e3a765e87f554d98383e4e49ad1c600d8fac4acb970ce04e0c866806bd44b21b5c891c3bccefb87bdf389d6a36992cacfe52b96e7e1014cc58ec29fe0ac221ea6d49f759f2a746e7603272d572515fbbb33d2b6f94eb9c6571118b606e18ef88ff88366aa3ecccd6c845f9b8534f49997c940a930693fcdf742fde3676c6cee9eda06ab856a4dfee75c7c9cda6b11da6441644b62116e6fdcae5b5e0148047028a5842c21fb9637771a5ac84ba9740c9c9b56b58c08730a48e81c05b312449edd27843c173d1875c28aeca43761a06fed193378129243aa514bf74d6b76ccd70807440401948d6f3bd9a352cd432e1289f2d4e78add381e4477dd8ac2f2ccd3b6533121ac51c393dc773b9e120ea8194e51d76749b4f0c4e6e40132ba1535015d5ff224ff77310be5a31a6defa004262918136b9db98a94a1fd244be1f5a7cf6762e7bea536df1d312a72776baa881833d295f1a60f2ac98d54f302d8fc72f135ab3256d065a618b60d2a6982ee89c60bac90dd81e0cfc24118c568e8e3a29a9f29e55f479a8fb5638d6cd724605b69aaacafd440020f4776652537454041acc13cdb0bf1489fbac78c4bfae755b259764756407204b22cfe838ddf82523c03b4bc1eeb55c43b1f50b7d03fd4da448ae51cc4a844fd0240e0d131c2693ed770844bf25e3bbea974a5c2a40ed65f1c3a729ed93ec22b93899aa861ce301e1cc1f3e98846a39a49169cbe3eef35e3595207f1014a8dc89d6b512dc05cd23ed4b4741f6ac778794cd1282f42a72301f37816859cb92d53db6793f294df19d0ef1bb453685f3c666b3941c25c92b204c8307c0e83469032f276cef4ce538a4570d652aa212de6fae8ae4d62399de49f0d4bfc0a47fbd79e7a86e12c9d863dde004f9e9d605dac7d688dc5daff78c27bbe727fbab0cd3058e75544261d5d83468ef23e3a224f0ec460855aad927c5c5b3bfce0a3e3c45abb0ee6dbd04242ec765e324209bdf07f4ed21eb15e2f030476fbc3cd05554f54858232625e9b37ac41b8e354ebc85a0282fbf9ad5d6e0c2d7b093bc1f887646faa1e7622f110b546dadf44eff6bafb2a58631a93e560bd67b42ab96d4a9f044f26a481feb8b3f2018a7236799c2d1877a63e5fe64dd207be729eb1cda7977d59bc139e1d2f6cae1defe90b8f6a99ae4dbac317413745521247f3691e894af33c7484afb11f4d2f858ee87e93ad202f9853c6ceee0a92e052225ebf283a017ae2e7cfcf924ea4e3b319a05a9bfe3f476308aa5039fb8a7d3642043957a2090e0727120a7aea16d16e7a4b15d5676966041f76188fb69d89080b6eb2d4d42bc84e298dedda4db06b78df5c7198230ab439f0c3b4f3f649d531664c59eee2d73fe14f01133776b717f6b7118afdb264ace9e44af5bfdf35bfa7f7ab538004c0085c11da725ed284a34c7f27da78acf488bd0f54e6026efbf81af934558c36473d0fdc85519e11b4f30fa3b7ef757c35f4c88a360549def898cc460557433e44621589e71f3118003b4695f3130dc005d32c0330b950c12e430d2a2a6b9a68995bc9e1345dcfa30585603f09e74296cffe8d758b216de00e8302eed0e06f94e7bdf835cf27fcbe57651f36d6d2de82f179f42fc8e7fed4f5c7f5b691c6e038a76cab3e604e42ceda945e155db89cc0013564726053ccd77cd8e626bac72468ae0998f686450d5e0a17ce88e1b15d05f212c336d7cb5013eb94fa861b588be01ed252b487b4d1918c87a341b5daf74f3083bd49ccc6ee26ff8993b5398145ae7f9505c1398f1bdd2cb90636f9e99da243cedccc97252fe15ee10e886c187e5c614f33bbf630c654b1d87e693b765f3a36b67bd1fb46afcd24c96a0b7784e4cabb8a8a5abca853d51694da85296a430b8856f51173946c9f143db65fd1b51b9534657d3a7953ba7186651ddc6f0a625563c3b43cfbc83330507d399ae87731e1ab1f15320779da21d2000d85155a8c9cbd6f642695a565dec615d7bdf8a47a76005b3607cde6176b8303b7eeb2212179d6f5176e45b1759810fcec418e6c41e7b33da9f92211631a070257cea55e644498466d5fc5744f903e6c4a2d3809eb6e70d50a82f66a1a05079ebe9ae0b756bb2781dafd14b1a06c0eb2c9b77b0d8d005d47aacf5447a104f85df3decb0ef8bf1483b47be9c945b95634c474f9cebdc97a91f85aba7172d05cd7b06afa043b8900ab400770fa270029e34ebab31a69367a18057ce532cd66e52b807b8665475977a56ec5407c778994ce9c85e8b96f1313e468cf83d266f14250acee2a4a52001de174d2208bc2a679916e4231fb30a99263a0398e99e9f8236010f17a5de367d673a95b374158d2baae4612ec6898d0fec2f95b45c6bd760a0cabcac1067470492c5e66c11ea745ae803dd24a5c89cac5a0d64bcc15648b1d812be638d10311d640b3251a8001619d09f138bf04e35c02807c2c87c222a6f54da320f0169cece864f4d37af54f0fdcfd455051c0effe17d2c04b3b67807af05cd8176017cd8e35c1ca1b13112f2dddde84be95ef67a6c8ad8a4ab0e7175fd124bda62656c4afec4dc8c0261a855e75575ddbb375e45a5b635fc7bc528ba387dd24f485ba69a9ba2761c243d359bce078d0ba0cdc13b6ee7d66a8546c49a4429af5866f866ba2e1e0a10ff4a3c3b5e240d918f6a896c35f51ad7b02e6d0747ee80a99c8812577600e359b703e571ec18d6b88866f28aef250de65f39b266f6795237f7d3f741127f3d47cefb255d1b3c06c7d8fec9bb8e5c666d7ca7b803dbabc6cacecbca1ed8e89ddc2140f45c4f8572c146d7ab2be20eb72baaee4b1d371aa9f06833ba1a0cb66b701c1fd90e8bcdcfb9bd57a8cad381e7cb2b99250d21384ebf771833ac6f32f4115fcb0ffa177dcae6673b1ff80cbefbaec2c863b263035ad2a0d0a340fed260d4fbf008745bc1b51e5b011b54584f6c0cf3a401f8cfd23f23e830a311bec365064895cbe8a664184aff212bac6f164f6b619e4d8521ae447abc8f59b284aa2e94061aa15afd9070fef452d4fd644da4b6b716784109d92abd31d3221a76eaf592e6529e70a67bd92cdb431c7af9f658b2ace3d954c4a5208f1edcdb8a04461262ed26b24bb3df41b1c28ec42880590b3685f56a3982250ae96c7e1fcb9aa6a9887639d2209cf190e9ea82d5634513eb36c5c0e0769250948967240e29921da36aa0c07c76c81c7bd8b7f1c1c9063b4b1fcd88f63aaf568a7cc9249fad5c996853dd160d80f5251673643fb5e0067c97b0d2b513c1d22a3c2e73786c3c5c17f14c57c2df7c830216e5c3ef066468069428501e1a78c935f4c520c5cfe9daa89ca4bb4895fec8a328453ff630848eeac719bcc09d7bee73e58f4b7cf90f098bb7019c73912b630af92ed9b309c53c5c4edaa3788f9e6d486bd363619cd2c140d9a7175f6c5f977eb6e6f58f18c8d0ace671570e0dd6ed78ca228782ddb71c6f137cf0e27fa85b52b1c15ddf184a72dab098a8b1c1f6746238a8a92848f2478b690b80c131c85e90b69953f5eb54c0b47d59b7e440190e1c9b2d72fdd94c64296ca33aab32cc8f69091df05aaefd4ea00303a3522672f01b5373abae33d34844831a1af2e51276b61e637a93e02e09c306e5fb9619e82bbcf0e43e2f5e8ec8a458b9f1c612634645eb82051fa34f4b13439c3ba2e016972df37f197d09121bd377b1472a2da64698efb11cc88fa36ac173c83ee155b73716639f5d73a29fb783fb27e5ccbab5f9b95a4dca6a7406cd053a7ac9ff25f42ebddd9afe7df308979c314acaacecea602267c6d57fb5f5222e4ccd4b18573b32d6a19f1798a1d78b36b32f0723f7b33b06c2ca43b22e4cce6cda741b3e68a056a0cd6d51b6929cf4a16fb7b2490cbe87e5612dfa7d26ad40ec412021f9033aa2884ee86c7610623fb64663ac5554e694e84877708e77d243bcdb198714fff672b0f927f9cbe5b2436002f02a559dda5232cc150170d7b32d547a080f852c6838809f8ae1995e7ad4b24c7d1ecdb6b5dabca5da671493a3a1b4da1e7ad13ca4b4dbcf53a71348366cef7ee45cb719a8321205aa70da47104e66f344393e64dcfcd015b9d6bc75ec3dd31551de4b614bdc4d89c8de1254a91c4f33cdddf98d8ddf36e8cdc537a7d11dbf51913ca87ca9f644a2a08905e15c0f2bc58168e425b52055e7878ba468909dbed30815e01720df5a1be196471d30c1525070efa59fe62720960e473dc237d7866d77e8ac69cbaa50cea6205b7ccef9437b132f41e87906f3b9c48e9750e7ed1993597f8e599ab8596f4378853ee10e26289e72b92c425f5f0ad0f94d4694415739ccfc06bc5a49237157071116578df4f8aaa1eb4c123c8ada753e4a631f3f9660fbc9404d8af9ef1af380ccee1f2e520c03615fe7c5d276e917d84061f8cc0e5814caac9ecb0ebdf8bfae551197d66ff22236832a0ac38586b059a4ae9054d1810d361f50da921b33904cb6ea7faf44b811e7f7348d07cd32c8f83da01d4d74092493ef5cd3d2cbb9eeed6986f3e4615b8d341cbe13d6eac3bc1e9217fc2f86dd0cab958a6b4e0f0604501b48d352118611e96a974e3642fa785538e7d5b3bc7a363ca95a98a0816e6179bb438f3c110036770da0978987ebcd241464136b2a8d45bf1c2b499b6dba8e44448c73163ae7df71d7c98b705af886dc195cc918c2552fc1696d6749222a4e83279a14001ccb540a64a713fa1691c30e99ae0bf8fdacaaf4aea9d4f89db7d4f364f7a30c80b782f5cd7af01347d78769902f2ed675b6b859b5467cad1bed59a64f13a4b5a827e029c9a3107b08e5f18b930855f7d85f1d78d45d7d3c909b87213158dbe5cfda90936388885a32a61529ab30bf31fcc1d6df9ead0f49ada899dc8be042d2289383f6d09411aea11e6002359ff2e36345b8454ec5f126db94349666a3666323ca164a0f72873b63c9dcc0c60785a66862655d4ab5749bc00bd98ba9e20325e78a572fc93739ce884f3398218c614f8ea33cdff4b797dc2c2874d20670733f30acf52ae4d14c9e83f54533acd42931ea42fcbf89f7a8e68c3c8ecefa4a1e1c693244d4604f9488df30718c455f719a6d93b30173305264c9bdb21e8a68a74e7310dbecdc27afc7b162466c444ce4bda0d937104e683349828a4f0ca8723d54fe13287286f7a6dbb8ece6a7ece355fbee7424e7e524ec33ed5fed03a1ea964af0830108c5e69a071606d9d28450977245cba4d0e1ed8177752526e218cb5e113dff2236c663808533c580da3d83ad502a3d5d30949ca2cea660ccb613cc7661d6857b3b70588976ac8ceed944f7f738e43101369bea05a26ff31692ab45b6c95f794a5c92d8bd42ce8803162cc730782e0c1e468c9d090488763d9d1f1471c2ab1cd8599e078d81a0e84707ea02a0f91c3d588bb54f1f5ba58845617b80263ab8fb2c6757d72eebe00591c7b6cffddb969f6fee2ef9f016f641aa2ccfd59c839ba40ac1a10bb9d94f96e1c6829dd4d2dcb9d0f71726c31d813fa78af8b7621fa47f4b0ed9d9d98e4209676969728a00a92dd592dfee41c806076f0e4100e371c7427f888ef91f03c5b16d87b2ade294f69b77afb199de38bfebfa3ec9285d1829c7c0714bd100c84efc8eb71146a1d4c7f659d77c42119b738d6bcfede23855780a6627d4a417aab498ec60bf69c44fc1f3fd4f99ed941a1234ad1f3120dcc71275c464be23453749841dc1c36a76b28b3659e809a1216aea67658ff76e99580cb202eedb9d4cab23e879723d11f8d4086362271f8f2e6816d47eaeaa5066c3c4338868fd3c8b832581490b6801278e9d1d59771dcc73eef6b9903ba9b9f5e565eece392568c878662ad9cbb931242a27d883fe7839e7e502c368e736f5dc057ed2e4b5c963c54712c772535e22e94c61a13ed50682c065cad0d861b3888ef332ed0236e2747720f97793b46eb39b51057b44f2b9e05de8c077cff7ef5afb56a5d28754d76161909a05573f8aaee5fdf260d80eda7e1b83539e09362a4f9aa0e8f069e0cf221eca87593457b342de27c99cf14c4bc0d8050aa19c8e4a56b3b5d2c3fcc23633f5ab20ec063270c9922292b645a5523f9bba5c6f66368c227bb4b2ad6c1f4c8927552f6b41a312a4bec49669e2968a7d6bf30cf09f8d3fb473ce5a839ed27fa906dbf504aec3a5a2884bf4c569235202dffa763b14f4501ecb8608e77aeb4fda0e4177fad0bc02da3224f183355ad62f6c50efa3c8f8e02bf3cf47ff31210606bb87ce4acb53ead7eff942d65d9905e9bf6acf5829eed4855da2488e0896ad346da16a5c988e31b0632592a2dc3030d28b6d62a3a4638a0a3736f5103ce5fe72baac7fa23d5295c42cd81075ca9f7a9a7fe3cf418f50f7eccd8a7c3e6fb1e8b30c5d8dbb0772a8b44f44cebd8249ce10eb24d1f668765796b4a56a482580456ac49db677284f3b2deaa9514973ad5c156bb4961b2ad05bcde1bcea522790765208eab6eb27777c2ef643ab0c85e9625d259ae29a3b2e864bf936cefd90b63ba2281f8bf8505ef6040335c258d338c014c31810a324dfe382699ac0b92a2747973a297e94fcd75ec7d156bd61cf848d7144f9a9dd89c72b9c323ed6f37110f722da90396816050ad800fb33a92651b0356fd15c4cf876a3509ab32cca3f5bd6906ce5ec186391effb13fac0a10525622023645bfb9742472695c81461db0298f84af1983b6e5e94ae355e0e790fb51fe558bd70e889744872c9ababf42b930340e192ab4295ee72e1392f2bbb137533a919d72e651cbafa37a88232d0f464bd4531e49c65abd629f3e8b920ae3bde61a3538514866f18a937848f7bd99e4a0fbea506b9ee5ab47e41cad31dc261020f91d65c88bf2251c617cfde3314ec540c8128adf417f1ee716473c3d3c049dc7714a832c128869bb4a9bad6f8be1b0a6bb5c0e40417d594a876a5fb50055e7c67e2519698e5ca89fada7c84032a811b0eb5c67364ea809c6be960c9a7b98afc8e6315e780d8f556b97ea65b7fd27ca6fab61164d60a109d182b9b8f7995ee915eb68be320000db4b0bb821ce13a8d55ff70629a5f2bb89a1c7a4b874b49bcb13105493a9560344f89877e7c5e409a15bcda6d27073c3b744b386b0b82098d307dc3aab1ead4306a73cf8382bd3451c0aaa14a8333c6f34e6b5e5d3b240e01243749b3938840c835e16129ddca5d9439511b4fd22752d904dcd60f9405467918e48fa17547493e51a14ccb47128c7449b51cef63178f32cb06155b9e9cb65dba65f8a6f9a45d8d49852609dd0cf8418f463cb15eaaea77c1c89f530c1f6c6c7820d66957ff2fe731628a328f4e7896d5cf6fcc0782c05c47b8f01d28908913e379334fa90ea01906e865202fc6386fc69fb683a1dfd037ec5bbdb368b3530a3cbbbecf2107faeaf32081c65b48a3bd352998df0a781dd86c7c8112407db1bf1ac6446a0c77e8f2e3374fb8217abd59b3d40c9582a3ab663f278a83b22685914b4b2bacc973ffb2dec5e6eb98d6c16463c1e9a896ca4e65206687ca4423c359b4e1ce06a57ecb083b750026719dff109a1d823b4ccff79e5ce416bf3756d913b31faad8c0bab1c62276a581ba8830da7c59c5224db7dd38b032db7cf7022502a8f3cef31dc8344a2d02af978d6f901b1b0097dc425f4f34b73c6ee02a8b48d7a23299c1c6e5190221f84c2ecfe5bdb67b36c5dc23455ae466722c5e4f52b07aa667a6cb55c6a411225e88cf513c7cdd2065a1e044c0008f8b6a5b28f3f00f14e7da47e944ca666cec951593ac26ce5e75f17ca2d438dd8f926ac57d1761a72024187a2f77ef42a7d246f906166afecdcdcf8db8cef6f8855ecd97185fda05bae717eaf3165b99021fbdcee50384a22c8c025c8f82d4839dcb0a6075642dc453c21a4dcdc997d70315dce9a3ac7eb0185924436965d1376624b5c08772ba59b142a066bcd0ad044628e463921d78f1efcf8e8cd1e0fcf525115ae2b104c31561574003770c21e847ab80b65d3a2b53e6ad4a3d5227e3bc82b58b5feabc9c70b55264b32b658227851518664baa871f8128bd826ce818be1edef708e033155ed69a0bd83b246d83ac85b33d7370dcc7f930c25609e2e5f86f1738ba266b079a3743180b9b84a24e4915b1743834ec319e5b238ba6942e4128348be821b21892477e4c5ad3a2031f0ef11d9d54cc90f87cf093e582b1384c8960c36421969f7ee247001f37c66f10ff6dc3edc7de984acb599e9b8bd3e792855ddc703698578edfe74bd27e967dbe77bd4cd0bcbe08ebfa7c5bf95745e670438097ee29215d3ecbde9e8e50e14ec41a9d746de20230140d854e36e95f7c13446db26715b9a30a3d3afa3a5645e0afd3eaf8457a87c528792241e99a415b8709ae334bfa81fd8508c77b50e3d1f2ecf8f7b6b1d187bbac0bd3d49f00fb5c21836a2bd79ea2839bd3a1d396422699dfe0958479c36964efdb2f602d25f202a534df612f347696de6fecffb673d2162f2572c6d04895fc22b638dbf54dfad4d6058683919ec47cc3d3d1f5e4528bae31632081b9b80770ce0e7d44287e18fde786801e7beda77c0b9ee3965f3a4956496fe8e892b65e137d9e47e8e164f7c6fe9c6ac9ece1b7eead32a5a188df5539537e1b736f1c5d67b604d064eda6b6730c51e182cae81e65290f12f68a7146888e438a799d04931f2a0b9b6c565d47d9d322e7358ccdbc08eafc2470414c44f97e33013b976b995bcf96409789bc2bc97d7add4b6eaaa84c18ea936f0eb332185f9de597d6f7793215df2c0be4b5b4085910adb83d248be16deeac399070ad00a24a67cebef51694726a612ea5763f1bbff03a77357d867ec5461c33d73a47db4a51b496be6960ca7c8cb92a51dd578f99e4b1d2b18ce406b2751aeb065ad0225aeb1eedce3b26e3feec915361cd6b4acc105a2962edcd6547691a557f4deb9ca96d39bd92ebc96e763b6139a0421f42c561a7a20ffebef94bc0b7538466064610134ede0221cde98d085531471c0e9761880904952234f0ae34502b3790aad682fe6e7fd7977816e21aa3f7793ca99312ee07ef9b34a31102710bbaa31dcd57d941e6d5fd6b6607d3449bbffb1434d67edc10727230c3283ab7e212152039e9403bc7ae082cb3934794468dc7549aa35cdf35d3c0f754b7fdf47dbb5bc5047923f6841b9a4054a0eef23de222f0ecc04410fccfe3779820d2ac659b84ea56eeefaae980f1bd43aef8e78705ce1995cee4f88400903f66e6d24307090e23d04387909a62a3394890118549baec01b6f2a5c416f68b71bfc2b7a0bf289587664a2b6194d4eccb51bd4177c9487b724f91d088ce68f20882a8dd633b17ad73584e68382877eba4fae1af839baca07f3adc4c9796e07dc69e90bd5efe3a84d3ca40fa8209c2bc9c9303ff2c7979a9508d925c021cea6c7f1483b5c5b00232c292f302fad79aa5fa4820b04a5aed1f9be4cbf4430bd2b6b559133979e5239f514e87559950808fd098792c0b1bd0b9cb94463b22be92962692dca35a8bd0fe0edc28e7e759d2d753177fc29860d419a29fd89c0a2c11e957483f9c13637e2f66e96bf3454b943b7dd368b71243ef58b0b3d469cdf5572a990a5c998c5796b80031f56bc98f5bf70a717cc5ff4febbfc32b29543548d8862f1ab57fbdbeda2a9901593c0d92d4eca205312c18ce649ed5a3263b66d8ca52734a16035daaa182c24e9ae2851e8dd153d2fe34978e8df50402f133190ada04cfaaac56ca6fa20771a195c76a84651ca4aa9c7c4eb16007ef1e965055ab6cb08a02db6c1a82f8c695ec370095c0afd535ed8abf17ff514451055854a99de69863f393e1679ddf5326e1f4de42220df3839ee71c8fab2c3faee9af0f5e9ee5a3c4c146ae7d36536064a11644a9a195290f3d75f64652050ca8a1ef17eed6f5077a651af1ce5304f2e6fa781a83df2a7c4f5e1c8337d35f93633d684803b7bec4fea60e1f9925580f9199f40f307bfd84de2d51f1df191eeb52a48ed4a19c4f524cc26f7043bbabb1c43c4f20d950e218dbcf09a8bda0e1ca1759466938dd764c85c3d8de92b3534ff5c492d024e6ca87952243fe8b6379ba189032926685afcd3839a4423ba19cb0c5488982ce7cad134c60bc329f855ba4be63475ade6110d6db66613c3c7647e76e3949f8e5299738014743523662fd6b1626bcc0cffdb3b757ddcbeefa2facc49da06d907d21888b9344a3167d143e5f8e022d8c75229fd491145c451ac92f000aeee43219215a8136c7c17327f6e0a3eef7fe1861930d143d92f33aa74984c89f9ba3e9ee887bef4f9b16654cbc739fd6b2eebb255596dfd6639896685b72b0e1ea92019884468f5c78d21a3a69df24a3d8d517cec2122417bad0ac7db0182cc87b8b752e7474a36acb8508d118d44d509cd8594dea3a3a611a6c1c0b3bcf48b4834d8bb5cd18f420ed7aea21810c0303ca2d5fc67b116491f1bbd055221c79ec0dfcfc22c17cba3eb4fea49127615fdcef9cbecba603dd2e01e07af17ab0f4a6179f54edb34db2dc0c937a0aa1151c8a9474afd1af7c0a83174aa1fdd8e4bfb9b10841df5ccf068a5612627c8724b1c68fd3879a57265836409a6d851f1baf0023ca", 0x2000, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x78, 0x0, 0x3, {0x0, 0x0, 0x0, {0x4, 0x3, 0x0, 0x0, 0xffffffffffffffff, 0x7, 0x3, 0x0, 0x0, 0x4000, 0x25daa903, 0xffffffffffffffff, r7, 0xffffffff, 0x9}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mount$fuse(0x0, &(0x7f00000002c0)='./cgroup\x00', &(0x7f0000000340), 0x888000, &(0x7f0000000400)={{'fd', 0x3d, r6}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, r7}})
shmat(r5, &(0x7f0000ff9000/0x1000)=nil, 0x4000)
shmctl$IPC_RMID(r5, 0x0)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='iso9660\x00', 0x208000, 0x0)

