last executing test programs:

22m49.61453578s ago: executing program 32 (id=885):
r0 = socket$inet6(0xa, 0x3, 0x8)
setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000000)=0x93f, 0x4)
recvfrom(r0, 0x0, 0x0, 0x40000100, &(0x7f0000000140)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='/proc/1/\x00\x82q\xee\xe5\xa0\xbd\xc2\x98#YP\xee\x9c2G\xf0\x81x\x97'}, 0x30)
setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f00000001c0)=0x100, 0x4)
sendmmsg$inet6(r0, &(0x7f0000004580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x002'], 0x28}}], 0x1, 0x0)

22m19.345426889s ago: executing program 33 (id=985):
r0 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x3000000, &(0x7f0000000080)=ANY=[@ANYRES64=0x0], 0x1, 0x5d8, &(0x7f00000006c0)="$eJzs3U1vG8cdB+Df0rJsuoDDJHaSFi0q2IcWMWqLYuLoUKBuURQ6BEWAXnLJQbDpWDCtBBJTKEFR2H299hskPcjnnnooejCQnvsVBPSQQ4HedXOxyyXFWIoixbJIJc8DDGeGszs78/fuiLuEwQDfWEtv5/SjFFm68uZGWd/a7PS2Njv3huUkZ5I0kplBlmI1KT5NbmSQ8u3yzbq74ouO887Hbyx+1n74YFCbqVO1fWO//Q7mfp0yl+RUnR9Vfzefur9iNMMyYJeHgYNJe7zL/cPs/pTXLTANisHfzV1aybkkZ+vPAalXh8bxju7oHWqVAwAAgBPque1sZyPnJz0OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOEnq3/8v6tQYludSDH//f7Z+L3X5RHs06QEAAAAAAAAAwBH4/na2s5Hzw/rjovrO/1JVuVC9fisfZD3drOVqNrKcfvpZSztJa6yj2Y3lfn+tfYA9F/bcc+F45gsAAAAAAAAAX1O/y9LO9/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADANiuTUIKvShWG5lcZMkrNJZsvt7if/HJZPskeTHgAAAAAcg+e2s52NnB/WHxfVPf9L1X3/2XyQ1fSzkn566eZW9SxgcNff2Nrs9LY2O/fKtLvfn/7vUMOoeszg2cPeR56vtrg42mMpv8ivciVzeStrWcmvs5x+upnLz6vScoq06qcXreE49x7vjc/V3vqysb5SjaSZ21mpxnY1N/NeermVRjWHapv9j/igjE7xk9oBY3SrzssZ/aXOp0OrisjpUUTm69iX0Xh+/0gc8jx58kjtNEbPoC48g5ifq/My1n+a6pgvjJ19L+0fieTSf7739zu91bt3bq9fmZ4pfUVPRqIzFomXv1GRmK2jMVhFD7daXqr2PZ+V/DLv5Va6eT2LeT0LeS2vZT6LuT4W14sHuNYah7vWLv+wLjST/LnOp0MZ1+fH4jq+0rWqtvF3dqL0wtGvSDPfqQvlMX5f59PhyUi0xyLx4v6R+Ovj8nW9t3p37c7y+wc83g/qvLxs/zhVa3N5vrxQ/mNVtc+fHWXbi3u2tau2C6O2xq62i6O2L7tSZ+vPcLt7WqjaXt6zrVO1vTLWttenHACm3rlXz802/9v8d/OT5h+ad5pvnv3ZmcUz353N6X/N/OPU3xoPGz8uXs0n+e3O/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDVrX/40d3lXq+7pqCgoDAqTHplAp61a/17719b//CjH63cW363+253tdNpX19YvL64cP3a7ZVed37wOulhAs/Azh/9SY8EAAAAAAAAAAAAOKjj+O8Ek54jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLItvZ3Tj1KkPX91vqxvbXZ6ZRqWd7acSdJIUvwmKT5NbmSQ0hrrrvii47zz8RuLn7UfPtjpa2a4fWO//Q7mfp0yl+RUnR9Vfzefur9iNMMyYJeHgYNJ+38AAAD//+NBDmE=")
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
write$uinput_user_dev(r5, &(0x7f0000000b00)={'syz0\x00', {0x5, 0x7, 0x3, 0x7}, 0x50, [0x2, 0x9, 0x0, 0x1, 0x8, 0xea45, 0xe, 0x1, 0x0, 0x0, 0x6, 0xc, 0x3, 0x405, 0x1, 0x4, 0x1000, 0x7fffffff, 0x51, 0x8, 0x800, 0xfffffffa, 0x3ff, 0x4, 0x7, 0x10001, 0x7ff, 0x0, 0x4, 0x6, 0x401, 0xc, 0x9, 0x4, 0x2, 0x1, 0x5, 0x4, 0x1, 0x4, 0xa, 0x8, 0x3, 0x9, 0x804d81, 0x2, 0x8c00, 0x6, 0x939, 0x5, 0x9, 0x2, 0x2, 0x4, 0xfffffff7, 0x7fff, 0x6, 0x5, 0x80000001, 0x6, 0x5, 0x2a, 0x1, 0x23], [0x8, 0x20009, 0x9, 0x1, 0x80000005, 0x12, 0x800, 0xc, 0x0, 0x2329, 0xfd8, 0x3, 0x7, 0x5, 0x0, 0x24e, 0x2, 0xfffffff7, 0x2, 0x3, 0x5, 0x4009, 0x80, 0xb, 0x1, 0x40, 0xa1, 0x4, 0xffffffff, 0x5, 0x10004, 0x1, 0xffffff00, 0x7ff, 0x6, 0x7, 0x0, 0xe, 0xffff3f15, 0xc, 0x2, 0x9, 0x7, 0x5, 0x5, 0x7, 0x800, 0x5, 0xc5, 0x3, 0x1, 0x9, 0x8, 0x3, 0xfffffff7, 0x3, 0x24c, 0x1ff, 0x2a0, 0x5, 0x6, 0x6, 0x7, 0x7], [0x2, 0x9, 0x1a9e1bfa, 0xfffffffc, 0x8, 0x6, 0x1, 0x8001, 0x7, 0x5, 0x2, 0x7ffffff7, 0x8000, 0x1, 0x1, 0x5, 0x4, 0x2, 0x2b0, 0x5, 0x97f82544, 0x8, 0x0, 0x0, 0x9, 0x5, 0x4, 0x10000, 0xc93, 0xffffff3c, 0x8b2, 0x7, 0x4, 0xff, 0x140, 0x2, 0x4, 0xb, 0x4, 0x6, 0x7, 0x8007c12, 0x5, 0x1, 0x17, 0x8000, 0xe, 0xf3, 0x4, 0x8, 0x1, 0xffffff00, 0x100, 0x7, 0x2, 0x0, 0x9, 0xdd, 0x1, 0x9, 0xc3, 0xffff, 0x7a3], [0x9, 0x3a8d, 0xffff9a7f, 0x200, 0x6, 0x2, 0x1, 0xfffffff3, 0xd077, 0x4, 0xffffffff, 0x1f, 0x81, 0xa, 0x6, 0x2, 0x200, 0x101, 0x2, 0x66608000, 0x5, 0x7fb, 0x6, 0x5, 0xa476, 0x5, 0x29, 0xffff, 0xd, 0x0, 0x1, 0x1, 0x10001, 0x61, 0x10, 0x1000, 0x8, 0x100, 0x8, 0x20000000, 0x8, 0x15, 0xb32a, 0xec000000, 0x2, 0x1904, 0x4, 0xc, 0x8, 0x7ff, 0x280, 0x5, 0xfffffffb, 0x7, 0x6e79, 0x8, 0xc, 0x9371, 0x4f89, 0x7, 0x580, 0x2d1, 0x80, 0x8]}, 0x45c)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
socket$inet(0x2, 0x2, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
getdents(r6, &(0x7f00000006c0)=""/165, 0xa5)
unlink(&(0x7f0000001a80)='./file2\x00')
setgroups(0x0, 0x0)
clock_gettime(0x2c5cf1dbd8c34b3, 0x0)
setregid(0xffffffffffffffff, r1)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000180)={@initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010102}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
socket$inet(0x2, 0x2, 0x1)

12m40.512625728s ago: executing program 34 (id=3847):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x7}, 0x18)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a31000000002c0003800800014000000000180003801400010076657468315f746f5f626f6e6400000008000240000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e657665300000000000000000001400010076657468315f746f5f626f6e64000000080002"], 0x10c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)

10m50.176530429s ago: executing program 1 (id=4237):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
fsopen(0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000040)='percpu_alloc_percpu\x00'}, 0x10)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
io_setup(0x976, &(0x7f0000000600))
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00'], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0b000000080000000c0000000000008001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000040000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r4, 0x0, 0x80000}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2107, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000004000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0006000000000000b7080000090400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
sendmsg$rds(r1, &(0x7f0000001d00)={&(0x7f00000017c0)={0x2, 0x0, @private=0xa010101}, 0x10, 0x0}, 0x0)

10m49.458434679s ago: executing program 35 (id=4237):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
fsopen(0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000040)='percpu_alloc_percpu\x00'}, 0x10)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
io_setup(0x976, &(0x7f0000000600))
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00'], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0b000000080000000c0000000000008001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000040000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r4, 0x0, 0x80000}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2107, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000004000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0006000000000000b7080000090400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
sendmsg$rds(r1, &(0x7f0000001d00)={&(0x7f00000017c0)={0x2, 0x0, @private=0xa010101}, 0x10, 0x0}, 0x0)

9m14.518388854s ago: executing program 36 (id=4431):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x180002, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988ca", 0xe}], 0x1)

9m12.655616257s ago: executing program 37 (id=4432):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x701203, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r3)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r6, {}, {0xffe0, 0xb}, {0x9, 0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_MEMORY={0x8, 0xa, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

5m40.643948869s ago: executing program 38 (id=4959):
ioctl$COMEDI_INSNLIST(0xffffffffffffffff, 0x8010640b, &(0x7f00000000c0)={0x1, &(0x7f00001b3400)=[{0xe000005, 0x0, 0x0, 0x9, 0x7}]})
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)

5m4.083789434s ago: executing program 39 (id=5069):
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
init_module(0x0, 0xbe, 0x0)
init_module(0x0, 0x1820, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
preadv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000000)=""/23, 0x17}], 0x1, 0x100, 0x2)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x205, 0x8401)

4m13.937823753s ago: executing program 40 (id=5170):
socket(0x10, 0x3, 0x6)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000140000e5b7030000000700008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000000, &(0x7f0000000440)={[{@nolazytime}, {@orlov}, {@usrjquota}, {@usrjquota}, {@nojournal_checksum}, {@journal_dev={'journal_dev', 0x3d, 0x5}}]}, 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W9rJHcdAPDvTLJp7i41WxU5C7bFVu6K3m7S2DaKtBVEHxXU+jzGZBNCNtmQ3dRLKJriCxBEVPAF+ETwBQjSlyDCgT4XFUX0Th/qjczuRPNnN1mSTfbcfD4w2d9v/n2/vyE7O39+zARwbb0QEW9FxFhEvBwR08X4tBgW8sp+Z75HD99byocksuydvyWRFOMO1pXXxyPiVmeRmIyIr38l4lvJybjN3b31xXq9tl3Uq62NrWpzd+/e2sbiam21tjk3N/va/Ovzr87PZIULtbMcEW986U8/+v7PvvzGrz7z7d8v/OXud/K0vvCxTt4RsXShAD101l1qb4sD+TbavoxgQ5K3pzQ27CwAAOhHfoz/4Yj4ZPv4fzrG2kdzAAAAwCjJ3pyKfyURGQAAADCy0oiYiiStFH0BpiJNK5VOH96Pxs203mi2Pr3S2NlczqdFlKOUrqzVazNFX+FylJK8Plv0sT2ov3KsPhcRz0TED6dvtOuVpUZ9edgXPwAAAOCauPX80fP/f06n7TIAAAAwYso9KwAAAMCocMoPAAAAo8/5PwAAAIy0r779dj5kB+/xXn53d2e98e695VpzvbKxs1RZamxvVVYbjdX2M/s2zlpfvdHY+mxs7tyvtmrNVrW5u7ew0djZbC2sHXkFNgAAAHCFnnn+g98lEbH/+RvtIYrnAAIc8cdhJwAM0tiwEwCGZnzYCQBDUzpzDnsIGHXJGdNPdt7pXCuMX19OPgAAwODd+fjJ+/8TxbSzrw0A/8/09QGA68fdPbi+SuftAXh70JkAw/KhzsdTvab3fHhHH/f/O9cYsuxciQEAAAMz1R6StFIcp09FmlYqEU+3XwtQSlbW6rWZ4vzgt9Olp/L6bHvJ5Mw+wwAAAAAAAAAAAAAAAAAAAAAAAABAR5YlkQEAAAAjLSL9c9J+mn/EnemXpo5eHTj21q+fvvPj+4ut1vZsxETy9+l81EREtH5SjH8l80oAAAAAeAJ0ztOLz9lhZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn08L2lg+Eq4/71ixFR7hZ/PCbbn5NRioib/0hi/NBySUSMDSD+/vsRcbtb/CQeZ1lWLrLoFv/GJccvtzdN9/hpRNwaQHy4zj7I9z9vdfv+pfFC+7P792+8GC6q9/4v/e/+b6zH/ufpY/Venn3wi2rP+O9HPDveff9zED/pxD8SIq+82Gcbv/mNvb2uEw6tslv8w7GqrY2tanN3797axuJqbbW2OTc3+9r86/Ovzs9UV9bqteJv1zA/+MQvH5/W/ps94pePtv/E9n+pr9Zn8e8H9x9+pFMpdYt/98Xuv7+3e8RPi9++TxXlfPqdg/J+p3zYcz//zXOntX+5R/snz2j/3b7aH597+Wvf+0PXKSe2BgBwFZq7e+uL9Xpt+5TCZB/zXHHhzScjjQEW4slIY1iF7Lud/8eLreeCi58oZBdZfDwGkMbEie/pWJx3hUnEfr6uPv8hAQCAEfO/g/7T7iABAAAAAAAAAAAAAAAAAAAAl+mcjyWbjIi+Zz4ec384TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONV/AgAA//8FStFZ")
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0}, 0x94)
ptrace$setregs(0xd, 0x0, 0xfffffffffffffffe, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r5 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r5, 0x2007ffc)
sendfile(r5, r5, 0x0, 0x800000009)

3m18.230339152s ago: executing program 41 (id=5278):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='scalable\x00', 0x9)
shutdown(r0, 0x2)

3m18.213634373s ago: executing program 9 (id=5283):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xb86}, @TCA_TBF_PARMS={0x28, 0x1, {{0xa, 0x2, 0xffff, 0x7, 0xcc, 0x3}, {0x0, 0x1, 0x7, 0x8, 0x7f, 0x9}, 0xa6, 0x7, 0x1bb6}}, @TCA_TBF_BURST={0x8, 0x6, 0x7f}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000001}, 0x80)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r3, {}, {0x4, 0xb}, {0x7, 0x3}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb, 0x1}}}}]}, 0x40}}, 0x4008000)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r5)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
socket(0x400000000010, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="440000004ec6"})

3m16.692084906s ago: executing program 9 (id=5286):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x4e1, &(0x7f0000000380)={0x0, 0xf984, 0x10100, 0x3, 0x0, 0x0, r2}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
bind$alg(r0, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r5 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000045c0)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000480)=""/236, 0xec}], 0x1, 0x0, 0x0, 0x1000000}, 0x4}], 0x1, 0x10000, 0x0)

3m15.097856226s ago: executing program 42 (id=5290):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000380), 0x0}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value=0x2000000}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
unshare(0x62040200)
removexattr(0x0, &(0x7f00000002c0)=@known='trusted.syz\x00')

3m15.092036026s ago: executing program 9 (id=5293):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xb86}, @TCA_TBF_PARMS={0x28, 0x1, {{0xa, 0x2, 0xffff, 0x7, 0xcc, 0x3}, {0x0, 0x1, 0x7, 0x8, 0x7f, 0x9}, 0xa6, 0x7, 0x1bb6}}, @TCA_TBF_BURST={0x8, 0x6, 0x7f}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000001}, 0x80)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r3, {}, {0x4, 0xb}, {0x7, 0x3}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb, 0x1}}}}]}, 0x40}}, 0x4008000)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r5)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
socket(0x400000000010, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="440000004ec6"})

3m13.003757036s ago: executing program 9 (id=5295):
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)

3m12.809883111s ago: executing program 9 (id=5297):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$UHID_CREATE(r0, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000940)=""/3, 0x3, 0x0, 0x4, 0x0, 0x0, 0xc08}}, 0x120)
readv(r0, 0x0, 0x0)

3m12.315721431s ago: executing program 9 (id=5298):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
ioctl$SIOCPNADDRESOURCE(r0, 0x89e0, &(0x7f0000000940)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000200)={0x14, 0x42, 0x1, 0x70bd2a, 0x25dfdbfc, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x9840)
ioctl$sock_ifreq(0xffffffffffffffff, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x4})
ioctl$sock_netdev_private(0xffffffffffffffff, 0x8914, &(0x7f0000000000))
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x0, &(0x7f0000000240)={[{@jqfmt_vfsold}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@init_itable_val={'init_itable', 0x3d, 0x7fff}}]}, 0x64, 0x513, &(0x7f0000000c80)="$eJzs3c9vG1kdAPDvOHZp2nSTBQ6wEsvCLkorqJ1s2N2Iw7JICE4rAcu9hMSJojhxFDttE1WQij8ACRAgcaIXLkj8AUioEheOCKkSnEGAQAhaOHCAzsr2OE1TO3FbN07tz0eazJs3P77vTTvjeTNPMwGMrFci4p2IuJ+m6aWImMzyc9kQe62hsdy9uzcWG0MSafreP5NIsrz2tpJsfD5b7WxEfO3LEd9MHo1b29ldW6hUylvZdKm+vlmq7exeXl1fWCmvlDfm5mbfnH9r/o35mb7U80JEvP3Fv/7wuz/70tu/+sy1P135+8VvNYo1kc0/WI/HlD9qZqvqhea+OLjC1hMGO43yzRpmxjstMfZIzs1nXCYAADprXON/MCI+GRGXYjLGjr6cBQAAAJ5D6ecn4n9JRNrZmS75AAAAwHMk1+wDm+SKWV+AicjlisVWH94Px7lcpVqrf3q5ur2x1OorOxWF3PJqpTyT9RWeikLSmJ5tph9Mv35oei4iXoyIH0yON6eLi9XK0qBvfgAAAMCIOH+o/f+fyVb7HwAAABgyU4MuAAAAAPDMaf8DAADA8NP+BwAAgKH2lXffbQxp+/vXS1d3tteqVy8vlWtrxfXtxeJidWuzuFKtrjTf2bd+3PYq1ermZ2Nj+3qpXq7VS7Wd3Svr1e2N+pXVhz6BDQAAAJygFz9++w9JROx9brw5NJzpbdUeFwNOq/x+KsnGHQ7rP77QGv/lhAoFnIixQRcAGJj8oAsADExh0AUABi45Zn7Xzju/zcaf6G95AACA/pv+aPfn/7kj19w7ejZw6jmIYXR5/g+jq/n8v9eevC4WYKgUXAHAyHvq5//HStPHKhAAANB3E80hyRWz23sTkcsVixEXmp8FKCTLq5XyTES8EBG/nyx8oDE921wzObbNAAAAAAAAAAAAAAAAAAAAAAAAAAC0pGkSKQAAADDUInJ/S37depf/9ORrE4fvD5xJ/jsZ2SdCr/3kvR9dX6jXt2Yb+f/az6//OMt/fRB3MAAAAGAkPNYH/Nvt9HY7HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD66d7dG4vt4STj/uMLETHVKX4+zjbHZ6MQEef+nUT+wHpJRIz1If54489HOsVPGsXaD9kp/ngf4u/dPDJ+TGV7oVP8832ID6PsduP8806n4y8XrzTHnY+/fMRD00+q+/kv9s9/Y12O/ws9xnjpzi9KXePfjHgp3/n8046fdIn/ao/xv/H13d1u89KfRkx3/P1JHopVqq9vlmo7u5dX1xdWyivljbm52Tfn35p/Y36mtLxaKWd/O8b43sd+ef+o+p/rEn/qmPq/1mP9/3/n+t0PtZKFTvEvvtoh/m9uZUs8Gj+X/fZ9Kks35k+303ut9EEv//x3Lx9V/6Uu9T/u3/9ij/W/9NXv/LnHRQGAE1Db2V1bqFTKW0ObaLTST0ExhiyRG4r/P9/u6wbTNE0b++QptpNEO+fW9yMGun8Ge14CAAD678FF/6BLAgAAAAAAAAAAAAAAAAAAAKPrJF4ndjjm3n4q6ccrtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+uL9AAAA//9iUdV6")

