last executing test programs:

6m58.630595993s ago: executing program 4 (id=131):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', 0xffffffffffffffff, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x20000a0, &(0x7f00000002c0)={0x0, 0x89b8, 0x8, 0x0, 0x207}, 0x0, &(0x7f00000000c0))
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="180200004809000000000000070000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000080000008500000006000000950000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f00000000c0)="ddd5be65914ca2fd9a767ed10a74", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000080)={{0x0, 0x4}, 'syz1\x00', 0x4b})
ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, &(0x7f0000000100)={0x35, {0x9, 0x0, 0x2000000, 0x3, 0x101}})
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x200000a, 0x12, 0xffffffffffffffff, 0x7f196000)
r2 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r2, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x240)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r3, 0xc02c5341, &(0x7f0000000300))
syz_open_dev$evdev(&(0x7f0000000240), 0xec, 0x220300)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x8ef, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r5 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r5, 0x400442c8, &(0x7f0000000100)={r4, 0x0, 0x4})
openat(0xffffffffffffffff, &(0x7f0000000400)='./file1\x00', 0x80c0, 0x4)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000440)={r2, 0x86, 0x26}, &(0x7f0000002600)={'enc=', 'raw', ' hash=', {'digest_null\x00'}}, &(0x7f0000002680)="9a09db5eb4144cc6a40eb4c2aa2871ddd44ea661ba33fd4b9cf9de8c11d628765b16b43f91f9ba47220959006131252222d1c6545b5c6eabf857f02ff6d22ad8417004274ad03f9d4a94538eeb3d2030b6b1b7bb53f89b4d1225f300f476de7531879ba834d6c76a1e8654bf7160e27935533fe70a546aace14eb720f48de61c6bdeb4cf8324", &(0x7f0000002740)=""/38)
read$FUSE(r6, &(0x7f0000000480)={0x2020}, 0x2020)

6m55.514001895s ago: executing program 4 (id=135):
socket$kcm(0x29, 0x2, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
syz_open_dev$dri(&(0x7f0000000340), 0x8, 0x2c2080)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB=':syt 00N004093\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x2a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000280)=ANY=[@ANYBLOB="91104f000000000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
read$char_usb(0xffffffffffffffff, &(0x7f0000000040)=""/20, 0x14)
r1 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
mount_setattr(0xffffffffffffffff, 0x0, 0x800, &(0x7f0000001b40)={0x70, 0xb3}, 0x20)
r2 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$read(0xb, r2, &(0x7f0000000240)=""/112, 0x349b7f55)
keyctl$read(0xb, r2, &(0x7f0000000380)=""/64, 0x40)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x45}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r5, 0xc1485544, &(0x7f0000000080))
connect$inet(r3, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440)={'syz', 0x2}, &(0x7f0000000480)="6eb62ffc13578fc984d5faafb8d0736a4978a56b7afaec369885c629ae3056467a59cdd8745e539487dfc01f305313f35c383e16d434d74b9d621ae7f772e3d172da67d880a91d6a032dfb3ca177a628aeeb5364ae22ba04d968dc6183b8b7c38d64a33d1d7977ce21b45db9d0e65b83c3f66a7bd103ad2cc345fef6a606fa7b72e56d65510abff546c096447ee70ca1bbd2ba27864ceabe8ad9700831ca628b8ff1ba0008ed413d35adcd9c49ef5cb94729009014ae73a44eba61e41e51751fe0eeb9f2ac44b5938d8fe78ae818043646e56878b997a73e9b9297a976bf47377f61771f", 0xe4, r1)
keyctl$read(0xb, r1, &(0x7f0000000240)=""/112, 0x349b7f55)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
mount$cgroup2(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x18000, &(0x7f0000000300)={[{@memory_hugetlb_accounting}]})

6m53.978490059s ago: executing program 4 (id=138):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000040)={0xc})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x1b00, 0x0, 0x3, 0x80}, &(0x7f0000000180), 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c000000020603000000000000000000ffea000005000100070000000900020073797a300000000014000780"], 0x5c}}, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000000440)=ANY=[], 0x1f)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$TCFLSH(r5, 0x400455c8, 0x0)