2m37.085097378s ago: executing program 6 (id=2719):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
r2 = socket$inet6(0xa, 0x5, 0x0)
r3 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000001a40)=""/102392, 0x18ff8)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f00000000c0)={0x1000, 0x0, {}, {0xffffffffffffffff}, 0x4})
mq_timedreceive(r3, &(0x7f0000000400)=""/205, 0xcd, 0x200000000006, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
setpriority(0x2, 0x0, 0x3b)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r5}, &(0x7f0000000240), &(0x7f0000000280)='%pS    \x00'}, 0x20)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, 0x0, 0x0)

2m24.087718935s ago: executing program 6 (id=2737):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
timer_create(0xfffffffd, 0x0, &(0x7f0000000040))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x202400, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x2, 0x0, 0x3}, 0x0)
add_key(&(0x7f00000000c0)='pkcs7_test\x00', 0x0, &(0x7f0000000000)="100c0681000000ba8b0ad775b31b", 0xe, 0xfffffffffffffffc)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000280)=@assoc_value={0x0, 0xe}, 0x8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x80, 0x0, 0x0, "8100e1c8e80b598c36ff000800"})
r4 = socket$kcm(0xa, 0x5, 0x0)
r5 = socket$kcm(0xa, 0x5, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB="9beb01031800000000000000000000008000000002"], 0x0, 0x1a}, 0x28)
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x8916, &(0x7f0000000000)={<r6=>r5})
ioctl$sock_kcm_SIOCKCMCLONE(r6, 0x8916, &(0x7f0000000000))
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x8936, &(0x7f0000000000)={r5})

2m8.309338424s ago: executing program 39 (id=2737):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
timer_create(0xfffffffd, 0x0, &(0x7f0000000040))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x202400, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x2, 0x0, 0x3}, 0x0)
add_key(&(0x7f00000000c0)='pkcs7_test\x00', 0x0, &(0x7f0000000000)="100c0681000000ba8b0ad775b31b", 0xe, 0xfffffffffffffffc)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000280)=@assoc_value={0x0, 0xe}, 0x8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x80, 0x0, 0x0, "8100e1c8e80b598c36ff000800"})
r4 = socket$kcm(0xa, 0x5, 0x0)
r5 = socket$kcm(0xa, 0x5, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB="9beb01031800000000000000000000008000000002"], 0x0, 0x1a}, 0x28)
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x8916, &(0x7f0000000000)={<r6=>r5})
ioctl$sock_kcm_SIOCKCMCLONE(r6, 0x8916, &(0x7f0000000000))
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x8936, &(0x7f0000000000)={r5})

53.602570653s ago: executing program 9 (id=2853):
socket$inet6_tcp(0xa, 0x1, 0x0)
open_by_handle_at(0xffffffffffffff9c, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
poll(&(0x7f0000000780)=[{r3, 0x3230}], 0x1, 0x40000)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'})
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x58, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0xffffffd}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=@newqdisc={0xf8, 0x24, 0xd0f, 0x70bd29, 0x25dfdbfd, {0x60, 0x0, 0x0, r5, {0x0, 0xe}, {0xfff2, 0xa}, {0x1, 0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_NAT={0x8, 0xb, 0x1}, @TCA_CAKE_ATM={0x8, 0x4, 0x1}]}}, @TCA_STAB={0xb4, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x5, 0x8, 0x0, 0x0, 0x0, 0xd074, 0x7, 0x5}}, {0xe, 0x2, [0xfffe, 0x9, 0x7, 0x3063, 0x11]}}, {{0x1c, 0x1, {0x40, 0x4, 0x4, 0x10, 0x0, 0x4, 0x0, 0xa}}, {0x18, 0x2, [0x0, 0x9, 0x20fc, 0xfffc, 0x6, 0x5, 0x81, 0x1ff, 0x5, 0x0]}}, {{0x1c, 0x1, {0x7, 0x5, 0xd, 0x4, 0x2, 0x7ff, 0x5, 0x1}}, {0x6, 0x2, [0x6]}}, {{0x1c, 0x1, {0x3, 0x3, 0x5, 0x8, 0x2, 0x0, 0x10000, 0x6}}, {0x10, 0x2, [0x8000, 0x8, 0x400, 0x6, 0x40, 0x2]}}]}]}, 0xf8}, 0x1, 0x0, 0x0, 0x55}, 0x4000)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x3, 0x7, @loopback, 0x800000}, 0x1c)
close_range(r1, 0xffffffffffffffff, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x800000004, &(0x7f00000006c0)={<r7=>0xffffffffffffffff}, 0x106, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000340)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0xd, @empty, 0x7}, {0xa, 0x4e24, 0xce, @empty, 0x4}, r7, 0xfffffffb}}, 0x48)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(0xffffffffffffffff, &(0x7f0000000180)={0x10, 0x30, 0xfa00, {0x0, 0x3, {0xa, 0x4e24, 0xc, @mcast1, 0x6}, r7}}, 0x38)
syz_open_dev$vcsa(&(0x7f0000000040), 0x1, 0x210440)

45.064805951s ago: executing program 9 (id=2863):
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x1)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0xa, 0x2, 0x0)
connect$inet6(r4, &(0x7f0000000480)={0xa, 0x4e20, 0x3, @empty, 0x2}, 0x1c)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r3)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x15, 0x301, 0x0, 0x0, {0xc}}, 0x14}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r7=>0x0})
unshare(0x2a020400)
socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$NL80211_CMD_DEL_TX_TS(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x24, r5, 0x1, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xc}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x240008c0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r0, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x101000)

42.632434944s ago: executing program 9 (id=2865):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001a80)={0x18, 0x0, 0x0, &(0x7f00000018c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
timer_create(0x5, &(0x7f0000003a40)={0x0, 0x14, 0xa, @thr={&(0x7f00000007c0)="b0bbbced61c9dac37753250c42e042a05f61a1dfb79c4113189ba3d1a6a165ebe90b20ae42494bc14d", &(0x7f0000000800)="43b2708763e29168df4fde3559cbe3460533b29b651770a8a49fa7d48dd5dc"}}, &(0x7f0000003a80))
socket$inet(0x2, 0x1, 0x100)
socket$inet6_udplite(0xa, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES64=r2], &(0x7f0000000200)='GPL\x00', 0xfa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0xa, &(0x7f0000000240)=0x6)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(&(0x7f0000000280)='gfs2meta\x00', 0x1)
ioctl$EVIOCGREP(r1, 0x80084524, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESDEC=r5, @ANYBLOB=',wfdno=', @ANYRESOCT=r5])
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r6, 0xae03, 0x28)

37.639291945s ago: executing program 9 (id=2872):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4a, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3, 0x0, 0x7}, 0x18)
socket(0x28, 0x803, 0x0)
syz_open_dev$video(&(0x7f0000000000), 0xc000, 0x0)
mkdir(0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000140)=[{&(0x7f00000000c0)="580000001500add427323b472545b4560a117fff0b0082001b59000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200", 0x55}, {&(0x7f0000000040)="abd9", 0x2}], 0x2)

36.656624746s ago: executing program 9 (id=2873):
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r1, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3731070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r4 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r5, 0x0, 0x84)
io_setup(0x3fe, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, r6}, 0x18)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8b28, &(0x7f0000000000)={'wlan0\x00'})

35.619633625s ago: executing program 9 (id=2874):
socket$inet_smc(0x2b, 0x1, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00')
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r4, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
bind$packet(r2, &(0x7f0000000040)={0x11, 0x1b, r4, 0x1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x224b5bee36ba75e4}}, 0x14)
sendmsg$nl_route(r0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x4, 0x6, 0xa}, 0x48)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r6}, 0x18)
r7 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r7, 0x10e, 0x8, &(0x7f0000000080)=0x6, 0x4)
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, 0x0, 0x4000)

30.702268621s ago: executing program 3 (id=2881):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$vim2m(0x0, 0x40000000e, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$pfkey(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r4, 0x18, 0x0, 0x1)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30f1ff00000800054000000021540000001d0a01010000000000000000070000000b00020073797a31000000000900010073797a30"], 0xc4}}, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x1}, 0x10)
r5 = dup3(r1, r2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r5, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r5, 0x10f, 0x88)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)

30.080200157s ago: executing program 3 (id=2883):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000400))
sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4800}, 0x20004804)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0)
statx(r1, &(0x7f0000019080)='./file0\x00', 0x400, 0x800, &(0x7f00000190c0))
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0)
write$cgroup_int(r2, &(0x7f0000000040)=0x1c8, 0x12)
read$FUSE(r2, &(0x7f0000032680)={0x2020}, 0xfffffffffffffca5)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time_for_children\x00')
socket$inet(0x2, 0x5, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000019200)=ANY=[@ANYBLOB="18000000fcffffff00000000ff090000950075b4939fe69c4e400c0000"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x71}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000140)={0x5, 0x9, 0x1, {0xa, @pix_mp={0x4, 0x7fff, 0x34565348, 0x0, 0xb, [{0x8, 0x8b3}, {0x2a7, 0x8}, {0x2, 0x3}, {0x13235815, 0xa3d}, {0x5}, {0x1, 0xff}, {0x1, 0xa}, {0x7ff, 0x9}], 0x2, 0x3, 0x1, 0x2}}, 0x1})
poll(&(0x7f0000001280)=[{r3, 0x190}], 0x1, 0xfffffffb)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000019300)={0xffffffffffffffff, 0x0}, 0x20)

29.085087573s ago: executing program 3 (id=2884):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000009800"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
r5 = socket$netlink(0x10, 0x3, 0xc)
r6 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
getsockname(r6, 0x0, &(0x7f0000000d00))
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_open_dev$video4linux(&(0x7f0000000080), 0xe97, 0x0)
ioctl$VIDIOC_SUBDEV_S_CROP(r8, 0xc038563c, &(0x7f00000005c0)={0x0, 0x2000000, {0x8, 0xfffffffd, 0xfffff1b4, 0x3}})
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
fremovexattr(r9, &(0x7f0000000240)=@known='system.sockprotoname\x00')
bind$netlink(r7, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000200), 0x4)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)

27.935094912s ago: executing program 3 (id=2886):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wlan0\x00'})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, 0x0, 0x0, 0xb, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = fsopen(0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x8)
r5 = openat$cgroup_subtree(r4, 0x0, 0x2, 0x0)
write$cgroup_subtree(r5, 0x0, 0x5)
r6 = syz_open_dev$swradio(&(0x7f0000000240), 0x0, 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
readv(r6, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4c0000000d0601020000000000000000050000070500010007000000050005000500000011000300686173683a69702c706f72740000000013000300686100020000"], 0x4c}, 0x1, 0x0, 0x0, 0x4004}, 0x4800)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)

26.659919076s ago: executing program 3 (id=2889):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004000000cab100f4c21ae4e65498b98efd133fe05270996d3922b40a755ce5a12eff3c30bf72b01c8294abfefa62ef"], 0x0, 0x26}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
r4 = add_key$keyring(0x0, &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000600)={0x2, {{0x2, 0x0, @multicast2}}, 0x0, 0x2, [{{0x2, 0xfffc, @empty}}, {{0x2, 0x4e23, @empty}}]}, 0x190)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108)
add_key(&(0x7f0000000200)='rxrpc\x00', 0x0, &(0x7f0000000240), 0x0, r4)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001340)={0x3, &(0x7f0000000080)=[{0x2d, 0x0, 0x1}, {}, {0x6}]})

25.498952363s ago: executing program 3 (id=2890):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x8, 0xdd, 0xff}, 0x50)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000004c0), 0x80202, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)
epoll_create(0x10)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, &(0x7f0000000440))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000000)={0x0, 0x9, 0x2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000810)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r0, 0x3b87, &(0x7f0000000600)={0x18, 0x1, 0x0, 0x0, r1, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r5}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x75, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x9c}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)

21.941014354s ago: executing program 7 (id=2895):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000180), 0x7fffffff, 0x80001)
r4 = memfd_create(&(0x7f0000000180)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaaSc\xf3]WhI\xf4\x89\x85!mPl\x90\xa5\x93\x19\f\x9a\xae\xd5a\x9bU5\x1a\x86\x9d)5y\xef\x90\xea5\x81\xfeO;\xd4zh?\xbdW\xe0\x84\xe6\x9d\xcb\xcd\xb6\xad3\x7fWY\x02\xa2\x8baG\x00\x0e\x8e/\xc1\xaf\xd0\xbcH9\x04\x00\x00\x00z\x16\xdf\xf3hLpLaA\x89n]>,^M\x82\x8e\xe40\x97_\x809y)Z\xeb\x9d\xbawv\xe9\xc0\x16\xdc\xf5\xcb\xdb\x96\xd6\xba@\xa7\x1bl\xca\xe0\x1e3\x81\xc6S\x86\xf7\xf0\xba\x1b\x14N\xa2\x04\xdb\xb5X\xe4y\xef\xe8\xdb\xd5r\x11\xfb\xe4v\xbcV\xbb\x00\x96CR\xe0~5\x16=:A2\x9c\b\xd9\xa0CB\r\xe9\xb8$\xfe\x8d\xb1Gg\xa9\xac<\xbf\x10]\b9\xd9\x89\xaf\xa6\xd1\x10\x1fq\xba\x06_NW\xdb67Xv(\xa8\xce\x1b\xe6\xbd\x947\x8f)8\xe5\xb3\xac;\x7f+\xf67\xea\x1ei\x92w-)\xa1B/M\x0e7:9\xdb~V\xb7\xd5\x13^v\x14\xe6O\xea\x00\x87\x8dkG\xdf%\xebe\x83\xb97\x01| \xb3\xd8W\xe8o\x17\x97\xd9\x14o\x92\xb9\x9a\x8c\xd7\xcf\xa2\x11\xc3\xa5\xb3\xd2\xdeQ\xa7\x05\x7f\x99Lq(\xcd\\\xa2y\x14or\x1efn\xf2\x97\x96c\xda7\t,', 0x5)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000002, 0x4010012, r4, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r5, &(0x7f0000000580)=ANY=[@ANYBLOB="5200000002"], 0x8)
set_mempolicy(0x6005, 0x0, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001140)=ANY=[@ANYBLOB="bf16000000000000b70700000100e0ff5070000028000000770000000000000095000200000000007ae9413df8ff0af5aa35339f4b382c4cad9db67dc983134d04ef2fd6fa7a9b857b72abaca100af1ba23d69883c073ec10500000000000000000000000000ac0e064c27bdfbd301150500000000000000bfdc995279d64072aacbb0595b950600009ad3bf16a461e48e955a772d4062093f4cb1c3d9532abad2085401f098eb039ae4f4103699b9e079229c1a72cb6d47cef1595e84d21951010f0274b1445a2ad6a7ad73827cccc21842599e0ae7b91f0b858b7b67aa0b28d69a74ffdea61be892f0f9ff9468e42aea53ee0cb83ff180aa18b625d1667459c7cba77cff9dc8c2772fe552fecfcd1778b08381000000c0b8e14631d521207e7423d86508416780983c2f380bc01cefe9773a9a5cd5b24aa24a561e72393c0ce2bf44825b05c1779fe74f884c2472ab45c2af60289cb199963312dd1929096c6f49d116f1612a7b97f77169fa5e8a66a372ef8e3ee7167f7d2a26fc6c3cfa4dc5860277223d6eb3460e3b10a0dc9400010000ca11d7beb5e700498b43bdadc916c01264d22d7969530633f94b257fbc5da7a96820e31044c0b0f62619c9e351996185e4015510875b774666ba5c0ba9845ad25b578d7d714ff3a85586b9b452301f5470d0e0ae5d7f82f178f0c7c9c8f44c390c8a2c5be9e24a125420912ec9a3149f87b35ef1169f05e49164a4944e7b4da2097f57020dd4f1f4f15edd7a0b1e24c6f79e1ea72a29c773f40f5bd9a6d7926c5c741f5aa85405273c7967d2c1a14efe0d5322cdcf2bc058ff9acb481926312f04008b1044e8c1c17d8c562edf69f4db96e059c49ec69a6086b5a3d24f4c7810ab5f6a9f9eb5c881883e5671bbca4614df48103ca6e408910000000000f784583b63fcd46293e1ea56bd87915783a144d41669cd2c52dbb03e2b7384f100000000000000000090bd4fa6a2d30dafd3a04d373eaf151dfbbb744f0f1ce962217b32ad159f41671f002c3a25b4efbc3b193e0954f71c7f240a7cdc5bf9be12ca0e82d2a408c8f882760331612a7c3d74386b3268e0c2a95396f6d16b8309cc192295fea2d0ce983baef6deecca6b6268b6cc965f2623bac861e31026a6aba7ebf78a614092257e3a4e52b7b1628dc33a425dce56fc939b96fbb66e131ba7651b542c86650336735d315c26bae977ff5a619b2534a5d1479e9090447aa860b81b905ded2f52ab9c741fc3a05030476b159690a811416d59f9d92c84fcbf0146be0330e1127cc4bb4e4c94d603f449279874e44113e9de94fbc14891af08e20a4701f0f8788b357815cf4ca3da2066ee6604ac6ab6ec54a111bd5b1887e74eb854010cc2dc95b06ceddfbc1b914be267fc29e6cf2301291ca8de0eed796d9e5e356861349b0fc217592e962360e714bb93a2e936f70873e773b9b6c056f28a36185bb8ecdcd3332528ab2d05be93bc69a373ac9d20fa087015481cfba74612d93104db153f89d03d6ce620f1f25be68b9cb2d225711c1b288ec6464111db1b40dbce06fd1bd887d7254476c9c70fe79be0fb7810e054b6e2205c2b4b27f13751639c581dac83889ed6eea54c798f2287c9d5345b0c49f78b9aa27a9c96ce5e43b6ca11bb6375ed390773315d19b596a60500330115bb100d0ea1511e29720d5f712eedd8e165af0c1d591fdbbd84e654b0e60c338c530a9e8ae1316a889134204f9db96e870bc1c5ffc1bdb2394d77e6c751f9d87ef42f6d53293f31ff4b60912fa0777c59db1ff74ba90026eed627e0f8ab250c8c6d51d86030e6be4a8982684c12c1c435d586ce106d0b4cd0f5fabcc5fbe30db5e715646867122ef50f767e215f92d407"], &(0x7f0000000140)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r6, 0x0, 0xe, 0x0, &(0x7f00000006c0)="ffffffff106c3ed990f77e9eb3cf", 0x0, 0x60ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)