3m11.762671826s ago: executing program 43 (id=5298):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
ioctl$SIOCPNADDRESOURCE(r0, 0x89e0, &(0x7f0000000940)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000200)={0x14, 0x42, 0x1, 0x70bd2a, 0x25dfdbfc, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x9840)
ioctl$sock_ifreq(0xffffffffffffffff, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x4})
ioctl$sock_netdev_private(0xffffffffffffffff, 0x8914, &(0x7f0000000000))
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x0, &(0x7f0000000240)={[{@jqfmt_vfsold}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@init_itable_val={'init_itable', 0x3d, 0x7fff}}]}, 0x64, 0x513, &(0x7f0000000c80)="$eJzs3c9vG1kdAPDvOHZp2nSTBQ6wEsvCLkorqJ1s2N2Iw7JICE4rAcu9hMSJojhxFDttE1WQij8ACRAgcaIXLkj8AUioEheOCKkSnEGAQAhaOHCAzsr2OE1TO3FbN07tz0eazJs3P77vTTvjeTNPMwGMrFci4p2IuJ+m6aWImMzyc9kQe62hsdy9uzcWG0MSafreP5NIsrz2tpJsfD5b7WxEfO3LEd9MHo1b29ldW6hUylvZdKm+vlmq7exeXl1fWCmvlDfm5mbfnH9r/o35mb7U80JEvP3Fv/7wuz/70tu/+sy1P135+8VvNYo1kc0/WI/HlD9qZqvqhea+OLjC1hMGO43yzRpmxjstMfZIzs1nXCYAADprXON/MCI+GRGXYjLGjr6cBQAAAJ5D6ecn4n9JRNrZmS75AAAAwHMk1+wDm+SKWV+AicjlisVWH94Px7lcpVqrf3q5ur2x1OorOxWF3PJqpTyT9RWeikLSmJ5tph9Mv35oei4iXoyIH0yON6eLi9XK0qBvfgAAAMCIOH+o/f+fyVb7HwAAABgyU4MuAAAAAPDMaf8DAADA8NP+BwAAgKH2lXffbQxp+/vXS1d3tteqVy8vlWtrxfXtxeJidWuzuFKtrjTf2bd+3PYq1ermZ2Nj+3qpXq7VS7Wd3Svr1e2N+pXVhz6BDQAAAJygFz9++w9JROx9brw5NJzpbdUeFwNOq/x+KsnGHQ7rP77QGv/lhAoFnIixQRcAGJj8oAsADExh0AUABi45Zn7Xzju/zcaf6G95AACA/pv+aPfn/7kj19w7ejZw6jmIYXR5/g+jq/n8v9eevC4WYKgUXAHAyHvq5//HStPHKhAAANB3E80hyRWz23sTkcsVixEXmp8FKCTLq5XyTES8EBG/nyx8oDE921wzObbNAAAAAAAAAAAAAAAAAAAAAAAAAAC0pGkSKQAAADDUInJ/S37depf/9ORrE4fvD5xJ/jsZ2SdCr/3kvR9dX6jXt2Yb+f/az6//OMt/fRB3MAAAAGAkPNYH/Nvt9HY7HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD66d7dG4vt4STj/uMLETHVKX4+zjbHZ6MQEef+nUT+wHpJRIz1If54489HOsVPGsXaD9kp/ngf4u/dPDJ+TGV7oVP8832ID6PsduP8806n4y8XrzTHnY+/fMRD00+q+/kv9s9/Y12O/ws9xnjpzi9KXePfjHgp3/n8046fdIn/ao/xv/H13d1u89KfRkx3/P1JHopVqq9vlmo7u5dX1xdWyivljbm52Tfn35p/Y36mtLxaKWd/O8b43sd+ef+o+p/rEn/qmPq/1mP9/3/n+t0PtZKFTvEvvtoh/m9uZUs8Gj+X/fZ9Kks35k+303ut9EEv//x3Lx9V/6Uu9T/u3/9ij/W/9NXv/LnHRQGAE1Db2V1bqFTKW0ObaLTST0ExhiyRG4r/P9/u6wbTNE0b++QptpNEO+fW9yMGun8Ge14CAAD678FF/6BLAgAAAAAAAAAAAAAAAAAAAKPrJF4ndjjm3n4q6ccrtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+uL9AAAA//9iUdV6")

3m10.804099764s ago: executing program 4 (id=5300):
r0 = socket(0x10, 0x3, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
syz_io_uring_setup(0x6bfd, 0x0, &(0x7f0000000340), &(0x7f0000000240))
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioprio_set$uid(0x0, 0x0, 0x4000)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x3, @private2}, 0x1c)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x1000, 0x200000}, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000100)=0x80000001, 0x4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r5, &(0x7f0000000040)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
r7 = syz_io_uring_setup(0x1110, &(0x7f0000000140)={0x0, 0x4, 0x400, 0x2}, &(0x7f00000003c0)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r6, 0x0, 0x0, 0x440000, 0x1, 0x1})
io_uring_enter(r7, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r10, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xb}, 0xe)
sendmmsg$sock(r10, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0)
shutdown(r10, 0x1)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r0], 0x4c}}, 0x40000)

3m9.772356518s ago: executing program 4 (id=5301):
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000180)='W', 0x1}], 0x1}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)="5c00000014006b03000000d86e6c1d00028400000000564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20008010)

3m8.603777452s ago: executing program 4 (id=5302):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xb86}, @TCA_TBF_PARMS={0x28, 0x1, {{0xa, 0x2, 0xffff, 0x7, 0xcc, 0x3}, {0x0, 0x1, 0x7, 0x8, 0x7f, 0x9}, 0xa6, 0x7, 0x1bb6}}, @TCA_TBF_BURST={0x8, 0x6, 0x7f}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000001}, 0x80)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r3, {}, {0x4, 0xb}, {0x7, 0x3}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb, 0x1}}}}]}, 0x40}}, 0x4008000)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r5)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
socket(0x400000000010, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="440000004ec6"})

3m6.487130114s ago: executing program 4 (id=5303):
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)

3m6.313063348s ago: executing program 4 (id=5304):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$UHID_CREATE(r0, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000940)=""/3, 0x3, 0x0, 0x4, 0x0, 0x0, 0xc08}}, 0x120)
readv(r0, 0x0, 0x0)

3m5.755848533s ago: executing program 4 (id=5305):
mknod$loop(&(0x7f0000000400)='./file0\x00', 0x10, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f0000000300), &(0x7f0000000480)={0x0, 0xfb, 0x77, 0x0, 0x6, "9bd0674e9fb73f37b34b4f7a10dc37c7", "52a2c05f6e64bb4f9caeb3644d63c7af6dc24e80b1dd1e733e47bd25e2da99523e05989146f0ce341605b6c13149f5b2df2801ba242c8a6fbd57f4b028b10ede6f20d058fe1b5576c3c8a595ec8bf7804f072f56a28bb13a757f0c4ce23076105ef5"}, 0x77, 0x3)

3m5.212862168s ago: executing program 44 (id=5305):
mknod$loop(&(0x7f0000000400)='./file0\x00', 0x10, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f0000000300), &(0x7f0000000480)={0x0, 0xfb, 0x77, 0x0, 0x6, "9bd0674e9fb73f37b34b4f7a10dc37c7", "52a2c05f6e64bb4f9caeb3644d63c7af6dc24e80b1dd1e733e47bd25e2da99523e05989146f0ce341605b6c13149f5b2df2801ba242c8a6fbd57f4b028b10ede6f20d058fe1b5576c3c8a595ec8bf7804f072f56a28bb13a757f0c4ce23076105ef5"}, 0x77, 0x3)

2m52.713356671s ago: executing program 1 (id=5280):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
write(r4, &(0x7f0000002ac0), 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x3, 0x0, 0x0, 0xa, 0x0, 0x700, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x1, @private}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xd}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev}}]}, 0x50}, 0x1, 0x7}, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_SETINTERFACE(r0, 0x80045510, &(0x7f0000000000))

2m51.61566013s ago: executing program 1 (id=5307):
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000180)='W', 0x1}], 0x1}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)="5c00000014006b03000000d86e6c1d00028400000000564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20008010)

2m50.109745382s ago: executing program 1 (id=5309):
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)

2m49.89207988s ago: executing program 1 (id=5311):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000000000900000030000380140002007369743000000000000000000000000006"], 0x44}}, 0x0)
io_uring_setup(0x5ef9, 0x0)
socket$inet6(0x10, 0x3, 0x4)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000ab9ff0), 0x8)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002c40), 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}]})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = syz_open_dev$cec(0x0, 0x0, 0x208100)
ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f00000000c0)={"000600", 0x4, 0x6, 0x2, 0x0, 0x4, "0000000500fbffffff00", '\x00\x00\a\x00', "0300", "fcffffff", ["50d5c2a7c5ae5cace40000b6", "808e88e2e9ffffffffff00", "0c436d743c97c443084000", "ff81000000008000"]})
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x200000)

2m48.355847533s ago: executing program 1 (id=5315):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000200)={0x2020}, 0x2020)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='cifs\x00', 0x0, &(0x7f00000002c0)='cache=none')
fchdir(0xffffffffffffffff)
r1 = openat$qat_adf_ctl(0xffffff9c, &(0x7f0000000500), 0x2002, 0x0)
ioctl$IOCTL_CONFIG_SYS_RESOURCE_PARAMETERS(r1, 0x40096100, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

2m47.100572976s ago: executing program 45 (id=5315):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000200)={0x2020}, 0x2020)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='cifs\x00', 0x0, &(0x7f00000002c0)='cache=none')
fchdir(0xffffffffffffffff)
r1 = openat$qat_adf_ctl(0xffffff9c, &(0x7f0000000500), 0x2002, 0x0)
ioctl$IOCTL_CONFIG_SYS_RESOURCE_PARAMETERS(r1, 0x40096100, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

2m8.668017282s ago: executing program 8 (id=5381):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(0xffffffffffffffff, 0x8010661b, 0x0)
ioctl$TCGETS2(0xffffffffffffffff, 0x802c542a, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00'})
r1 = socket$l2tp6(0xa, 0x2, 0x73)
sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

2m7.327662981s ago: executing program 8 (id=5384):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
semctl$GETZCNT(0x0, 0x2, 0xf, 0x0)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r3, &(0x7f0000000240)={{0x6, @default}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)

2m5.893831298s ago: executing program 8 (id=5389):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x25dfdbff, {}, [{0x90, 0x1, [@m_ct={0x44, 0x5, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000884}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
llistxattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=""/30, 0x1e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000008c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d48001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008000001800b6fcf1a22796e736574000008000340000001"], 0xd4}, 0x1, 0x0, 0x0, 0x20000000}, 0x24054000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x2}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x58}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
syz_emit_vhci(&(0x7f0000001800)=ANY=[@ANYBLOB="040e0cff3c20"], 0xf)
socket$l2tp6(0xa, 0x2, 0x73)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)

2m4.447496605s ago: executing program 7 (id=5395):
r0 = syz_open_dev$usbfs(0x0, 0x76, 0x101b01)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
write(r4, &(0x7f0000002ac0), 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x3, 0x0, 0x0, 0xa, 0x0, 0x700, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x1, @private}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xd}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @dev}}]}, 0x50}, 0x1, 0x7}, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_SETINTERFACE(r0, 0x80045510, &(0x7f0000000000))

2m2.607861154s ago: executing program 7 (id=5396):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$VIDIOC_G_SELECTION(0xffffffffffffffff, 0xc0405668, &(0x7f00000003c0)={0xa, 0x100, 0x0, {0x80000004, 0x1, 0x2, 0x7}})
bpf$BPF_BTF_LOAD(0x25, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[], 0x0, 0x1a}, 0x28)
socket$packet(0x11, 0x3, 0x300)
socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x3, 0x36, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x4)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a3100000000080041007369770014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x8801}, 0x20000000)

2m1.710415366s ago: executing program 8 (id=5398):
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$fuseblk(0x0, 0x0, 0x0, 0x24000, 0x0)

2m1.638126623s ago: executing program 8 (id=5399):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = socket(0x15, 0x5, 0x0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x3, 0x2)
connect$unix(r2, &(0x7f0000000080)=@abs={0xa}, 0x6e)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(0xffffffffffffffff, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
pread64(r3, 0x0, 0x0, 0x378e)

2m1.414445511s ago: executing program 7 (id=5402):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000040)='.\x00', &(0x7f00000000c0)='devtmpfs\x00', 0x200cc18, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r3 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x1)
sendfile(r3, r2, 0x0, 0x80000000)

2m1.330974997s ago: executing program 8 (id=5404):
socket$pptp(0x18, 0x1, 0x2)
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendto$inet(r0, 0x0, 0x0, 0x20048880, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x28, r2, 0x1, 0xff1f, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x26004808)

2m0.202521629s ago: executing program 46 (id=5404):
socket$pptp(0x18, 0x1, 0x2)
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendto$inet(r0, 0x0, 0x0, 0x20048880, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x28, r2, 0x1, 0xff1f, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x26004808)

2m0.196921959s ago: executing program 6 (id=5406):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000040)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0002}}}, 0x14)
connect$802154_dgram(r0, &(0x7f0000000000)={0x24, @short={0x2, 0xffff, 0xaaa2}}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r1}, 0x10)
r3 = socket$packet(0x11, 0x2, 0x300)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000880)={r2, 0x58, &(0x7f0000000800)}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x6c, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xb, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x3c, 0x2, [@TCA_BASIC_EMATCHES={0x38, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x2c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x28, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x4}, [@TCA_EM_META_RVALUE={0x4}, @TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x1}, {0x5, 0x40}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x4, 0x5, 0x1}, {0xb490, 0x9}}}]}}]}]}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
r7 = socket(0x10, 0x803, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x7c, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0xf}, {}, {0x7, 0xc}}, [@filter_kind_options=@f_u32={{0x8}, {0x50, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x5, 0xd, 0x3, 0x4, 0x13, 0x2, 0x6, 0x7ffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x2, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}, @TCA_U32_LINK={0x8, 0x3, 0x80000000}]}}]}, 0x7c}}, 0x24040084)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000980)={@mcast2}, &(0x7f00000009c0)=0x14)
r10 = socket(0x400000000010, 0x3, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r12, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r12, {0xa, 0xffff}, {}, {0xfff3, 0xe}}, [@filter_kind_options=@f_flow={{0x9}, {0x1c, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_PERTURB={0x8, 0xc, 0x6}, @TCA_FLOW_KEYS={0x8, 0x1, 0x18d34}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x80}, 0x200008c2)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000b00)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000b40)=ANY=[@ANYBLOB="ac000000", @ANYRES16=0x0, @ANYBLOB="000428bd700800dbdf47d56b844a1e3685dccf0003000200000008000100de640d7c260328b1a8e5893aa2f3538dfc9c4e716d557819a230755af2ca372bbad1ad2a97f369eb080ce29589edb3475c9095ab443c36967a29969190a3b6ce243963ae349462c6eade97b02232b6f37b645ae0724a830095d56e", @ANYRES32=0x0, @ANYBLOB="080003000300000008000100", @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="08000100", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES32=r9, @ANYBLOB="08000100", @ANYBLOB, @ANYBLOB="080001", @ANYRES32=0x0, @ANYBLOB="04000180"], 0xac}, 0x1, 0x0, 0x0, 0x4040811}, 0x4000)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'})
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
sendmmsg(r0, &(0x7f0000000240)=[{{&(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x2, 0x1, 0x4, {0xa, 0x4e21, 0x100, @local, 0x100}}}, 0x80, 0x0}}], 0x1, 0x40)

2m0.19601532s ago: executing program 7 (id=5407):
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$fuseblk(0x0, 0x0, 0x0, 0x24000, 0x0)

2m0.008667465s ago: executing program 7 (id=5408):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xb86}, @TCA_TBF_PARMS={0x28, 0x1, {{0xa, 0x2, 0xffff, 0x7, 0xcc, 0x3}, {0x0, 0x1, 0x7, 0x8, 0x7f, 0x9}, 0xa6, 0x7, 0x1bb6}}, @TCA_TBF_BURST={0x8, 0x6, 0x7f}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000001}, 0x80)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r3, {}, {0x4, 0xb}, {0x7, 0x3}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb, 0x1}}}}]}, 0x40}}, 0x4008000)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r5)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r6)
socket(0x400000000010, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="440000004ec6"})

1m59.45037722s ago: executing program 6 (id=5409):
socket$packet(0x11, 0x3, 0x300)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r1}, 0x10)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000200)={0x0, 0x1, 0x0, &(0x7f0000000000)=""/24, 0x0, 0x8000000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='statm\x00')
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f00000000c0)={0x0, r2})
ioctl$VHOST_RESET_OWNER(r0, 0xaf02, 0x0)

1m59.367811937s ago: executing program 7 (id=5410):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x20400)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8166, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000200)={0x200, 0x1fb, 0xc38})
r5 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000280)={0x40, 0x403, 0xc})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000001c0)={0x7, 0x1, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
dup(r2)
close_range(r0, 0xffffffffffffffff, 0x0)

1m58.988078158s ago: executing program 47 (id=5410):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x20400)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8166, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000200)={0x200, 0x1fb, 0xc38})
r5 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000280)={0x40, 0x403, 0xc})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000001c0)={0x7, 0x1, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
dup(r2)
close_range(r0, 0xffffffffffffffff, 0x0)

1m58.979261538s ago: executing program 6 (id=5412):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
socket(0x15, 0x5, 0x0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x3, 0x2)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
pread64(r5, 0x0, 0x0, 0x378e)

1m57.926868363s ago: executing program 6 (id=5415):
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$fuseblk(0x0, 0x0, 0x0, 0x24000, 0x0)

1m57.649921806s ago: executing program 6 (id=5416):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000180)={0x2b, 0x0, 0x0, 0xa}, 0x8)

1m57.268406377s ago: executing program 6 (id=5417):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x30, r3, 0x62c21a4ade68aba1, 0x70bd2f, 0x0, {{0x5}, {@val={0x8, 0x3, 0xa}, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x1, 0x7f}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x14fb68ea886b70f5}, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000440)=[@in={0x2, 0x4e20, @loopback}, @in6={0xa, 0x4e21, 0x1ff, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7fffffff}, @in={0x2, 0x4e24, @multicast1}, @in6={0xa, 0x4e20, 0x8, @loopback, 0x5}, @in={0x2, 0x4e21, @loopback}, @in={0x2, 0x4e20, @multicast1}], 0x85)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
setrlimit(0x6, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYRES32=r0, @ANYRESOCT], 0x7c}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a80000000060a010400000000000000000a0000010900010073797a310000000054000480500001800b0001007461726765740000400002802c0003007339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c7000000000000000000000000000000000800024000000000080001004c4544000900020073797a320000000014000000110001000000000000000000010000071951605557b2b3590f8b794735061b1aa09e78bd33f5cfd156e78231476e736be9000000000000"], 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
socket(0x1d, 0x2, 0x6)
syz_open_dev$tty1(0xc, 0x4, 0x1)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0x3ff, 0x0, 0x0, 0x1000001002, 0x2}, 0x0, &(0x7f00000002c0)={0x3fe, 0x8, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

1m56.764125898s ago: executing program 48 (id=5417):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x30, r3, 0x62c21a4ade68aba1, 0x70bd2f, 0x0, {{0x5}, {@val={0x8, 0x3, 0xa}, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x1, 0x7f}}}}}, 0x30}, 0x1, 0x0, 0x0, 0x14fb68ea886b70f5}, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000440)=[@in={0x2, 0x4e20, @loopback}, @in6={0xa, 0x4e21, 0x1ff, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7fffffff}, @in={0x2, 0x4e24, @multicast1}, @in6={0xa, 0x4e20, 0x8, @loopback, 0x5}, @in={0x2, 0x4e21, @loopback}, @in={0x2, 0x4e20, @multicast1}], 0x85)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
setrlimit(0x6, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYRES32=r0, @ANYRESOCT], 0x7c}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a80000000060a010400000000000000000a0000010900010073797a310000000054000480500001800b0001007461726765740000400002802c0003007339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c7000000000000000000000000000000000800024000000000080001004c4544000900020073797a320000000014000000110001000000000000000000010000071951605557b2b3590f8b794735061b1aa09e78bd33f5cfd156e78231476e736be9000000000000"], 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
socket(0x1d, 0x2, 0x6)
syz_open_dev$tty1(0xc, 0x4, 0x1)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0x3ff, 0x0, 0x0, 0x1000001002, 0x2}, 0x0, &(0x7f00000002c0)={0x3fe, 0x8, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

12.354232567s ago: executing program 0 (id=5631):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x25dfdbff, {}, [{0x90, 0x1, [@m_ct={0x44, 0x5, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000884}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
llistxattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=""/30, 0x1e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_vhci(&(0x7f0000001800)=ANY=[@ANYBLOB="040e0cff3c20"], 0xf)

9.932398064s ago: executing program 5 (id=5635):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000180)={0x1, 0x1, &(0x7f0000000580)=""/247, &(0x7f00000000c0)=""/85, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000a40))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
gettid()
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, 0x0)
pivot_root(0x0, 0x0)

8.728636171s ago: executing program 5 (id=5638):
sched_setscheduler(0x0, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)

8.470188483s ago: executing program 2 (id=5640):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)

8.469237523s ago: executing program 5 (id=5641):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
r4 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, 0x0, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r5)
r6 = socket$unix(0x1, 0x5, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000005c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x7fffc, {0x0, 0x0, 0x0, r8, {}, {0x2, 0xb}, {0x9, 0x6}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x1, 0x6aa}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c0e9}, 0x4008000)
ioctl$SIOCSIFHWADDR(r5, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

8.238147681s ago: executing program 2 (id=5642):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000000000900000030000380140002007369743000000000000000000000000006"], 0x44}}, 0x0)
io_uring_setup(0x5ef9, 0x0)
socket$inet6(0x10, 0x3, 0x4)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000ab9ff0), 0x8)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002c40), 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}]})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = syz_open_dev$cec(0x0, 0x0, 0x208100)
ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f00000000c0)={"000600", 0x4, 0x6, 0x2, 0x0, 0x4, "0000000500fbffffff00", '\x00\x00\a\x00', "0300", "fcffffff", ["50d5c2a7c5ae5cace40000b6", "808e88e2e9ffffffffff00", "0c436d743c97c443084000", "ff81000000008000"]})
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x200000)

8.202252724s ago: executing program 0 (id=5643):
r0 = socket$nl_route(0x10, 0x3, 0x0)
chdir(0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x101, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f00000001c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0x10, &(0x7f0000000040)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
setns(r5, 0x24020000)
syz_clone(0x120e1100, 0x0, 0x13, 0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=ANY=[@ANYBLOB="44000000100015040000", @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028005001d00000000000500010004000000"], 0x44}}, 0x0)