20.520951469s ago: executing program 40 (id=2874):
socket$inet_smc(0x2b, 0x1, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00')
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r4, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
bind$packet(r2, &(0x7f0000000040)={0x11, 0x1b, r4, 0x1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x224b5bee36ba75e4}}, 0x14)
sendmsg$nl_route(r0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x4, 0x6, 0xa}, 0x48)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r6}, 0x18)
r7 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r7, 0x10e, 0x8, &(0x7f0000000080)=0x6, 0x4)
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, 0x0, 0x4000)

18.798546567s ago: executing program 7 (id=2897):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[<r1=>0x0], &(0x7f0000000180)=[<r2=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r1, r2], 0x2})
r3 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TLS_TX(r7, 0x6, 0x1, 0x0, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x2000000000000020, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r7, 0x6, 0xe, 0x0, 0x0)
connect$inet6(r7, 0x0, 0x0)
r8 = accept4(r3, 0x0, 0x0, 0x80000)
recvmsg(r8, 0x0, 0x10041)
syz_open_procfs(0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000440)={&(0x7f0000000240)=[r1, r2], 0x2})

17.781917511s ago: executing program 7 (id=2898):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
openat$dsp(0xffffffffffffff9c, 0x0, 0xa8202, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2d8, 0x180, 0x0, 0x200, 0x0, 0x0, 0x250, 0x2e8, 0x2e8, 0x250, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0xd0, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz0\x00'}}}, {{@ipv6={@local, @empty, [], [], 'ip6_vti0\x00', 'veth0\x00', {}, {}, 0x21}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x338)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(0xffffffffffffffff, 0x3ba0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000180)={0x28, 0x2, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000000})
r4 = add_key$user(&(0x7f0000002100), &(0x7f0000002180)={'syz', 0x1}, &(0x7f00000021c0)='b', 0x1, 0xfffffffffffffffe)
r5 = add_key$user(&(0x7f0000002300), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000001180)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c1286306ff6ee45265bcbc2c9426ac3f614746b436fe86a72dc642dd67d970604a69b8da13c4e7bbeedc18056ab4bea4c825b69a7a77adcd5488684872b1bb9eb84586549e11b080468668e8fd0e52ce070", 0xc2, 0xffffffffffffffff)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)={0x24, 0x4, 0x8, 0x801, 0x0, 0x0, {0x5, 0x0, 0x8}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xfbfb}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040081}, 0x4000)
keyctl$dh_compute(0x17, &(0x7f0000000400)={r4, r5, r4}, &(0x7f0000000280)=""/190, 0xbe, &(0x7f00000003c0)={&(0x7f0000000340)={'xxhash64-generic\x00'}})
keyctl$setperm(0x5, r5, 0x2000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)

16.777924965s ago: executing program 7 (id=2899):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x262)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x3d, 0x0, 0xaf, 0x7fff0000}]})
fanotify_mark(0xffffffffffffffff, 0x80, 0x40000012, r5, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x40010, 0xffffffffffffffff, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x8, 0x4)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_NODELAY(r6, 0x84, 0x3, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000080)={<r7=>0x0, 0x100}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f0000000100)={r7, 0x1096, 0x40}, &(0x7f0000000140)=0x8)

15.773137716s ago: executing program 7 (id=2900):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
socket$phonet_pipe(0x23, 0x5, 0x2)
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11, 0x1, 0x0, 0x89}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}}, 0x22040000)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0)

15.297707714s ago: executing program 7 (id=2901):
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80000)
write$P9_RWSTAT(r0, &(0x7f0000000080)={0x7, 0x7f, 0x2}, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0x13, 0x0, 0x0)
msgctl$MSG_INFO(0x0, 0xc, 0x0)
syz_emit_vhci(0x0, 0x0)
sync()
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x24}}, 0x0)
sync()
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000007c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0x2}, @restrict={0x0, 0x0, 0x0, 0xb, 0x2}]}}, &(0x7f0000000000)=""/247, 0x32, 0xf7, 0x1}, 0x28)
r3 = socket$nl_generic(0x11, 0x3, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
setitimer(0x0, 0x0, 0x0)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d9, 0xa055, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x8, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4}}}}]}}]}}, 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f0000000300)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x4, {[@main=@item_012={0x1, 0x0, 0x9, '\x00'}, @global=@item_012={0x1, 0x1, 0x5, '\x00'}]}}, 0x0}, 0x0)
sendmsg(r3, &(0x7f0000000640)={&(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffffffffffff, 0x7ffe}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x11000000}, 0x0)

10.509895932s ago: executing program 41 (id=2890):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x8, 0xdd, 0xff}, 0x50)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000004c0), 0x80202, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)
epoll_create(0x10)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, &(0x7f0000000440))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000000)={0x0, 0x9, 0x2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000810)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r0, 0x3b87, &(0x7f0000000600)={0x18, 0x1, 0x0, 0x0, r1, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r5}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x75, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x9c}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)

0s ago: executing program 42 (id=2901):
pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80000)
write$P9_RWSTAT(r0, &(0x7f0000000080)={0x7, 0x7f, 0x2}, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0x13, 0x0, 0x0)
msgctl$MSG_INFO(0x0, 0xc, 0x0)
syz_emit_vhci(0x0, 0x0)
sync()
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x24}}, 0x0)
sync()
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000007c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0x2}, @restrict={0x0, 0x0, 0x0, 0xb, 0x2}]}}, &(0x7f0000000000)=""/247, 0x32, 0xf7, 0x1}, 0x28)
r3 = socket$nl_generic(0x11, 0x3, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
setitimer(0x0, 0x0, 0x0)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d9, 0xa055, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x8, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4}}}}]}}]}}, 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f0000000300)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x4, {[@main=@item_012={0x1, 0x0, 0x9, '\x00'}, @global=@item_012={0x1, 0x1, 0x5, '\x00'}]}}, 0x0}, 0x0)
sendmsg(r3, &(0x7f0000000640)={&(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffffffffffff, 0x7ffe}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x11000000}, 0x0)

kernel console output (not intermixed with test programs):