6.871718222s ago: executing program 0 (id=5644):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000000)=0xdd5)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeab7ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b96007d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36edd16f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad242c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bfb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb32473c345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28297852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63b9e5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a7800000001a00", 0x1000}}, 0x1006)
r2 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f00000003c0), 0x8140, 0x0)
r4 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
pwritev(r4, 0x0, 0x0, 0x800000, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r5, 0xc0045516, &(0x7f0000000000)=0xffb)
r6 = syz_socket_connect_nvme_tcp()
sendmmsg$inet(r6, &(0x7f0000002c00)=[{{&(0x7f0000000080)={0x2, 0x4e24, @broadcast}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000001980)="f6865c6b2fe3f62af0cdb792387831a4a89d1c51bdc2246748d92d4f32f3cf3eca2941fae2105bc21f1fa2b58317c28970c875846d1e76277ffff0e1eadc4662dc2ed9e96ee618fde909ece58f7b08b798d3bfef7ae4a5896bd5f26c08b7ce2ce60cd6b4554317f1b723e2b1d05b9547dbb62aa9fbc5c40fdb3a90e9bdb273390957ebd582c5902c79151760f4a7fa0e0a70222e1a91349bc5c075808c62e5cd191c73aaffe22b3e891f894586fd805e8ba26739cc62c54a187addc9b3816cef769f4fcfdd8b041901fd205460c859abc446e93c93a41bf04f2fb5abb28c2ea13942d75b83dcd72d8d8cdde3786deed4282e263d4bc5c3bef162bfead749c4e45403ffab1ce7a320070f3a62d23907df57ed7badb00d068f9b6bd78078e9c76b7a88433f1cbc10e1bce41c6ff6d133142f2811af36094470d3d7174e0148242d2b590c5068b590c023910aeb81f56f07adcf6e9e0e44c98c2457789e86e8d767bb06f227cd8d3db2a841f5e2ab263418e3baaa456a1f494f430abd5e08e38f9e7b22736862fe51760acde11d5252691a72eb39d6e6f81b0119d4e84079a1c124a80ab952a2218af49d5ad91e848668618ba5ae33040fa7039b3190354765b7f7f34c53183be7d5c0cac5310169af65f2316cb729cffc525872deb8eebc1b1d6825f35d2c8711079ebf9f4a6b9b2757cbc29256f8508c27b89bb25f39eca88b013270c4153f4e704f3ecbff29aded5397bc47911768913ee404ff53fd22c83cbfa0bd944fb61e7f839581d84aeebab9d8b971aa49ac4d2ba231dfd59174eeef727c2fb806318c23666e56dac942fbcb9109721470119d22149c83b0acc0d6c5658e0a3b9e82046fba59dce9b016b78c7f05d858b0eaf1f4858bd69027d67b65fe4224b48c56c6e2696ee5c04175ca6dff66f1a7e087d926d175faafccf999b446494bd4a8bdfef6040b06ba78bc825959f767f9333647aaf5ca8fc6e2d552b34f6e615a03761c005e277ee36190dcad93ad1df64fde00f6b1fb5aaeeeb4dce86e4a1c4139ee5f29cb6d8a3fac96b62927d8472178bdbbadcd5e3420d7cd81f470e8353c56db7ccab1d824f7e5366c0617a399aa9178059888c91c94b3ab1adcc9370c166ea36caa40e12553b4c57b73010689fa28f3d20fcfb34b2c8bd71d5bf21a90cd2d25837ab82f0ec24dfe62c317a0a26d04cbf44b15c82e41b11206df2094081d3057b4be2923d7e683e6c8b61c5209b8ebac88940a25305c629add2307084817746cfad3b16aa84587f80990952753d4eb969a36b6418634c18999f79858734110961799496280e630c268a06115b8eae3ec868b1b5b83a4406093e91460ea8fc7c173f95336bf727208096b960919a6c423c06b4468e4dceb45207a29b52186594e2f76017fdc7801401df75b5a83f32732096142a056cbb84e57dbd131929ac39947b04a283852a45d36e3801696694165827f66e269593e4bee63f963f7b1e5784dc5624efa1efd63100c0d36ee35e56bf5c41d1e9a140fcfe2e398f463b58139fb70ce6efdb6c8b22ee91d8571891eb94c3c166a8e48aff58a64f58864b8ac523b448ae0c858ef9f669e9b67252085c29698c22877d4084b238756dae7586e0a2b0b2a8bfe7b4b1c53b5dc79b291c3c2989d05903f39b976e87b0dc4df590678b901a50c1b4f77bc542b000a6ce452adb82b36cd132da60787ce2e6c50576ce85c40e4f74534bbf8ed13eeecb89a79b9b6f88529c7e748ee6e07adbbbea5fd8a062ad92a282651b5b21fe11a5c010e327400ecfb2ea8719af56341a62f2cb026280e6c495ace873aa7b1d3392bc6d00b443d7bdaee1a27f7108552e2709ae05d66e0a6e5c6cae91af98111175a478fe56fffc1bdfde9d3da4c7f562a7728234594c132a75d46aac6f80abce015db723de6c9cf038fd4834aa79fd153c2c7649a84fd143a62747e1cfca1088e33f630b2eac40da7757b03097b30d5a87d94c3f26dd67ae87c2b9a83be248edfd4104c4119fbbe75b88952697846d06d46dfb7473c51cc14538d371c39001caf31e324fbc3cec9d34ecd627e9c74bf09289d3c076ce24f0db396136ebda42037243c03f47c66661554a7cf981bf41b36042d07748c67622e6f4fe0517e032f008fa93b97c1bc6b5f5feaafebac4b78545b6d9726ccbe636ce15f6bd93b5679fa91121837b1436af0ee9b2f1b24bc11bdc8f388430597743b4c61233062a68f6b8935bea0c8aa488bc1b10f09952237329eb395bf5c707e9e35fe2af0d2a7d9da1e9f5a2da7d7618872169501a1ca3c4f7ad874baee31f108563331ba2d27b668bd042ce619ebe07d93a0bf6d7ff6050040196e7e784d1208c672de13158966c4dd6300b9b68af514fc8cfa7c675718f195564a48b1e76abc2b813c815296cc41f66499038352bc5b5c0383c2812e898168de36603f4eaf922b3d6cc81c38dce529ad60d2a02e0bc6e2bce236f6137e089092462f00a6f264909fc4224ef86dcec8c7ef9f1291f8a26729c5c8cd8bc80e5a9521f59866c987afd6a70316ad55e538ae1b5051028c76998866f2a86ac2c951fefa7578953baf24a9941d2e12a8c95842ac3e3c8ac13b23944f923810624e1186c0c4cba2d571b11266c229763d9433ace60abf486cad47a7991f54144e0806cfc5833c1321bc57fa513cb2740368164ae4b9f7690be0237d2b4240800a26029d6193c7c0d0a6477dbbb9ee910e6047d0ffde7d390a0ff2994d2b936cb4ddec01a8947ae932525ba753f38724382ecd0793311281ebf991afcbe32024ea8e095bfe1e01978d1ecfda1f7f6389bdbc77989020244df5240d2f46e7f8f2e05979eda0cda91a1788f17c3fa15b84f35319ddd35f2abf1caaeee3083c691e66b4ae7f0f2cf0dea54c2f9f45fec9e93bf9f27f91e5c4623a175412544378d5b67e8374b68732a0103f0dadf72496c9a2e60554f377dbdfab8f56f341b0124a49acf760b739a69fb9308b03e6ce956711f1f74d1d81813602345b60fe130da1cb9901cbd3b2c822b54e0cb281d476cd0edf1b1f0776c7a6040f57871575f8c432cc5b9e8ee9506ba4574146ae8ee9cfeb935cc03e2a3d104c9157578750db25c3ad13dd8f5b4efcd7400d1c8920d26c46d27d472f4f6cdb71a469f0a8f4bec373b20742c281620389412cc369f90bd78ca79236421809e21421be8f489e766989fdd5e617096d3655bb97ec435c715fb7bdbd7aa656589e2f1414ecf9a7f9737688a963268547947c472b2a645bd235605d194783927fac39014fb361c72d526aa3d828dfd03373f46654c1db717b54bbe02be34756b63d67f3fbefe4ee3715d133794c84f31ecd433c2f1b1690a87f181274e600c9ca9e41205a50ccb35a5d766c871942b6e84bbeb20a036414c1628704471c1b24b554994fd772a4293e399760de16947f0c035628b8eba44488a18e8a0f07ddca7411a7c7ec91d9e79e4b1dfc191c8509cd1281fea4be19b1c719baf75afae74fa4bba91fe7a63bde3420754da242cb6b638d98c99eba2c5b69c22b8afdebfbb9ea6de3acbf5805a97915fd8e45f4c909d9da885c9f7a48362f84c9d1cdd4c4954278454754e417d6c8253da4bf650e213f8af18abb67e080cb31a143903c943806328e0df6f70d857fbdc46ab81866842a0ccb09dc6e32c550ea0ee13c6849031d289802959ba9d4645bae35cdcbb0f071cdc5586f3b903f732b69ea104dabaeb33a78311f385780ae0e34c7928412f0a870ea71c0a04f959d965769eb18fe0719236312c45f46ddea78e00a79fea34dc5c594a6fcce973af2e1209db5d18e705fb892ad1cfa9bb68ed24e85eac640836a2d4232cbd3606e4fb03d1549379d0740cf47dd5fa2d2265393b2bbc32dacb0715909b5d1687bb2ac4300906ca9b99312679cef50b430251f9b8f87288cd44b258fc525f36ee6ee7964a8594f831f0719256be0b327cb245cf331ddae5c3013911ab85364de05ea420ff8baebeeb57bfdb12f5a7b645c9e443fe4a98652bef63b9073bad060f0195c0c6457a0fa306f673f2d8a98250ca92fdae7e4c75372b73a73e42feed8f71a331b196caf7322098ea0e2da4569e38ab3eab3124e36d3f3432f82a45c84932ab60f6b4d0f1517919de272392422677ce8073a2f92cbe9327b0d89b8d49fd1c232a5580cedc054598b2db89095e0bdcf50c31499e939c5ac3da2f4c2c8338a4436a7e4c36bea900b21ac4e9c839887bbccc51cc42f8ced8553fe8152e0c3b79389da97fad7de5161050ba8e0287591baeb43a3dea60129c696689054dbf5f8b8c6ae259e8e0557495dcd57b2b7cc55843a9761c275d58dec1a9b23109fcdd8923d16eb8bd796abd4ce3b39a0faa0bd3a0ab75c9bfcb7591909957acd15a7bfc56170c9e294810ca9641f3c3312d50a692f5a9aa94c6a040a4aef9ccd04e15c3c2df9acb5b98ce8b42f80bb391406aebf4070bfd8d2be946293802a9d4225eaaebb552d434fe26fd926d13d799b6a0913e77a792465759a419e68eb4fa757e7b767f7e87698dbcf065a13101f537d73351de1da25d89eb1c527518528cc262030fab9ae24e795e878e7b6d413fa1fb339536b6e77477edb387b0c1e0e3cd22d2451242e07dd2e9407a9b61146b127a1a10b6ae510f87a2c17279ab1a5afbfb0839b0be159af3471887e2916ac4f77ab878a15331064cf89c176a0ff2386173ba43477adabf913dccebc617982b271f32c26efd2aeb883461d2ed8f00a097652697e0b48c944b64a6c81a584cb8245cddf60f0f7f26e69cd32392a4530a1f9c484ced7b4ea2d6b711e2fb5d04ff4cf05b8305fd65a12ea9f7acfe8d31f1819f0f1ce382aabc687399114c2daa5019ec42feda0feb4960ed9ab699a8c0dda8b83661f4bd21a1f96e50181ccf38474b40017924edcb0ca0a93097a3f43fff84a98a750374d8999fba74066092bca92afb0d41aadccfc5bba892ca86a5a30978d4a6948bfb87d8c5e10791aee464230a44f162c8c53c0d2c6600f15326ee6e683e9d3476377d2d14cd4b844e02b47866c8e0047b0a5ca9274e1af2b72ebdedfd9bbe22e6fd89ffbf4daab6dc43c83bb0ed3076a513bdd38e79930cd3eb3594669047d06bde9a98d0ae54b29d6b919809a303dad21e9eeca6e7ce0d511fa60c07afd948d868e86f8c6b22aff91ddfcfcf67dfe1c2f9a2abfbb588bb953c66f1dcc6243cf1bebadf1bebe6eb50989cdbfd554fba82bd3276220a142268e90f04dc164259fb7829235a3b73ecaa6cd9fe3e4f4b2c0baf51e8423a02ff11d99f765d0f12e103e04953cb3bfc28935785705a709d81710101f472e5d3ac090a66df07c5e6c2948f11bdfcb94affee5e3f59aa1a131e4c2e31ef327a0aee2063dee9a185bb60d1502ec9ca2cdbb232552c16359b807b4228950718212fb09ca09f76ea69d89baf6d48d607bedc9650086e5fe93130f4d9de61f1dd62c56b78bd37956e932252b9958190bccee42e6df846581e70b10e7ebcee224b9220de6da7b69d9311ecc498e7b99233cf7fa09ebbe49d76c0288a9c196f255818728cbffb46314389bb275c9db933d9c8a15ed33d679e111f88832a2caa43137dced46a6139243123ed206f0f418ddad8c22e8ab5a12351ba1c41597a9f1fb02d5f0680fd66e98a769c28a74a4238af642d0e5c26d8ec76b89228ee7991680dc2d8eab5d549071f698d81141bbd6a781bf71fd9b36a80bb4ab4c0c27fc8829b876fe498af2bd811e07c07db7dd03b5d829217bd58ab2a29b30ee05e9c5", 0x1000}, {&(0x7f0000000100)="ab47fa66244a0cfc00093e02ac224b19c2780434959ba71f7ab73786f33048e9a79533c0311d7349fd5bce061b737d", 0x2f}, {&(0x7f00000001c0)="44fdce041da5ff5fb17f5a2bdf6bdc037555c56ae86abb52745fbe9f2ff87167ed112101d56832667cef590d0e05eb236cf5ca9e23934f30f8816092e7302cf5ed08827071e740", 0x47}, {&(0x7f0000000480)="a6137ad6cc5853a08c1ce3e68eff461c4b57af178305c300c0942d7450ebf4f0dfbf87598e6234e20b1b8d33af2e4ba31da1b7ae2dd581450cd36516a685f2249e64dfe382fc23ab328a5a2aae593d79948ad43e4ae398342b1465c6f24104e5681ef748c3e6008d8b846a6fd94b038fba312be1f640a5162ad6a275d1c87a73d661275507", 0x85}, {&(0x7f0000000540)="99a57b17b6ccbe147ae11eb2250e9b1edd324d82eb691c795c0d74b46cf7cdac270028c71629c4a1717075fdaf302241f47a32f6098fa872f1ec5d517cb988fbcf5124f2dac93136a29ccedea07e681486e380c181d859a40d6ba05dcbb2e06919b238d7060d04eef676eb14fe7011d12469df3f6999c64c41997a6f8903fb7f53984df22ce3888fbc58efe19673223fd6f8d436a9200b01c91c4eceb8dc006af86f2ffa24139b53b3e1fb071dc6c2b02c918aabc76f27a498f832f9fd45cb846bac925b9fc19f0b34eee2ac81b63401d15f507c85c37d0b385b3c", 0xdb}, {&(0x7f0000000340)="6926ecddaba3945b0cb65827c61fffdfad459d92d10330208aefe65ad525c975101b511e4054ad3ac45298ccfcb1cc8b71dbe2306ed537ebc6d4f898fbb6dae6c53f5808d7348e044d6761f63a81632679f321664d122325", 0x58}, {&(0x7f0000000700)="72211ffa49e4baf8afc892b0af232a28725082c4a33091021255104d122e9271a3e9521eacb95bcbe14fc59f7e5904beebfa88aa1ebd6c8e07fd42ef78bf416bd5aab42e698239127a01413e01f8b3bd88d37d9809e7a2c08d18905076d7c0b4d950747da34e34c40157a61b084b08cdcdf5e132b2cdc24b10bc1607fa2a53fafe475fccde45b5ef924a40f4e377908ce912b8859f59e69f8f9e772cf44e3a7f92004e386462d653a45d4fead923902b", 0xb0}, {&(0x7f00000007c0)="7643da6549971036febf0a65f4d1bc50f43e2a91ddd2bde669f612cbf3cbc3f31d1139f71cdeaac4be1d130f5628872edcad82b280f95b4477acbc8e4e6b6f5ddd30ede07e6ed5c7b723cf8d946b753d011a19ae709525770339faddc4ff931570a39d68c4a4514eaab73ac72a5115237da13cd60c1ac822cf618c10b124c8f8ed3d8a", 0x83}], 0x8}}, {{&(0x7f0000002980)={0x2, 0x4e20, @rand_addr=0x64010102}, 0x10, &(0x7f0000002a80)=[{&(0x7f00000029c0)="6884dad66f5dfd6c098391eab1f3e5100f048d0693d839c6b367e1c28719748e937acedc912932b585822fffc016b7a82a99a7c29ccc80fa2316ca1bf6f0a03e0efdb7709e03af952ffbe3064024100bfc7316b404f2f23491bb81ffbcb1a72961287370773b5baa894e7d5beba33fdff938b783e03c499443bc23d25272eb60fcef8312a46abc1b89992c0d0e8e0bfdecc908bfa17de589777e6b63c95202f203a93d62de7fe103fc7e1ec282e518cb6d02cfb54656", 0xb6}], 0x1}}, {{&(0x7f0000002ac0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000002b40)=[{&(0x7f0000002b00)="99255c8a80bfee8604f8ff886e09d3932602e1aeef7c1f067aefff0d963685a9acdba2deb27ce3f380835cbe2f813d5cb2f4bb18d04b6724", 0x38}], 0x1, &(0x7f0000002b80)=[@ip_tos_u8={{0xd, 0x0, 0x1, 0x7}}, @ip_retopts={{0x2c, 0x0, 0x7, {[@ssrr={0x89, 0xf, 0x24, [@empty, @broadcast, @private=0xa010101]}, @lsrr={0x83, 0xf, 0x31, [@loopback, @private=0xa010101, @broadcast]}, @noop, @noop]}}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x2}}, @ip_ttl={{0x10, 0x0, 0x2, 0x1000}}, @ip_ttl={{0x10, 0x0, 0x2, 0x7f}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x8}}], 0x7c}}], 0x3, 0x8080)
openat$cuse(0xffffffffffffff9c, &(0x7f0000001300), 0x2, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r8 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffff7]}, 0x8, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000140), 0x84, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESDEC=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r4)
sendfile(r2, r2, 0x0, 0x24002de8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0x8, 0x1}, {0xffff, 0xffff}, {0xd, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x44004}, 0x0)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r2)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x18, &(0x7f0000000000)=0x15, 0x4)
ioctl$PTP_PIN_GETFUNC(r3, 0xc0603d06, &(0x7f0000000400)={'\x00', 0xfffffffe, 0x1, 0x48})
close_range(r0, 0xffffffffffffffff, 0x0)

6.849835394s ago: executing program 2 (id=5645):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r1, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r1, 0x5001, 0x0)
r2 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
ioctl$SNDCTL_DSP_SUBDIVIDE(r1, 0xc0045009, &(0x7f0000000040)=0xffffffff)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)

6.787036679s ago: executing program 5 (id=5646):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000180)={0x1, 0x1, &(0x7f0000000580)=""/247, &(0x7f00000000c0)=""/85, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000a40))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
gettid()
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, 0x0)
pivot_root(0x0, 0x0)

6.571842837s ago: executing program 0 (id=5647):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
dup(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r2, 0x4b52, &(0x7f0000000080)="7f81e3e56e")
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
lstat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
lchown(&(0x7f0000000040)='./file0\x00', r3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x8a2b01)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x38, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40004}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_ROLE={0x8}]}}}]}, 0x38}}, 0x0)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f0000000240)={@hyper})
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)

6.494781693s ago: executing program 3 (id=5648):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000040)='.\x00', &(0x7f00000000c0)='devtmpfs\x00', 0x200cc18, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r2 = open(0x0, 0x10b942, 0x1)
sendfile(r2, r1, 0x0, 0x80000000)

5.650631811s ago: executing program 2 (id=5649):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x6, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='westwood\x00', 0x9)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
sendfile(r0, r1, 0x0, 0x8000002b)

5.546398769s ago: executing program 3 (id=5650):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000100)=@can={{}, 0x80, 0x3, 0x4, 0x2, "07000000008000"}, 0x10}}, 0x0)
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000006180), 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x80a02, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_usbip_server_init(0x3)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

5.54575214s ago: executing program 0 (id=5651):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x25dfdbff, {}, [{0x90, 0x1, [@m_ct={0x44, 0x5, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x4, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000884}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
llistxattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=""/30, 0x1e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000001800)=ANY=[@ANYBLOB="040e0cff3c20"], 0xf)

4.078238269s ago: executing program 2 (id=5652):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect$hid(0x6, 0x36, 0x0, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x5)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000200)=0xdc)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x20000004)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x80, 0x141)
getdents64(r2, &(0x7f0000000f80)=""/4096, 0x1000)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, 0x0, 0x50)
bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)

4.022566424s ago: executing program 3 (id=5653):
r0 = socket$nl_route(0x10, 0x3, 0x0)
chdir(0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x101, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f00000001c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0x10, &(0x7f0000000040)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
setns(r5, 0x24020000)
syz_clone(0x120e1100, 0x0, 0x13, 0x0, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=ANY=[@ANYBLOB="44000000100015040000", @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028005001d00000000000500010004000000"], 0x44}}, 0x0)

1.158302596s ago: executing program 3 (id=5654):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0xa, 0x4}, 0x20)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000000000900000030000380140002007369743000000000000000000000000006"], 0x44}}, 0x0)
io_uring_setup(0x5ef9, 0x0)
socket$inet6(0x10, 0x3, 0x4)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000ab9ff0), 0x8)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002c40), 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}]})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = syz_open_dev$cec(0x0, 0x0, 0x208100)
ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f00000000c0)={"000600", 0x4, 0x6, 0x2, 0x0, 0x4, "0000000500fbffffff00", '\x00\x00\a\x00', "0300", "fcffffff", ["50d5c2a7c5ae5cace40000b6", "808e88e2e9ffffffffff00", "0c436d743c97c443084000", "ff81000000008000"]})
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r2, &(0x7f0000001240)=""/102400, 0x200000, 0x200000)