0: left promiscuous mode
[  951.774618][ T3561] bridge0: port 1(bridge_slave_0) entered disabled state
[  951.845257][ T3561] vlan3: left promiscuous mode
[  951.852019][ T3561] bridge0: left promiscuous mode
[  951.864906][ T3561] bridge1: port 1(vlan3) entered disabled state
[  953.895812][T12916] kvm: kvm [12915]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xc90000b289
[  953.906075][T12916] kvm: kvm [12915]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0xc90000f289
[  953.923547][T12916] kvm: kvm [12915]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[  953.936925][T12916] kvm: kvm [12915]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x6500004c4a
[  953.964950][T12916] kvm: kvm [12915]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x6500000c4a
[  954.031301][T12916] kvm_intel: kvm [12915]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0xbb00001143
[  954.052144][T12916] kvm: kvm [12915]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0xc60000a843
[  954.062243][T12916] kvm: kvm [12915]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0xc60000e843
[  954.074211][T12916] kvm: kvm [12915]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x310000a2da
[  954.097136][T12916] kvm: kvm [12915]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0x310000e2da
[  954.133997][T12916] kvm: kvm [12915]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x9200008a1a
[  954.162509][T12916] kvm_intel: kvm [12915]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x500005323
[  954.523285][ T3561] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  954.541359][ T3561] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  954.568664][ T3561] bond0 (unregistering): Released all slaves
[  955.080799][ T3561] bond1 (unregistering): (slave veth3): Releasing active interface
[  955.093025][ T3561] vlan2: entered promiscuous mode
[  955.101544][ T3561] bond1 (unregistering): (slave vlan2): Releasing active interface
[  955.111115][ T3561] bond1 (unregistering): Released all slaves
[  956.096580][ T3561] bond2 (unregistering): Released all slaves
[  956.627333][T12784] hsr_slave_0: entered promiscuous mode
[  956.634416][T12784] hsr_slave_1: entered promiscuous mode
[  956.668444][T12784] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  956.751140][T12934] input: syz1 as /devices/virtual/input/input12
[  957.154902][T12784] Cannot create hsr debugfs directory
[  958.866522][ T3561] tipc: Disabling bearer <eth:syzkaller0>
[  959.143471][ T3561] tipc: Left network mode
[  962.654978][T12977] xt_CT: You must specify a L4 protocol and not use inversions on it
[  965.495094][ T3561] hsr_slave_0: left promiscuous mode
[  965.579119][ T3561] hsr_slave_1: left promiscuous mode
[  965.630981][ T3561] batman_adv: batadv0: Removing interface: batadv_slave_0
[  969.405885][ T3561] team_slave_1 (unregistering): left promiscuous mode
[  969.436765][ T3561] team0 (unregistering): Port device team_slave_1 removed
[  970.288011][ T3561] team_slave_0 (unregistering): left promiscuous mode
[  970.433605][ T3561] team0 (unregistering): Port device team_slave_0 removed
[  973.158456][T13054] befs: (nullb0): invalid magic header
[  974.068990][T13058] input: syz0 as /devices/virtual/input/input13
[  975.440798][T12784] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  976.079731][T12784] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  976.138635][T12784] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  976.245042][T13078] IPVS: fo: SCTP 172.20.20.187:0 - no destination available
[  976.894272][T12784] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  979.898149][T12784] 8021q: adding VLAN 0 to HW filter on device bond0
[  980.273670][T12784] 8021q: adding VLAN 0 to HW filter on device team0
[  980.294440][ T3561] bridge0: port 1(bridge_slave_0) entered blocking state
[  980.302400][ T3561] bridge0: port 1(bridge_slave_0) entered forwarding state
[  980.587660][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  980.595013][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  980.756909][T13121] ieee802154 phy0 wpan0: encryption failed: -22
[  981.764881][T12784] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  981.797881][T12784] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  983.048003][T11729] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  983.213469][T11729] usb 3-1: Using ep0 maxpacket: 32
[  983.290028][T11729] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  983.851355][T11729] usb 3-1: config 0 has no interface number 0
[  983.867555][T11729] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  983.877474][T11729] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  983.903538][T11729] usb 3-1: Product: syz
[  983.922565][T12784] 8021q: adding VLAN 0 to HW filter on device batadv0
[  983.933560][T11729] usb 3-1: Manufacturer: syz
[  983.958117][T11729] usb 3-1: SerialNumber: syz
[  984.280374][T11729] usb 3-1: config 0 descriptor??
[  984.537012][T11729] smsc95xx v2.0.0
[  985.593194][T11729] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  985.631240][T11729] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  985.867580][T13129] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  986.747307][T13129] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  987.202391][T13129] netlink: 'syz.2.1744': attribute type 5 has an invalid length.
[  988.198991][T12784] veth0_vlan: entered promiscuous mode
[  988.331113][T11729] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000104: -71
[  988.374115][T11729] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71
[  988.433023][T11729] usb 3-1: USB disconnect, device number 6
[  988.672381][T12784] veth1_vlan: entered promiscuous mode
[  988.933894][T13190] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1755'.
[  989.465646][T12784] veth0_macvtap: entered promiscuous mode
[  989.485421][T12784] veth1_macvtap: entered promiscuous mode
[  989.626963][T12784] batman_adv: batadv0: Interface activated: batadv_slave_0
[  989.645607][T12784] batman_adv: batadv0: Interface activated: batadv_slave_1
[  989.776536][T12784] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  989.786050][T12784] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  989.795344][T12784] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  989.806204][T12784] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  990.295421][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  990.478958][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  990.594400][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  990.604572][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  990.815927][T13205] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1760'.
[  990.825324][T13205] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1760'.
[  990.834479][T13205] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1760'.
[  993.080474][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  993.087392][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  995.376671][T13245] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  995.438214][T13245] syzkaller0: entered promiscuous mode
[  995.458114][T13245] syzkaller0: entered allmulticast mode
[  995.718056][ T5913] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  995.919910][ T5913] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  995.984488][ T5913] usb 2-1: config 1 has an invalid descriptor of length 247, skipping remainder of the config
[  996.021941][T13258] netlink: 120 bytes leftover after parsing attributes in process `syz.5.1772'.
[  996.056474][ T5913] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  996.105965][ T5913] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  996.751706][ T5913] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  996.847099][ T5913] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  996.915099][ T5913] usb 2-1: Product: syz
[  996.957262][ T5913] usb 2-1: Manufacturer: syz
[  997.706741][ T5913] cdc_wdm 2-1:1.0: probe with driver cdc_wdm failed with error -22
[  998.703555][ T5963] usb 2-1: USB disconnect, device number 6
[ 1008.240181][T13329] fanotify: failed to encode fid (type=0, len=0, err=-2)
[ 1008.293108][T13337] netlink: 'syz.1.1789': attribute type 21 has an invalid length.
[ 1010.829609][T13357] syzkaller0: entered promiscuous mode
[ 1010.835507][T13357] syzkaller0: entered allmulticast mode
[ 1020.072167][T13421] syzkaller0: entered promiscuous mode
[ 1020.078569][T13421] syzkaller0: entered allmulticast mode
[ 1020.383283][T13415] orangefs_mount: mount request failed with -4
[ 1025.351562][T13456] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1030.458851][T13499] Invalid source name
[ 1030.462957][T13499] UBIFS error (pid: 13499): cannot open "/dev/sg0", error -22
[ 1030.885875][T13499] netlink: 'syz.5.1831': attribute type 3 has an invalid length.
[ 1032.820639][T11459] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[ 1032.829588][T11459] Bluetooth: hci3: Injecting HCI hardware error event
[ 1032.839113][T11459] Bluetooth: hci3: hardware error 0x00
[ 1035.272342][T13513] kvm: user requested TSC rate below hardware speed
[ 1035.298970][T13513] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[ 1035.439188][T13519] fanotify: failed to encode fid (type=0, len=0, err=-2)
[ 1035.688590][T13512] fanotify: failed to encode fid (type=0, len=0, err=-2)
[ 1035.696046][T11459] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 1036.940929][T13528] veth0_to_team: entered promiscuous mode
[ 1036.946779][T13528] veth0_to_team: entered allmulticast mode
[ 1038.335955][T13538] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1841'.
[ 1038.905049][   T30] audit: type=1326 audit(1755184315.442:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13533 comm="syz.2.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cfd38ebe9 code=0x7ffc0000
[ 1038.928043][   T30] audit: type=1326 audit(1755184315.482:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13533 comm="syz.2.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4cfd38d550 code=0x7ffc0000
[ 1039.194060][   T30] audit: type=1326 audit(1755184315.492:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13533 comm="syz.2.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f4cfd390417 code=0x7ffc0000
[ 1040.012456][T13553] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[ 1040.310631][   T30] audit: type=1326 audit(1755184315.502:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13533 comm="syz.2.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4cfd38ebe9 code=0x7ffc0000
[ 1040.334801][   T30] audit: type=1326 audit(1755184315.502:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13533 comm="syz.2.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f4cfd390417 code=0x7ffc0000
[ 1040.357464][   T30] audit: type=1326 audit(1755184315.502:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13533 comm="syz.2.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f4cfd38d84a code=0x7ffc0000
[ 1040.757903][   T30] audit: type=1326 audit(1755184315.512:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13533 comm="syz.2.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cfd38ebe9 code=0x7ffc0000
[ 1041.270514][   T30] audit: type=1326 audit(1755184315.512:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13533 comm="syz.2.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f4cfd38ebe9 code=0x7ffc0000
[ 1041.362412][T13563] netlink: 'syz.1.1846': attribute type 16 has an invalid length.
[ 1041.370405][T13563] netlink: 'syz.1.1846': attribute type 17 has an invalid length.
[ 1042.060277][T13559] macvtap1: entered allmulticast mode
[ 1042.067387][T13559] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[ 1042.206204][   T30] audit: type=1326 audit(1755184315.512:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13533 comm="syz.2.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cfd38ebe9 code=0x7ffc0000
[ 1042.228927][T13559] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[ 1042.261925][   T30] audit: type=1326 audit(1755184315.522:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13533 comm="syz.2.1841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f4cfd38ebe9 code=0x7ffc0000
[ 1042.777699][T13563] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1042.945300][T13555] macvtap1: entered allmulticast mode
[ 1042.950789][T13555] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[ 1042.989137][T13555] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[ 1045.992801][T13593] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1855'.
[ 1046.978245][T13606] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1857'.
[ 1052.105054][T13642] tipc: Started in network mode
[ 1052.110556][T13642] tipc: Node identity ac14140f, cluster identity 4711
[ 1052.123928][T13642] tipc: New replicast peer: 255.255.255.255
[ 1052.136305][T13642] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1052.218643][T13642] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1868'.
[ 1053.101766][T13651] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1869'.
[ 1053.536591][ T5963] tipc: Node number set to 2886997007
[ 1054.507048][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1055.330809][T13667] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[ 1055.467942][ T5963] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[ 1055.829481][ T5963] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1055.837509][ T5963] usb 3-1: config 0 has no interface number 0
[ 1055.851368][ T5963] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1055.865160][ T5963] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1056.616998][ T5963] usb 3-1: Product: syz
[ 1056.622676][ T5963] usb 3-1: Manufacturer: syz
[ 1056.627496][ T5963] usb 3-1: SerialNumber: syz
[ 1056.721367][ T5963] usb 3-1: config 0 descriptor??
[ 1056.950115][T13681] openvswitch: netlink: Message has 24 unknown bytes.
[ 1056.956969][T13681] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1057.661304][ T5963] dvb_usb_ec168 3-1:0.1: probe with driver dvb_usb_ec168 failed with error -71
[ 1058.327501][ T5963] usb 3-1: USB disconnect, device number 7
[ 1058.335902][T13692] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1062.264449][ T5158] Bluetooth: hci5: command 0x0406 tx timeout
[ 1066.408120][T11752] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[ 1067.237940][T11752] usb 2-1: Using ep0 maxpacket: 8
[ 1067.297174][T11752] usb 2-1: config 0 has no interfaces?
[ 1067.326860][T11752] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=a9.dc
[ 1067.365498][T11752] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1067.421567][T11752] usb 2-1: Product: syz
[ 1067.497933][T11752] usb 2-1: Manufacturer: syz
[ 1067.502587][T11752] usb 2-1: SerialNumber: syz
[ 1067.557382][T11752] r8152-cfgselector 2-1: Unknown version 0x0000
[ 1067.598634][T11752] r8152-cfgselector 2-1: config 0 descriptor??
[ 1068.485534][T13777] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1068.497064][T13777] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1070.380981][ T5913] r8152-cfgselector 2-1: USB disconnect, device number 7
[ 1072.350581][T13798] overlay: ./file0 is not a directory
[ 1074.927166][T13802] netlink: 44 bytes leftover after parsing attributes in process `syz.6.1911'.
[ 1075.821356][T13836] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1917'.
[ 1079.756056][T13854] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1922'.
[ 1092.101109][ T5158] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1092.229858][ T5158] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1092.239316][ T5158] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1092.248147][ T5158] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1092.257237][ T5158] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1094.347335][T11459] Bluetooth: hci1: command tx timeout
[ 1095.012538][T13956] syzkaller0: entered promiscuous mode
[ 1095.028021][T13956] syzkaller0: entered allmulticast mode
[ 1095.369429][ T5836] bond0: (slave syz_tun): Releasing backup interface
[ 1096.418133][T11459] Bluetooth: hci1: command tx timeout
[ 1096.893265][T13976] random: crng reseeded on system resumption
[ 1097.907947][T13985] virtio-fs: tag </dev/md0> not found
[ 1098.498146][T11459] Bluetooth: hci1: command tx timeout
[ 1098.702597][T13985] team_slave_0: entered promiscuous mode
[ 1098.708388][T13985] team_slave_1: entered promiscuous mode
[ 1098.714462][T13985] geneve0: entered promiscuous mode
[ 1098.722786][T13985] 8021q: adding VLAN 0 to HW filter on device macvtap1
[ 1100.367423][ T7146] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1101.207864][T11459] Bluetooth: hci1: command tx timeout
[ 1101.268462][ T7146] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1101.611942][T13938] chnl_net:caif_netlink_parms(): no params data found
[ 1102.291299][ T7146] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1102.304379][ T7146] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1103.679026][ T7146] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1103.748167][ T7146] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1104.015464][T13938] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1104.030353][T13938] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1104.059518][T13938] bridge_slave_0: entered allmulticast mode
[ 1104.071141][T13938] bridge_slave_0: entered promiscuous mode
[ 1104.106421][ T7146] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1104.117285][ T7146] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1104.922975][T13938] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1104.931204][T13938] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1104.944391][T13938] bridge_slave_1: entered allmulticast mode
[ 1105.091264][T13938] bridge_slave_1: entered promiscuous mode
[ 1105.749235][T13938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1105.771494][T13938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1106.145796][T13938] team0: Port device team_slave_0 added
[ 1106.520848][T14060] netlink: 'syz.1.1972': attribute type 12 has an invalid length.
[ 1106.529410][T14060] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1972'.
[ 1106.681753][T13938] team0: Port device team_slave_1 added
[ 1108.187591][T14073] lo speed is unknown, defaulting to 1000
[ 1108.196851][T13938] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1108.227950][T13938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1108.254681][T13938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1108.271688][T14073] lo speed is unknown, defaulting to 1000
[ 1108.280960][T13938] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1108.298096][T13938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1108.441437][T13938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1108.459917][T14073] lo speed is unknown, defaulting to 1000
[ 1108.486089][ T7146] bridge_slave_1: left allmulticast mode
[ 1108.492835][ T7146] bridge_slave_1: left promiscuous mode
[ 1108.498649][T14073] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[ 1108.506852][ T7146] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1108.584140][ T7146] bridge_slave_0: left allmulticast mode
[ 1108.613262][ T7146] bridge_slave_0: left promiscuous mode
[ 1108.755546][ T7146] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1108.841812][T14089] ubi31: attaching mtd0
[ 1109.429912][T14089] ubi31: scanning is finished
[ 1109.434674][T14089] ubi31: empty MTD device detected
[ 1109.618199][T14089] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[ 1110.660593][ T7146] team0: Port device geneve0 removed
[ 1110.955329][ T7146] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1110.966977][ T7146] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1110.977537][ T7146] bond0 (unregistering): Released all slaves
[ 1111.011211][T14073] lo speed is unknown, defaulting to 1000
[ 1111.031298][T14085] lo: entered allmulticast mode
[ 1111.041946][T14085] tunl0: entered allmulticast mode
[ 1111.053203][T14085] gre0: entered allmulticast mode
[ 1111.085569][T14085] bridge0: port 3(gretap0) entered disabled state
[ 1111.093590][T14085] erspan0: entered allmulticast mode
[ 1111.101561][T14085] ip_vti0: entered allmulticast mode
[ 1111.110744][T14085] ip6_vti0: entered allmulticast mode
[ 1111.120306][T14085] sit0: entered allmulticast mode
[ 1111.130314][T14085] ip6tnl0: entered allmulticast mode
[ 1111.138680][T14085] ip6gre0: entered allmulticast mode
[ 1111.149668][T14085] syz_tun: entered allmulticast mode
[ 1111.157757][T14085] ip6gretap0: entered allmulticast mode
[ 1111.176194][T14085] bridge0: entered allmulticast mode
[ 1111.190529][T14085] bond0: entered allmulticast mode
[ 1111.195902][T14085] bond_slave_0: entered allmulticast mode
[ 1111.202365][T14085] bond_slave_1: entered allmulticast mode
[ 1111.209571][T14085] mac80211_hwsim hwsim13 wlan1: entered allmulticast mode
[ 1111.220316][T14085] team0: entered allmulticast mode
[ 1111.225556][T14085] team_slave_0: entered allmulticast mode
[ 1111.231515][T14085] team_slave_1: entered allmulticast mode
[ 1111.243193][T14085] dummy0: entered allmulticast mode
[ 1111.253705][T14085] nlmon0: entered allmulticast mode
[ 1111.263061][T14085] caif0: entered allmulticast mode
[ 1111.268940][T14085] batadv0: entered allmulticast mode
[ 1111.277527][T14085] veth0: entered allmulticast mode
[ 1111.290206][T14085] veth1: entered allmulticast mode
[ 1111.300226][T14085] wg0: entered allmulticast mode
[ 1111.307650][T14085] wg1: entered allmulticast mode
[ 1111.319076][T14085] wg2: entered allmulticast mode
[ 1111.326000][T14085] veth0_to_bridge: entered allmulticast mode
[ 1111.337666][T14085] veth1_to_bridge: entered allmulticast mode
[ 1111.351527][T14085] veth1_to_bond: entered allmulticast mode
[ 1111.363780][T14085] veth0_to_team: left promiscuous mode
[ 1111.372098][T14085] veth1_to_team: entered allmulticast mode
[ 1111.387025][T14085] veth0_to_batadv: entered allmulticast mode
[ 1111.397229][T14085] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1111.406269][T14085] batadv_slave_0: entered allmulticast mode
[ 1111.417471][T14085] veth1_to_batadv: entered allmulticast mode
[ 1111.426429][T14085] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1111.434544][T14085] batadv_slave_1: entered allmulticast mode
[ 1111.443293][T14085] xfrm0: entered allmulticast mode
[ 1111.453153][T14085] veth0_to_hsr: entered allmulticast mode
[ 1111.461559][T14085] hsr_slave_0: entered allmulticast mode
[ 1111.472420][T14085] veth1_to_hsr: entered allmulticast mode
[ 1111.486141][T14085] hsr_slave_1: entered allmulticast mode
[ 1111.494166][T14085] hsr0: entered allmulticast mode
[ 1111.506668][T14085] veth1_virt_wifi: entered allmulticast mode
[ 1111.517317][T14085] veth0_virt_wifi: entered allmulticast mode
[ 1111.525851][T14085] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[ 1111.535203][T14085] veth1_macvtap: entered allmulticast mode
[ 1111.544904][T14085] veth0_macvtap: entered allmulticast mode
[ 1111.557700][T14085] macvtap0: entered allmulticast mode
[ 1111.567161][T14085] macsec0: entered allmulticast mode
[ 1111.576766][T14085] geneve0: entered allmulticast mode
[ 1111.585099][T14085] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1111.594455][T14085] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1111.604486][T14085] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1111.613709][T14085] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1111.624226][T14085] geneve1: entered allmulticast mode
[ 1111.635080][T14085] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[ 1111.644800][T14085] netdevsim netdevsim5 netdevsim1: entered allmulticast mode
[ 1111.654254][T14085] netdevsim netdevsim5 netdevsim2: entered allmulticast mode
[ 1111.664538][T14085] netdevsim netdevsim5 netdevsim3: entered allmulticast mode
[ 1111.674045][T14085] bridge0.257: entered allmulticast mode
[ 1111.682922][T14085] tipc: Resetting bearer <eth:syzkaller0>
[ 1111.697139][T14085] mac80211_hwsim hwsim13 syzkaller0: entered allmulticast mode
[ 1111.706516][T14085] vxlan0: entered allmulticast mode
[ 1111.711963][T14085] syztnl2: entered allmulticast mode
[ 1111.724024][T14085] bond1: entered allmulticast mode
[ 1111.732947][T14085] veth2: entered allmulticast mode
[ 1111.740635][T14085] veth3: entered allmulticast mode
[ 1111.748546][T14085] mac80211_hwsim hwsim17 wlan0: entered allmulticast mode
[ 1111.755996][T14085] erspan0.1: entered allmulticast mode
[ 1111.764191][T14073] lo speed is unknown, defaulting to 1000
[ 1111.772344][T14073] lo speed is unknown, defaulting to 1000
[ 1111.780292][T14073] lo speed is unknown, defaulting to 1000
[ 1111.788257][T14073] lo speed is unknown, defaulting to 1000
[ 1111.796200][T14073] lo speed is unknown, defaulting to 1000
[ 1111.874062][T13938] hsr_slave_0: entered promiscuous mode
[ 1111.909268][T13938] hsr_slave_1: entered promiscuous mode
[ 1111.915655][T13938] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1111.935767][T13938] Cannot create hsr debugfs directory
[ 1114.168242][ T7146] tipc: Left network mode
[ 1114.799620][T13938] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1114.831536][T13938] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1115.968397][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.031967][T13938] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1116.163590][T13938] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1118.831446][ T7146] hsr_slave_0: left promiscuous mode
[ 1118.943431][ T7146] hsr_slave_1: left promiscuous mode
[ 1119.010455][ T7146] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1119.076314][ T7146] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1119.375767][ T7146] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1119.449480][ T7146] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1120.715541][T14170] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1995'.
[ 1120.763883][ T7146] veth1_macvtap: left promiscuous mode
[ 1120.769723][ T7146] veth0_macvtap: left promiscuous mode
[ 1120.955789][T14170] netlink: 129704 bytes leftover after parsing attributes in process `syz.1.1995'.
[ 1122.806734][ T7146] team0 (unregistering): Port device team_slave_1 removed
[ 1123.340169][ T7146] team0 (unregistering): Port device team_slave_0 removed
[ 1125.684990][T11729] lo speed is unknown, defaulting to 1000
[ 1126.012558][T13938] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1126.631893][T14214] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2007'.
[ 1127.145676][T14214] macsec1: entered promiscuous mode
[ 1127.151074][T14214] veth1_to_hsr: entered promiscuous mode
[ 1127.157158][T14214] macsec1: entered allmulticast mode
[ 1127.281605][T14214] veth1_to_hsr: left promiscuous mode
[ 1127.363900][T13938] 8021q: adding VLAN 0 to HW filter on device team0
[ 1127.739470][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1127.746696][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1128.822593][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1128.829825][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1129.597437][T13938] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1131.540110][T13938] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1132.518586][T11730] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 1133.299897][T11730] usb 3-1: device descriptor read/64, error -71
[ 1133.970418][T13938] veth0_vlan: entered promiscuous mode
[ 1133.984258][T13938] veth1_vlan: entered promiscuous mode
[ 1134.116705][T13938] veth0_macvtap: entered promiscuous mode
[ 1134.183013][T13938] veth1_macvtap: entered promiscuous mode
[ 1134.649105][T13938] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1134.663304][T11730] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[ 1134.704704][T13938] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1134.746762][T13938] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1134.773500][T13938] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1134.789423][T13938] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1134.799439][T13938] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1136.310195][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1136.348379][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1136.545222][ T7143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1136.554835][ T7143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1137.649204][T14307] veth1_to_bond: entered promiscuous mode
[ 1138.238022][T14300] veth1_to_bond: left promiscuous mode
[ 1142.780789][T14341] autofs: Unknown parameter '0x0000000000000000'
[ 1147.533082][T14386] befs: (nbd2): No write support. Marking filesystem read-only
[ 1147.549051][T14386] syz.2.2043: attempt to access beyond end of device
[ 1147.549051][T14386] nbd2: rw=0, sector=0, nr_sectors = 2 limit=0
[ 1147.563805][T14386] befs: (nbd2): unable to read superblock
[ 1149.162147][T14399] syzkaller0: entered promiscuous mode
[ 1149.181572][T14399] syzkaller0: entered allmulticast mode
[ 1149.383095][T14402] autofs: Unknown parameter '0x0000000000000000'
[ 1152.988670][T11459] Bluetooth: hci5: Malformed Event: 0x02
[ 1156.149270][T14449] autofs: Unknown parameter '0x0000000000000000'
[ 1157.472167][T14459] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1159.186283][T14466] xt_hashlimit: max too large, truncated to 1048576
[ 1162.653951][T14508] macsec0: entered promiscuous mode
[ 1169.624719][T14551] IPVS: Error joining to the multicast group
[ 1174.515458][T14574] netlink: 452 bytes leftover after parsing attributes in process `syz.2.2092'.
[ 1177.484149][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.601909][T14593] Process accounting resumed
[ 1177.871171][T14599] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(4)
[ 1177.877746][T14599] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1177.887863][T14599] vhci_hcd vhci_hcd.0: Device attached
[ 1178.238839][T14600] vhci_hcd: connection closed
[ 1178.242422][   T49] vhci_hcd: stop threads
[ 1178.271644][   T49] vhci_hcd: release socket
[ 1178.278218][   T49] vhci_hcd: disconnect device
[ 1178.600745][T14611] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1188.715080][T14680] netdevsim netdevsim1: Direct firmware load for ţ failed with error -2
[ 1189.222602][T14680] netdevsim netdevsim1: Falling back to sysfs fallback for: ţ
[ 1189.403966][T14687] netlink: 27 bytes leftover after parsing attributes in process `syz.7.2119'.
[ 1193.458413][ T5158] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1193.472829][ T5158] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1193.482227][ T5158] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1193.492384][ T5158] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1193.500654][ T5158] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1193.575338][T14713] lo speed is unknown, defaulting to 1000
[ 1195.009524][T14726] __kmem_cache_create_args(9p-fcall-cache-6) failed with error -22
[ 1195.017490][T14726] CPU: 0 UID: 0 PID: 14726 Comm: syz.5.2128 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1195.017517][T14726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1195.017532][T14726] Call Trace:
[ 1195.017542][T14726]  <TASK>
[ 1195.017559][T14726]  dump_stack_lvl+0x189/0x250
[ 1195.017592][T14726]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1195.017615][T14726]  ? __pfx__printk+0x10/0x10
[ 1195.017647][T14726]  ? kfree+0x18e/0x440
[ 1195.017683][T14726]  __kmem_cache_create_args+0x237/0x320
[ 1195.017708][T14726]  p9_client_create+0xac3/0xfe0
[ 1195.017745][T14726]  ? __pfx_p9_client_create+0x10/0x10
[ 1195.017794][T14726]  ? __raw_spin_lock_init+0x45/0x100
[ 1195.017828][T14726]  v9fs_session_init+0x1d7/0x19a0
[ 1195.017885][T14726]  ? __pfx_v9fs_session_init+0x10/0x10
[ 1195.017924][T14726]  ? __kasan_kmalloc+0x93/0xb0
[ 1195.017947][T14726]  ? v9fs_mount+0xb2/0xa10
[ 1195.017970][T14726]  v9fs_mount+0xc8/0xa10
[ 1195.017996][T14726]  ? __pfx_v9fs_mount+0x10/0x10
[ 1195.018012][T14726]  ? __pfx_v9fs_mount+0x10/0x10
[ 1195.018041][T14726]  legacy_get_tree+0xfd/0x1a0
[ 1195.018062][T14726]  ? __pfx_v9fs_mount+0x10/0x10
[ 1195.018084][T14726]  vfs_get_tree+0x92/0x2b0
[ 1195.018107][T14726]  do_new_mount+0x24a/0xa40
[ 1195.018138][T14726]  __se_sys_mount+0x317/0x410
[ 1195.018166][T14726]  ? __pfx___se_sys_mount+0x10/0x10
[ 1195.018187][T14726]  ? rcu_is_watching+0x15/0xb0
[ 1195.018213][T14726]  ? do_syscall_64+0xbe/0x3b0
[ 1195.018234][T14726]  ? __x64_sys_mount+0x20/0xc0
[ 1195.018259][T14726]  do_syscall_64+0xfa/0x3b0
[ 1195.018280][T14726]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1195.018301][T14726]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1195.018321][T14726]  ? clear_bhb_loop+0x60/0xb0
[ 1195.018346][T14726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1195.018365][T14726] RIP: 0033:0x7f9dbaf8ebe9
[ 1195.018384][T14726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1195.018403][T14726] RSP: 002b:00007f9dbbe24038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1195.018425][T14726] RAX: ffffffffffffffda RBX: 00007f9dbb1b6180 RCX: 00007f9dbaf8ebe9
[ 1195.018440][T14726] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000000
[ 1195.018453][T14726] RBP: 00007f9dbb011e19 R08: 00002000000000c0 R09: 0000000000000000
[ 1195.018467][T14726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1195.018480][T14726] R13: 00007f9dbb1b6218 R14: 00007f9dbb1b6180 R15: 00007ffccef3d0f8
[ 1195.018513][T14726]  </TASK>
[ 1195.600269][T11459] Bluetooth: hci0: command tx timeout
[ 1195.937229][T14734] Bluetooth: MGMT ver 1.23
[ 1196.695420][T14713] chnl_net:caif_netlink_parms(): no params data found
[ 1197.618042][T11459] Bluetooth: hci0: command tx timeout
[ 1197.834636][T14756] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2134'.
[ 1197.844449][T14756] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2134'.
[ 1197.854173][T14756] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2134'.
[ 1198.297713][T14713] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1198.324920][T14713] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1198.356944][T14713] bridge_slave_0: entered allmulticast mode
[ 1198.371667][T14713] bridge_slave_0: entered promiscuous mode
[ 1198.387202][T14713] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1198.395371][T14713] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1198.402825][T14713] bridge_slave_1: entered allmulticast mode
[ 1198.417288][T14713] bridge_slave_1: entered promiscuous mode
[ 1199.183982][T14713] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1199.198936][T14713] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1199.265428][T14713] team0: Port device team_slave_0 added
[ 1199.350321][T14713] team0: Port device team_slave_1 added
[ 1199.795748][T11459] Bluetooth: hci0: command tx timeout
[ 1199.860283][ T7150] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1200.581745][T14713] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1200.589080][T14713] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1200.643654][T14713] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1200.658114][T14713] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1200.678698][T14713] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1200.811515][T14713] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1200.942404][T14713] hsr_slave_0: entered promiscuous mode
[ 1200.951011][T14713] hsr_slave_1: entered promiscuous mode
[ 1200.957392][T14713] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1200.966281][T14713] Cannot create hsr debugfs directory
[ 1201.858122][T11459] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 1201.867519][T11459] Bluetooth: hci0: command tx timeout
[ 1202.026882][T14792] ip6gretap1: entered allmulticast mode
[ 1206.136065][T14713] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1206.844881][T14713] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1206.877321][T14713] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1206.962005][T14713] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1208.042107][T14713] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1208.095717][T14713] 8021q: adding VLAN 0 to HW filter on device team0
[ 1208.126640][ T7154] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1208.133906][ T7154] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1208.197427][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1208.205625][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1208.736781][T14860] netlink: 56 bytes leftover after parsing attributes in process `syz.6.2159'.
[ 1209.395939][T14713] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1209.580721][T14713] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1209.743862][T14866] kernel profiling enabled (shift: 17)
[ 1213.076515][T14713] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1215.211552][T14913] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2170'.
[ 1215.522917][T11459] Bluetooth: hci1: command 0x0406 tx timeout
[ 1215.550079][T11459] Bluetooth: hci4: unexpected event for opcode 0x1001
[ 1218.631983][T14944] netfs: Couldn't get user pages (rc=-14)
[ 1219.809311][T14713] veth0_vlan: entered promiscuous mode
[ 1219.880670][T14713] veth1_vlan: entered promiscuous mode
[ 1221.552525][T14962] bridge1: entered promiscuous mode
[ 1221.867472][T14713] veth0_macvtap: entered promiscuous mode
[ 1221.889720][T14713] veth1_macvtap: entered promiscuous mode
[ 1221.914522][T14713] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1221.927090][T14713] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1222.135223][T14713] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1222.170571][T14713] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1223.170008][T14713] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1223.179392][T14713] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1224.880291][T15004] netlink: 'syz.6.2189': attribute type 8 has an invalid length.
[ 1225.518538][ T7135] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1226.180102][ T7135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1227.176944][T15012] fuse: Unknown parameter 'use00000000000000000000'
[ 1227.487412][ T7146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1227.631003][ T7146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1228.762005][T15039] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2198'.
[ 1233.291417][T15058] netlink: 64 bytes leftover after parsing attributes in process `syz.5.2201'.
[ 1235.294339][T15072] netlink: 68 bytes leftover after parsing attributes in process `syz.5.2207'.
[ 1236.003233][    C0] vxcan1: j1939_tp_rxtimer: 0xffff8880555ea800: rx timeout, send abort
[ 1236.505059][    C0] vxcan1: j1939_tp_rxtimer: 0xffff8880555e8400: rx timeout, send abort
[ 1236.513738][    C0] vxcan1: j1939_tp_rxtimer: 0xffff8880555ea800: abort rx timeout. Force session deactivation
[ 1237.013567][    C0] vxcan1: j1939_tp_rxtimer: 0xffff8880555e8400: abort rx timeout. Force session deactivation
[ 1239.175064][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1241.137665][T15108] x_tables: duplicate underflow at hook 3
[ 1241.941990][T15114] binder: 15105:15114 unknown command 0
[ 1241.947861][T15114] binder: 15105:15114 ioctl c0306201 200000000080 returned -22
[ 1242.206712][T15111] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1242.213348][T15104] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1242.223478][T15104] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[ 1242.232210][T15111] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1243.105618][T15126] xt_NFQUEUE: number of total queues is 0
[ 1243.176215][T15125] tipc: New replicast peer: 255.255.255.255
[ 1243.184758][T15125] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1243.207975][T13940] Bluetooth: hci4: command 0x0406 tx timeout
[ 1243.713403][T15111] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1243.720597][T15111] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1244.319865][T13940] Bluetooth: hci5: command 0x0406 tx timeout
[ 1244.351266][T15104] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1244.354459][T15111] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1244.371915][T15104] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[ 1244.380140][T15111] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1244.574282][T15104] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1244.588679][T15104] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1245.134037][T15111] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1245.173300][T15104] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1245.328492][T15104] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1245.410010][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1245.410030][   T30] audit: type=1326 audit(1755184522.562:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15139 comm="syz.7.2222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1245.530491][T15146] overlayfs: missing 'lowerdir'
[ 1246.878725][   T30] audit: type=1326 audit(1755184522.562:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15139 comm="syz.7.2222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1246.902681][   T30] audit: type=1326 audit(1755184522.632:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15139 comm="syz.7.2222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1247.183373][T15152] netlink: 384 bytes leftover after parsing attributes in process `syz.1.2223'.
[ 1247.193351][T15152] netlink: 'syz.1.2223': attribute type 2 has an invalid length.
[ 1248.118920][   T30] audit: type=1326 audit(1755184522.632:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15139 comm="syz.7.2222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1248.143745][   T30] audit: type=1326 audit(1755184522.632:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15139 comm="syz.7.2222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1248.165811][   T30] audit: type=1326 audit(1755184522.632:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15139 comm="syz.7.2222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1248.252071][   T30] audit: type=1326 audit(1755184522.632:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15139 comm="syz.7.2222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1248.284226][   T30] audit: type=1326 audit(1755184522.632:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15139 comm="syz.7.2222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1248.310916][   T30] audit: type=1326 audit(1755184522.642:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15139 comm="syz.7.2222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1249.439322][   T30] audit: type=1326 audit(1755184522.642:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15139 comm="syz.7.2222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1255.346786][   T30] kauditd_printk_skb: 13 callbacks suppressed
[ 1255.346803][   T30] audit: type=1326 audit(1755184532.532:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15186 comm="syz.7.2231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1255.565176][   T30] audit: type=1326 audit(1755184532.532:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15186 comm="syz.7.2231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1256.091928][   T30] audit: type=1326 audit(1755184532.542:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15186 comm="syz.7.2231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1256.275777][   T30] audit: type=1326 audit(1755184532.542:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15186 comm="syz.7.2231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1257.143904][   T30] audit: type=1326 audit(1755184532.542:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15186 comm="syz.7.2231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1257.444702][   T30] audit: type=1326 audit(1755184532.542:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15186 comm="syz.7.2231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1257.749812][   T30] audit: type=1326 audit(1755184532.542:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15186 comm="syz.7.2231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1258.804669][   T30] audit: type=1326 audit(1755184532.542:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15186 comm="syz.7.2231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1258.968176][   T30] audit: type=1326 audit(1755184532.542:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15186 comm="syz.7.2231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1259.165341][   T30] audit: type=1326 audit(1755184532.542:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15186 comm="syz.7.2231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1260.233074][T15230] netlink: 5128 bytes leftover after parsing attributes in process `syz.5.2243'.
[ 1260.243024][T15230] netlink: 5128 bytes leftover after parsing attributes in process `syz.5.2243'.
[ 1260.252899][T15230] netlink: 640 bytes leftover after parsing attributes in process `syz.5.2243'.
[ 1263.501330][T15255] netlink: 44 bytes leftover after parsing attributes in process `syz.7.2250'.
[ 1263.761174][T15261] netlink: 'syz.7.2250': attribute type 4 has an invalid length.
[ 1264.410147][T15261] netlink: 152 bytes leftover after parsing attributes in process `syz.7.2250'.
[ 1264.484813][T15261] Ă: renamed from bond0 (while UP)
[ 1264.573005][T15260] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2251'.
[ 1264.588277][T15260] tipc: Disabling bearer <udp:syz2>
[ 1266.378340][T15278] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1267.206497][T15296] tipc: Started in network mode
[ 1267.229022][T15296] tipc: Node identity fa136d5f2483, cluster identity 4711
[ 1267.257566][T15296] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1267.280636][T15297] syzkaller0: entered promiscuous mode
[ 1267.307023][T15297] syzkaller0: entered allmulticast mode
[ 1267.341592][T15296] tipc: Resetting bearer <eth:syzkaller0>
[ 1267.462352][T15296] tipc: Disabling bearer <eth:syzkaller0>
[ 1271.194112][T15319] ip6gretap1: entered allmulticast mode
[ 1274.135878][T15343] overlayfs: failed to clone upperpath
[ 1274.738982][T15326] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1274.746818][T15326] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1275.854322][T15326] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1275.874222][T15326] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1276.012311][T15326] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1276.024754][T15326] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1276.034925][T15326] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1276.044548][T15326] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1276.314201][T15348] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1276.388127][T15359] sock: sock_set_timeout: `syz.6.2275' (pid 15359) tries to set negative timeout
[ 1276.434553][T15359] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[ 1284.546480][T15415] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1284.554360][T15415] syzkaller0: entered promiscuous mode
[ 1284.563506][T15415] syzkaller0: entered allmulticast mode
[ 1284.584331][T15415] tipc: Resetting bearer <eth:syzkaller0>
[ 1284.700125][T15414] tipc: Resetting bearer <eth:syzkaller0>
[ 1284.829596][T15400] syz.7.2285 (15400): drop_caches: 2
[ 1284.858606][T15414] tipc: Disabling bearer <eth:syzkaller0>
[ 1286.109467][T15433] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1286.838484][T15421] lo speed is unknown, defaulting to 1000
[ 1292.214623][T15475] netlink: 'syz.5.2304': attribute type 10 has an invalid length.
[ 1292.259720][T15475] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2304'.
[ 1292.275179][T15477] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1292.293200][T15475] team0: entered promiscuous mode
[ 1292.461865][T15475] team_slave_0: entered promiscuous mode
[ 1292.650947][T15475] team_slave_1: entered promiscuous mode
[ 1292.662988][T15475] 8021q: adding VLAN 0 to HW filter on device team0
[ 1292.699412][T15475] bridge0: port 4(team0) entered blocking state
[ 1292.705984][T15475] bridge0: port 4(team0) entered disabled state
[ 1292.776137][T15477] syzkaller0: entered promiscuous mode
[ 1292.788058][T15477] syzkaller0: entered allmulticast mode
[ 1292.810755][T15476] tipc: Resetting bearer <eth:syzkaller0>
[ 1292.933423][T15476] tipc: Disabling bearer <eth:syzkaller0>
[ 1294.737698][T15499] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[ 1295.337713][T15510] overlayfs: failed to clone upperpath
[ 1297.307973][T15522] overlay: ./file0 is not a directory
[ 1297.835520][T15509] syz.7.2312: vmalloc error: size 16777216, failed to allocated page array size 32768, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1297.853936][T15509] CPU: 1 UID: 0 PID: 15509 Comm: syz.7.2312 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1297.853951][T15509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1297.853959][T15509] Call Trace:
[ 1297.853966][T15509]  <TASK>
[ 1297.853973][T15509]  dump_stack_lvl+0x189/0x250
[ 1297.853991][T15509]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1297.854003][T15509]  ? __pfx__printk+0x10/0x10
[ 1297.854017][T15509]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1297.854030][T15509]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1297.854044][T15509]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1297.854058][T15509]  warn_alloc+0x214/0x310
[ 1297.854074][T15509]  ? __pfx_warn_alloc+0x10/0x10
[ 1297.854090][T15509]  ? __get_vm_area_node+0x28f/0x300
[ 1297.854102][T15509]  ? packet_set_ring+0x6f4/0x2380
[ 1297.854120][T15509]  __vmalloc_node_range_noprof+0x67e/0x12f0
[ 1297.854149][T15509]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1297.854161][T15509]  ? alloc_pages_mpol+0x3c4/0x4a0
[ 1297.854174][T15509]  ? packet_set_ring+0x6f4/0x2380
[ 1297.854189][T15509]  vzalloc_noprof+0xb2/0xf0
[ 1297.854200][T15509]  ? packet_set_ring+0x6f4/0x2380
[ 1297.854215][T15509]  packet_set_ring+0x6f4/0x2380
[ 1297.854243][T15509]  ? __pfx_packet_set_ring+0x10/0x10
[ 1297.854268][T15509]  ? _copy_from_user+0x94/0xb0
[ 1297.854286][T15509]  packet_setsockopt+0xc5a/0x12c0
[ 1297.854301][T15509]  ? mpol_set_nodemask+0x311/0x3f0
[ 1297.854313][T15509]  ? __pfx_packet_setsockopt+0x10/0x10
[ 1297.854331][T15509]  ? __lock_acquire+0xab9/0xd20
[ 1297.854352][T15509]  ? __fget_files+0x2a/0x420
[ 1297.854366][T15509]  ? __fget_files+0x2a/0x420
[ 1297.854376][T15509]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 1297.854387][T15509]  ? __pfx_packet_setsockopt+0x10/0x10
[ 1297.854403][T15509]  do_sock_setsockopt+0x179/0x1b0
[ 1297.854422][T15509]  __x64_sys_setsockopt+0x13f/0x1b0
[ 1297.854440][T15509]  do_syscall_64+0xfa/0x3b0
[ 1297.854454][T15509]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1297.854464][T15509]  ? asm_sysvec_irq_work+0x1a/0x20
[ 1297.854473][T15509]  ? clear_bhb_loop+0x60/0xb0
[ 1297.854486][T15509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1297.854496][T15509] RIP: 0033:0x7f5be6f8ebe9
[ 1297.854508][T15509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1297.854517][T15509] RSP: 002b:00007f5be7e44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1297.854529][T15509] RAX: ffffffffffffffda RBX: 00007f5be71b5fa0 RCX: 00007f5be6f8ebe9
[ 1297.854537][T15509] RDX: 0000000000000005 RSI: 0000000000000107 RDI: 0000000000000008
[ 1297.854543][T15509] RBP: 00007f5be7011e19 R08: 000000000000001c R09: 0000000000000000
[ 1297.854550][T15509] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[ 1297.854556][T15509] R13: 00007f5be71b6038 R14: 00007f5be71b5fa0 R15: 00007fffb2f04c28
[ 1297.854573][T15509]  </TASK>
[ 1297.854592][T15509] Mem-Info:
[ 1298.141725][T15509] active_anon:1348 inactive_anon:4792 isolated_anon:0
[ 1298.141725][T15509]  active_file:16740 inactive_file:41441 isolated_file:0
[ 1298.141725][T15509]  unevictable:768 dirty:349 writeback:0
[ 1298.141725][T15509]  slab_reclaimable:11194 slab_unreclaimable:99624
[ 1298.141725][T15509]  mapped:30405 shmem:2477 pagetables:1072
[ 1298.141725][T15509]  sec_pagetables:0 bounce:0
[ 1298.141725][T15509]  kernel_misc_reclaimable:0
[ 1298.141725][T15509]  free:1285742 free_pcp:20722 free_cma:0
[ 1298.187834][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1298.194696][T15509] Node 0 active_anon:5392kB inactive_anon:19168kB active_file:66756kB inactive_file:165764kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:121620kB dirty:1396kB writeback:0kB shmem:8372kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12092kB pagetables:4060kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1298.228649][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1298.235085][T15509] Node 1 active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:228kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1298.266613][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1298.272869][T15509] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1298.301833][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1298.308570][T15509] lowmem_reserve[]: 0 2500 2502 2502 2502
[ 1298.314419][T15509] Node 0 DMA32 free:1249428kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:5388kB inactive_anon:19124kB active_file:64980kB inactive_file:165704kB unevictable:1536kB writepending:1396kB present:3129332kB managed:2560996kB mlocked:0kB bounce:0kB free_pcp:60652kB local_pcp:31120kB free_cma:0kB
[ 1298.347086][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1298.353277][T15509] lowmem_reserve[]: 0 0 1 1 1
[ 1298.358003][T15509] Node 0 Normal free:8kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:1776kB inactive_file:60kB unevictable:0kB writepending:0kB present:1048580kB managed:1904kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:4kB free_cma:0kB
[ 1298.387303][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1298.393618][T15509] lowmem_reserve[]: 0 0 0 0 0
[ 1298.398994][T15509] Node 1 Normal free:3878172kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:22224kB local_pcp:4080kB free_cma:0kB
[ 1298.430223][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1298.436409][T15509] lowmem_reserve[]: 0 0 0 0 0
[ 1298.441156][T15509] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1298.453856][T15509] Node 0 DMA32: 207*4kB (UME) 67*8kB (M) 95*16kB (M) 244*32kB (UME) 374*64kB (M) 180*128kB (UM) 17*256kB (UM) 15*512kB (M) 32*1024kB (UM) 6*2048kB (UME) 277*4096kB (UM) = 1249348kB
[ 1298.472747][T15509] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[ 1298.485374][T15509] Node 1 Normal: 4*4kB (UME) 7*8kB (UME) 10*16kB (ME) 5*32kB (ME) 2*64kB (M) 2*128kB (ME) 4*256kB (ME) 3*512kB (ME) 2*1024kB (ME) 1*2048kB (E) 945*4096kB (M) = 3878152kB
[ 1298.503389][T15509] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1298.513050][T15509] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[ 1298.522481][T15509] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1298.532461][T15509] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 1298.541898][T15509] 60659 total pagecache pages
[ 1298.546587][T15509] 2 pages in swap cache
[ 1298.550874][T15509] Free swap  = 124996kB
[ 1298.593340][T15509] Total swap = 124996kB
[ 1298.597605][T15509] 2097051 pages RAM
[ 1298.602152][T15509] 0 pages HighMem/MovableOnly
[ 1298.607012][T15509] 424695 pages reserved
[ 1298.611406][T15509] 0 pages cma reserved