894.366087ms ago: executing program 2 (id=5655):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000000)=0xdd5)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeab7ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b96007d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36edd16f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad242c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bfb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb32473c345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28297852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63b9e5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a7800000001a00", 0x1000}}, 0x1006)
r2 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f00000003c0), 0x8140, 0x0)
r4 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
pwritev(r4, 0x0, 0x0, 0x800000, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r5, 0xc0045516, &(0x7f0000000000)=0xffb)
r6 = syz_socket_connect_nvme_tcp()
sendmmsg$inet(r6, &(0x7f0000002c00)=[{{&(0x7f0000000080)={0x2, 0x4e24, @broadcast}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000001980)="f6865c6b2fe3f62af0cdb792387831a4a89d1c51bdc2246748d92d4f32f3cf3eca2941fae2105bc21f1fa2b58317c28970c875846d1e76277ffff0e1eadc4662dc2ed9e96ee618fde909ece58f7b08b798d3bfef7ae4a5896bd5f26c08b7ce2ce60cd6b4554317f1b723e2b1d05b9547dbb62aa9fbc5c40fdb3a90e9bdb273390957ebd582c5902c79151760f4a7fa0e0a70222e1a91349bc5c075808c62e5cd191c73aaffe22b3e891f894586fd805e8ba26739cc62c54a187addc9b3816cef769f4fcfdd8b041901fd205460c859abc446e93c93a41bf04f2fb5abb28c2ea13942d75b83dcd72d8d8cdde3786deed4282e263d4bc5c3bef162bfead749c4e45403ffab1ce7a320070f3a62d23907df57ed7badb00d068f9b6bd78078e9c76b7a88433f1cbc10e1bce41c6ff6d133142f2811af36094470d3d7174e0148242d2b590c5068b590c023910aeb81f56f07adcf6e9e0e44c98c2457789e86e8d767bb06f227cd8d3db2a841f5e2ab263418e3baaa456a1f494f430abd5e08e38f9e7b22736862fe51760acde11d5252691a72eb39d6e6f81b0119d4e84079a1c124a80ab952a2218af49d5ad91e848668618ba5ae33040fa7039b3190354765b7f7f34c53183be7d5c0cac5310169af65f2316cb729cffc525872deb8eebc1b1d6825f35d2c8711079ebf9f4a6b9b2757cbc29256f8508c27b89bb25f39eca88b013270c4153f4e704f3ecbff29aded5397bc47911768913ee404ff53fd22c83cbfa0bd944fb61e7f839581d84aeebab9d8b971aa49ac4d2ba231dfd59174eeef727c2fb806318c23666e56dac942fbcb9109721470119d22149c83b0acc0d6c5658e0a3b9e82046fba59dce9b016b78c7f05d858b0eaf1f4858bd69027d67b65fe4224b48c56c6e2696ee5c04175ca6dff66f1a7e087d926d175faafccf999b446494bd4a8bdfef6040b06ba78bc825959f767f9333647aaf5ca8fc6e2d552b34f6e615a03761c005e277ee36190dcad93ad1df64fde00f6b1fb5aaeeeb4dce86e4a1c4139ee5f29cb6d8a3fac96b62927d8472178bdbbadcd5e3420d7cd81f470e8353c56db7ccab1d824f7e5366c0617a399aa9178059888c91c94b3ab1adcc9370c166ea36caa40e12553b4c57b73010689fa28f3d20fcfb34b2c8bd71d5bf21a90cd2d25837ab82f0ec24dfe62c317a0a26d04cbf44b15c82e41b11206df2094081d3057b4be2923d7e683e6c8b61c5209b8ebac88940a25305c629add2307084817746cfad3b16aa84587f80990952753d4eb969a36b6418634c18999f79858734110961799496280e630c268a06115b8eae3ec868b1b5b83a4406093e91460ea8fc7c173f95336bf727208096b960919a6c423c06b4468e4dceb45207a29b52186594e2f76017fdc7801401df75b5a83f32732096142a056cbb84e57dbd131929ac39947b04a283852a45d36e3801696694165827f66e269593e4bee63f963f7b1e5784dc5624efa1efd63100c0d36ee35e56bf5c41d1e9a140fcfe2e398f463b58139fb70ce6efdb6c8b22ee91d8571891eb94c3c166a8e48aff58a64f58864b8ac523b448ae0c858ef9f669e9b67252085c29698c22877d4084b238756dae7586e0a2b0b2a8bfe7b4b1c53b5dc79b291c3c2989d05903f39b976e87b0dc4df590678b901a50c1b4f77bc542b000a6ce452adb82b36cd132da60787ce2e6c50576ce85c40e4f74534bbf8ed13eeecb89a79b9b6f88529c7e748ee6e07adbbbea5fd8a062ad92a282651b5b21fe11a5c010e327400ecfb2ea8719af56341a62f2cb026280e6c495ace873aa7b1d3392bc6d00b443d7bdaee1a27f7108552e2709ae05d66e0a6e5c6cae91af98111175a478fe56fffc1bdfde9d3da4c7f562a7728234594c132a75d46aac6f80abce015db723de6c9cf038fd4834aa79fd153c2c7649a84fd143a62747e1cfca1088e33f630b2eac40da7757b03097b30d5a87d94c3f26dd67ae87c2b9a83be248edfd4104c4119fbbe75b88952697846d06d46dfb7473c51cc14538d371c39001caf31e324fbc3cec9d34ecd627e9c74bf09289d3c076ce24f0db396136ebda42037243c03f47c66661554a7cf981bf41b36042d07748c67622e6f4fe0517e032f008fa93b97c1bc6b5f5feaafebac4b78545b6d9726ccbe636ce15f6bd93b5679fa91121837b1436af0ee9b2f1b24bc11bdc8f388430597743b4c61233062a68f6b8935bea0c8aa488bc1b10f09952237329eb395bf5c707e9e35fe2af0d2a7d9da1e9f5a2da7d7618872169501a1ca3c4f7ad874baee31f108563331ba2d27b668bd042ce619ebe07d93a0bf6d7ff6050040196e7e784d1208c672de13158966c4dd6300b9b68af514fc8cfa7c675718f195564a48b1e76abc2b813c815296cc41f66499038352bc5b5c0383c2812e898168de36603f4eaf922b3d6cc81c38dce529ad60d2a02e0bc6e2bce236f6137e089092462f00a6f264909fc4224ef86dcec8c7ef9f1291f8a26729c5c8cd8bc80e5a9521f59866c987afd6a70316ad55e538ae1b5051028c76998866f2a86ac2c951fefa7578953baf24a9941d2e12a8c95842ac3e3c8ac13b23944f923810624e1186c0c4cba2d571b11266c229763d9433ace60abf486cad47a7991f54144e0806cfc5833c1321bc57fa513cb2740368164ae4b9f7690be0237d2b4240800a26029d6193c7c0d0a6477dbbb9ee910e6047d0ffde7d390a0ff2994d2b936cb4ddec01a8947ae932525ba753f38724382ecd0793311281ebf991afcbe32024ea8e095bfe1e01978d1ecfda1f7f6389bdbc77989020244df5240d2f46e7f8f2e05979eda0cda91a1788f17c3fa15b84f35319ddd35f2abf1caaeee3083c691e66b4ae7f0f2cf0dea54c2f9f45fec9e93bf9f27f91e5c4623a175412544378d5b67e8374b68732a0103f0dadf72496c9a2e60554f377dbdfab8f56f341b0124a49acf760b739a69fb9308b03e6ce956711f1f74d1d81813602345b60fe130da1cb9901cbd3b2c822b54e0cb281d476cd0edf1b1f0776c7a6040f57871575f8c432cc5b9e8ee9506ba4574146ae8ee9cfeb935cc03e2a3d104c9157578750db25c3ad13dd8f5b4efcd7400d1c8920d26c46d27d472f4f6cdb71a469f0a8f4bec373b20742c281620389412cc369f90bd78ca79236421809e21421be8f489e766989fdd5e617096d3655bb97ec435c715fb7bdbd7aa656589e2f1414ecf9a7f9737688a963268547947c472b2a645bd235605d194783927fac39014fb361c72d526aa3d828dfd03373f46654c1db717b54bbe02be34756b63d67f3fbefe4ee3715d133794c84f31ecd433c2f1b1690a87f181274e600c9ca9e41205a50ccb35a5d766c871942b6e84bbeb20a036414c1628704471c1b24b554994fd772a4293e399760de16947f0c035628b8eba44488a18e8a0f07ddca7411a7c7ec91d9e79e4b1dfc191c8509cd1281fea4be19b1c719baf75afae74fa4bba91fe7a63bde3420754da242cb6b638d98c99eba2c5b69c22b8afdebfbb9ea6de3acbf5805a97915fd8e45f4c909d9da885c9f7a48362f84c9d1cdd4c4954278454754e417d6c8253da4bf650e213f8af18abb67e080cb31a143903c943806328e0df6f70d857fbdc46ab81866842a0ccb09dc6e32c550ea0ee13c6849031d289802959ba9d4645bae35cdcbb0f071cdc5586f3b903f732b69ea104dabaeb33a78311f385780ae0e34c7928412f0a870ea71c0a04f959d965769eb18fe0719236312c45f46ddea78e00a79fea34dc5c594a6fcce973af2e1209db5d18e705fb892ad1cfa9bb68ed24e85eac640836a2d4232cbd3606e4fb03d1549379d0740cf47dd5fa2d2265393b2bbc32dacb0715909b5d1687bb2ac4300906ca9b99312679cef50b430251f9b8f87288cd44b258fc525f36ee6ee7964a8594f831f0719256be0b327cb245cf331ddae5c3013911ab85364de05ea420ff8baebeeb57bfdb12f5a7b645c9e443fe4a98652bef63b9073bad060f0195c0c6457a0fa306f673f2d8a98250ca92fdae7e4c75372b73a73e42feed8f71a331b196caf7322098ea0e2da4569e38ab3eab3124e36d3f3432f82a45c84932ab60f6b4d0f1517919de272392422677ce8073a2f92cbe9327b0d89b8d49fd1c232a5580cedc054598b2db89095e0bdcf50c31499e939c5ac3da2f4c2c8338a4436a7e4c36bea900b21ac4e9c839887bbccc51cc42f8ced8553fe8152e0c3b79389da97fad7de5161050ba8e0287591baeb43a3dea60129c696689054dbf5f8b8c6ae259e8e0557495dcd57b2b7cc55843a9761c275d58dec1a9b23109fcdd8923d16eb8bd796abd4ce3b39a0faa0bd3a0ab75c9bfcb7591909957acd15a7bfc56170c9e294810ca9641f3c3312d50a692f5a9aa94c6a040a4aef9ccd04e15c3c2df9acb5b98ce8b42f80bb391406aebf4070bfd8d2be946293802a9d4225eaaebb552d434fe26fd926d13d799b6a0913e77a792465759a419e68eb4fa757e7b767f7e87698dbcf065a13101f537d73351de1da25d89eb1c527518528cc262030fab9ae24e795e878e7b6d413fa1fb339536b6e77477edb387b0c1e0e3cd22d2451242e07dd2e9407a9b61146b127a1a10b6ae510f87a2c17279ab1a5afbfb0839b0be159af3471887e2916ac4f77ab878a15331064cf89c176a0ff2386173ba43477adabf913dccebc617982b271f32c26efd2aeb883461d2ed8f00a097652697e0b48c944b64a6c81a584cb8245cddf60f0f7f26e69cd32392a4530a1f9c484ced7b4ea2d6b711e2fb5d04ff4cf05b8305fd65a12ea9f7acfe8d31f1819f0f1ce382aabc687399114c2daa5019ec42feda0feb4960ed9ab699a8c0dda8b83661f4bd21a1f96e50181ccf38474b40017924edcb0ca0a93097a3f43fff84a98a750374d8999fba74066092bca92afb0d41aadccfc5bba892ca86a5a30978d4a6948bfb87d8c5e10791aee464230a44f162c8c53c0d2c6600f15326ee6e683e9d3476377d2d14cd4b844e02b47866c8e0047b0a5ca9274e1af2b72ebdedfd9bbe22e6fd89ffbf4daab6dc43c83bb0ed3076a513bdd38e79930cd3eb3594669047d06bde9a98d0ae54b29d6b919809a303dad21e9eeca6e7ce0d511fa60c07afd948d868e86f8c6b22aff91ddfcfcf67dfe1c2f9a2abfbb588bb953c66f1dcc6243cf1bebadf1bebe6eb50989cdbfd554fba82bd3276220a142268e90f04dc164259fb7829235a3b73ecaa6cd9fe3e4f4b2c0baf51e8423a02ff11d99f765d0f12e103e04953cb3bfc28935785705a709d81710101f472e5d3ac090a66df07c5e6c2948f11bdfcb94affee5e3f59aa1a131e4c2e31ef327a0aee2063dee9a185bb60d1502ec9ca2cdbb232552c16359b807b4228950718212fb09ca09f76ea69d89baf6d48d607bedc9650086e5fe93130f4d9de61f1dd62c56b78bd37956e932252b9958190bccee42e6df846581e70b10e7ebcee224b9220de6da7b69d9311ecc498e7b99233cf7fa09ebbe49d76c0288a9c196f255818728cbffb46314389bb275c9db933d9c8a15ed33d679e111f88832a2caa43137dced46a6139243123ed206f0f418ddad8c22e8ab5a12351ba1c41597a9f1fb02d5f0680fd66e98a769c28a74a4238af642d0e5c26d8ec76b89228ee7991680dc2d8eab5d549071f698d81141bbd6a781bf71fd9b36a80bb4ab4c0c27fc8829b876fe498af2bd811e07c07db7dd03b5d829217bd58ab2a29b30ee05e9c5", 0x1000}, {&(0x7f0000000100)="ab47fa66244a0cfc00093e02ac224b19c2780434959ba71f7ab73786f33048e9a79533c0311d7349fd5bce061b737d", 0x2f}, {&(0x7f00000001c0)="44fdce041da5ff5fb17f5a2bdf6bdc037555c56ae86abb52745fbe9f2ff87167ed112101d56832667cef590d0e05eb236cf5ca9e23934f30f8816092e7302cf5ed08827071e740", 0x47}, {&(0x7f0000000480)="a6137ad6cc5853a08c1ce3e68eff461c4b57af178305c300c0942d7450ebf4f0dfbf87598e6234e20b1b8d33af2e4ba31da1b7ae2dd581450cd36516a685f2249e64dfe382fc23ab328a5a2aae593d79948ad43e4ae398342b1465c6f24104e5681ef748c3e6008d8b846a6fd94b038fba312be1f640a5162ad6a275d1c87a73d661275507", 0x85}, {&(0x7f0000000540)="99a57b17b6ccbe147ae11eb2250e9b1edd324d82eb691c795c0d74b46cf7cdac270028c71629c4a1717075fdaf302241f47a32f6098fa872f1ec5d517cb988fbcf5124f2dac93136a29ccedea07e681486e380c181d859a40d6ba05dcbb2e06919b238d7060d04eef676eb14fe7011d12469df3f6999c64c41997a6f8903fb7f53984df22ce3888fbc58efe19673223fd6f8d436a9200b01c91c4eceb8dc006af86f2ffa24139b53b3e1fb071dc6c2b02c918aabc76f27a498f832f9fd45cb846bac925b9fc19f0b34eee2ac81b63401d15f507c85c37d0b385b3c", 0xdb}, {&(0x7f0000000340)="6926ecddaba3945b0cb65827c61fffdfad459d92d10330208aefe65ad525c975101b511e4054ad3ac45298ccfcb1cc8b71dbe2306ed537ebc6d4f898fbb6dae6c53f5808d7348e044d6761f63a81632679f321664d122325", 0x58}, {&(0x7f0000000700)="72211ffa49e4baf8afc892b0af232a28725082c4a33091021255104d122e9271a3e9521eacb95bcbe14fc59f7e5904beebfa88aa1ebd6c8e07fd42ef78bf416bd5aab42e698239127a01413e01f8b3bd88d37d9809e7a2c08d18905076d7c0b4d950747da34e34c40157a61b084b08cdcdf5e132b2cdc24b10bc1607fa2a53fafe475fccde45b5ef924a40f4e377908ce912b8859f59e69f8f9e772cf44e3a7f92004e386462d653a45d4fead923902b", 0xb0}, {&(0x7f00000007c0)="7643da6549971036febf0a65f4d1bc50f43e2a91ddd2bde669f612cbf3cbc3f31d1139f71cdeaac4be1d130f5628872edcad82b280f95b4477acbc8e4e6b6f5ddd30ede07e6ed5c7b723cf8d946b753d011a19ae709525770339faddc4ff931570a39d68c4a4514eaab73ac72a5115237da13cd60c1ac822cf618c10b124c8f8ed3d8a", 0x83}], 0x8}}, {{&(0x7f0000002980)={0x2, 0x4e20, @rand_addr=0x64010102}, 0x10, &(0x7f0000002a80)=[{&(0x7f00000029c0)="6884dad66f5dfd6c098391eab1f3e5100f048d0693d839c6b367e1c28719748e937acedc912932b585822fffc016b7a82a99a7c29ccc80fa2316ca1bf6f0a03e0efdb7709e03af952ffbe3064024100bfc7316b404f2f23491bb81ffbcb1a72961287370773b5baa894e7d5beba33fdff938b783e03c499443bc23d25272eb60fcef8312a46abc1b89992c0d0e8e0bfdecc908bfa17de589777e6b63c95202f203a93d62de7fe103fc7e1ec282e518cb6d02cfb54656", 0xb6}], 0x1}}, {{&(0x7f0000002ac0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000002b40)=[{&(0x7f0000002b00)="99255c8a80bfee8604f8ff886e09d3932602e1aeef7c1f067aefff0d963685a9acdba2deb27ce3f380835cbe2f813d5cb2f4bb18d04b6724", 0x38}], 0x1, &(0x7f0000002b80)=[@ip_tos_u8={{0xd, 0x0, 0x1, 0x7}}, @ip_retopts={{0x2c, 0x0, 0x7, {[@ssrr={0x89, 0xf, 0x24, [@empty, @broadcast, @private=0xa010101]}, @lsrr={0x83, 0xf, 0x31, [@loopback, @private=0xa010101, @broadcast]}, @noop, @noop]}}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x2}}, @ip_ttl={{0x10, 0x0, 0x2, 0x1000}}, @ip_ttl={{0x10, 0x0, 0x2, 0x7f}}, @ip_tos_u8={{0xd, 0x0, 0x1, 0x8}}], 0x7c}}], 0x3, 0x8080)
openat$cuse(0xffffffffffffff9c, &(0x7f0000001300), 0x2, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r8 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffff7]}, 0x8, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000140), 0x84, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESDEC=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r4)
sendfile(r2, r2, 0x0, 0x24002de8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00', <r9=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0x8, 0x1}, {0xffff, 0xffff}, {0xd, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x44004}, 0x0)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r2)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x18, &(0x7f0000000000)=0x15, 0x4)
ioctl$PTP_PIN_GETFUNC(r3, 0xc0603d06, &(0x7f0000000400)={'\x00', 0xfffffffe, 0x1, 0x48})
close_range(r0, 0xffffffffffffffff, 0x0)

631.844228ms ago: executing program 5 (id=5656):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})
r2 = syz_io_uring_setup(0xbde, &(0x7f0000000540)={0x0, 0xec29, 0x100, 0xfffffffd, 0x1e6}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4000, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

301.395135ms ago: executing program 5 (id=5657):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r1, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r1, 0x5001, 0x0)
r2 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
ioctl$SNDCTL_DSP_SUBDIVIDE(r1, 0xc0045009, &(0x7f0000000040)=0xffffffff)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)

117.55609ms ago: executing program 0 (id=5658):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
sendmsg(r2, 0x0, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x8001, 0x0, r3}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x140f, 0x200, 0x70bd2a, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x20040014}, 0x20004880)
bpf$PROG_LOAD(0x5, &(0x7f0000001580)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011)
sendmsg$kcm(r0, &(0x7f0000000b00)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x5}, 0x80, 0x0}, 0xe07e872420dfef8a)
recvmsg(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000600)=""/103, 0x1b}], 0x1}, 0x0)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="1400000023000b6c8cfffdfcd3bb00f90429fc60", 0x14}], 0x1}, 0x2400c000)
close(0xffffffffffffffff)

117.47625ms ago: executing program 3 (id=5659):
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f0000000300)={'ip6gre0\x00', 0x0, 0x2f, 0x6, 0x90, 0x3, 0xc, @private1={0xfc, 0x1, '\x00', 0x1}, @empty, 0x7, 0x80, 0x8000, 0x7fffffff}})

0s ago: executing program 3 (id=5660):
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$IPSET_CMD_DEL(0xffffffffffffffff, 0x0, 0x4008040)
close(r0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r2, 0x0, 0x8008000000010, &(0x7f00000004c0)="17000000020001000003be8c5ee17688a20032000203000a0292000098fc5ad90a00bb6a880000d6c8db0000dba67e06020000e28900000200df018002000000fc0607bdff59100ac45761547a681f009cee4a5a2d8f89814bc6c252674f00c88ebb01005033bf79ac2dfc060115003901000000000000ea0000000000000800b59bd2b8e50ce5af649a702202ffff02dfccebf6ba000840024f0298e9e90554062a80e605007f71174aa951f3c63e5a1b47b6806323deb3", 0xb8)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0xa0602, 0x0)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0, 0xff2b}], 0x2)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000c40)={0x2, 0x4, 0x9, 0x9, 0x5, 0x0, 0x70bd25, 0x25dfdbfe, [@sadb_address={0x3, 0x17, 0xff, 0xa0, 0x0, @in={0x2, 0x4e24, @private=0xa010101}}]}, 0x28}}, 0x40000)
socket(0x2, 0x80805, 0x0)

kernel console output (not intermixed with test programs):

face
[ 1369.757869][ T6607] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1370.426487][T16912] Bluetooth: hci2: command tx timeout
[ 1370.783480][ T6607] bond0 (unregistering): Released all slaves
[ 1370.787165][T21815] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input12
[ 1370.911922][T21723] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1370.926444][T21723] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1370.958769][T21723] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1371.179518][T21723] hsr_slave_0: entered promiscuous mode
[ 1371.209015][T21723] hsr_slave_1: entered promiscuous mode
[ 1371.218387][T21723] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1371.234219][T21723] Cannot create hsr debugfs directory
[ 1371.947620][T21839] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4998'.
[ 1374.518087][T21723] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1374.572216][T21723] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1374.633954][T21723] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1374.678005][T21723] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1375.127890][T21723] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1375.241149][T21723] 8021q: adding VLAN 0 to HW filter on device team0
[ 1375.310246][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1375.317585][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1375.335942][T21903] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5010'.
[ 1375.349509][T21903] bridge_slave_1: left allmulticast mode
[ 1375.356366][T21903] bridge_slave_1: left promiscuous mode
[ 1375.366026][T21903] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1375.388267][T21903] bridge_slave_0: left allmulticast mode
[ 1375.416961][T21903] bridge_slave_0: left promiscuous mode
[ 1375.440006][T21903] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1375.833615][T21911] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5011'.
[ 1376.768626][T21926] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5014'.
[ 1378.606102][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1378.613401][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1380.097974][T21723] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1380.317288][T21723] veth0_vlan: entered promiscuous mode
[ 1380.382281][T21973] netlink: 'syz.7.5021': attribute type 10 has an invalid length.
[ 1380.441109][T21973] 8021q: adding VLAN 0 to HW filter on device team0
[ 1380.459447][T21975] siw: device registration error -23
[ 1380.495415][T21973] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1380.590511][T21723] veth1_vlan: entered promiscuous mode
[ 1380.702270][T21723] veth0_macvtap: entered promiscuous mode
[ 1380.721552][T21723] veth1_macvtap: entered promiscuous mode
[ 1380.764685][T21723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1380.778215][T21723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1380.816573][T21723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1380.845836][T21723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1380.878305][T21723] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1380.955384][T21723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1381.000131][T21723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1381.026730][T21723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1381.057068][T21723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1381.082459][T21723] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1381.122942][T21723] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1381.152227][T21723] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1381.162352][T21723] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1381.194806][T21723] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1381.662713][T18382] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1381.727776][T18382] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1382.121507][T21991] block device autoloading is deprecated and will be removed.
[ 1382.131021][T21993] block device autoloading is deprecated and will be removed.
[ 1382.136984][ T6607] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1382.190643][ T6607] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1383.480063][T22009] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5027'.
[ 1386.074348][T22027] siw: device registration error -23
[ 1388.258242][T22070] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1388.293401][T22070] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1388.306182][T22070] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1388.341102][T22070] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1388.935944][T22064] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1390.185703][T22078] siw: device registration error -23
[ 1394.123987][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[ 1394.130636][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[ 1396.141248][ T4482] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1396.229118][T22180] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5070'.
[ 1396.387825][T22180] 9pnet_virtio: no channels available for device syz
[ 1396.437246][ T4482] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1396.585910][ T4482] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1396.779797][ T4482] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1397.365302][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1397.903321][T19946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1397.915380][T19946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1397.926597][T19946] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1397.942262][T19946] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1397.953757][T19946] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1397.962973][T19946] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1398.381850][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1398.412732][T19946] Bluetooth: hci0: unexpected event for opcode 0x2024
[ 1400.423071][T19946] Bluetooth: hci3: command tx timeout
[ 1400.834521][T22253] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input13
[ 1400.932534][ T4482] hsr_slave_0: left promiscuous mode
[ 1400.994457][ T4482] hsr_slave_1: left promiscuous mode
[ 1401.045369][ T4482] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1401.075245][ T4482] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1401.134841][ T4482] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1401.171822][ T4482] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1401.234389][ T4482] veth1_macvtap: left promiscuous mode
[ 1401.250394][ T4482] veth0_macvtap: left promiscuous mode
[ 1401.276546][ T4482] veth1_vlan: left promiscuous mode
[ 1401.286199][ T4482] veth0_vlan: left promiscuous mode
[ 1402.459944][T19946] Bluetooth: hci3: command tx timeout
[ 1402.927088][T22280] Invalid ELF header magic: != ELF
[ 1404.298325][ T4482] team0 (unregistering): Port device team_slave_1 removed
[ 1404.412860][T19946] Bluetooth: hci3: command tx timeout
[ 1404.642003][ T4482] team0 (unregistering): Port device team_slave_0 removed
[ 1404.765624][ T4482] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1405.145330][ T4482] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1406.105170][ T4482] bond0 (unregistering): (slave team0): Releasing backup interface
[ 1406.400958][T19946] Bluetooth: hci3: command tx timeout
[ 1406.412199][ T4482] bond0 (unregistering): Released all slaves
[ 1406.479466][T22204] chnl_net:caif_netlink_parms(): no params data found
[ 1406.748303][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1406.810154][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1407.028966][T22204] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1407.059805][T22204] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1407.078030][T22204] bridge_slave_0: entered allmulticast mode
[ 1407.120877][T22204] bridge_slave_0: entered promiscuous mode
[ 1407.150695][T22204] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1407.174607][T22204] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1407.191620][T22204] bridge_slave_1: entered allmulticast mode
[ 1407.223515][T22204] bridge_slave_1: entered promiscuous mode
[ 1407.352395][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1408.227362][T22204] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1408.301270][T22204] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1408.526856][T22204] team0: Port device team_slave_0 added
[ 1408.592455][T22204] team0: Port device team_slave_1 added
[ 1408.693807][T22204] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1408.712739][T22204] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1408.782943][T22204] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1408.803607][T22204] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1408.810815][T22204] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1409.632557][T22204] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1410.132250][T22204] hsr_slave_0: entered promiscuous mode
[ 1410.197486][T22204] hsr_slave_1: entered promiscuous mode
[ 1410.204706][T22204] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1410.224792][T22204] Cannot create hsr debugfs directory
[ 1411.915109][T22410] fuse: Bad value for 'fd'
[ 1412.239704][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1413.645538][ T5774] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[ 1413.858405][ T5774] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1413.878041][ T5774] usb 10-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config
[ 1413.892872][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1413.898759][ T5774] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1413.930648][ T5774] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[ 1413.969464][ T5774] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8240, setting to 1024
[ 1413.995200][ T5774] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1414.024777][ T5774] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1414.861280][ T5774] usb 10-1: Product: syz
[ 1414.865760][ T5774] usb 10-1: Manufacturer: syz
[ 1414.905435][ T5774] cdc_wdm 10-1:1.0: skipping garbage
[ 1414.914828][ T5774] cdc_wdm 10-1:1.0: skipping garbage
[ 1416.017085][ T5774] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[ 1416.023187][ T5774] cdc_wdm 10-1:1.0: Unknown control protocol
[ 1416.028463][T22447] loop3: detected capacity change from 0 to 512
[ 1416.037231][T22447] EXT4-fs: Ignoring removed orlov option
[ 1416.044362][T22447] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1416.057668][   T27] usb 10-1: USB disconnect, device number 3
[ 1416.076838][T22447] EXT4-fs (loop3): 1 orphan inode deleted
[ 1416.093921][T22447] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1416.109100][T22447] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1416.145754][ T4482] __quota_error: 48 callbacks suppressed
[ 1416.145771][ T4482] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1416.146293][T22446] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.5130: iget: bad i_size value: 360287970189639690
[ 1416.179303][ T4482] EXT4-fs error (device loop3): ext4_release_dquot:6976: comm kworker/u4:7: Failed to release dquot type 1
[ 1416.528435][T22204] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1416.567555][T22204] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1416.622072][T22204] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1416.648533][T22204] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1416.748298][T21723] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1417.010269][T22204] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1417.589747][T22204] 8021q: adding VLAN 0 to HW filter on device team0
[ 1417.629393][T18382] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1417.636688][T18382] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1417.716940][ T6607] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1417.724233][ T6607] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1417.895300][T15462] hid-generic 0000:0004:0000.0009: unknown main item tag 0x0
[ 1417.913880][T15462] hid-generic 0000:0004:0000.0009: unknown main item tag 0x0
[ 1417.930770][T15462] hid-generic 0000:0004:0000.0009: unknown main item tag 0x0
[ 1417.951863][T15462] hid-generic 0000:0004:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1418.436985][T22204] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1418.619594][T22204] veth0_vlan: entered promiscuous mode
[ 1418.652054][T22204] veth1_vlan: entered promiscuous mode
[ 1418.775397][T22204] veth0_macvtap: entered promiscuous mode
[ 1418.802235][T22204] veth1_macvtap: entered promiscuous mode
[ 1419.107404][T22507] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1419.226797][T22204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1419.258427][T22204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1419.320161][T22204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1419.334350][T22204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1419.387831][T22204] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1419.567573][T22507] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1419.737977][T22204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1419.788950][T22204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1419.822833][T22204] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1419.854185][T22204] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1419.884923][T22204] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1419.924205][T22204] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1420.111784][T22204] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1420.131524][T22204] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1420.154588][T22204] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1420.604350][T22529] loop5: detected capacity change from 0 to 512
[ 1420.622925][T22529] EXT4-fs: Ignoring removed orlov option
[ 1420.798938][T22529] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1420.983542][T22529] EXT4-fs (loop5): 1 orphan inode deleted
[ 1420.991023][T22529] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1421.006477][T22529] ext4 filesystem being mounted at /394/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1421.048919][T22529] EXT4-fs error (device loop5): ext4_lookup:1858: inode #15: comm syz.5.5143: iget: bad i_size value: 360287970189639690
[ 1421.055613][   T48] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1421.101747][   T48] EXT4-fs error (device loop5): ext4_release_dquot:6976: comm kworker/u4:3: Failed to release dquot type 1
[ 1421.137825][ T5774] hid-generic 0000:0004:0000.000A: unknown main item tag 0x0
[ 1421.146621][ T5774] hid-generic 0000:0004:0000.000A: unknown main item tag 0x0
[ 1421.154714][ T5774] hid-generic 0000:0004:0000.000A: unknown main item tag 0x0
[ 1421.166668][ T5774] hid-generic 0000:0004:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1421.189975][T22507] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1421.413215][T22507] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1421.552914][T18382] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1421.583582][T18382] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1421.661202][ T6607] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1421.687496][ T6607] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1421.837972][T22507] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1421.891612][T22507] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1421.953037][T22507] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1422.048366][T22507] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1424.468813][T22573] ieee802154 phy0 wpan0: encryption failed: -22
[ 1426.150395][   T27] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[ 1426.178417][   T27] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[ 1426.197653][   T27] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[ 1426.239452][   T27] hid-generic 0000:0004:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1426.654402][T22614] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5157'.
[ 1428.420267][T17204] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1429.119035][T22654] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5162'.
[ 1431.517525][ T5774] hid-generic 0000:0004:0000.000C: unknown main item tag 0x0
[ 1431.633388][ T5774] hid-generic 0000:0004:0000.000C: unknown main item tag 0x0
[ 1431.755914][ T5774] hid-generic 0000:0004:0000.000C: unknown main item tag 0x0
[ 1432.015456][ T5774] hid-generic 0000:0004:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1432.048483][T22682] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5167'.
[ 1433.065770][   T55] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1434.057817][   T55] usb 4-1: Using ep0 maxpacket: 8
[ 1434.072699][   T55] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[ 1434.082718][   T55] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1434.093299][   T55] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1434.103769][   T55] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1434.129317][   T55] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1434.148887][   T55] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1434.158686][   T55] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1434.926827][   T55] usb 4-1: GET_CAPABILITIES returned 0
[ 1434.933176][   T55] usbtmc 4-1:16.0: can't read capabilities
[ 1436.017548][T22736] block device autoloading is deprecated and will be removed.
[ 1436.068946][T22736] syz.5.5174: attempt to access beyond end of device
[ 1436.068946][T22736] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1436.108045][T22739] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1436.125214][T22739] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1436.272478][   T55] hid-generic 0000:0004:0000.000D: unknown main item tag 0x0
[ 1436.290805][   T55] hid-generic 0000:0004:0000.000D: unknown main item tag 0x0
[ 1436.307916][   T55] hid-generic 0000:0004:0000.000D: unknown main item tag 0x0
[ 1436.327896][   T55] hid-generic 0000:0004:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 1436.616536][T22748] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5177'.
[ 1437.035182][T22752] netlink: 'syz.9.5178': attribute type 10 has an invalid length.
[ 1437.188811][T20721] usb 4-1: USB disconnect, device number 14
[ 1437.210255][T19946] Bluetooth: hci0: unexpected event for opcode 0x2024
[ 1440.914944][T22796] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5187'.
[ 1441.263407][T20091] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 1441.497261][T20091] usb 4-1: Using ep0 maxpacket: 16
[ 1441.558234][T20091] usb 4-1: config 33 has 0 interfaces, different from the descriptor's value: 9
[ 1441.630652][T20091] usb 4-1: New USB device found, idVendor=1fd2, idProduct=6006, bcdDevice= 0.00
[ 1441.665429][T20091] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1441.727983][T22811] siw: device registration error -23
[ 1442.634348][   T55] usb 4-1: USB disconnect, device number 15
[ 1446.083230][T22845] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5196'.
[ 1446.503634][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1446.604994][T22855] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5199'.
[ 1446.877722][T22860] siw: device registration error -23
[ 1448.593143][T16912] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1448.624781][T16912] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1448.634112][T16912] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1448.645695][T16912] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1448.655753][T16912] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1448.670718][T16912] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1450.152972][T22889] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5206'.
[ 1450.168264][   T48] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1450.685626][T19946] Bluetooth: hci4: command tx timeout
[ 1451.315178][   T48] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1452.373840][   T48] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1452.642245][T19946] Bluetooth: hci4: command tx timeout
[ 1452.649109][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[ 1452.660482][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[ 1452.736576][T22900] siw: device registration error -23
[ 1452.866247][   T48] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1454.029135][T22871] chnl_net:caif_netlink_parms(): no params data found
[ 1454.623213][T19946] Bluetooth: hci4: command tx timeout
[ 1455.025824][T22871] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1455.040343][T22871] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1455.061018][T22871] bridge_slave_0: entered allmulticast mode
[ 1455.084778][T22871] bridge_slave_0: entered promiscuous mode
[ 1455.107714][T22871] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1455.128577][T22871] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1455.148285][T22871] bridge_slave_1: entered allmulticast mode
[ 1455.172818][T22871] bridge_slave_1: entered promiscuous mode
[ 1455.554877][T22871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1455.589055][T22871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1456.014877][T22871] team0: Port device team_slave_0 added
[ 1456.149602][T22871] team0: Port device team_slave_1 added
[ 1456.344097][T22871] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1456.366289][T22871] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1456.432961][T22871] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1456.505115][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1456.576588][T22871] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1456.583612][T22871] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1456.609516][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1456.614069][T19946] Bluetooth: hci4: command tx timeout
[ 1456.793725][T22871] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1457.961205][T22871] hsr_slave_0: entered promiscuous mode
[ 1457.973466][T22871] hsr_slave_1: entered promiscuous mode
[ 1458.040863][T22871] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1458.049272][T22871] Cannot create hsr debugfs directory
[ 1458.166851][   T48] hsr_slave_0: left promiscuous mode
[ 1458.180309][T22970] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5216'.
[ 1458.269046][   T48] hsr_slave_1: left promiscuous mode
[ 1458.420248][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1458.430053][   T48] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1458.439982][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1458.447599][   T48] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1458.458188][   T48] bridge_slave_1: left allmulticast mode
[ 1458.468057][   T48] bridge_slave_1: left promiscuous mode
[ 1458.475208][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1458.486533][   T48] bridge_slave_0: left allmulticast mode
[ 1458.493268][   T48] bridge_slave_0: left promiscuous mode
[ 1458.499371][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1458.552691][   T48] veth1_macvtap: left promiscuous mode
[ 1458.560013][   T48] veth0_macvtap: left promiscuous mode
[ 1458.570066][   T48] veth1_vlan: left promiscuous mode
[ 1458.577000][   T48] veth0_vlan: left promiscuous mode
[ 1459.139863][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1459.775321][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1461.944992][   T48] team0 (unregistering): Port device team_slave_1 removed
[ 1462.029820][   T48] team0 (unregistering): Port device team_slave_0 removed
[ 1462.114738][   T48] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1462.200001][   T48] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1463.142292][   T48] bond0 (unregistering): Released all slaves
[ 1463.530752][T22982] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1463.559796][T22982] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1463.571893][T22982] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1463.600105][T22982] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1464.260760][T22979] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1464.655047][T22990] netlink: 'syz.9.5219': attribute type 10 has an invalid length.
[ 1466.491219][T22871] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1466.509868][T22871] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1466.549553][T22871] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1466.564012][T22871] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1467.529080][T22871] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1469.046466][T23038] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5225'.
[ 1469.236824][T22871] 8021q: adding VLAN 0 to HW filter on device team0
[ 1469.306832][  T981] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1469.314080][  T981] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1469.382116][  T981] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1469.389418][  T981] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1470.252089][T23046] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1470.265466][T23046] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1470.276990][T23046] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1470.289231][T23046] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1470.335334][T23045] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1471.907577][T22871] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1472.846862][T23081] netlink: set zone limit has 4 unknown bytes
[ 1473.963396][T23091] ubi: mtd0 is already attached to ubi31
[ 1475.721223][T22871] veth0_vlan: entered promiscuous mode
[ 1475.795053][T22871] veth1_vlan: entered promiscuous mode
[ 1475.926675][T22871] veth0_macvtap: entered promiscuous mode
[ 1476.010376][T23116] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1476.046514][T23116] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1476.061441][T23116] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1476.087266][T22871] veth1_macvtap: entered promiscuous mode
[ 1476.110069][T23116] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1476.746454][T23114] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1476.788052][T22871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1476.858279][T22871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1476.869064][T22871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1476.879980][T22871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1476.892139][T22871] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1476.949664][T22871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1476.971165][T22871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1476.981615][T22871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1476.992568][T22871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1477.013665][T22871] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1477.037161][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1477.049513][T22871] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1477.059523][T22871] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1477.069092][T22871] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1477.080799][T22871] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1477.305480][T17265] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1477.323306][T17265] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1477.431146][ T4482] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1477.560323][ T4482] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1478.603002][T23145] 9pnet_fd: Insufficient options for proto=fd
[ 1478.634940][T23146] loop4: detected capacity change from 0 to 512
[ 1478.646279][T23146] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1478.822967][T23146] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.5201: bg 0: block 248: padding at end of block bitmap is not set
[ 1478.840828][T23146] Quota error (device loop4): write_blk: dquota write failed
[ 1478.849081][T23146] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[ 1478.860580][T23146] EXT4-fs error (device loop4): ext4_acquire_dquot:6940: comm syz.4.5201: Failed to acquire dquot type 1
[ 1478.882095][T23146] EXT4-fs (loop4): 1 truncate cleaned up
[ 1478.894723][T23146] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1478.908294][T23146] ext4 filesystem being mounted at /0/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1481.317368][T22871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1484.451638][T12443] kernel read not supported for file /snd/controlC0 (pid: 12443 comm: kworker/0:6)
[ 1485.870058][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1486.670704][T23213] loop3: detected capacity change from 0 to 512
[ 1486.689152][T23213] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1486.756346][T23213] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.5253: bg 0: block 248: padding at end of block bitmap is not set
[ 1486.771845][T23213] Quota error (device loop3): write_blk: dquota write failed