[ 1298.650766][T11459] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1298.781147][T11459] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1298.801482][T11459] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1298.823021][T11459] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1298.832915][T11459] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1298.851912][T13940] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1298.860837][T13940] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1298.869194][T13940] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1298.878132][T13940] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1298.885881][T13940] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1299.399497][T15535] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2315'.
[ 1299.752657][T15534] vlan2: entered promiscuous mode
[ 1299.757993][T15534] syz_tun: entered promiscuous mode
[ 1299.771495][T15517] Process accounting resumed
[ 1299.854332][T15535] bridge_slave_1: left allmulticast mode
[ 1299.863717][T15535] bridge_slave_1: left promiscuous mode
[ 1299.869894][T15535] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1300.018468][T15535] bridge_slave_0: left allmulticast mode
[ 1300.024301][T15535] bridge_slave_0: left promiscuous mode
[ 1300.030444][T15535] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1300.613284][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.799760][T15520] lo speed is unknown, defaulting to 1000
[ 1300.852075][T15545] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1300.983876][T13940] Bluetooth: hci2: command tx timeout
[ 1303.058549][T13940] Bluetooth: hci2: command tx timeout
[ 1303.330339][T11731] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1305.138487][T13940] Bluetooth: hci2: command tx timeout
[ 1305.635108][T11731] usb 7-1: device descriptor read/all, error -71
[ 1306.826121][T15520] chnl_net:caif_netlink_parms(): no params data found
[ 1307.255234][T13940] Bluetooth: hci2: command tx timeout
[ 1307.290214][T15576] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2325'.
[ 1308.714765][T15520] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1308.735992][T15520] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1308.745185][T15520] bridge_slave_0: entered allmulticast mode
[ 1308.754520][T15520] bridge_slave_0: entered promiscuous mode
[ 1308.766510][T15520] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1308.780167][T15520] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1308.788747][T15520] bridge_slave_1: entered allmulticast mode
[ 1308.797453][T15520] bridge_slave_1: entered promiscuous mode
[ 1308.837615][T15601] netlink: 52 bytes leftover after parsing attributes in process `syz.6.2329'.
[ 1308.893249][T15520] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1308.914554][T15520] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1309.003807][T15520] team0: Port device team_slave_0 added
[ 1309.013512][T15520] team0: Port device team_slave_1 added
[ 1310.456998][T15520] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1310.473176][T15520] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1310.557150][T15520] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1310.827059][T15520] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1310.843299][   T30] kauditd_printk_skb: 8 callbacks suppressed
[ 1310.843320][   T30] audit: type=1326 audit(1755184588.022:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15609 comm="syz.6.2332" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f727a58ebe9 code=0x0
[ 1310.922916][T15520] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1311.097363][T15520] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1313.066608][T15627] hub 6-0:1.0: USB hub found
[ 1313.074335][T15627] hub 6-0:1.0: 1 port detected
[ 1313.344583][T15520] hsr_slave_0: entered promiscuous mode
[ 1313.360855][T15520] hsr_slave_1: entered promiscuous mode
[ 1313.518753][T15520] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1313.526358][T15520] Cannot create hsr debugfs directory
[ 1317.833128][T15651] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1319.652650][T15669] fuse: Bad value for 'fd'
[ 1320.403778][T15672] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1322.535601][T15520] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1322.571138][T15520] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1322.671305][T15520] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1322.721839][T15520] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1322.940065][T15686] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[ 1324.306934][T15520] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1324.368685][T15696] gretap0: left promiscuous mode
[ 1324.404428][T15696] bridge0: port 3(gretap0) entered disabled state
[ 1324.461058][T15696] bridge0: port 4(team0) entered disabled state
[ 1325.338504][T15696] bridge_slave_0: left promiscuous mode
[ 1325.344317][T15696] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1326.654941][T15696] bridge_slave_1: left promiscuous mode
[ 1326.768334][T15696] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1326.799757][T15696] bond1: (slave veth0_to_bond): Releasing active interface
[ 1326.893420][T15696] bond0: (slave bond_slave_0): Releasing backup interface
[ 1327.161611][T15696] bond0: (slave bond_slave_1): Releasing backup interface
[ 1327.404430][T15725] xt_hashlimit: max too large, truncated to 1048576
[ 1327.412445][T15725] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[ 1328.036484][T15696] team_slave_0: left promiscuous mode
[ 1328.087949][T15696] team0: Port device team_slave_0 removed
[ 1328.131278][T15696] team_slave_1: left promiscuous mode
[ 1328.183150][T15696] team0: Port device team_slave_1 removed
[ 1328.200128][T15696] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1328.295607][T15696] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1328.333370][T15696] bond0: (slave wlan1): Releasing backup interface
[ 1328.361966][T15696] bond1: (slave veth3): Releasing active interface
[ 1328.942705][T15706] team0: Mode changed to "loadbalance"
[ 1329.003139][T15520] 8021q: adding VLAN 0 to HW filter on device team0
[ 1329.290484][ T7135] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1329.297692][ T7135] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1329.570284][ T7135] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1329.577510][ T7135] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1332.723305][T15763] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1334.722049][T15783] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2370'.
[ 1335.048708][T15520] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1335.153192][T15791] netlink: 277 bytes leftover after parsing attributes in process `syz.6.2374'.
[ 1335.928515][T15797] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2374'.
[ 1336.852905][T15520] veth0_vlan: entered promiscuous mode
[ 1336.865083][T15520] veth1_vlan: entered promiscuous mode
[ 1336.921703][T15520] veth0_macvtap: entered promiscuous mode
[ 1336.953515][T15520] veth1_macvtap: entered promiscuous mode
[ 1337.013645][T15520] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1337.118991][T15817] xt_time: invalid argument - start or stop time greater than 23:59:59
[ 1337.729074][T15520] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1337.785752][T15520] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1337.839219][T15520] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1337.849827][T15520] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1337.882854][T15520] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1338.246300][ T7154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1339.197448][ T7154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1339.487487][ T7137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1339.526275][ T7137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1348.408804][T15898] tipc: Failed to remove unknown binding: 66,1,1/0:2055064478/2055064480
[ 1348.418164][T15898] tipc: Failed to remove unknown binding: 66,1,1/0:2055064478/2055064480
[ 1351.294833][T11459] Bluetooth: hci2: command 0x0405 tx timeout
[ 1351.840848][T15936] new mount options do not match the existing superblock, will be ignored
[ 1353.378909][T11459] Bluetooth: hci2: command 0x0405 tx timeout
[ 1354.403992][T15958] netlink: 'syz.8.2410': attribute type 1 has an invalid length.
[ 1354.412468][T15958] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2410'.
[ 1354.546499][T15961] ieee802154 phy1 wpan1: encryption failed: -22
[ 1354.729850][T15958] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1355.391237][T15967] atomic_op ffff888029570998 conn xmit_atomic 0000000000000000
[ 1355.525914][T11459] Bluetooth: hci2: Unknown advertising packet type: 0x31
[ 1355.526439][T11459] Bluetooth: hci2: Unknown advertising packet type: 0x20
[ 1355.536112][T11459] Bluetooth: hci2: Malformed LE Event: 0x0d
[ 1358.473313][T15982] sctp: [Deprecated]: syz.5.2412 (pid 15982) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1358.473313][T15982] Use struct sctp_sack_info instead
[ 1359.248746][T15985] netlink: 300 bytes leftover after parsing attributes in process `syz.8.2413'.
[ 1361.908414][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1366.758605][T11459] Bluetooth: hci2: link tx timeout
[ 1366.770489][T11459] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1368.828105][T11459] Bluetooth: hci2: command 0x0405 tx timeout
[ 1369.182959][T16068] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1369.262071][T16070] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1370.904194][T16077] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[ 1372.658896][T16093] netlink: 152 bytes leftover after parsing attributes in process `syz.9.2439'.
[ 1379.213707][T16139] xt_CT: No such helper "netbios-ns"
[ 1382.772824][T11771] IPVS: starting estimator thread 0...
[ 1382.948283][T16164] IPVS: using max 26 ests per chain, 62400 per kthread
[ 1383.415950][T16171] netlink: 4276 bytes leftover after parsing attributes in process `syz.5.2460'.
[ 1383.425279][T16171] netlink: 4276 bytes leftover after parsing attributes in process `syz.5.2460'.
[ 1383.434706][T16171] netlink: 244 bytes leftover after parsing attributes in process `syz.5.2460'.
[ 1384.879508][T16188] netlink: 212376 bytes leftover after parsing attributes in process `syz.9.2458'.
[ 1386.922114][T16195] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1387.343169][T16211] Invalid source name
[ 1387.347320][T16211] UBIFS error (pid: 16211): cannot open "/dev/sg0", error -22
[ 1387.356083][T16211] netlink: 'syz.9.2466': attribute type 3 has an invalid length.
[ 1390.289450][T16216] xt_HMARK: spi-set and port-set can't be combined
[ 1391.734991][T16233] overlayfs: failed to clone upperpath
[ 1392.865166][T16238] tipc: Started in network mode
[ 1392.871098][T16238] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[ 1392.994784][T16238] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[ 1393.007389][T16238] tipc: Enabled bearer <udp:syz0>, priority 10
[ 1394.117940][T14291] tipc: Node number set to 1
[ 1394.133775][T16253] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1394.517063][T16257] tmpfs: Unknown parameter 'quo'
[ 1394.835154][T16258] syzkaller0: entered promiscuous mode
[ 1395.118131][T16258] syzkaller0: entered allmulticast mode
[ 1395.192500][T16260] /dev/nullb0: Can't lookup blockdev
[ 1395.248313][ T5913] tipc: Node number set to 3734007135
[ 1395.803189][T16268] netlink: 'syz.9.2482': attribute type 3 has an invalid length.
[ 1397.063433][T16278] openvswitch: netlink: VXLAN extension message has 45 unknown bytes.
[ 1400.244922][T16261] tipc: Resetting bearer <eth:syzkaller0>
[ 1400.387285][T16249] tipc: Resetting bearer <eth:syzkaller0>
[ 1400.712202][T16249] tipc: Disabling bearer <eth:syzkaller0>
[ 1412.377470][T16344] overlayfs: failed to clone upperpath
[ 1414.606966][T16364] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2503'.
[ 1414.621442][T16364] netlink: 'syz.6.2503': attribute type 2 has an invalid length.
[ 1414.632380][T16364] netlink: 'syz.6.2503': attribute type 2 has an invalid length.
[ 1414.821533][T16364] netlink: 'syz.6.2503': attribute type 2 has an invalid length.
[ 1414.875828][T16364] netlink: 'syz.6.2503': attribute type 1 has an invalid length.
[ 1414.941326][T16364] netlink: 'syz.6.2503': attribute type 2 has an invalid length.
[ 1414.946389][T16338] trusted_key: encrypted_key: insufficient parameters specified
[ 1420.129527][T16409] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1421.383584][T16408] tipc: Disabling bearer <eth:syzkaller0>
[ 1422.888443][T16435] netlink: 'syz.5.2519': attribute type 1 has an invalid length.
[ 1423.172279][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1428.684573][T16473] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[ 1429.287933][T16481] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2529'.
[ 1429.307904][T16481] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2529'.
[ 1429.595201][T16463] ALSA: mixer_oss: invalid OSS volume ''
[ 1429.843536][T16488] hugetlbfs: syz.5.2532 (16488): Using mlock ulimits for SHM_HUGETLB is obsolete
[ 1430.925494][T16491] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2531'.
[ 1431.577542][T16503] kernel read not supported for file /file1 (pid: 16503 comm: syz.8.2535)
[ 1431.602951][   T30] audit: type=1800 audit(1755184708.788:191): pid=16503 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.8.2535" name="file1" dev="mqueue" ino=44538 res=0 errno=0
[ 1432.761346][T16509] netlink: 60 bytes leftover after parsing attributes in process `syz.9.2534'.
[ 1435.032483][T16535] tipc: Started in network mode
[ 1437.088266][T16535] tipc: Node identity de5069e5c163, cluster identity 4711
[ 1437.494485][T16535] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1437.575741][T16537] syzkaller0: entered promiscuous mode
[ 1437.600827][T16537] syzkaller0: entered allmulticast mode
[ 1438.654057][T11731] tipc: Node number set to 523463141
[ 1438.829109][T16562] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2549'.
[ 1438.891719][T16533] tipc: Resetting bearer <eth:syzkaller0>
[ 1439.079221][T16533] tipc: Disabling bearer <eth:syzkaller0>
[ 1441.887562][T11731] IPVS: starting estimator thread 0...
[ 1442.067994][T16594] IPVS: using max 25 ests per chain, 60000 per kthread
[ 1442.881596][T16592] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1442.888987][T16592] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1444.414764][T13940] Bluetooth: hci2: command 0x0405 tx timeout
[ 1446.650766][T11459] Bluetooth: hci2: command 0x0405 tx timeout
[ 1447.912832][T16630] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1447.926033][T16630] syzkaller0: entered promiscuous mode
[ 1447.933271][T16630] syzkaller0: entered allmulticast mode
[ 1448.141688][T16629] tipc: Resetting bearer <eth:syzkaller0>
[ 1448.435627][T16629] tipc: Disabling bearer <eth:syzkaller0>
[ 1450.236989][T16644] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(8)
[ 1450.243636][T16644] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1450.254059][T16644] vhci_hcd vhci_hcd.0: Device attached
[ 1450.549224][T14640] usb 49-1: new high-speed USB device number 2 using vhci_hcd
[ 1450.934724][T16648] vhci_hcd: connection reset by peer
[ 1450.993771][ T7150] vhci_hcd: stop threads
[ 1451.052372][ T7150] vhci_hcd: release socket
[ 1451.105532][ T7150] vhci_hcd: disconnect device
[ 1456.031435][T14640] vhci_hcd: vhci_device speed not set
[ 1456.999605][T16692] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1457.197998][T16694] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1458.344119][T16701] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2582'.
[ 1458.426250][T16701] comedi comedi2: fl512: I/O port conflict (0x10,16)
[ 1459.994375][T16709] netlink: 'syz.7.2586': attribute type 4 has an invalid length.
[ 1460.002566][T16709] netlink: 152 bytes leftover after parsing attributes in process `syz.7.2586'.
[ 1460.013111][T16709] : renamed from Ă
[ 1460.784125][T16717] netlink: 'syz.8.2584': attribute type 12 has an invalid length.
[ 1460.792248][T16717] netlink: 9472 bytes leftover after parsing attributes in process `syz.8.2584'.
[ 1460.989248][T16719] ceph: No mds server is up or the cluster is laggy
[ 1461.038077][ T5963] libceph: connect (1)[c::]:6789 error -101
[ 1461.056030][ T5963] libceph: mon0 (1)[c::]:6789 connect error
[ 1462.124373][T11728] usb 10-1: new full-speed USB device number 2 using dummy_hcd
[ 1462.471603][T11728] usb 10-1: Invalid ep0 maxpacket: 9
[ 1462.805094][T11728] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[ 1463.088266][T11728] usb 10-1: Invalid ep0 maxpacket: 9
[ 1463.357987][T11728] usb usb10-port1: attempt power cycle
[ 1465.051114][T16754] lo speed is unknown, defaulting to 1000
[ 1465.058379][T16754] lo speed is unknown, defaulting to 1000
[ 1465.070712][T16754] lo speed is unknown, defaulting to 1000
[ 1465.198360][T16754] infiniband s: RDMA CMA: cma_listen_on_dev, error -98
[ 1465.422297][T16754] lo speed is unknown, defaulting to 1000
[ 1465.482175][T16754] lo speed is unknown, defaulting to 1000
[ 1465.504965][T16754] lo speed is unknown, defaulting to 1000
[ 1465.528717][T16754] lo speed is unknown, defaulting to 1000
[ 1465.551343][T16754] lo speed is unknown, defaulting to 1000
[ 1465.616470][T16754] lo speed is unknown, defaulting to 1000
[ 1465.624614][T16754] lo speed is unknown, defaulting to 1000
[ 1468.128307][T16773] program syz.6.2598 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1471.377035][T16777] NILFS (nullb0): couldn't find nilfs on the device
[ 1472.166590][T16793] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2604'.
[ 1476.803670][T16827] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2613'.
[ 1477.748817][T13940] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1477.771582][T13940] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1477.788855][T13940] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1477.810044][T13940] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1477.834555][T13940] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1478.016852][T16839] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2617'.
[ 1478.030160][T11459] Bluetooth: hci2: unexpected event for opcode 0x1001
[ 1478.173827][T16829] lo speed is unknown, defaulting to 1000
[ 1478.184298][T16829] lo speed is unknown, defaulting to 1000
[ 1479.938708][T11459] Bluetooth: hci3: command tx timeout
[ 1480.604693][T16829] chnl_net:caif_netlink_parms(): no params data found
[ 1482.052002][T16872] overlay: Unknown parameter '/'
[ 1482.088661][T11459] Bluetooth: hci3: command tx timeout
[ 1483.518409][T16829] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1483.610477][T16883] Invalid ELF header magic: != ELF
[ 1484.096936][T16829] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1484.105620][T11459] Bluetooth: hci3: command tx timeout
[ 1484.146614][T16829] bridge_slave_0: entered allmulticast mode
[ 1484.279995][T16829] bridge_slave_0: entered promiscuous mode
[ 1484.309713][T16829] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1484.317001][T16829] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1484.344781][T16829] bridge_slave_1: entered allmulticast mode
[ 1484.409433][T16829] bridge_slave_1: entered promiscuous mode
[ 1484.584287][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1485.668807][T16893] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1485.676969][T16893] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1486.114987][T16829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1486.138405][T16829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1486.178594][T11459] Bluetooth: hci3: command tx timeout
[ 1486.885700][T16829] team0: Port device team_slave_0 added
[ 1486.939720][T16829] team0: Port device team_slave_1 added
[ 1488.046007][T16903] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2630'.
[ 1488.134882][T16829] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1488.268936][T16829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1488.300168][T16829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1488.313324][T16829] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1488.324844][T16829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1488.991831][T16829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1489.107581][T16829] hsr_slave_0: entered promiscuous mode
[ 1489.120399][T16829] hsr_slave_1: entered promiscuous mode
[ 1489.147560][T16829] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1489.171391][T16829] Cannot create hsr debugfs directory
[ 1490.017217][T16922] veth0_to_team: entered promiscuous mode
[ 1490.024179][T16922] veth0_to_team: entered allmulticast mode
[ 1492.066218][T16938] bridge1: entered promiscuous mode
[ 1492.071921][T16938] bridge1: entered allmulticast mode
[ 1492.089430][T16938] team0: Port device bridge1 added
[ 1492.395788][T16939] overlayfs: overlapping lowerdir path
[ 1493.298202][T16946] netlink: 'syz.6.2638': attribute type 16 has an invalid length.
[ 1493.307254][T16946] netlink: 'syz.6.2638': attribute type 17 has an invalid length.
[ 1493.813780][T16946] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1493.821169][T16946] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1493.828899][T16946] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1493.836237][T16946] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1494.798290][T16946] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1495.597978][T11728] usb 10-1: new low-speed USB device number 5 using dummy_hcd
[ 1495.614566][T16956] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1495.799648][T11728] usb 10-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1495.821088][T11728] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1495.841533][T11728] usb 10-1: config 0 descriptor??
[ 1498.273108][T16829] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1498.891595][T16829] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1499.024270][T16829] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1500.127438][T11728] asix 10-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1500.203368][T11728] asix 10-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9
[ 1500.252518][T11728] asix 10-1:0.0: probe with driver asix failed with error -71
[ 1500.267789][T16829] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1500.324977][T11755] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[ 1500.342760][T11728] usb 10-1: USB disconnect, device number 5
[ 1500.559835][T11755] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1500.578854][T16997] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1500.582350][T11755] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 2023, setting to 64
[ 1500.818330][T17008] syzkaller0: entered promiscuous mode
[ 1500.822898][T11755] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1500.824278][T17008] syzkaller0: entered allmulticast mode
[ 1500.833443][T11755] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1500.833472][T11755] usb 9-1: Product: syz
[ 1500.833488][T11755] usb 9-1: Manufacturer: syz
[ 1500.833503][T11755] usb 9-1: SerialNumber: syz
[ 1500.841989][T16990] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1500.870576][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1502.073617][T17013] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1502.106847][T16996] tipc: Resetting bearer <eth:syzkaller0>
[ 1502.183349][T16996] tipc: Disabling bearer <eth:syzkaller0>
[ 1502.835205][T16829] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1502.934732][T16829] 8021q: adding VLAN 0 to HW filter on device team0
[ 1502.965598][T15096] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1502.972898][T15096] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1503.014502][T15096] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1503.022124][T15096] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1503.227883][T11755] cdc_ncm 9-1:1.0: bind() failure
[ 1503.382243][T11755] cdc_ncm 9-1:1.1: CDC Union missing and no IAD found
[ 1503.414786][T11755] cdc_ncm 9-1:1.1: bind() failure
[ 1503.442179][T11755] usb 9-1: USB disconnect, device number 2
[ 1505.066398][T17044] xt_l2tp: v2 sid > 0xffff: 262144
[ 1506.416931][T17054] new mount options do not match the existing superblock, will be ignored
[ 1506.435234][T17054] option changes via remount are deprecated (pid=17048 comm=syz.8.2661)
[ 1507.489222][T16829] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1507.568927][T16829] veth0_vlan: entered promiscuous mode
[ 1507.589308][T16829] veth1_vlan: entered promiscuous mode
[ 1507.636079][T16829] veth0_macvtap: entered promiscuous mode
[ 1507.655601][T16829] veth1_macvtap: entered promiscuous mode
[ 1507.699029][T16829] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1507.722162][T16829] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1507.740428][T16829] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1507.750232][T16829] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1507.760668][T16829] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1507.769880][T16829] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1509.973788][ T7146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1510.051667][ T7146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1510.273689][ T7146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1510.361442][ T7146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1510.574317][T17079] Cannot find map_set index 0 as target
[ 1510.611020][   T30] audit: type=1800 audit(1755185043.798:192): pid=17081 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.7.2669" name="SYSV798dd830" dev="tmpfs" ino=0 res=0 errno=0
[ 1510.678739][T11771] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1512.161511][T11771] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1512.265839][T11771] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[ 1512.309896][T11771] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1512.387692][T11771] usb 7-1: config 0 descriptor??
[ 1513.646718][T11771] usbhid 7-1:0.0: can't add hid device: -71
[ 1513.664575][T11771] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1513.838697][T11771] usb 7-1: USB disconnect, device number 4
[ 1514.338775][T17113] befs: (nullb0): invalid magic header
[ 1514.847055][T17107] ceph: No mds server is up or the cluster is laggy
[ 1514.961393][T16977] libceph: connect (1)[c::]:6789 error -101
[ 1514.994517][T16977] libceph: mon0 (1)[c::]:6789 connect error
[ 1515.288147][T16977] libceph: connect (1)[c::]:6789 error -101
[ 1515.309001][T16977] libceph: mon0 (1)[c::]:6789 connect error
[ 1515.908013][T16977] libceph: connect (1)[c::]:6789 error -101
[ 1515.963098][T16977] libceph: mon0 (1)[c::]:6789 connect error
[ 1518.163096][T17127] bridge2: entered promiscuous mode
[ 1518.193520][T17127] bridge2: entered allmulticast mode
[ 1518.420126][T17127] team0: Port device bridge2 added
[ 1524.310810][T17174] netlink: 'syz.8.2686': attribute type 1 has an invalid length.
[ 1525.678262][T17182] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[ 1525.714817][T17187] atomic_op ffff88807bae5998 conn xmit_atomic 0000000000000000
[ 1527.570152][T17200] ubi31: attaching mtd0
[ 1527.591243][T17200] ubi31: scanning is finished
[ 1529.497911][T17200] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1529.506071][T17200] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1529.514174][T17200] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1529.521327][T17200] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[ 1529.529654][T17200] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1529.536885][T17200] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1529.545119][T17200] ubi31: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 2032120937