[ 1486.779567][T23213] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[ 1486.790639][T23213] EXT4-fs error (device loop3): ext4_acquire_dquot:6940: comm syz.3.5253: Failed to acquire dquot type 1
[ 1486.805426][T23213] EXT4-fs (loop3): 1 truncate cleaned up
[ 1486.812613][T23213] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1486.825375][T23213] ext4 filesystem being mounted at /62/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1487.102459][   T28] audit: type=1326 audit(1756495739.234:6779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23202 comm="syz.9.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f135278ebe9 code=0x7ffc0000
[ 1487.201357][   T28] audit: type=1326 audit(1756495739.339:6780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23202 comm="syz.9.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f135278ebe9 code=0x7ffc0000
[ 1487.223932][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1488.068869][T21723] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1488.159104][T23225] pim6reg: entered allmulticast mode
[ 1488.164872][   T28] audit: type=1326 audit(1756495740.336:6781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23202 comm="syz.9.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f135278ebe9 code=0x7ffc0000
[ 1488.187345][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1488.245723][T23235] netlink: set zone limit has 4 unknown bytes
[ 1488.473728][   T28] audit: type=1326 audit(1756495740.336:6782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23202 comm="syz.9.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f135278ebe9 code=0x7ffc0000
[ 1489.044608][T23240] ubi: mtd0 is already attached to ubi31
[ 1489.461928][   T28] audit: type=1326 audit(1756495740.336:6783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23202 comm="syz.9.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f135278ebe9 code=0x7ffc0000
[ 1489.573039][   T28] audit: type=1326 audit(1756495740.336:6784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23202 comm="syz.9.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f135278ebe9 code=0x7ffc0000
[ 1489.634874][   T28] audit: type=1326 audit(1756495741.554:6785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23202 comm="syz.9.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f135278ebe9 code=0x7ffc0000
[ 1489.715273][   T28] audit: type=1326 audit(1756495741.554:6786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23202 comm="syz.9.5251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f135278ebe9 code=0x7ffc0000
[ 1493.551254][T23266] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5262'.
[ 1496.356603][T23292] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 1496.390059][T23292] tipc: Started in network mode
[ 1496.395108][T23292] tipc: Node identity 76345a0f8d27, cluster identity 4711
[ 1496.412969][T23292] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1496.516427][T23289] tipc: Resetting bearer <eth:syzkaller0>
[ 1496.563195][T16912] Bluetooth: hci4: link tx timeout
[ 1496.571955][T16912] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1496.643230][T19946] Bluetooth: hci4: link tx timeout
[ 1496.648750][T19946] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1497.488754][   T55] tipc: Node number set to 4212349455
[ 1498.593769][T19946] Bluetooth: hci4: command 0x0406 tx timeout
[ 1499.343282][T23289] tipc: Disabling bearer <eth:syzkaller0>
[ 1499.658152][T16912] Bluetooth: hci1: unexpected event for opcode 0x2024
[ 1502.626251][T23347] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 1502.696003][T23350] overlayfs: overlapping lowerdir path
[ 1502.778007][T23351] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1503.577961][T23347] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1503.756996][T23346] tipc: Resetting bearer <eth:syzkaller0>
[ 1503.939829][T23346] tipc: Disabling bearer <eth:syzkaller0>
[ 1504.259187][T23373] bridge1: entered promiscuous mode
[ 1504.290371][T23373] bridge1: entered allmulticast mode
[ 1504.504678][T19946] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1504.530757][T19946] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1504.547894][T19946] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1504.560461][T19946] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1504.568390][T19946] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1504.576203][T19946] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1505.497766][T21534] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1505.714215][T21534] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1506.545985][T19946] Bluetooth: hci0: command tx timeout
[ 1506.566012][T21534] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1506.650948][T21534] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1506.761861][T23400] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1506.863833][T23388] tipc: Resetting bearer <eth:syzkaller0>
[ 1507.298495][T23388] tipc: Disabling bearer <eth:syzkaller0>
[ 1507.932303][T16912] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1507.945450][T16912] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1507.958383][T16912] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1507.973460][T16912] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1507.999393][T16912] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1508.012328][T16912] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1508.280803][T21534] tipc: Left network mode
[ 1508.307450][T23377] chnl_net:caif_netlink_parms(): no params data found
[ 1508.512606][T19946] Bluetooth: hci0: command tx timeout
[ 1509.324691][T23377] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1509.340406][T23377] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1509.347742][T23377] bridge_slave_0: entered allmulticast mode
[ 1509.383075][T23377] bridge_slave_0: entered promiscuous mode
[ 1509.480601][T23377] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1509.515654][T23377] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1509.538357][T23377] bridge_slave_1: entered allmulticast mode
[ 1509.546476][T23377] bridge_slave_1: entered promiscuous mode
[ 1509.740979][T23377] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1509.885130][T23377] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1509.906173][T16912] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1509.919738][T16912] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1509.930026][T16912] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1509.944832][T16912] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1509.954350][T16912] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1509.966372][T16912] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1510.025996][T16912] Bluetooth: hci2: command tx timeout
[ 1510.506313][T19946] Bluetooth: hci0: command tx timeout
[ 1510.847492][T23377] team0: Port device team_slave_0 added
[ 1510.956830][T23377] team0: Port device team_slave_1 added
[ 1511.073608][T23377] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1511.081026][T23377] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1511.113815][T23377] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1511.131161][T23418] chnl_net:caif_netlink_parms(): no params data found
[ 1511.315334][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[ 1511.321828][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[ 1511.333666][T23377] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1511.341373][T23377] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1511.369827][T23377] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1511.479596][T23377] hsr_slave_0: entered promiscuous mode
[ 1511.487130][T23377] hsr_slave_1: entered promiscuous mode
[ 1511.495332][T23377] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1511.506120][T23377] Cannot create hsr debugfs directory
[ 1511.661503][T21534] hsr_slave_0: left promiscuous mode
[ 1511.676215][T21534] hsr_slave_1: left promiscuous mode
[ 1511.703056][T21534] veth1_macvtap: left promiscuous mode
[ 1511.708997][T21534] veth0_macvtap: left allmulticast mode
[ 1511.715573][T21534] veth0_macvtap: left promiscuous mode
[ 1511.721801][T21534] veth1_vlan: left promiscuous mode
[ 1511.728173][T21534] veth0_vlan: left promiscuous mode
[ 1512.006502][T19946] Bluetooth: hci2: command tx timeout
[ 1512.013566][T19946] Bluetooth: hci1: command tx timeout
[ 1512.464925][T22207] Bluetooth: hci0: command tx timeout
[ 1513.976353][T21534] bond0 (unregistering): Released all slaves
[ 1513.988691][T19946] Bluetooth: hci2: command tx timeout
[ 1513.994522][T22207] Bluetooth: hci1: command tx timeout
[ 1514.098070][T23491] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1514.221714][T23418] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1514.233479][T23418] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1514.241723][T23418] bridge_slave_0: entered allmulticast mode
[ 1514.257527][T23418] bridge_slave_0: entered promiscuous mode
[ 1514.268254][T23418] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1514.276008][T23418] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1514.283722][T23418] bridge_slave_1: entered allmulticast mode
[ 1514.291320][T23418] bridge_slave_1: entered promiscuous mode
[ 1514.560943][T23418] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1514.640914][T23418] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1514.880903][T23418] team0: Port device team_slave_0 added
[ 1514.894339][T23418] team0: Port device team_slave_1 added
[ 1514.909892][T23455] chnl_net:caif_netlink_parms(): no params data found
[ 1515.153918][T23418] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1515.164929][T23418] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1515.220824][T23418] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1515.263099][T23418] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1515.270805][T23418] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1515.298147][T23418] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1515.647397][T23455] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1515.675000][T23455] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1515.682607][T23455] bridge_slave_0: entered allmulticast mode
[ 1515.722517][T23455] bridge_slave_0: entered promiscuous mode
[ 1515.863341][T23418] hsr_slave_0: entered promiscuous mode
[ 1515.871265][T23418] hsr_slave_1: entered promiscuous mode
[ 1515.885553][T23418] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1515.901999][T23418] Cannot create hsr debugfs directory
[ 1515.907906][T23455] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1515.931310][T23455] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1515.938741][T23455] bridge_slave_1: entered allmulticast mode
[ 1515.960618][T23455] bridge_slave_1: entered promiscuous mode
[ 1515.975743][T19946] Bluetooth: hci2: command tx timeout
[ 1515.981390][T22207] Bluetooth: hci1: command tx timeout
[ 1516.119884][T21534] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1516.169565][T19946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1516.183469][T19946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1516.194332][T19946] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1516.236454][T19946] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1516.247071][T19946] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1516.254872][T19946] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1516.281069][T23455] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1516.395658][T21534] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1516.417020][T23455] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1516.526563][T23455] team0: Port device team_slave_0 added
[ 1516.566643][T21534] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1516.635316][T23455] team0: Port device team_slave_1 added
[ 1516.688198][T21534] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1516.879826][T23455] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1516.889211][T23455] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1516.917035][T23455] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1516.976349][T23377] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1516.996431][T23455] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1517.003824][T23455] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1517.031324][T23455] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1517.080206][T23377] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1517.101239][T23377] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1517.220236][T23377] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1517.406001][T23455] hsr_slave_0: entered promiscuous mode
[ 1517.413244][T23455] hsr_slave_1: entered promiscuous mode
[ 1517.424953][T23455] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1517.444856][T23455] Cannot create hsr debugfs directory
[ 1517.588738][T21534] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1517.739254][T21534] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1517.806246][T21534] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1517.906684][T21534] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1517.959673][T22207] Bluetooth: hci1: command tx timeout
[ 1518.153659][T23545] chnl_net:caif_netlink_parms(): no params data found
[ 1518.257452][T22207] Bluetooth: hci3: command tx timeout
[ 1518.296796][T23418] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1518.309476][T23418] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1518.401973][T23418] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1518.441445][T23418] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1518.593000][T23545] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1518.619123][T23545] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1518.626884][T23545] bridge_slave_0: entered allmulticast mode
[ 1518.634484][T23545] bridge_slave_0: entered promiscuous mode
[ 1518.699681][T21534] tipc: Left network mode
[ 1518.739226][T23545] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1518.748753][T23545] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1518.756615][T23545] bridge_slave_1: entered allmulticast mode
[ 1518.773126][T23545] bridge_slave_1: entered promiscuous mode
[ 1518.873627][T23377] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1519.066946][T23545] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1519.089750][T23545] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1519.301978][T23377] 8021q: adding VLAN 0 to HW filter on device team0
[ 1519.461134][T23545] team0: Port device team_slave_0 added
[ 1519.485613][T23545] team0: Port device team_slave_1 added
[ 1519.632383][T23545] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1519.640058][T23545] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1519.667430][T23545] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1519.709301][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1519.716558][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1519.786258][T23545] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1519.793460][T23545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1519.819703][T23545] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1519.865541][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1519.872736][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1519.916955][T23545] hsr_slave_0: entered promiscuous mode
[ 1519.924361][T23545] hsr_slave_1: entered promiscuous mode
[ 1519.931015][T23545] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1519.941915][T23545] Cannot create hsr debugfs directory
[ 1520.034275][T23455] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1520.044610][T23455] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1520.139138][T23455] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1520.182448][T23455] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1520.202747][T23418] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1520.238885][T22207] Bluetooth: hci3: command tx timeout
[ 1520.422217][T23418] 8021q: adding VLAN 0 to HW filter on device team0
[ 1520.512552][ T6607] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1520.519744][ T6607] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1520.588519][ T6607] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1520.595679][ T6607] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1521.032015][T23455] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1521.168056][T23455] 8021q: adding VLAN 0 to HW filter on device team0
[ 1521.240336][T21534] hsr_slave_0: left promiscuous mode
[ 1521.257169][T21534] hsr_slave_1: left promiscuous mode
[ 1521.271844][T21534] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1521.280256][T21534] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1521.294902][T21534] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1521.302546][T21534] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1521.324224][T21534] bridge_slave_1: left allmulticast mode
[ 1521.330057][T21534] bridge_slave_1: left promiscuous mode
[ 1521.336985][T21534] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1521.347445][T21534] bridge_slave_0: left allmulticast mode
[ 1521.354002][T21534] bridge_slave_0: left promiscuous mode
[ 1521.360115][T21534] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1521.378231][T21534] hsr_slave_0: left promiscuous mode
[ 1521.387014][T21534] hsr_slave_1: left promiscuous mode
[ 1521.394042][T21534] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1521.402105][T21534] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1521.411804][T21534] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1521.420753][T21534] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1521.430323][T21534] bridge_slave_1: left allmulticast mode
[ 1521.436450][T21534] bridge_slave_1: left promiscuous mode
[ 1521.442333][T21534] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1521.451219][T21534] bridge_slave_0: left allmulticast mode
[ 1521.457275][T21534] bridge_slave_0: left promiscuous mode
[ 1521.463002][T21534] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1521.526316][T21534] veth1_macvtap: left promiscuous mode
[ 1521.533473][T21534] veth0_macvtap: left promiscuous mode
[ 1521.539183][T21534] veth1_vlan: left promiscuous mode
[ 1521.546131][T21534] veth0_vlan: left promiscuous mode
[ 1521.554008][T21534] veth1_macvtap: left promiscuous mode
[ 1521.559569][T21534] veth0_macvtap: left promiscuous mode
[ 1521.565308][T21534] veth1_vlan: left promiscuous mode
[ 1521.570884][T21534] veth0_vlan: left promiscuous mode
[ 1522.232384][T22207] Bluetooth: hci3: command tx timeout
[ 1522.612996][T21534] team0 (unregistering): Port device team_slave_1 removed
[ 1522.692118][T21534] team0 (unregistering): Port device team_slave_0 removed
[ 1522.772757][T21534] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1522.856784][T21534] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1523.778298][T21534] bond0 (unregistering): Released all slaves
[ 1523.932503][T21534] pim6reg (unregistering): left allmulticast mode
[ 1524.208933][T22207] Bluetooth: hci3: command tx timeout
[ 1524.713728][T21534] team0 (unregistering): Port device team_slave_1 removed
[ 1524.801395][T21534] team0 (unregistering): Port device team_slave_0 removed
[ 1524.877354][T21534] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1524.954459][T21534] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1525.611727][T21534] bond0 (unregistering): (slave team0): Releasing backup interface
[ 1525.620062][    T9] infiniband syz1: ib_query_port failed (-19)
[ 1525.921903][T21534] bond0 (unregistering): Released all slaves
[ 1526.136855][T18382] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1526.144237][T18382] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1526.182876][T23377] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1526.400720][T18382] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1526.407945][T18382] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1526.498015][T23545] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1526.545807][T23545] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1526.566311][T23545] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1526.640135][T23545] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1526.669169][T23377] veth0_vlan: entered promiscuous mode
[ 1526.684267][T23377] veth1_vlan: entered promiscuous mode
[ 1526.878214][T23418] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1527.052578][T23377] veth0_macvtap: entered promiscuous mode
[ 1527.129377][T23377] veth1_macvtap: entered promiscuous mode
[ 1527.222671][T23377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1527.237888][T23377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1527.250862][T23377] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1527.271002][T23545] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1527.315854][T23377] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1527.339211][T23377] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1527.355937][T23377] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1527.384430][T23545] 8021q: adding VLAN 0 to HW filter on device team0
[ 1527.405714][T23377] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1527.429523][T23377] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1527.441322][T23377] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1527.450426][T23377] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1527.518178][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1527.525453][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1527.561997][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1527.569259][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1527.626894][T23455] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1527.747246][T21534] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1527.755878][T21534] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1527.814345][T23418] veth0_vlan: entered promiscuous mode
[ 1527.822944][T17265] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1527.866363][T17265] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1527.902972][T23418] veth1_vlan: entered promiscuous mode
[ 1527.939643][T23455] veth0_vlan: entered promiscuous mode
[ 1527.966422][T23455] veth1_vlan: entered promiscuous mode
[ 1528.099912][T23455] veth0_macvtap: entered promiscuous mode
[ 1528.145274][T23455] veth1_macvtap: entered promiscuous mode
[ 1528.163025][T23418] veth0_macvtap: entered promiscuous mode
[ 1528.185830][T23418] veth1_macvtap: entered promiscuous mode
[ 1528.229128][T23455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1528.254659][T23455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1528.271528][T23455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1528.283538][T23455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1528.303271][T23455] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1528.336182][T23455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1528.350228][T23455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1528.364314][T23455] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1528.375140][T23455] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1528.388789][T23455] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1528.400492][T23545] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1528.415837][T23455] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1528.426929][T23455] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1528.447598][T23455] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1528.475691][T23455] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1528.555335][T23418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1528.575312][T23418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1528.588732][T23418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1528.608318][T23418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1528.620858][T23418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1528.632337][T23418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1528.655482][T23418] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1528.821095][T23418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1528.864794][T23418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1528.921688][T23418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1528.949243][T23418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1528.962353][T23418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1528.977965][T23418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1528.998729][T23418] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1529.091681][T23418] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1529.131775][T23418] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1529.171357][T23418] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1529.185572][T23418] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1529.417827][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1529.432682][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1529.553577][T17265] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1529.569048][T17265] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1529.621585][T18382] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1529.642302][T18382] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1529.708952][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1529.730697][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1529.865726][T23545] veth0_vlan: entered promiscuous mode
[ 1529.916991][T23545] veth1_vlan: entered promiscuous mode
[ 1530.140150][T23545] veth0_macvtap: entered promiscuous mode
[ 1530.434468][T23678] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5291'.
[ 1530.495224][T23674] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 1530.634391][T23545] veth1_macvtap: entered promiscuous mode
[ 1530.657245][T23674] tipc: Started in network mode
[ 1530.662282][T23674] tipc: Node identity 2a918032a35, cluster identity 4711
[ 1530.680751][T23674] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1530.712131][T23673] tipc: Disabling bearer <eth:syzkaller0>
[ 1530.841925][T23545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1530.862526][T23545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1530.879797][T23545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1530.891971][T23545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1530.909896][T23545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1530.921931][T23545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1530.932649][T23545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1530.944786][T23545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1530.966100][T23545] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1531.012963][T23545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1531.039004][T23545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1531.057772][T23545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1531.078432][T23545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1531.090156][T23545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1531.101040][T23545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1531.118146][T23545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1531.132566][T23545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1531.239336][T23545] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1531.526907][T23545] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1531.577575][T23545] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1531.619397][T23545] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1531.669633][T23545] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1532.262090][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1532.273950][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1532.302959][ T4482] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1532.311625][ T4482] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1532.343165][ T5774] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1532.529008][   T48] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1532.546674][ T5774] usb 7-1: Using ep0 maxpacket: 8
[ 1532.573067][ T5774] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1532.704826][ T5774] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1532.833634][ T5774] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1533.127303][ T5774] usb 7-1: config 0 descriptor??
[ 1533.430159][   T48] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1533.432941][ T5774] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1533.650100][T23696] usb 7-1: USB disconnect, device number 2
[ 1533.664484][   T48] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1533.883098][   T48] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1534.430307][T19946] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1534.508162][T19946] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1534.553687][T19946] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1534.776342][T19946] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1534.809366][T19946] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1534.821977][T19946] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1534.897499][T23720] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5319'.
[ 1535.185443][T23714] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1535.345274][T23713] tipc: Resetting bearer <eth:syzkaller0>
[ 1535.394602][T23713] tipc: Disabling bearer <eth:syzkaller0>
[ 1537.101483][T19946] Bluetooth: hci0: command tx timeout
[ 1537.836895][T23712] chnl_net:caif_netlink_parms(): no params data found
[ 1538.400097][   T48] hsr_slave_0: left promiscuous mode
[ 1538.432016][   T48] hsr_slave_1: left promiscuous mode
[ 1538.530780][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1538.563916][   T48] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1538.629779][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1538.637400][   T48] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1538.773176][   T48] bridge_slave_1: left allmulticast mode
[ 1538.778911][   T48] bridge_slave_1: left promiscuous mode
[ 1538.799711][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1538.830928][   T48] bridge_slave_0: left allmulticast mode
[ 1538.836780][   T48] bridge_slave_0: left promiscuous mode