[ 1529.555357][T17200] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1530.099407][T17210] ubi31: background thread "ubi_bgt31d" started, PID 17210
[ 1530.553871][   T30] audit: type=1326 audit(1755185063.690:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1531.190726][   T30] audit: type=1326 audit(1755185063.690:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1531.214387][   T30] audit: type=1326 audit(1755185063.690:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1531.264977][   T30] audit: type=1326 audit(1755185063.690:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1531.288050][   T30] audit: type=1326 audit(1755185063.690:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1531.311081][   T30] audit: type=1326 audit(1755185063.690:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1531.475099][T17227] batadv1: entered promiscuous mode
[ 1534.323895][T16977] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[ 1534.334661][   T30] audit: type=1326 audit(1755185063.700:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1534.465690][   T30] audit: type=1326 audit(1755185063.700:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1534.532096][T16977] usb 4-1: Using ep0 maxpacket: 8
[ 1534.592681][T16977] usb 4-1: New USB device found, idVendor=05dc, idProduct=0001, bcdDevice= 0.01
[ 1534.713459][   T30] audit: type=1326 audit(1755185063.700:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1534.737602][T16977] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1535.404867][T16977] usb 4-1: config 0 descriptor??
[ 1535.663094][   T30] audit: type=1326 audit(1755185063.700:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1536.676920][T16977] ums-jumpshot 4-1:0.0: USB Mass Storage device detected
[ 1537.380277][T16977] ums-jumpshot 4-1:0.0: Quirks match for vid 05dc pid 0001: 2
[ 1537.440233][   T30] audit: type=1326 audit(1755185063.700:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1537.512118][   T30] audit: type=1326 audit(1755185063.700:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1537.540175][   T30] audit: type=1326 audit(1755185063.700:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1537.746823][T16977] usb 4-1: USB disconnect, device number 2
[ 1537.765940][   T30] audit: type=1326 audit(1755185063.700:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f595f98d550 code=0x7ffc0000
[ 1537.789081][   T30] audit: type=1326 audit(1755185063.710:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1537.814225][   T30] audit: type=1326 audit(1755185063.710:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1537.836425][   T30] audit: type=1326 audit(1755185063.710:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1538.817212][   T30] audit: type=1326 audit(1755185063.710:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1539.073326][   T30] audit: type=1326 audit(1755185063.720:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17212 comm="syz.3.2696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x7ffc0000
[ 1541.668754][T17282] bridge1: entered promiscuous mode
[ 1541.674652][T17282] bridge1: entered allmulticast mode
[ 1542.172687][T17286] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1542.192530][T17286] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1542.208667][T17286] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1542.675145][T17286] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1542.748014][T17286] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1543.276057][T17285] lo speed is unknown, defaulting to 1000
[ 1544.002111][T14218] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[ 1544.224813][T14218] usb 4-1: device descriptor read/64, error -71
[ 1544.966587][T14218] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[ 1545.132280][T11459] Bluetooth: hci4: command tx timeout
[ 1545.351942][T14218] usb 4-1: device descriptor read/64, error -71
[ 1545.656188][T14218] usb usb4-port1: attempt power cycle
[ 1545.773799][T17311] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1546.024857][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1547.588567][T11459] Bluetooth: hci4: command tx timeout
[ 1548.617868][T15096] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1549.030120][T17285] lo speed is unknown, defaulting to 1000
[ 1550.371875][T11459] Bluetooth: hci4: command tx timeout
[ 1550.945186][T15096] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1551.115374][T17328] syzkaller1: entered promiscuous mode
[ 1551.811750][T17328] syzkaller1: entered allmulticast mode
[ 1552.166487][T15096] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1552.432874][T17286] Bluetooth: hci4: command tx timeout
[ 1555.948837][T15096] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1558.174575][T17285] chnl_net:caif_netlink_parms(): no params data found
[ 1559.446353][T17285] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1559.464569][T17285] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1559.500204][T17285] bridge_slave_0: entered allmulticast mode
[ 1559.528128][T17285] bridge_slave_0: entered promiscuous mode
[ 1560.529719][T17285] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1560.632645][T17285] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1560.670477][T17285] bridge_slave_1: entered allmulticast mode
[ 1560.678391][T17285] bridge_slave_1: entered promiscuous mode
[ 1560.707190][T15096] bridge_slave_1: left allmulticast mode
[ 1560.720920][T15096] bridge_slave_1: left promiscuous mode
[ 1560.732732][T15096] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1560.768027][T15096] bridge_slave_0: left allmulticast mode
[ 1560.773890][T15096] bridge_slave_0: left promiscuous mode
[ 1560.782624][T15096] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1563.401298][T15096] bond1 (unregistering): (slave gretap1): Releasing active interface
[ 1563.564311][T15096] team0: Port device geneve0 removed
[ 1564.716696][T15096] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1564.761281][T15096] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1564.794415][T15096] bond0 (unregistering): Released all slaves
[ 1565.167594][T17458] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1565.882635][T15096] bond1 (unregistering): Released all slaves
[ 1565.941871][T17452] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1565.955759][T17452] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1565.965789][T17452] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1566.255440][T17285] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1566.864336][T17285] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1567.567221][T17473] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1570.024730][T17285] team0: Port device team_slave_0 added
[ 1570.270860][T17285] team0: Port device team_slave_1 added
[ 1570.655658][T17285] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1571.242933][T17493] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1571.254293][T17493] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1571.623477][T17285] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1571.649595][T17285] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1571.662490][T17285] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1571.852787][T17285] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1571.996500][T17285] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1573.089884][T15096] tipc: Left network mode
[ 1576.223087][T17285] hsr_slave_0: entered promiscuous mode
[ 1576.248145][T17285] hsr_slave_1: entered promiscuous mode
[ 1576.254915][T17285] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1576.266735][T17285] Cannot create hsr debugfs directory
[ 1577.962556][T11459] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1578.099858][T11459] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1578.717638][T11459] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1578.804687][T11459] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1578.844972][T11459] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1579.464833][T17542] netlink: 'syz.7.2765': attribute type 1 has an invalid length.
[ 1581.239461][T17286] Bluetooth: hci0: command tx timeout
[ 1582.630067][T15096] hsr_slave_0: left promiscuous mode
[ 1582.886975][T17559] program syz.9.2770 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1582.900239][T15096] hsr_slave_1: left promiscuous mode
[ 1582.957597][T15096] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1582.965286][T15096] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1582.975927][T17561] program syz.9.2770 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1582.997101][T15096] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1583.019674][T17561] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1583.049660][T17561] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2770'.
[ 1583.059482][T15096] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1583.163369][T15096] team_slave_0: left promiscuous mode
[ 1583.169476][T15096] team_slave_1: left promiscuous mode
[ 1583.185629][T15096] veth1_macvtap: left promiscuous mode
[ 1583.193643][T15096] veth0_macvtap: left promiscuous mode
[ 1583.205498][T15096] veth1_vlan: left promiscuous mode
[ 1583.214537][T15096] veth0_vlan: left promiscuous mode
[ 1583.301971][T17286] Bluetooth: hci0: command tx timeout
[ 1583.958187][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 1583.958206][   T30] audit: type=1326 audit(1755185116.667:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17569 comm="syz.7.2772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1584.018097][   T30] audit: type=1326 audit(1755185116.667:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17569 comm="syz.7.2772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1584.117909][   T30] audit: type=1326 audit(1755185116.667:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17569 comm="syz.7.2772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1584.207255][   T30] audit: type=1326 audit(1755185116.667:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17569 comm="syz.7.2772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1584.244956][   T30] audit: type=1326 audit(1755185117.157:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17569 comm="syz.7.2772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1584.274578][   T30] audit: type=1326 audit(1755185117.157:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17569 comm="syz.7.2772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1585.434764][T17286] Bluetooth: hci0: command tx timeout
[ 1586.492849][T15096] team0 (unregistering): Port device team_slave_1 removed
[ 1586.678242][T17587] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[ 1586.678242][T17587] The task syz.7.2775 (17587) triggered the difference, watch for misbehavior.
[ 1586.804557][T15096] team0 (unregistering): Port device team_slave_0 removed
[ 1587.452336][T17286] Bluetooth: hci0: command tx timeout
[ 1588.519778][T17529] lo speed is unknown, defaulting to 1000
[ 1592.573165][T17618] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[ 1593.007530][T17529] lo speed is unknown, defaulting to 1000
[ 1598.773915][T17660] ubi31: detaching mtd0
[ 1599.941282][T17656] delete_channel: no stack
[ 1599.954758][T17660] ubi31: mtd0 is detached
[ 1601.230689][T11459] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1601.241095][T11459] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1601.250582][T11459] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1601.260785][T11459] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1601.268830][T11459] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1601.371207][T15096] IPVS: stop unused estimator thread 0...
[ 1601.581373][T17529] chnl_net:caif_netlink_parms(): no params data found
[ 1601.664824][T17676] lo speed is unknown, defaulting to 1000
[ 1601.696220][T17676] lo speed is unknown, defaulting to 1000
[ 1601.997918][T17680] netlink: 'syz.3.2794': attribute type 7 has an invalid length.
[ 1602.106294][T17691] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1602.114526][T17691] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[ 1602.125224][T17691] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[ 1602.133182][T17691] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[ 1602.907825][T17680] : entered promiscuous mode
[ 1603.240347][   T59] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1603.365734][T11459] Bluetooth: hci5: command tx timeout
[ 1605.115962][T11459] Bluetooth: hci3: command 0x0406 tx timeout
[ 1606.340765][T17286] Bluetooth: hci5: command tx timeout
[ 1607.804504][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1608.291819][T17712] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[ 1608.302720][T17529] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1608.310266][T17705] IPVS: stopping backup sync thread 17712 ...
[ 1608.324687][T17529] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1608.332015][T17529] bridge_slave_0: entered allmulticast mode
[ 1608.357338][T17529] bridge_slave_0: entered promiscuous mode
[ 1608.404862][T17286] Bluetooth: hci5: command tx timeout
[ 1608.475008][   T59] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1608.779384][T17726] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2802'.
[ 1609.721156][T17529] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1609.730562][T17529] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1609.761263][T17529] bridge_slave_1: entered allmulticast mode
[ 1609.815025][T17529] bridge_slave_1: entered promiscuous mode
[ 1610.066487][   T59] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1610.943380][T17286] Bluetooth: hci5: command tx timeout
[ 1613.829703][   T59] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1614.852188][T17529] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1614.908678][T17752] blktrace: Concurrent blktraces are not allowed on sg0
[ 1615.172165][T17529] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1616.504337][T17772] Smack: duplicate mount options
[ 1616.975887][T17776] fuse: Unknown parameter '0x000000000000000a'
[ 1620.412279][T17529] team0: Port device team_slave_0 added
[ 1621.418820][T17529] team0: Port device team_slave_1 added
[ 1621.804021][T17529] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1621.848626][T17529] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1621.993518][T14218] IPVS: starting estimator thread 0...
[ 1622.113223][T17793] IPVS: using max 24 ests per chain, 57600 per kthread
[ 1622.177316][T17529] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1622.912252][T17529] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1622.931851][T17529] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1622.968463][T17529] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1623.268772][T17800] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2818'.
[ 1623.322910][    C1] sd 0:0:1:0: [sda] tag#4146 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[ 1623.333439][    C1] sd 0:0:1:0: [sda] tag#4146 CDB: Read(6) 08 00 00 00 03 44
[ 1624.434793][T17676] chnl_net:caif_netlink_parms(): no params data found
[ 1624.908035][T17809] binder: 17807:17809 ioctl c0046209 0 returned -22
[ 1625.648531][   T59] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1625.786556][T17529] hsr_slave_0: entered promiscuous mode
[ 1625.811314][T17529] hsr_slave_1: entered promiscuous mode
[ 1625.819868][T17529] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1625.828271][T17529] Cannot create hsr debugfs directory
[ 1626.471253][T17824] Bluetooth: MGMT ver 1.23
[ 1626.715288][   T59] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1628.005103][T17840] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1629.743618][   T59] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1630.072856][T17851] netlink: 20 bytes leftover after parsing attributes in process `syz.9.2829'.
[ 1630.708387][   T59] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1631.142897][T17857] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1631.151444][T17857] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1631.161247][T17857] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1631.169628][T17857] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1631.184920][T17860] netlink: 'syz.7.2830': attribute type 10 has an invalid length.
[ 1631.236782][T17861] netlink: 'syz.7.2830': attribute type 2 has an invalid length.
[ 1631.446463][T17860] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1631.454821][T17860] : (slave batadv0): Enslaving as an active interface with an up link
[ 1631.506919][T17676] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1631.515611][T17676] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1631.554106][T17676] bridge_slave_0: entered allmulticast mode
[ 1631.574038][T17676] bridge_slave_0: entered promiscuous mode
[ 1631.596223][T17676] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1631.613158][T17676] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1631.625163][T17676] bridge_slave_1: entered allmulticast mode
[ 1631.634826][T17676] bridge_slave_1: entered promiscuous mode
[ 1631.665108][   T30] audit: type=1400 audit(1755185677.864:219): lsm=SMACK fn=smk_curacc_sem action=denied subject="w" object="_" requested=rw pid=17864 comm="syz.9.2832" ipc_key=0 
[ 1632.169224][   T30] audit: type=1400 audit(1755185677.864:220): lsm=SMACK fn=smack_inode_permission action=denied subject="w" object="_" requested=wx pid=17864 comm="syz.9.2832" name="109" dev="tmpfs" ino=607
[ 1633.553213][T17676] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1634.512719][T17676] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1636.379882][T17889] overlay: Unknown parameter '/'
[ 1639.359971][T17676] team0: Port device team_slave_0 added
[ 1641.282784][T11459] Bluetooth: hci5: command 0x0405 tx timeout
[ 1643.945178][T17676] team0: Port device team_slave_1 added
[ 1644.139128][T11459] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1644.151626][T11459] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1644.160728][T11459] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1644.170841][T11459] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1644.182222][T11459] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1644.751257][   T30] audit: type=1326 audit(1755185690.482:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17923 comm="syz.9.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f995358ebe9 code=0x7ffc0000
[ 1644.894603][   T30] audit: type=1326 audit(1755185690.482:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17923 comm="syz.9.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f995358ebe9 code=0x7ffc0000
[ 1644.947343][T17932] tmpfs: Unknown parameter 'yű8vO'
[ 1644.990987][   T30] audit: type=1326 audit(1755185690.482:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17923 comm="syz.9.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f995358ebe9 code=0x7ffc0000
[ 1645.173315][   T30] audit: type=1326 audit(1755185690.482:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17923 comm="syz.9.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f995358ebe9 code=0x7ffc0000
[ 1645.376395][   T30] audit: type=1326 audit(1755185690.942:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17923 comm="syz.9.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f995358ebe9 code=0x7ffc0000
[ 1645.398659][   T30] audit: type=1326 audit(1755185690.942:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17923 comm="syz.9.2845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f995358ebe9 code=0x7ffc0000
[ 1645.518269][   T59] bridge_slave_1: left allmulticast mode
[ 1645.533603][   T59] bridge_slave_1: left promiscuous mode
[ 1645.571260][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1645.627872][   T59] bridge_slave_0: left allmulticast mode
[ 1645.654033][T17938] input: syz0 as /devices/virtual/input/input17
[ 1645.665983][   T59] bridge_slave_0: left promiscuous mode
[ 1646.312161][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1647.123544][T11459] Bluetooth: hci4: command tx timeout
[ 1649.204658][T11459] Bluetooth: hci4: command tx timeout
[ 1651.303994][T11459] Bluetooth: hci4: command tx timeout
[ 1651.440811][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1651.455108][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1651.467620][   T59] bond0 (unregistering): Released all slaves
[ 1652.398373][T17972] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2856'.
[ 1653.989444][T11459] Bluetooth: hci4: command tx timeout
[ 1656.102091][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1656.186032][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1656.217643][   T59] bond0 (unregistering): Released all slaves
[ 1656.242840][T17676] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1656.259753][T17676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1656.365275][T17676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1656.388591][T17676] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1656.400872][T17676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1657.034819][T17676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1657.111771][T17912] lo speed is unknown, defaulting to 1000
[ 1657.268134][   T59] tipc: Disabling bearer <udp:syz2>
[ 1657.295304][   T59] tipc: Left network mode
[ 1657.303716][T18027] netlink: 'syz.3.2862': attribute type 4 has an invalid length.
[ 1657.338654][   T59] tipc: Left network mode
[ 1657.344965][T17912] lo speed is unknown, defaulting to 1000
[ 1658.671076][T17676] hsr_slave_0: entered promiscuous mode
[ 1658.686434][T17676] hsr_slave_1: entered promiscuous mode
[ 1658.700822][T17676] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1658.739291][T17676] Cannot create hsr debugfs directory
[ 1659.067814][T18040] netlink: 'syz.3.2864': attribute type 10 has an invalid length.
[ 1659.814155][T18040] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1662.255525][T11459] Bluetooth: hci2: command 0x0405 tx timeout
[ 1662.263220][T17057] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[ 1662.314931][T17057] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[ 1662.336646][T18059] program syz.3.2867 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1662.377732][T18059] program syz.3.2867 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1662.394565][T18059] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1662.613839][T17912] chnl_net:caif_netlink_parms(): no params data found
[ 1662.900001][T17912] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1662.914197][T17912] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1662.924268][T17912] bridge_slave_0: entered allmulticast mode
[ 1662.939250][T17912] bridge_slave_0: entered promiscuous mode
[ 1662.958587][T17912] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1662.973469][T17912] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1662.982967][T17912] bridge_slave_1: entered allmulticast mode
[ 1662.999611][T17912] bridge_slave_1: entered promiscuous mode
[ 1664.154102][T17912] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1664.177913][T17912] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1664.326202][T17912] team0: Port device team_slave_0 added
[ 1664.364010][T17912] team0: Port device team_slave_1 added
[ 1664.645807][T11459] Bluetooth: hci3: command 0x0406 tx timeout
[ 1664.654393][T17057] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[ 1664.668980][T17057] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[ 1665.385376][T18081] netlink: 56 bytes leftover after parsing attributes in process `syz.7.2871'.
[ 1665.495753][T17912] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1665.502851][T17912] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1665.529874][T17912] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1665.583696][T17912] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1665.594280][T17912] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1665.676387][T17912] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1665.970627][T17912] hsr_slave_0: entered promiscuous mode
[ 1665.981043][T17912] hsr_slave_1: entered promiscuous mode
[ 1665.990730][T17912] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1666.004545][T17912] Cannot create hsr debugfs directory
[ 1666.134674][T18088] hub 8-0:1.0: USB hub found
[ 1666.143197][T18088] hub 8-0:1.0: 1 port detected
[ 1667.846239][T17057] Bluetooth: hci4: Opcode 0x0c1a failed: -110
[ 1667.846796][T11459] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1667.852506][T17057] Bluetooth: hci4: Error when powering off device on rfkill (-110)
[ 1667.912692][T17286] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1667.954860][T17912] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1667.992117][T17286] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1668.003418][T17286] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1668.043880][T17286] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1668.054877][T17286] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1668.991747][T14640] IPVS: starting estimator thread 0...
[ 1668.997703][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1669.556332][T18110] IPVS: using max 28 ests per chain, 67200 per kthread
[ 1669.918045][T17912] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1669.934203][T17912] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1669.945915][T17912] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1670.429537][T17912] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1670.454620][T17912] 8021q: adding VLAN 0 to HW filter on device team0
[ 1670.473917][ T7150] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1670.481307][ T7150] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1670.650047][ T7135] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1670.657366][ T7135] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1672.067043][T18139] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2881'.
[ 1672.378468][T17912] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1672.913126][T17912] veth0_vlan: entered promiscuous mode
[ 1672.923362][T17912] veth1_vlan: entered promiscuous mode
[ 1672.984390][T18143] block device autoloading is deprecated and will be removed.
[ 1673.058046][T17912] veth0_macvtap: entered promiscuous mode
[ 1673.071406][T17912] veth1_macvtap: entered promiscuous mode
[ 1673.093310][T17912] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1673.118776][T17912] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1673.137396][T17912] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1673.146870][T17912] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1673.155708][T17912] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1673.177194][T17912] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1676.704669][   T30] audit: type=1326 audit(1755185722.508:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18168 comm="syz.3.2889" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f595f98ebe9 code=0x0
[ 1678.580984][   T30] audit: type=1326 audit(1755185724.778:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18183 comm="syz.7.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1678.603495][   T30] audit: type=1326 audit(1755185724.778:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18183 comm="syz.7.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1678.626924][   T30] audit: type=1326 audit(1755185724.788:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18183 comm="syz.7.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1678.626965][   T30] audit: type=1326 audit(1755185724.788:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18183 comm="syz.7.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1678.626998][   T30] audit: type=1326 audit(1755185724.788:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18183 comm="syz.7.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1678.627031][   T30] audit: type=1326 audit(1755185724.788:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18183 comm="syz.7.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1678.627063][   T30] audit: type=1326 audit(1755185724.788:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18183 comm="syz.7.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1678.627097][   T30] audit: type=1326 audit(1755185724.788:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18183 comm="syz.7.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1678.627898][   T30] audit: type=1326 audit(1755185724.788:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18183 comm="syz.7.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f5be6f8ebe9 code=0x7ffc0000
[ 1678.701190][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1678.732957][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1678.849992][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1730.337205][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1791.784635][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1819.944516][   T31] INFO: task kworker/u8:4:59 blocked for more than 143 seconds.
[ 1819.952286][   T31]       Not tainted 6.16.0-syzkaller #0
[ 1819.957987][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1819.967022][   T31] task:kworker/u8:4    state:D stack:19816 pid:59    tgid:59    ppid:2      task_flags:0x4208060 flags:0x00004000
[ 1819.979177][   T31] Workqueue: netns cleanup_net
[ 1819.983978][   T31] Call Trace:
[ 1819.988470][   T31]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1819.991442][   T31]  __schedule+0x16aa/0x4c90
[ 1820.001687][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1820.008886][   T31]  ? schedule+0x165/0x360
[ 1820.013385][   T31]  ? __pfx___schedule+0x10/0x10
[ 1820.021589][   T31]  ? schedule+0x91/0x360
[ 1820.044182][   T31]  schedule+0x165/0x360
[ 1820.048413][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1820.053900][   T31]  __mutex_lock+0x724/0xe80
[ 1820.092476][   T31]  ? kobject_put+0x43f/0x480
[ 1820.100186][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1820.105807][   T31]  ? rfkill_unregister+0xc8/0x220
[ 1820.110906][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1820.117107][   T31]  ? __pfx_device_del+0x10/0x10
[ 1820.122027][   T31]  rfkill_unregister+0xc8/0x220
[ 1820.127403][   T31]  wiphy_unregister+0x238/0xae0
[ 1820.132307][   T31]  ? __pfx_skb_queue_purge_reason+0x10/0x10
[ 1820.138981][   T31]  ? __pfx_wiphy_unregister+0x10/0x10
[ 1820.144444][   T31]  ? kasan_quarantine_put+0xdd/0x220
[ 1820.149759][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1820.155349][   T31]  ? kfree+0x18e/0x440
[ 1820.159467][   T31]  ieee80211_unregister_hw+0x1e2/0x2c0
[ 1820.165319][   T31]  mac80211_hwsim_del_radio+0x275/0x460
[ 1820.171140][   T31]  ? __pfx_mac80211_hwsim_del_radio+0x10/0x10
[ 1820.177556][   T31]  hwsim_exit_net+0x584/0x640
[ 1820.182281][   T31]  ? __pfx_hwsim_exit_net+0x10/0x10
[ 1820.187562][   T31]  ? __ip_vs_dev_cleanup_batch+0x238/0x260
[ 1820.193416][   T31]  ops_undo_list+0x497/0x990
[ 1820.198500][   T31]  ? __pfx_ops_undo_list+0x10/0x10
[ 1820.203722][   T31]  cleanup_net+0x4c5/0x800
[ 1820.208235][   T31]  ? __pfx_cleanup_net+0x10/0x10
[ 1820.213227][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1820.218538][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1820.224618][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1820.230394][   T31]  process_scheduled_works+0xade/0x17b0
[ 1820.236180][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1820.242225][   T31]  worker_thread+0x8a0/0xda0
[ 1820.246934][   T31]  kthread+0x70e/0x8a0
[ 1820.251022][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1820.256467][   T31]  ? __pfx_kthread+0x10/0x10
[ 1820.261100][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1820.266386][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1820.271679][   T31]  ? __pfx_kthread+0x10/0x10
[ 1820.276436][   T31]  ret_from_fork+0x3fc/0x770
[ 1820.281057][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1820.286534][   T31]  ? __switch_to_asm+0x39/0x70
[ 1820.291334][   T31]  ? __switch_to_asm+0x33/0x70
[ 1820.296339][   T31]  ? __pfx_kthread+0x10/0x10
[ 1820.300980][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1820.305957][   T31]  </TASK>
[ 1820.309107][   T31] INFO: task kworker/1:4:11752 blocked for more than 143 seconds.
[ 1820.317472][   T31]       Not tainted 6.16.0-syzkaller #0
[ 1820.323028][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1820.331785][   T31] task:kworker/1:4     state:D stack:24544 pid:11752 tgid:11752 ppid:2      task_flags:0x4208060 flags:0x00004000
[ 1820.344047][   T31] Workqueue: events rfkill_sync_work
[ 1820.349516][   T31] Call Trace:
[ 1820.352884][   T31]  <TASK>
[ 1820.356555][   T31]  __schedule+0x16aa/0x4c90
[ 1820.361102][   T31]  ? do_raw_spin_unlock+0x122/0x240
[ 1820.366426][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1820.372812][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1820.378305][   T31]  ? schedule+0x165/0x360
[ 1820.382743][   T31]  ? __pfx___schedule+0x10/0x10
[ 1820.387900][   T31]  ? schedule+0x91/0x360
[ 1820.392156][   T31]  schedule+0x165/0x360
[ 1820.396493][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1820.401965][   T31]  __mutex_lock+0x724/0xe80
[ 1820.406539][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1820.411488][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1820.416486][   T31]  ? nfc_rfkill_set_block+0x50/0x2e0
[ 1820.421884][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1820.426984][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1820.432210][   T31]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1820.438240][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1820.444801][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 1820.450787][   T31]  nfc_rfkill_set_block+0x50/0x2e0
[ 1820.455985][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 1820.461747][   T31]  rfkill_set_block+0x1cf/0x440
[ 1820.466738][   T31]  rfkill_sync_work+0x114/0x200
[ 1820.471597][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1820.477696][   T31]  process_scheduled_works+0xade/0x17b0
[ 1820.483325][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1820.489406][   T31]  worker_thread+0x8a0/0xda0
[ 1820.494162][   T31]  kthread+0x70e/0x8a0
[ 1820.498265][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1820.503415][   T31]  ? __pfx_kthread+0x10/0x10
[ 1820.508340][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1820.513566][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1820.518877][   T31]  ? __pfx_kthread+0x10/0x10
[ 1820.523484][   T31]  ret_from_fork+0x3fc/0x770
[ 1820.528135][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1820.533266][   T31]  ? __switch_to_asm+0x39/0x70
[ 1820.538442][   T31]  ? __switch_to_asm+0x33/0x70
[ 1820.543405][   T31]  ? __pfx_kthread+0x10/0x10
[ 1820.548077][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1820.552893][   T31]  </TASK>
[ 1820.556129][   T31] INFO: task syz-executor:17912 blocked for more than 143 seconds.
[ 1820.564041][   T31]       Not tainted 6.16.0-syzkaller #0
[ 1820.570599][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1820.579344][   T31] task:syz-executor    state:D stack:21032 pid:17912 tgid:17912 ppid:1      task_flags:0x400140 flags:0x00004004
[ 1820.591401][   T31] Call Trace:
[ 1820.595065][   T31]  <TASK>
[ 1820.598021][   T31]  __schedule+0x16aa/0x4c90
[ 1820.602643][   T31]  ? __kasan_slab_free+0x62/0x70
[ 1820.607674][   T31]  ? security_file_open+0xb1/0x270
[ 1820.612808][   T31]  ? __lock_acquire+0x9c1/0xd20
[ 1820.617852][   T31]  ? schedule+0x165/0x360
[ 1820.622286][   T31]  ? __pfx___schedule+0x10/0x10
[ 1820.627444][   T31]  ? schedule+0x91/0x360
[ 1820.631702][   T31]  schedule+0x165/0x360
[ 1820.636091][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1820.641601][   T31]  __mutex_lock+0x724/0xe80
[ 1820.646192][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1820.650891][   T31]  ? misc_open+0x51/0x330
[ 1820.655547][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1820.660636][   T31]  misc_open+0x51/0x330
[ 1820.664903][   T31]  chrdev_open+0x4c9/0x5e0
[ 1820.669358][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1820.674551][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1820.679535][   T31]  do_dentry_open+0xdf0/0x1970
[ 1820.684683][   T31]  vfs_open+0x3b/0x340
[ 1820.688813][   T31]  ? path_openat+0x2ecd/0x3830
[ 1820.693600][   T31]  path_openat+0x2ee5/0x3830
[ 1820.698334][   T31]  ? arch_stack_walk+0xfc/0x150
[ 1820.703325][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1820.708404][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1820.714900][   T31]  do_filp_open+0x1fa/0x410
[ 1820.719466][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1820.724435][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1820.729568][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1820.734536][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1820.738934][   T31]  do_sys_openat2+0x121/0x1c0
[ 1820.743651][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1820.749343][   T31]  ? fput_close_sync+0x119/0x200
[ 1820.754550][   T31]  ? __pfx_fput_close_sync+0x10/0x10
[ 1820.759883][   T31]  __x64_sys_openat+0x138/0x170
[ 1820.764841][   T31]  do_syscall_64+0xfa/0x3b0
[ 1820.769418][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1820.775899][   T31]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1820.782100][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1820.786865][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1820.792786][   T31] RIP: 0033:0x7f0f6a78d550
[ 1820.797344][   T31] RSP: 002b:00007ffde8d18870 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1820.805957][   T31] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f0f6a78d550
[ 1820.813947][   T31] RDX: 0000000000000002 RSI: 00007f0f6a8128cd RDI: 00000000ffffff9c
[ 1820.821975][   T31] RBP: 00007f0f6a8128cd R08: 0000000000000000 R09: 0000000000000000
[ 1820.830809][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000008
[ 1820.839150][   T31] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[ 1820.847482][   T31]  </TASK>
[ 1820.850595][   T31] INFO: task syz-executor:18045 blocked for more than 144 seconds.
[ 1820.862716][   T31]       Not tainted 6.16.0-syzkaller #0
[ 1820.868879][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1820.878009][   T31] task:syz-executor    state:D stack:26840 pid:18045 tgid:18045 ppid:1      task_flags:0x400140 flags:0x00004000
[ 1820.890437][   T31] Call Trace:
[ 1820.893777][   T31]  <TASK>
[ 1820.897425][   T31]  __schedule+0x16aa/0x4c90
[ 1820.902063][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1820.907074][   T31]  ? schedule+0x165/0x360
[ 1820.911581][   T31]  ? __pfx___schedule+0x10/0x10
[ 1820.916558][   T31]  ? schedule+0x91/0x360
[ 1820.920834][   T31]  schedule+0x165/0x360
[ 1820.925397][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1820.930878][   T31]  __mutex_lock+0x724/0xe80
[ 1820.935899][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1820.940615][   T31]  ? rfkill_fop_open+0x12d/0x820
[ 1820.946042][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1820.951099][   T31]  ? __raw_spin_lock_init+0x45/0x100
[ 1820.956645][   T31]  ? __init_waitqueue_head+0xa9/0x150
[ 1820.962058][   T31]  rfkill_fop_open+0x12d/0x820
[ 1820.967398][   T31]  ? __pfx_rfkill_fop_open+0x10/0x10
[ 1820.972810][   T31]  misc_open+0x2b9/0x330
[ 1820.977216][   T31]  chrdev_open+0x4c9/0x5e0
[ 1820.981687][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1820.986908][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1820.991876][   T31]  do_dentry_open+0xdf0/0x1970
[ 1820.997137][   T31]  vfs_open+0x3b/0x340
[ 1821.001277][   T31]  ? path_openat+0x2ecd/0x3830
[ 1821.006190][   T31]  path_openat+0x2ee5/0x3830
[ 1821.010809][   T31]  ? arch_stack_walk+0xfc/0x150
[ 1821.015817][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1821.020792][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1821.027053][   T31]  do_filp_open+0x1fa/0x410
[ 1821.031671][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1821.036712][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1821.041899][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1821.046965][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1821.051455][   T31]  do_sys_openat2+0x121/0x1c0
[ 1821.056361][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1821.061641][   T31]  ? exc_page_fault+0x76/0xf0
[ 1821.066704][   T31]  ? do_user_addr_fault+0xc8a/0x1390
[ 1821.072037][   T31]  __x64_sys_openat+0x138/0x170
[ 1821.077376][   T31]  do_syscall_64+0xfa/0x3b0
[ 1821.081927][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1821.089169][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1821.095423][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1821.100129][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1821.106169][   T31] RIP: 0033:0x7f47f678d550
[ 1821.110736][   T31] RSP: 002b:00007ffe2bb34c80 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1821.119482][   T31] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f47f678d550
[ 1821.127648][   T31] RDX: 0000000000000001 RSI: 00007f47f68128cd RDI: 00000000ffffff9c
[ 1821.135701][   T31] RBP: 00007f47f68128cd R08: 0000000000000000 R09: 00007ffe2bb34c17
[ 1821.143710][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000006
[ 1821.152197][   T31] R13: 0000000000000006 R14: 0000000000000009 R15: 0000000000000000
[ 1821.160265][   T31]  </TASK>
[ 1821.163323][   T31] INFO: task syz.9.2874:18092 blocked for more than 144 seconds.
[ 1821.171464][   T31]       Not tainted 6.16.0-syzkaller #0
[ 1821.177236][   T31]       Blocked by coredump.
[ 1821.181835][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1821.190562][   T31] task:syz.9.2874      state:D stack:25304 pid:18092 tgid:18090 ppid:15520  task_flags:0x40054c flags:0x00004002
[ 1821.202598][   T31] Call Trace:
[ 1821.208316][   T31]  <TASK>
[ 1821.211296][   T31]  __schedule+0x16aa/0x4c90
[ 1821.216387][   T31]  ? schedule+0x165/0x360
[ 1821.220747][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1821.225947][   T31]  ? __pfx___schedule+0x10/0x10
[ 1821.230830][   T31]  ? schedule+0x91/0x360
[ 1821.235333][   T31]  schedule+0x165/0x360
[ 1821.239593][   T31]  schedule_timeout+0x9a/0x270
[ 1821.244464][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1821.249957][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1821.255354][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1821.260919][   T31]  ? wait_for_completion+0x267/0x5d0
[ 1821.266354][   T31]  wait_for_completion+0x2bf/0x5d0
[ 1821.271492][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[ 1821.277644][   T31]  ? __flush_work+0xd2/0xbc0
[ 1821.282347][   T31]  ? __flush_work+0xd2/0xbc0
[ 1821.287230][   T31]  __flush_work+0x9b9/0xbc0
[ 1821.291759][   T31]  ? __flush_work+0xd2/0xbc0
[ 1821.296723][   T31]  ? __pfx___flush_work+0x10/0x10
[ 1821.301857][   T31]  ? __pfx_wq_barrier_func+0x10/0x10
[ 1821.307455][   T31]  ? __pfx___cancel_work+0x10/0x10
[ 1821.312590][   T31]  ? nfc_genl_device_removed+0x23c/0x330
[ 1821.318661][   T31]  __cancel_work_sync+0xbe/0x110
[ 1821.323732][   T31]  rfkill_unregister+0x92/0x220
[ 1821.328963][   T31]  nfc_unregister_device+0x96/0x2a0
[ 1821.334341][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[ 1821.340191][   T31]  virtual_ncidev_close+0x56/0x90
[ 1821.345426][   T31]  __fput+0x449/0xa70
[ 1821.349594][   T31]  task_work_run+0x1d1/0x260
[ 1821.354372][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 1821.359613][   T31]  do_exit+0x6b5/0x22e0
[ 1821.363827][   T31]  ? do_raw_spin_lock+0x121/0x290
[ 1821.369022][   T31]  ? __pfx_do_exit+0x10/0x10
[ 1821.373673][   T31]  do_group_exit+0x21c/0x2d0
[ 1821.378399][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1821.383717][   T31]  get_signal+0x125e/0x1310
[ 1821.388662][   T31]  arch_do_signal_or_restart+0x9a/0x750
[ 1821.394737][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1821.400937][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[ 1821.406650][   T31]  exit_to_user_mode_loop+0x75/0x110
[ 1821.411973][   T31]  do_syscall_64+0x2bd/0x3b0
[ 1821.417408][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1821.422667][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1821.429021][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1821.433815][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1821.440073][   T31] RIP: 0033:0x7f995358ebe9
[ 1821.446634][   T31] RSP: 002b:00007f9954486038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1821.455224][   T31] RAX: 000000000000000c RBX: 00007f99537b5fa0 RCX: 00007f995358ebe9
[ 1821.463234][   T31] RDX: 0000000000000002 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1821.471568][   T31] RBP: 00007f9953611e19 R08: 0000000000000000 R09: 0000000000000000
[ 1821.479741][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1821.487848][   T31] R13: 00007f99537b6038 R14: 00007f99537b5fa0 R15: 00007fff004e9798
[ 1821.496054][   T31]  </TASK>
[ 1821.499164][   T31] 
[ 1821.499164][   T31] Showing all locks held in the system:
[ 1821.507444][   T31] 1 lock held by ksoftirqd/0/15:
[ 1821.512425][   T31]  #0: ffff8880b8639e18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xad/0x140
[ 1821.523169][   T31] 1 lock held by khungtaskd/31:
[ 1821.528249][   T31]  #0: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1821.538233][   T31] 4 locks held by kworker/u8:4/59:
[ 1821.543425][   T31]  #0: ffff88801b2fb948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1821.554936][   T31]  #1: ffffc9000210fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1821.567570][   T31]  #2: ffffffff8f4fd310 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[ 1821.577208][   T31]  #3: ffffffff8f7e53e8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220
[ 1821.587560][   T31] 2 locks held by getty/5599:
[ 1821.592282][   T31]  #0: ffff888031aee0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1821.602954][   T31]  #1: ffffc9000333b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 1821.613407][   T31] 4 locks held by kworker/1:4/11752:
[ 1821.619044][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1821.630827][   T31]  #1: ffffc90003d2fbc0 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1821.643358][   T31]  #2: ffffffff8f7e53e8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_sync_work+0x2e/0x200
[ 1821.653656][   T31]  #3: ffff88802927c100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0
[ 1821.663951][   T31] 1 lock held by syz-executor/15520:
[ 1821.669426][   T31]  #0: ffffffff8f7e53e8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220
[ 1821.679899][   T31] 1 lock held by syz-executor/17912:
[ 1821.685625][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.694221][   T31] 2 locks held by syz-executor/18045:
[ 1821.699692][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.708292][   T31]  #1: ffffffff8f7e53e8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_open+0x12d/0x820
[ 1821.718665][   T31] 1 lock held by syz.9.2874/18092:
[ 1821.723806][   T31]  #0: ffff88802927c100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[ 1821.733721][   T31] 1 lock held by syz.3.2890/18175:
[ 1821.738995][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.747767][   T31] 1 lock held by syz-executor/18200:
[ 1821.753111][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.761782][   T31] 1 lock held by syz.7.2901/18218:
[ 1821.767134][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.776373][   T31] 1 lock held by syz-executor/18222:
[ 1821.782134][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.790926][   T31] 1 lock held by syz-executor/18224:
[ 1821.796308][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.805246][   T31] 1 lock held by syz-executor/18226:
[ 1821.810576][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.819386][   T31] 1 lock held by syz-executor/18228:
[ 1821.824745][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.833240][   T31] 1 lock held by syz-executor/18230:
[ 1821.838822][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.847560][   T31] 1 lock held by syz-executor/18232:
[ 1821.852861][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.861367][   T31] 1 lock held by syz-executor/18234:
[ 1821.867470][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.876944][   T31] 1 lock held by syz-executor/18236:
[ 1821.882365][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.891147][   T31] 1 lock held by syz-executor/18238:
[ 1821.896731][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.905609][   T31] 1 lock held by syz-executor/18240:
[ 1821.910920][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.919658][   T31] 1 lock held by syz-executor/18242:
[ 1821.925680][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.934199][   T31] 1 lock held by syz-executor/18244:
[ 1821.939927][   T31]  #0: ffffffff8e9af388 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1821.948764][   T31] 
[ 1821.951114][   T31] =============================================
[ 1821.951114][   T31] 
[ 1821.960232][   T31] NMI backtrace for cpu 1
[ 1821.960249][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1821.960271][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1821.960283][   T31] Call Trace:
[ 1821.960291][   T31]  <TASK>
[ 1821.960299][   T31]  dump_stack_lvl+0x189/0x250
[ 1821.960324][   T31]  ? __wake_up_klogd+0xd9/0x110
[ 1821.960353][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1821.960374][   T31]  ? __pfx__printk+0x10/0x10
[ 1821.960412][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 1821.960443][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1821.960468][   T31]  ? _printk+0xcf/0x120
[ 1821.960505][   T31]  ? __pfx__printk+0x10/0x10
[ 1821.960531][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1821.960563][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1821.960594][   T31]  watchdog+0xfee/0x1030
[ 1821.960623][   T31]  ? watchdog+0x1de/0x1030
[ 1821.960658][   T31]  kthread+0x70e/0x8a0
[ 1821.960686][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1821.960712][   T31]  ? __pfx_kthread+0x10/0x10
[ 1821.960739][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1821.960756][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1821.960774][   T31]  ? __pfx_kthread+0x10/0x10
[ 1821.960799][   T31]  ret_from_fork+0x3fc/0x770
[ 1821.960821][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1821.960846][   T31]  ? __switch_to_asm+0x39/0x70
[ 1821.960868][   T31]  ? __switch_to_asm+0x33/0x70
[ 1821.960889][   T31]  ? __pfx_kthread+0x10/0x10
[ 1821.960912][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1821.960957][   T31]  </TASK>
[ 1821.960964][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 1822.119380][    C0] NMI backtrace for cpu 0
[ 1822.119396][    C0] CPU: 0 UID: 0 PID: 15095 Comm: kworker/u8:1 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1822.119421][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1822.119433][    C0] Workqueue: bat_events batadv_nc_worker
[ 1822.119462][    C0] RIP: 0010:__lock_acquire+0x5b/0xd20
[ 1822.119479][    C0] Code: 60 93 0f 84 6f 0c 00 00 41 89 cc 41 89 d6 8b 0d 9b c1 62 0c 85 c9 44 0f 44 c1 31 c9 48 3d f0 42 60 93 41 0f 45 c8 89 4c 24 0c <8b> 0d 3f 95 09 18 85 c9 0f 95 c0 83 fe 08 0f 92 c2 08 c2 0f 84 55
[ 1822.119493][    C0] RSP: 0018:ffffc90004daf840 EFLAGS: 00000006
[ 1822.119507][    C0] RAX: ffffffff99fdfe40 RBX: ffff88806a568358 RCX: 0000000000000001
[ 1822.119519][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888032335a00
[ 1822.119530][    C0] RBP: ffffffff8b34bfc7 R08: 0000000000000001 R09: 0000000000000000
[ 1822.119541][    C0] R10: dffffc0000000000 R11: fffffbfff1f4167f R12: 0000000000000000
[ 1822.119552][    C0] R13: ffff88806a568358 R14: 0000000000000000 R15: 0000000000000000
[ 1822.119563][    C0] FS:  0000000000000000(0000) GS:ffff888125c57000(0000) knlGS:0000000000000000
[ 1822.119576][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1822.119588][    C0] CR2: 00007fb289d4baf9 CR3: 000000003582a000 CR4: 00000000003526f0
[ 1822.119602][    C0] Call Trace:
[ 1822.119609][    C0]  <TASK>
[ 1822.119620][    C0]  ? batadv_nc_purge_paths+0xe7/0x3b0
[ 1822.119636][    C0]  lock_acquire+0x120/0x360
[ 1822.119650][    C0]  ? batadv_nc_purge_paths+0xe7/0x3b0
[ 1822.119666][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1822.119686][    C0]  ? batadv_nc_purge_paths+0xe7/0x3b0
[ 1822.119702][    C0]  _raw_spin_lock_bh+0x36/0x50
[ 1822.119725][    C0]  ? batadv_nc_purge_paths+0xe7/0x3b0
[ 1822.119740][    C0]  ? __pfx_batadv_nc_to_purge_nc_path_coding+0x10/0x10
[ 1822.119756][    C0]  batadv_nc_purge_paths+0xe7/0x3b0
[ 1822.119777][    C0]  batadv_nc_worker+0x328/0x610
[ 1822.119801][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 1822.119819][    C0]  process_scheduled_works+0xade/0x17b0
[ 1822.119846][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1822.119870][    C0]  worker_thread+0x8a0/0xda0
[ 1822.119897][    C0]  kthread+0x70e/0x8a0
[ 1822.119918][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1822.119934][    C0]  ? __pfx_kthread+0x10/0x10
[ 1822.119955][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1822.119969][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1822.119985][    C0]  ? __pfx_kthread+0x10/0x10
[ 1822.120004][    C0]  ret_from_fork+0x3fc/0x770
[ 1822.120021][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1822.120039][    C0]  ? __switch_to_asm+0x39/0x70
[ 1822.120057][    C0]  ? __switch_to_asm+0x33/0x70
[ 1822.120076][    C0]  ? __pfx_kthread+0x10/0x10
[ 1822.120095][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1822.120121][    C0]  </TASK>
[ 1822.120386][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1822.398034][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1822.407846][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1822.417991][   T31] Call Trace:
[ 1822.421272][   T31]  <TASK>
[ 1822.424254][   T31]  dump_stack_lvl+0x99/0x250
[ 1822.428862][   T31]  ? __asan_memcpy+0x40/0x70
[ 1822.433724][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1822.438944][   T31]  ? __pfx__printk+0x10/0x10
[ 1822.443662][   T31]  panic+0x2db/0x790
[ 1822.447578][   T31]  ? __pfx_panic+0x10/0x10
[ 1822.452002][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[ 1822.457841][   T31]  ? irq_work_queue+0xc3/0x140
[ 1822.462639][   T31]  watchdog+0x102d/0x1030
[ 1822.466988][   T31]  ? watchdog+0x1de/0x1030
[ 1822.471439][   T31]  kthread+0x70e/0x8a0
[ 1822.475520][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1822.480203][   T31]  ? __pfx_kthread+0x10/0x10
[ 1822.484856][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1822.490150][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1822.495782][   T31]  ? __pfx_kthread+0x10/0x10
[ 1822.500381][   T31]  ret_from_fork+0x3fc/0x770
[ 1822.504982][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1822.510195][   T31]  ? __switch_to_asm+0x39/0x70
[ 1822.514968][   T31]  ? __switch_to_asm+0x33/0x70
[ 1822.519746][   T31]  ? __pfx_kthread+0x10/0x10
[ 1822.524346][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1822.529125][   T31]  </TASK>
[ 1822.532583][   T31] Kernel Offset: disabled
[ 1822.536924][   T31] Rebooting in 86400 seconds..