[ 1538.854095][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1538.990703][   T48] veth1_macvtap: left promiscuous mode
[ 1539.004701][   T48] veth0_macvtap: left promiscuous mode
[ 1539.020846][   T48] veth1_vlan: left promiscuous mode
[ 1539.026417][   T48] veth0_vlan: left promiscuous mode
[ 1539.058715][T19946] Bluetooth: hci0: command tx timeout
[ 1539.917790][T23772] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1539.970915][T23772] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1539.982408][T23772] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1539.996981][T23772] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1540.008993][T23771] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1540.968370][T22207] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[ 1540.978259][T22207] Bluetooth: hci1: Injecting HCI hardware error event
[ 1540.991647][T19946] Bluetooth: hci1: hardware error 0x00
[ 1541.059268][T22207] Bluetooth: hci0: command tx timeout
[ 1541.698469][   T48] team0 (unregistering): Port device team_slave_1 removed
[ 1541.785958][   T48] team0 (unregistering): Port device team_slave_0 removed
[ 1541.867913][   T48] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1541.952611][   T48] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1542.048662][   T28] audit: type=1326 audit(1756495796.910:6787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23795 comm="syz.2.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95b338ebe9 code=0x7ffc0000
[ 1542.071946][   T28] audit: type=1326 audit(1756495796.910:6788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23795 comm="syz.2.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95b338ebe9 code=0x7ffc0000
[ 1542.096352][   T28] audit: type=1326 audit(1756495796.910:6789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23795 comm="syz.2.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f95b338ebe9 code=0x7ffc0000
[ 1542.138060][   T28] audit: type=1326 audit(1756495796.910:6790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23795 comm="syz.2.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95b338ebe9 code=0x7ffc0000
[ 1542.163208][   T28] audit: type=1326 audit(1756495797.004:6791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23795 comm="syz.2.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f95b338ebe9 code=0x7ffc0000
[ 1542.209584][   T28] audit: type=1326 audit(1756495797.004:6792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23795 comm="syz.2.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95b338ebe9 code=0x7ffc0000
[ 1542.239536][   T28] audit: type=1326 audit(1756495797.004:6793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23795 comm="syz.2.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95b338ebe9 code=0x7ffc0000
[ 1542.301377][   T28] audit: type=1326 audit(1756495797.004:6794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23795 comm="syz.2.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f95b338ebe9 code=0x7ffc0000
[ 1542.338565][   T28] audit: type=1326 audit(1756495797.004:6795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23795 comm="syz.2.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95b338ebe9 code=0x7ffc0000
[ 1542.375139][   T28] audit: type=1326 audit(1756495797.004:6796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23795 comm="syz.2.5336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95b338ebe9 code=0x7ffc0000
[ 1542.857005][T23798] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[ 1542.863612][T23798] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1542.875711][T23798] vhci_hcd vhci_hcd.0: Device attached
[ 1543.021152][T22207] Bluetooth: hci0: command tx timeout
[ 1543.027847][T19946] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1543.145309][T12443] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[ 1543.173677][T23799] vhci_hcd: connection reset by peer
[ 1543.199722][   T42] vhci_hcd: stop threads
[ 1543.216970][   T42] vhci_hcd: release socket
[ 1543.225360][   T42] vhci_hcd: disconnect device
[ 1543.794043][   T48] bond0 (unregistering): Released all slaves
[ 1544.014050][T23785] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1544.097869][T23712] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1544.126495][T23712] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1544.146649][T23712] bridge_slave_0: entered allmulticast mode
[ 1544.163371][T23712] bridge_slave_0: entered promiscuous mode
[ 1544.189049][T23712] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1544.212330][T23712] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1544.260212][T23712] bridge_slave_1: entered allmulticast mode
[ 1544.308773][T23712] bridge_slave_1: entered promiscuous mode
[ 1544.434610][T23712] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1544.533200][T23712] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1545.012355][T19946] Bluetooth: hci0: command tx timeout
[ 1545.446570][T23712] team0: Port device team_slave_0 added
[ 1545.502761][T23712] team0: Port device team_slave_1 added
[ 1545.659944][T23712] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1545.678096][T23712] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1545.705144][T23712] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1545.725406][T23712] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1545.776965][T23712] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1545.805328][T23712] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1546.213295][T23712] hsr_slave_0: entered promiscuous mode
[ 1546.295039][T23712] hsr_slave_1: entered promiscuous mode
[ 1546.766955][   T48] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1548.060433][T12443] vhci_hcd: vhci_device speed not set
[ 1551.212100][   T48] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1551.378150][   T48] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1551.590232][   T48] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1551.645921][T23842] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1552.224987][T23838] syzkaller0: MTU too low for tipc bearer
[ 1552.264583][T23838] tipc: Disabling bearer <eth:syzkaller0>
[ 1553.849887][T23712] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1553.868773][T23712] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1554.044657][T23712] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1554.946565][T23712] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1556.698993][   T48] hsr_slave_0: left promiscuous mode
[ 1556.732031][   T48] hsr_slave_1: left promiscuous mode
[ 1556.763629][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1556.808722][   T48] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1556.862296][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1556.908021][   T48] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1556.958328][   T48] bridge_slave_1: left allmulticast mode
[ 1556.981153][   T48] bridge_slave_1: left promiscuous mode
[ 1557.025774][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1557.157505][   T48] bridge_slave_0: left allmulticast mode
[ 1557.179817][   T48] bridge_slave_0: left promiscuous mode
[ 1557.213279][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1557.403179][   T48] veth1_macvtap: left promiscuous mode
[ 1557.413402][   T48] veth0_macvtap: left promiscuous mode
[ 1557.421261][   T48] veth1_vlan: left promiscuous mode
[ 1557.430974][   T48] veth0_vlan: left promiscuous mode
[ 1560.091725][T19946] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1560.104946][T19946] Bluetooth: hci2: Injecting HCI hardware error event
[ 1560.116265][T22207] Bluetooth: hci2: hardware error 0x00
[ 1560.613209][   T48] team0 (unregistering): Port device team_slave_1 removed
[ 1560.733910][   T48] team0 (unregistering): Port device team_slave_0 removed
[ 1560.830469][   T48] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1560.928336][   T48] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1562.158286][T22207] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1562.690581][   T48] bond0 (unregistering): Released all slaves
[ 1562.847749][T23893] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1562.948746][T23712] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1562.971130][T23712] 8021q: adding VLAN 0 to HW filter on device team0
[ 1563.029340][T17266] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1563.036641][T17266] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1563.061691][T17266] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1563.068912][T17266] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1565.749578][    T8] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1565.949801][    T8] usb 9-1: Using ep0 maxpacket: 16
[ 1565.960835][    T8] usb 9-1: config 33 has 0 interfaces, different from the descriptor's value: 9
[ 1565.997301][    T8] usb 9-1: New USB device found, idVendor=1fd2, idProduct=6006, bcdDevice= 0.00
[ 1566.012187][T23712] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1566.076057][    T8] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1566.472731][T17357] usb 9-1: USB disconnect, device number 2
[ 1567.850284][T23712] veth0_vlan: entered promiscuous mode
[ 1567.908196][T23712] veth1_vlan: entered promiscuous mode
[ 1568.048404][T23712] veth0_macvtap: entered promiscuous mode
[ 1568.062326][T23712] veth1_macvtap: entered promiscuous mode
[ 1568.326079][T23972] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5372'.
[ 1568.732016][T23712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1568.767337][T23712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1568.782414][T23712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1568.879099][T23712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1568.903190][T23712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1568.914264][T23712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1568.926287][T23712] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1568.944204][T23712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1568.954882][T23712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1568.965570][T23712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1568.976111][T23712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1568.987026][T23712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1568.997880][T23712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1569.014779][T23712] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1569.080656][T23712] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1569.114309][T23712] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1569.134941][T23712] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1569.145114][T23712] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1569.159164][T23978] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 1569.194681][T23980] bridge_slave_0: left allmulticast mode
[ 1569.201832][T23980] bridge_slave_0: left promiscuous mode
[ 1569.215589][T23980] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1569.239885][T23980] bridge_slave_1: left allmulticast mode
[ 1569.252454][T23980] bridge_slave_1: left promiscuous mode
[ 1569.259492][T23980] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1569.288961][T23980] bond0: (slave bond_slave_0): Releasing backup interface
[ 1569.320367][T23980] bond0: (slave bond_slave_1): Releasing backup interface
[ 1569.448912][T23980] team0: Port device team_slave_0 removed
[ 1569.489447][T23980] team0: Port device team_slave_1 removed
[ 1569.510295][T23980] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1569.527557][T23980] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1569.538783][T23980] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1569.552503][T23980] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1569.622020][T23979] tipc: Started in network mode
[ 1569.628371][T23979] tipc: Node identity 86e60b0c8512, cluster identity 4711
[ 1569.636799][T23979] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1569.809119][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[ 1569.818797][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[ 1570.115873][T23976] tipc: Disabling bearer <eth:syzkaller0>
[ 1570.398049][T23977] netlink: 'syz.2.5376': attribute type 10 has an invalid length.
[ 1570.451047][T23977] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1570.672640][ T9794] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1570.689389][ T9794] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1570.749483][ T9794] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1571.575409][ T9794] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1573.441167][T24012] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1574.820242][T24026] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 1575.847898][T22207] Bluetooth: hci3: unexpected cc 0x203c length: 9 > 1
[ 1575.970076][T23696] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[ 1576.170439][T23696] usb 3-1: Using ep0 maxpacket: 8
[ 1576.188037][T23696] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1576.205163][T23696] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1576.237149][T23696] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1576.280972][T23696] usb 3-1: config 0 descriptor??
[ 1576.495176][T23696] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1578.768018][T24062] siw: device registration error -23
[ 1578.788739][   T23] usb 3-1: USB disconnect, device number 10
[ 1579.770821][ T5848] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[ 1580.311787][ T9794] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1580.361827][ T5848] usb 3-1: Using ep0 maxpacket: 32
[ 1580.377409][ T5848] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1580.414947][ T5848] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1580.438823][ T5848] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1580.485353][ T5848] usb 3-1: Product: syz
[ 1580.489599][ T5848] usb 3-1: Manufacturer: syz
[ 1580.523965][ T5848] usb 3-1: SerialNumber: syz
[ 1580.541675][ T5848] usb 3-1: config 0 descriptor??
[ 1580.562209][ T9794] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1580.591058][T24071] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1580.636312][T24082] syz.6.5406[24082] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1580.636456][T24082] syz.6.5406[24082] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1580.730056][ T9794] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1580.890064][   T27] usb 3-1: USB disconnect, device number 11
[ 1580.986223][ T9794] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1581.299873][T19946] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1581.335446][T19946] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1581.355977][T19946] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1581.368612][T19946] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1581.409732][T19946] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1581.419208][T19946] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1581.513626][ T9794] tipc: Left network mode
[ 1582.308504][T24091] chnl_net:caif_netlink_parms(): no params data found
[ 1582.896381][T19946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1582.907628][T19946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1582.919554][T19946] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1582.927943][T19946] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1582.937760][T19946] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1582.945449][T19946] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1583.156397][T24091] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1583.169366][T24091] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1583.179003][T24091] bridge_slave_0: entered allmulticast mode
[ 1583.187735][T24091] bridge_slave_0: entered promiscuous mode
[ 1583.314495][T24091] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1583.324098][T24091] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1583.332073][T24091] bridge_slave_1: entered allmulticast mode
[ 1583.342296][T24091] bridge_slave_1: entered promiscuous mode
[ 1583.410009][T22207] Bluetooth: hci0: command tx timeout
[ 1583.481196][T24091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1583.604920][T24091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1583.843804][T24091] team0: Port device team_slave_0 added
[ 1583.882197][ T9794] hsr_slave_0: left promiscuous mode
[ 1583.897415][ T9794] hsr_slave_1: left promiscuous mode
[ 1583.923855][ T9794] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1583.943470][ T9794] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1583.963561][ T9794] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1583.971118][ T9794] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1583.980140][ T9794] bridge_slave_1: left allmulticast mode
[ 1583.986288][ T9794] bridge_slave_1: left promiscuous mode
[ 1584.000921][ T9794] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1584.018241][ T9794] bridge_slave_0: left allmulticast mode
[ 1584.024597][ T9794] bridge_slave_0: left promiscuous mode
[ 1584.031030][ T9794] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1584.283953][ T9794] veth1_macvtap: left promiscuous mode
[ 1584.346504][ T9794] veth0_macvtap: left promiscuous mode
[ 1584.404602][ T9794] veth1_vlan: left promiscuous mode
[ 1584.455631][ T9794] veth0_vlan: left promiscuous mode
[ 1584.935521][T22207] Bluetooth: hci3: command tx timeout
[ 1585.261755][T19946] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1585.274237][T19946] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1585.284444][T19946] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1585.295248][T19946] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1585.303367][T19946] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1585.311230][T19946] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1585.401014][T22207] Bluetooth: hci0: command tx timeout
[ 1585.986012][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1586.081629][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1586.175418][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1586.685165][ T9794] team0 (unregistering): Port device team_slave_1 removed
[ 1586.779628][ T9794] team0 (unregistering): Port device team_slave_0 removed
[ 1586.867635][ T9794] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1586.926788][T22207] Bluetooth: hci3: command tx timeout
[ 1586.950653][ T9794] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1587.323475][T22207] Bluetooth: hci2: command tx timeout
[ 1587.385344][T22207] Bluetooth: hci0: command tx timeout
[ 1588.138527][ T9794] bond0 (unregistering): Released all slaves
[ 1588.317849][T24091] team0: Port device team_slave_1 added
[ 1588.529129][T24091] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1588.555174][T24091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1588.581311][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1588.630033][T24091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1588.667251][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1588.689137][T24091] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1588.696147][T24091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1588.722201][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1588.782364][T24091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1588.896729][T22207] Bluetooth: hci3: command tx timeout
[ 1589.148359][T24091] hsr_slave_0: entered promiscuous mode
[ 1589.155895][T24091] hsr_slave_1: entered promiscuous mode
[ 1589.173375][T24091] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1589.187724][T24091] Cannot create hsr debugfs directory
[ 1589.276699][T24151] bridge1: the hash_elasticity option has been deprecated and is always 16
[ 1589.285658][T24151] bridge1: entered allmulticast mode
[ 1589.287594][T22207] Bluetooth: hci2: command tx timeout
[ 1589.365840][T22207] Bluetooth: hci0: command tx timeout
[ 1589.390277][T24111] chnl_net:caif_netlink_parms(): no params data found
[ 1589.634422][ T9794] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1589.777214][ T9794] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1589.938380][ T9794] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1589.958720][T24111] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1590.008688][T24111] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1590.023394][T24111] bridge_slave_0: entered allmulticast mode
[ 1590.039950][T24111] bridge_slave_0: entered promiscuous mode
[ 1590.141423][ T9794] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1590.163564][T24111] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1590.171210][T24111] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1590.179354][T24111] bridge_slave_1: entered allmulticast mode
[ 1590.197558][T24111] bridge_slave_1: entered promiscuous mode
[ 1590.240976][T24123] chnl_net:caif_netlink_parms(): no params data found
[ 1590.521655][T24111] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1590.589776][T24111] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1590.817669][T24111] team0: Port device team_slave_0 added
[ 1590.826107][T24123] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1590.834424][T24123] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1590.842452][T24123] bridge_slave_0: entered allmulticast mode
[ 1590.849945][T24123] bridge_slave_0: entered promiscuous mode
[ 1590.867876][T24123] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1590.877872][T22207] Bluetooth: hci3: command tx timeout
[ 1590.892593][T24123] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1590.900389][T24123] bridge_slave_1: entered allmulticast mode
[ 1590.918303][T24123] bridge_slave_1: entered promiscuous mode
[ 1590.982912][T24111] team0: Port device team_slave_1 added
[ 1591.142344][T24111] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1591.151102][T24111] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1591.178203][T24111] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1591.250097][ T9794] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1591.261823][T22207] Bluetooth: hci2: command tx timeout
[ 1591.292889][T24123] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1591.305915][T24111] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1591.318384][T24111] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1591.401257][T24111] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1591.420006][T24123] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1591.474779][ T9794] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1591.674557][ T9794] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1591.747259][T24111] hsr_slave_0: entered promiscuous mode
[ 1591.754201][T24111] hsr_slave_1: entered promiscuous mode
[ 1591.761815][T24111] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1591.770185][T24111] Cannot create hsr debugfs directory
[ 1591.786071][T24123] team0: Port device team_slave_0 added
[ 1591.866387][ T9794] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1591.906085][T24123] team0: Port device team_slave_1 added
[ 1591.913244][T24091] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1591.987422][T24091] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1592.026936][T24123] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1592.037773][T24123] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1592.064790][T24123] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1592.077611][T24091] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1592.108091][T24123] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1592.115119][T24123] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1592.141722][T24123] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1592.154554][T24091] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1592.176218][T24171] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5428'.
[ 1592.185831][T24171] netlink: 'syz.2.5428': attribute type 30 has an invalid length.
[ 1592.200549][T24171] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1592.210074][T24171] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1592.218904][T24171] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1592.228174][T24171] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1592.339845][T24123] hsr_slave_0: entered promiscuous mode
[ 1592.346746][T24123] hsr_slave_1: entered promiscuous mode
[ 1592.353133][T24123] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1592.361355][T24123] Cannot create hsr debugfs directory
[ 1593.215451][T24091] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1593.244246][T22207] Bluetooth: hci2: command tx timeout
[ 1593.310287][T24091] 8021q: adding VLAN 0 to HW filter on device team0
[ 1593.327134][T17266] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1593.334389][T17266] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1593.425390][ T6607] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1593.432617][ T6607] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1594.078236][T24111] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1594.126756][T24111] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1594.201931][T24091] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1594.211083][T24111] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1594.302303][T24192] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_team, syncid = 0, id = 0
[ 1594.304202][T24111] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1594.397977][T24123] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1594.452542][T24123] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1594.471045][T24123] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1594.482409][T24123] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1594.567719][ T9794] hsr_slave_0: left promiscuous mode
[ 1594.574758][ T9794] hsr_slave_1: left promiscuous mode
[ 1594.580911][ T9794] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1594.589731][ T9794] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1594.600399][ T9794] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1594.608408][ T9794] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1594.617948][ T9794] bridge_slave_1: left allmulticast mode
[ 1594.623947][ T9794] bridge_slave_1: left promiscuous mode
[ 1594.629789][ T9794] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1594.639092][ T9794] bridge_slave_0: left allmulticast mode
[ 1594.645456][ T9794] bridge_slave_0: left promiscuous mode
[ 1594.651596][ T9794] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1594.666514][ T9794] hsr_slave_0: left promiscuous mode
[ 1594.675089][ T9794] hsr_slave_1: left promiscuous mode
[ 1594.682566][ T9794] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1594.691704][ T9794] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1594.701875][ T9794] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1594.709840][ T9794] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1594.718844][ T9794] bridge_slave_1: left allmulticast mode
[ 1594.724587][ T9794] bridge_slave_1: left promiscuous mode
[ 1594.731228][ T9794] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1594.740495][ T9794] bridge_slave_0: left allmulticast mode
[ 1594.746709][ T9794] bridge_slave_0: left promiscuous mode
[ 1594.752598][ T9794] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1594.825292][ T9794] veth1_macvtap: left promiscuous mode
[ 1594.830978][ T9794] veth0_macvtap: left promiscuous mode
[ 1594.837449][ T9794] veth1_vlan: left promiscuous mode
[ 1594.843624][ T9794] veth0_vlan: left promiscuous mode
[ 1594.856695][ T9794] veth1_macvtap: left promiscuous mode
[ 1594.863305][ T9794] veth0_macvtap: left promiscuous mode
[ 1594.875119][ T9794] veth1_vlan: left promiscuous mode
[ 1594.883263][ T9794] veth0_vlan: left promiscuous mode
[ 1596.758487][ T9794] team0 (unregistering): Port device team_slave_1 removed
[ 1596.840103][ T9794] team0 (unregistering): Port device team_slave_0 removed
[ 1596.914014][ T9794] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1596.987131][ T9794] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1597.875289][ T9794] bond0 (unregistering): Released all slaves
[ 1598.731156][ T9794] team0 (unregistering): Port device team_slave_1 removed
[ 1598.811327][ T9794] team0 (unregistering): Port device team_slave_0 removed
[ 1598.886300][ T9794] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1598.967932][ T9794] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1599.905885][ T9794] bond0 (unregistering): Released all slaves
[ 1600.046228][T24091] veth0_vlan: entered promiscuous mode
[ 1600.062150][T24091] veth1_vlan: entered promiscuous mode
[ 1600.088225][T24210] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5431'.
[ 1600.275339][T24091] veth0_macvtap: entered promiscuous mode
[ 1600.287603][T24091] veth1_macvtap: entered promiscuous mode
[ 1600.390986][T24091] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1600.435449][T24111] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1600.484297][T24091] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1600.544817][T24091] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1600.560515][T24091] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1600.570131][T24091] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1600.579451][T24091] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1600.655835][T24111] 8021q: adding VLAN 0 to HW filter on device team0
[ 1600.737696][ T4482] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1600.744912][ T4482] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1600.808624][ T4482] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1600.816100][ T4482] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1600.945825][T24111] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1600.957495][T24111] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1601.120825][ T4482] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1601.147835][ T4482] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1601.174750][T24123] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1601.288683][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1601.305012][T24123] 8021q: adding VLAN 0 to HW filter on device team0
[ 1601.306290][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1601.352913][T21534] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1601.360135][T21534] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1601.424470][T21534] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1601.431687][T21534] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1601.697863][T24111] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1601.836933][T24111] veth0_vlan: entered promiscuous mode
[ 1601.868544][T24111] veth1_vlan: entered promiscuous mode
[ 1601.969289][T24111] veth0_macvtap: entered promiscuous mode
[ 1602.045118][T24111] veth1_macvtap: entered promiscuous mode
[ 1602.111139][T24111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1602.143975][T24111] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1602.167864][T24111] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1602.238491][T24111] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1602.269520][T24111] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1602.300297][T24111] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1602.366819][T24111] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1602.404138][T24111] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1602.431752][T24111] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1602.464481][T24111] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1602.535861][T24123] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1602.858289][ T9794] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1602.890751][ T9794] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1603.107490][T17266] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1603.143531][T17266] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1603.774810][T24275] siw: device registration error -23
[ 1603.954858][T24123] veth0_vlan: entered promiscuous mode
[ 1604.013653][T24123] veth1_vlan: entered promiscuous mode
[ 1604.146642][T24123] veth0_macvtap: entered promiscuous mode
[ 1604.169630][T24123] veth1_macvtap: entered promiscuous mode
[ 1604.238389][T24123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1604.284652][T24123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1604.316662][T24123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1604.336896][T24123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1604.358919][T24123] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1604.390555][T24123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1604.438116][T24123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1604.464321][T24123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1604.486082][T24123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1604.513228][T24123] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1604.554529][T24285] bridge1: entered promiscuous mode
[ 1604.559963][T24285] bridge1: entered allmulticast mode
[ 1604.568547][T24123] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1604.587187][T24123] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1604.597421][T24123] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1604.607212][T24123] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1604.802810][T24267] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1604.823800][T24267] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1604.885713][ T9794] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1604.894776][ T9794] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1605.089447][T24295] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1605.101194][T24295] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1606.805217][T19946] Bluetooth: hci2: command tx timeout
[ 1607.648607][T24304] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1607.661298][T24304] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1608.710053][T19946] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[ 1608.719150][T19946] Bluetooth: hci3: Injecting HCI hardware error event
[ 1608.740876][T22207] Bluetooth: hci3: hardware error 0x00
[ 1608.786125][T16912] Bluetooth: hci2: command tx timeout
[ 1610.143863][T24307] netlink: 'syz.5.5447': attribute type 10 has an invalid length.
[ 1610.188935][T24307] 8021q: adding VLAN 0 to HW filter on device team0
[ 1610.208577][T24307] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1610.252916][T24307] siw: device registration error -23
[ 1610.312619][T24316] bridge2: entered promiscuous mode
[ 1610.317990][T24316] bridge2: entered allmulticast mode
[ 1610.376287][T19946] Bluetooth: hci3: unexpected event for opcode 0x2019
[ 1612.683653][T22207] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 1615.011681][T24345] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1615.023910][T24345] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1619.621198][T24364] mkiss: ax0: crc mode is auto.
[ 1620.370564][T24371] netlink: 'syz.0.5464': attribute type 10 has an invalid length.
[ 1620.503425][T24372] siw: device registration error -23
[ 1620.795665][T24371] 8021q: adding VLAN 0 to HW filter on device team0
[ 1621.006078][T24371] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1622.778007][T24378] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5466'.
[ 1624.970527][T24393] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5469'.
[ 1626.456830][T24406] bridge1: entered promiscuous mode
[ 1626.462292][T24406] bridge1: entered allmulticast mode
[ 1626.628913][T24410] netlink: 'syz.3.5475': attribute type 10 has an invalid length.
[ 1626.845549][T24416] siw: device registration error -23
[ 1626.908470][T24410] 8021q: adding VLAN 0 to HW filter on device team0
[ 1626.939349][T24410] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1627.012430][T24412] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5476'.
[ 1627.614947][T24431] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1627.821383][T24431] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1628.281931][T19946] Bluetooth: hci2: link tx timeout
[ 1628.284326][T19946] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1628.350191][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[ 1628.350465][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[ 1629.284815][T24454] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5488'.
[ 1629.361510][T22207] Bluetooth: hci2: command tx timeout
[ 1629.918109][T24464] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1630.754230][T24464] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1631.354658][T19946] Bluetooth: hci2: command 0x0406 tx timeout
[ 1634.032129][T24497] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5501'.
[ 1634.169221][T24499] netlink: 36 bytes leftover after parsing attributes in process `syz.5.5502'.
[ 1634.353142][T24502] netlink: 'syz.3.5503': attribute type 4 has an invalid length.
[ 1634.686229][T24507] netlink: 'syz.3.5503': attribute type 4 has an invalid length.
[ 1638.219902][T24534] tipc: Started in network mode
[ 1638.225099][T24534] tipc: Node identity 7679f0879432, cluster identity 4711
[ 1638.233083][T24534] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1638.260495][T24534] syzkaller0: MTU too low for tipc bearer
[ 1638.266300][T24534] tipc: Disabling bearer <eth:syzkaller0>
[ 1638.620225][T24540] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5515'.
[ 1639.386966][T24551] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[ 1639.393583][T24551] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1639.413373][T24551] vhci_hcd vhci_hcd.0: Device attached
[ 1639.546703][T24551] input: uencer as /devices/virtual/input/input14
[ 1640.307036][T24552] vhci_hcd: connection closed
[ 1640.636298][T17264] vhci_hcd: stop threads
[ 1640.868108][T17264] vhci_hcd: release socket
[ 1640.887512][T17264] vhci_hcd: disconnect device
[ 1643.644764][T24584] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1643.685184][T24584] syzkaller0: MTU too low for tipc bearer
[ 1643.736066][T24584] tipc: Disabling bearer <eth:syzkaller0>
[ 1644.391105][T24587] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5526'.
[ 1644.636157][T24591] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1647.132952][T24596] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1647.147240][T24596] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1649.973447][T19946] Bluetooth: hci0: unexpected cc 0x203c length: 9 > 1
[ 1650.346151][T19946] Bluetooth: hci2: unexpected event for opcode 0x2024
[ 1651.247865][T24621] input: syz1 as /devices/virtual/input/input15
[ 1651.275542][T24622] tipc: Started in network mode
[ 1651.280610][T24622] tipc: Node identity 4e53ad2fb34a, cluster identity 4711
[ 1651.288038][T24622] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1651.309122][T24622] syzkaller0: MTU too low for tipc bearer
[ 1651.315116][T24622] tipc: Disabling bearer <eth:syzkaller0>
[ 1651.410272][T24625] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[ 1651.416973][T24625] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1651.425731][T24625] vhci_hcd vhci_hcd.0: Device attached
[ 1651.803758][T17357] usb 39-1: new high-speed USB device number 2 using vhci_hcd
[ 1652.316101][T24626] vhci_hcd: connection reset by peer
[ 1652.677426][T17265] vhci_hcd: stop threads
[ 1652.857158][T17265] vhci_hcd: release socket
[ 1652.863078][T17265] vhci_hcd: disconnect device
[ 1653.910904][T24645] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1653.922854][T24645] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1656.548723][T19946] Bluetooth: hci2: unexpected event for opcode 0x2024
[ 1656.793325][T24663] input: syz1 as /devices/virtual/input/input16
[ 1656.800039][T17357] vhci_hcd: vhci_device speed not set
[ 1656.942569][T24665] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1656.953487][T24665] syzkaller0: MTU too low for tipc bearer
[ 1656.959595][T24665] tipc: Disabling bearer <eth:syzkaller0>
[ 1658.044815][T24684] input: syz1 as /devices/virtual/input/input17
[ 1658.517561][T24700] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5561'.
[ 1658.993762][T24697] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5555'.
[ 1660.831554][T24728] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[ 1660.838190][T24728] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1660.853928][T24728] vhci_hcd vhci_hcd.0: Device attached
[ 1660.953376][T24728] input: uencer as /devices/virtual/input/input18
[ 1661.426463][  T786] usb 37-1: new high-speed USB device number 3 using vhci_hcd
[ 1661.680995][T24730] vhci_hcd: sendmsg failed!, ret=-32 for 48
[ 1661.733858][T24729] vhci_hcd: connection closed
[ 1661.837447][ T4482] vhci_hcd: stop threads
[ 1661.936279][ T4482] vhci_hcd: release socket
[ 1662.000976][ T4482] vhci_hcd: disconnect device
[ 1662.219374][T24736] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1662.376875][T24736] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1662.440078][T24736] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1662.523861][T24736] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1664.979717][T24734] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1666.632455][  T786] vhci_hcd: vhci_device speed not set
[ 1666.875846][T24764] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1666.917432][T24764] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1666.936304][T24764] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1666.950827][T24764] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1666.962819][T24763] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1667.115804][T24776] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1667.129469][T24776] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1671.056534][T24797] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1673.186478][T24796] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1673.269605][T24796] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1673.289562][T24796] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1673.398131][T24796] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1673.556334][T24786] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1673.842722][T24805] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5589'.
[ 1674.016589][T24814] overlayfs: failed to resolve './file0': -2
[ 1675.533195][T24835] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1675.700931][T24835] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1675.725196][T24835] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1676.230547][T22207] Bluetooth: hci2: command 0x0406 tx timeout
[ 1676.592602][T24845] overlayfs: failed to resolve './file0': -2
[ 1676.750971][T24851] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1679.198622][T24855] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1679.205978][T24855] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1679.214243][T24855] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1679.221997][T24855] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1679.228995][T24855] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1679.281220][T24858] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5606'.
[ 1679.366907][T24860] syz.3.5607: attempt to access beyond end of device
[ 1679.366907][T24860] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1679.860224][T24869] binder_alloc: 24868: binder_alloc_buf, no vma
[ 1681.104734][T19946] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1681.181092][T19946] Bluetooth: hci2: command 0x0406 tx timeout
[ 1681.711159][T24882] overlayfs: overlapping lowerdir path
[ 1681.741748][T24882] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1683.125265][T19946] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1683.176448][T19946] Bluetooth: hci2: command 0x0406 tx timeout
[ 1683.805589][T24904] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1683.831831][T24904] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1683.844133][T24904] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1683.874562][T24904] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1684.543750][T24900] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[ 1684.649351][T24905] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5618'.
[ 1684.935603][T24910] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1685.087291][T19946] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1685.388047][T24923] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[ 1685.394676][T24923] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1685.403596][T24923] vhci_hcd vhci_hcd.0: Device attached
[ 1685.716676][    T8] usb 37-1: new high-speed USB device number 4 using vhci_hcd
[ 1686.224630][T24924] vhci_hcd: connection reset by peer
[ 1686.297195][ T1082] vhci_hcd: stop threads
[ 1686.348202][ T1082] vhci_hcd: release socket
[ 1686.400844][ T1082] vhci_hcd: disconnect device
[ 1686.748599][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[ 1686.764012][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[ 1686.828013][T24932] overlayfs: overlapping lowerdir path
[ 1687.097676][T24938] mac80211_hwsim hwsim61 wlan1: entered allmulticast mode
[ 1687.290121][T24941] bond0: (slave wlan1): Releasing backup interface
[ 1687.308432][T24938] netlink: 'syz.2.5626': attribute type 10 has an invalid length.
[ 1687.321319][T24938] mac80211_hwsim hwsim61 wlan1: left allmulticast mode
[ 1687.340507][T24938] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1687.409261][    C1] Unknown status report in ack skb
[ 1687.437862][T24932] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1687.799276][T24945] overlayfs: overlapping lowerdir path
[ 1687.816233][T24946] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1688.427921][T24950] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1688.965477][T24956] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5629'.
[ 1689.217205][T19946] Bluetooth: hci0: unexpected cc 0x203c length: 9 > 1
[ 1689.225305][T19946] Bluetooth: hci0: unexpected event for opcode 0x203c
[ 1689.505372][T24967] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[ 1689.511978][T24967] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1689.522863][T24967] vhci_hcd vhci_hcd.0: Device attached
[ 1690.270661][T24968] vhci_hcd: connection closed
[ 1690.594111][   T48] vhci_hcd: stop threads
[ 1690.723772][   T48] vhci_hcd: release socket
[ 1690.752127][   T48] vhci_hcd: disconnect device
[ 1690.926427][    T8] vhci_hcd: vhci_device speed not set
[ 1692.129096][T24991] overlayfs: overlapping lowerdir path
[ 1692.140503][T24991] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1692.353721][T24993] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1692.409082][T24995] tipc: Started in network mode
[ 1692.415410][T24995] tipc: Node identity f24f5c794928, cluster identity 4711
[ 1692.449716][T24995] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1692.485575][T24995] syzkaller0: entered promiscuous mode
[ 1692.506940][T24995] syzkaller0: entered allmulticast mode
[ 1692.675861][T25001] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1693.083363][T25000] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5643'.
[ 1693.133826][T25001] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1693.194519][T24995] tipc: Resetting bearer <eth:syzkaller0>
[ 1693.270699][T25001] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1693.311605][T24994] tipc: Resetting bearer <eth:syzkaller0>
[ 1693.486965][  T786] tipc: Node number set to 3144113273
[ 1693.520825][T24994] tipc: Disabling bearer <eth:syzkaller0>
[ 1695.531285][T25033] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[ 1695.537954][T25033] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1695.546235][T25033] vhci_hcd vhci_hcd.0: Device attached
[ 1695.687242][T19946] Bluetooth: hci0: unexpected cc 0x203c length: 9 > 1
[ 1695.694983][T19946] Bluetooth: hci0: unexpected event for opcode 0x203c
[ 1695.965697][   T27] usb 39-1: new high-speed USB device number 3 using vhci_hcd
[ 1696.157694][T25036] vhci_hcd: sendmsg failed!, ret=-32 for 48
[ 1696.302730][T17264] vhci_hcd: stop threads
[ 1696.344693][T17264] vhci_hcd: release socket
[ 1696.396270][T17264] vhci_hcd: disconnect device
[ 1696.865593][T25042] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1699.401667][T25044] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5653'.
[ 1699.738751][T25047] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1699.859559][T25047] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1699.956238][T25047] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1700.295385][T25054] 9pnet_fd: Insufficient options for proto=fd
[ 1700.918541][   T27] vhci_hcd: vhci_device speed not set
[ 1701.912990][ T9794] ------------[ cut here ]------------
[ 1701.919609][ T9794] WARNING: CPU: 1 PID: 9794 at net/mac80211/chan.c:92 ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[ 1701.931096][ T9794] Modules linked in:
[ 1701.933070][    C0] ------------[ cut here ]------------
[ 1701.935962][ T9794] CPU: 1 PID: 9794 Comm: kworker/u4:11 Not tainted syzkaller #0
[ 1701.940626][    C0] WARNING: CPU: 0 PID: 25073 at net/mac80211/tx.c:5031 __ieee80211_beacon_get+0x1233/0x1600
[ 1701.940682][    C0] Modules linked in:
[ 1701.940699][    C0] CPU: 0 PID: 25073 Comm: dhcpcd Not tainted syzkaller #0
[ 1701.940721][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1701.940736][    C0] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[ 1701.948550][ T9794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1701.958609][    C0] Code: 24 4c 89 e7 e8 0e 88 d4 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 19 65 97 f7 0f 0b e9 f6 f7 ff ff e8 0d 65 97 f7 <0f> 0b e9 48 fb ff ff e8 01 65 97 f7 48 c7 c7 a0 09 24 8e 4c 89 e6
[ 1701.958646][    C0] RSP: 0000:ffffc90000007a18 EFLAGS: 00010246
[ 1701.962568][ T9794] Workqueue: phy61 ieee80211_csa_finalize_work
[ 1701.969793][    C0] 
[ 1701.969805][    C0] RAX: ffffffff89ee2a93 RBX: ffffffff89ee1896 RCX: ffff88801af41e00
[ 1701.969823][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 1701.969837][    C0] RBP: 0000000000000000 R08: ffff88801af41e00 R09: 0000000000000003
[ 1701.969852][    C0] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805ba423c0
[ 1701.969866][    C0] R13: dffffc0000000000 R14: ffff88805ba428b0 R15: ffff88805efd0c24
[ 1701.969883][    C0] FS:  00007f9c4c28f740(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1701.969902][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1701.969918][    C0] CR2: 000055d1feae23f8 CR3: 0000000064ca4000 CR4: 00000000003526f0
[ 1701.980345][ T9794] 
[ 1701.986562][    C0] Call Trace:
[ 1701.996752][ T9794] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[ 1702.016665][    C0]  <IRQ>
[ 1702.016753][    C0]  ? __ieee80211_beacon_get+0x36/0x1600
[ 1702.023261][ T9794] Code: 48 89 df e8 1a 06 ea f7 e9 dc fc ff ff e8 f0 bf 92 f7 eb 24 e8 e9 bf 92 f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 d8 bf 92 f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 ca bf 92 f7 48 8b 7c 24 08 4c 8b 7c
[ 1702.029077][    C0]  ieee80211_beacon_get_tim+0xb8/0x560
[ 1702.032416][ T9794] RSP: 0018:ffffc900033079c0 EFLAGS: 00010293
[ 1702.039538][    C0]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[ 1702.047745][ T9794] 
[ 1702.055553][    C0]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[ 1702.063717][ T9794] RAX: ffffffff89f2cbce RBX: 0000000000000001 RCX: ffff888028115a00
[ 1702.071698][    C0]  __iterate_interfaces+0x243/0x500
[ 1702.081039][ T9794] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1702.087707][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0
[ 1702.095831][ T9794] RBP: dffffc0000000000 R08: ffff88805ba415af R09: 1ffff1100b7482b5
[ 1702.098318][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[ 1702.101692][ T9794] R10: dffffc0000000000 R11: ffffed100b7482b6 R12: 0000000000000001
[ 1702.109104][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2b0/0x2b0
[ 1702.109150][    C0]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[ 1702.112037][ T9794] R13: ffff88805ba425d9 R14: ffff88802555ac70 R15: ffff88802555ace8
[ 1702.117597][    C0]  mac80211_hwsim_beacon+0xbb/0x1b0
[ 1702.138336][ T9794] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 1702.142758][    C0]  __hrtimer_run_queues+0x51e/0xc40
[ 1702.149168][ T9794] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1702.155760][    C0]  ? hw_scan_work+0xf40/0xf40
[ 1702.158254][ T9794] CR2: 0000001b2e11bff8 CR3: 000000000cb30000 CR4: 00000000003526e0
[ 1702.163891][    C0]  ? hrtimer_interrupt+0x9c0/0x9c0
[ 1702.171925][ T9794] DR0: ffffffffffffffff DR1: 000000000000008d DR2: 0000000020000008
[ 1702.177234][    C0]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[ 1702.185304][ T9794] DR3: 0000000000007fff DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1702.191552][    C0]  hrtimer_run_softirq+0x187/0x2b0
[ 1702.199599][ T9794] Call Trace:
[ 1702.206910][    C0]  handle_softirqs+0x280/0x820
[ 1702.206944][    C0]  ? __irq_exit_rcu+0xc7/0x190
[ 1702.214955][ T9794]  <TASK>
[ 1702.221194][    C0]  ? do_softirq+0x180/0x180
[ 1702.229300][ T9794]  ieee80211_link_use_reserved_context+0x383/0x5c0
[ 1702.236377][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[ 1702.236413][    C0]  __irq_exit_rcu+0xc7/0x190
[ 1702.236435][    C0]  ? irq_exit_rcu+0x20/0x20
[ 1702.236464][    C0]  irq_exit_rcu+0x9/0x20
[ 1702.236484][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 1702.236519][    C0]  </IRQ>
[ 1702.236529][    C0]  <TASK>
[ 1702.236540][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1702.241818][ T9794]  ieee80211_csa_finalize+0x59a/0xf00
[ 1702.250751][    C0] RIP: 0010:lock_acquire+0x1f2/0x410
[ 1702.256201][ T9794]  ? mutex_lock_nested+0x20/0x20
[ 1702.262778][    C0] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f5 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 3c 00 00 00 00 66 43 c7 44 3c 09 00 00 43 c6 44 3c 0b 00
[ 1702.267472][ T9794]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 1702.275486][    C0] RSP: 0000:ffffc900038c7940 EFLAGS: 00000206
[ 1702.280649][ T9794]  ? ieee80211_csa_finalize_work+0x140/0x140
[ 1702.288635][    C0] 
[ 1702.288646][    C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 9a8dd70ac7d52700
[ 1702.294880][ T9794]  ? read_lock_is_recursive+0x20/0x20
[ 1702.302793][    C0] RDX: 0000000000000000 RSI: ffffffff8aaacba0 RDI: ffffffff8afc7040
[ 1702.302822][    C0] RBP: ffffc900038c7a60 R08: dffffc0000000000 R09: 1ffffffff21b4aa0
[ 1702.308050][ T9794]  ieee80211_csa_finalize_work+0xf6/0x140
[ 1702.311359][    C0] R10: dffffc0000000000 R11: fffffbfff21b4aa1 R12: 1ffff92000718f34
[ 1702.311380][    C0] R13: ffffffff8cd2fbe0 R14: 0000000000000246 R15: dffffc0000000000
[ 1702.311426][    C0]  ? lock_chain_count+0x20/0x20
[ 1702.316260][ T9794]  ? process_scheduled_works+0x957/0x15b0
[ 1702.321098][    C0]  ? flush_tlb_mm_range+0x4a3/0x690
[ 1702.324984][ T9794]  process_scheduled_works+0xa45/0x15b0
[ 1702.328595][    C0]  ? read_lock_is_recursive+0x20/0x20
[ 1702.328627][    C0]  ? flush_tlb_mm_range+0x4b5/0x690
[ 1702.328660][    C0]  ? flush_tlb_multi+0x50/0x50
[ 1702.328687][    C0]  ? __mod_lruvec_page_state+0xa5/0x420
[ 1702.328723][    C0]  __mod_lruvec_page_state+0xc2/0x420
[ 1702.328756][    C0]  ? __mod_lruvec_page_state+0xa5/0x420
[ 1702.335321][ T9794]  ? assign_work+0x400/0x400
[ 1702.340639][    C0]  folio_add_new_anon_rmap+0x1d4/0x4b0
[ 1702.340676][    C0]  do_wp_page+0x1e41/0x3630
[ 1702.345297][ T9794]  ? assign_work+0x39e/0x400
[ 1702.349956][    C0]  ? do_wp_page+0x16a7/0x3630
[ 1702.354318][ T9794]  worker_thread+0xa55/0xfc0
[ 1702.360155][    C0]  ? folio_put+0xd0/0xd0
[ 1702.363121][ T9794]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 1702.366093][    C0]  ? do_raw_spin_lock+0x121/0x2c0
[ 1702.366142][    C0]  ? __rwlock_init+0x150/0x150
[ 1702.366177][    C0]  ? handle_mm_fault+0xd1/0x4920
[ 1702.372160][ T9794]  ? _raw_spin_unlock+0x40/0x40
[ 1702.377742][    C0]  handle_mm_fault+0x12d4/0x4920
[ 1702.382904][ T9794]  kthread+0x2fa/0x390
[ 1702.387886][    C0]  ? handle_mm_fault+0xd1/0x4920
[ 1702.407569][ T9794]  ? pr_cont_work+0x560/0x560
[ 1702.413605][    C0]  ? lock_vma_under_rcu+0x526/0x650
[ 1702.420602][ T9794]  ? kthread_blkcg+0xd0/0xd0
[ 1702.425690][    C0]  ? numa_migrate_prep+0x350/0x350
[ 1702.425742][    C0]  ? do_user_addr_fault+0x1c3/0x12e0
[ 1702.425773][    C0]  do_user_addr_fault+0xad0/0x12e0
[ 1702.425814][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1702.425846][    C0]  exc_page_fault+0x67/0x110
[ 1702.428268][ T9794]  ret_from_fork+0x48/0x80
[ 1702.436369][    C0]  ? clear_bhb_loop+0x40/0x90
[ 1702.442021][ T9794]  ? kthread_blkcg+0xd0/0xd0
[ 1702.449811][    C0]  asm_exc_page_fault+0x26/0x30
[ 1702.457898][ T9794]  ret_from_fork_asm+0x11/0x20
[ 1702.463587][    C0] RIP: 0033:0x7f9c4c327dee
[ 1702.463630][    C0] Code: 49 8b 55 70 49 8d 75 60 48 39 72 18 0f 85 ba 00 00 00 66 0f ef c0 41 0f 11 44 24 20 49 89 54 24 10 49 89 74 24 18 4c 89 66 10 <4c> 89 62 18 48 89 c2 48 83 ca 01 49 89 54 24 08 49 89 04 04 48 83
[ 1702.471655][ T9794]  </TASK>
[ 1702.479708][    C0] RSP: 002b:00007ffd9341a030 EFLAGS: 00010246
[ 1702.484663][ T9794] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1702.484679][ T9794] CPU: 1 PID: 9794 Comm: kworker/u4:11 Not tainted syzkaller #0
[ 1702.484703][ T9794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1702.484720][ T9794] Workqueue: phy61 ieee80211_csa_finalize_work
[ 1702.484765][ T9794] Call Trace:
[ 1702.484778][ T9794]  <TASK>
[ 1702.484788][ T9794]  dump_stack_lvl+0x16c/0x230
[ 1702.484823][ T9794]  ? show_regs_print_info+0x20/0x20
[ 1702.484852][ T9794]  ? load_image+0x3b0/0x3b0
[ 1702.484894][ T9794]  panic+0x2c0/0x710
[ 1702.484936][ T9794]  ? bpf_jit_dump+0xd0/0xd0
[ 1702.484985][ T9794]  ? ret_from_fork_asm+0x11/0x20
[ 1702.485023][ T9794]  __warn+0x2e0/0x470
[ 1702.485055][ T9794]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[ 1702.485094][ T9794]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[ 1702.485140][ T9794]  report_bug+0x2be/0x4f0
[ 1702.485170][ T9794]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[ 1702.485206][ T9794]  ? ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[ 1702.485241][ T9794]  ? ieee80211_vif_use_reserved_switch+0x10ea/0x28f0
[ 1702.485276][ T9794]  handle_bug+0xcf/0x120
[ 1702.485306][ T9794]  exc_invalid_op+0x1a/0x50
[ 1702.485336][ T9794]  asm_exc_invalid_op+0x1a/0x20
[ 1702.485370][ T9794] RIP: 0010:ieee80211_vif_use_reserved_switch+0x10e8/0x28f0
[ 1702.485407][ T9794] Code: 48 89 df e8 1a 06 ea f7 e9 dc fc ff ff e8 f0 bf 92 f7 eb 24 e8 e9 bf 92 f7 c7 04 24 f4 ff ff ff e9 e4 f5 ff ff e8 d8 bf 92 f7 <0f> 0b 0f 0b e9 cf f5 ff ff e8 ca bf 92 f7 48 8b 7c 24 08 4c 8b 7c
[ 1702.485427][ T9794] RSP: 0018:ffffc900033079c0 EFLAGS: 00010293
[ 1702.485447][ T9794] RAX: ffffffff89f2cbce RBX: 0000000000000001 RCX: ffff888028115a00
[ 1702.485465][ T9794] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1702.485479][ T9794] RBP: dffffc0000000000 R08: ffff88805ba415af R09: 1ffff1100b7482b5
[ 1702.485497][ T9794] R10: dffffc0000000000 R11: ffffed100b7482b6 R12: 0000000000000001
[ 1702.485513][ T9794] R13: ffff88805ba425d9 R14: ffff88802555ac70 R15: ffff88802555ace8
[ 1702.485541][ T9794]  ? ieee80211_vif_use_reserved_switch+0xcee/0x28f0
[ 1702.485603][ T9794]  ieee80211_link_use_reserved_context+0x383/0x5c0
[ 1702.485646][ T9794]  ieee80211_csa_finalize+0x59a/0xf00
[ 1702.485683][ T9794]  ? mutex_lock_nested+0x20/0x20
[ 1702.485715][ T9794]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 1702.485743][ T9794]  ? ieee80211_csa_finalize_work+0x140/0x140
[ 1702.485781][ T9794]  ? read_lock_is_recursive+0x20/0x20
[ 1702.485818][ T9794]  ieee80211_csa_finalize_work+0xf6/0x140
[ 1702.485857][ T9794]  ? process_scheduled_works+0x957/0x15b0
[ 1702.485886][ T9794]  process_scheduled_works+0xa45/0x15b0
[ 1702.485951][ T9794]  ? assign_work+0x400/0x400
[ 1702.485988][ T9794]  ? assign_work+0x39e/0x400
[ 1702.486023][ T9794]  worker_thread+0xa55/0xfc0
[ 1702.486054][ T9794]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 1702.486091][ T9794]  ? _raw_spin_unlock+0x40/0x40
[ 1702.486171][ T9794]  kthread+0x2fa/0x390
[ 1702.486193][ T9794]  ? pr_cont_work+0x560/0x560
[ 1702.486222][ T9794]  ? kthread_blkcg+0xd0/0xd0
[ 1702.486245][ T9794]  ret_from_fork+0x48/0x80
[ 1702.486272][ T9794]  ? kthread_blkcg+0xd0/0xd0
[ 1702.486295][ T9794]  ret_from_fork_asm+0x11/0x20
[ 1702.486346][ T9794]  </TASK>
[ 1702.490688][ T9794] Kernel Offset: disabled