6m50.113468678s ago: executing program 4 (id=143):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x21, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r0 = syz_open_dev$cec(&(0x7f00000021c0), 0xffffffffffffffff, 0xd2ec0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0xa, 0x44, 0x3e8a)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r3 = creat(&(0x7f0000000580)='./file1\x00', 0x0)
r4 = fanotify_init(0xf00, 0x1)
fanotify_mark(r4, 0x105, 0x40009975, r3, 0x0)
fallocate(r2, 0x0, 0x1000000, 0x3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000600)={0x54, r6, 0x1, 0x0, 0x0, {0x2d}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xff12}, {0x2}, {0xc}}]}, 0xa0}}, 0x0)
r7 = socket$inet6(0xa, 0x3, 0x8000000003c)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(r7, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x3d0, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x300, 0xffffffff, 0xffffffff, 0x300, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x0, 0x0, 0x1}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x32}}, [], [], 'wg1\x00', 'gre0\x00', {0xff}}, 0x0, 0x200, 0x230, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x430)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newtaction={0xb0, 0x30, 0xffff, 0x0, 0x0, {}, [{0x9c, 0x1, [@m_ife={0x98, 0x1, 0x0, 0x0, {{0x8}, {0x70, 0x2, 0x0, 0x1, [@TCA_IFE_DMAC={0xa, 0x3, @link_local}, @TCA_IFE_METALST={0x14, 0x6, [@IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_TCINDEX={0x6, 0x5, @val=0xe}]}, @TCA_IFE_TYPE={0x6}, @TCA_IFE_TYPE={0x6}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_PRIO={0x4, 0x3, @void}]}, @TCA_IFE_PARMS={0x1c}, @TCA_IFE_TYPE={0x6}, @TCA_IFE_SMAC={0xa, 0x4, @dev}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xb0}}, 0x0)
sendmsg(r7, &(0x7f00000000c0)={0x0, 0x953a, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000002200)=ANY=[@ANYBLOB="f1d6b2343502685e7d85b19d6897bb63d34f05b490c28bc79c80915eae6f6b365f8e9655045c58b5191712f14433e8fb645e78dc89c36762e967ee14f65f94b93a0423d7d0dd019d0041320c131c533cda4fdd05ab8009aa6533c71eaf3a493d3fd36de31005c7dd5f1521aca962ae98ed6c506a6d7e9d31f70272840a030b6de3fed0", @ANYRESOCT=r3, @ANYRESOCT=r0, @ANYRESHEX=r3, @ANYRESDEC=r8, @ANYRESDEC, @ANYBLOB="63715340fe92825138c104d817b0a6d3ee9f13259e4ef49ff28fa2deb282d2888db2623ae1dddf65518edf894291f9caa7195b34de7a423034b6e69e1ef09520505943c9361acff2da49e41e8a5f7c2bf10ad4d2fd43394d692ea9734e6c8d5c9c6dcef422aae13bc0eb675c1b5750ff1c776a494a0df3f2796997ad32d2f0b1e344254e80c934aab797eaef0ac33b5358f92348255382afb8227be64c61df1acd48379cd2845c4ef3b88f5de7f356402f183624214af6f795bb38a68fc53cb3b264494e56e0963fd550de2a53af7e43cbfa5c83e871618fe9c28cfa8c97e1bab4a34afd23467e8729b813190f4208f626620c6025666f53ed9f7de2123a3e79e4604af7dfda161357d6efb2496a4fab8b31f302e778e8094506e5bbb179b2e5390f2c4604120911461459256865a2b6c6aeca411120dd59de80ef73a9f163e9ba9c4d8d1737fd59d4f3d311311eb772ba4376ab3f53a214a6473973dec29d95ac65c533afe5586fb4dbb8fe166c398f9f2ea83d1ec74737c432598da065ca8b6fe267f0ed29869d21fabdf472ac5c7b1c62327c21da38e7d889b6cf08ec41e3eb6ef1bb175981d02dbde9da0fe72951ce288e4c6f0956ed787e34269639999fe85f1e76f1e958de8f19ac0e58c4fa3e1c10e1cf00f4492efa39242e30073f41ce9397dc15461fd0fa1f221a91e19c3e1369bc620f158ab270251d7292eccccb5d884c744f3a5dcee7a6da8205ea0a1b7b82618c2aebee336793b13e904f15d0b4359626c9052722528246b929958ab7ac166e4168b1bb6bc0df02c676d3d32054f8a5ccb4962be1654c64ed43c1e334c9b9b10a791d9de5f782f57e99f3391ae30e84753dc2a5dbd5aa20502485968b34c08a6381a4844bfe56b96a81e8f5c64201688a1afd2c98c5a3bb9c1e993072a4cb17456a305abb540899dbe408cdadd55f2c6997f1cc1331bda8402e841733edbf41eeff51a6eafed73137469c44c5bf9c1cb0f6514517d9dfda4f7de739b61652a86984e5dcd24827c7dfe14976dd82425e6298349e00c6e4282ef16b5a983bf1dbbc3097f6d8f376066e7c70fb69864b068ee76c637d6aff830465e92cfce494ad6dbe4632f38a204d6948419ebd7fc4d0b86cc12bc48345be04ed0e92e1cb11b97e982a9510e5df7dd2500a4f3e5bf7139288e739e524d3f811097fc9f9826159cb3323e91880e22f7628813ac79414b190e49031f5bce6343fe9e99fc44bd6106bee25cbeae1ba66d2cad66bcf9a61068f758bb6cb60587b22d0239fbb750c437aabf8570b19b516658e8183eb0ef2582f7d67892eae2719cbfa9c7a88f04b0a6cbd3a05725a6a308703cb19c499b2f3f1d457c05ac5b6d647a4802ce3f467da3b783d880949336c7bb54872a9997d4296930b83fdcc051c3a8c3ec49240b5bf803cd01c778a7cb4311a334f46072cadf315b1672395dc511556a5c1ca91149776983d59dbfc9f25193eff88145b020b9f561724c10d372fa62d4380bace6194d1acb5f026fda774ee0b2d50607462edcec5b7fb903008fa0eb3ec4962a8175923a71299a90a41468bfdd54b2682cfd5a90690f1d1bf5a653461339db54af6a0db7cd2c398886e25c48efeba54fae2fdda7115481e6d28738f67548e18e509a26f4031f776aa621ef2f5a344f4b41ad8f710d6dabc587da25a2671b54da4c0fcd14c1b4d81b0a4a6b3bf33b75d9674c1472e6315db1d7bbb540c99574e842315759558a3bfb17f21572f99476ee55df2f538a4d64dad05d08b14e5ba1674b1c3acc6edc6d70666e1014259eb99f26d1f567208e34e3432bde3b532663c06481bac44bc9c66fbc71398b29b6b8166aec58dc7de5533bad6efa30178b69e67036c8f8432e96ce9d41610efa32103fd2dc32c054bb6b60b26d5665a65c58c51501f1d66bb90ee073677767faf55cfadafa6418f0a9004a98d45ac742ad12fba303c93ef38847cf10dc4ad76fff01c7a1bae0d9ca79646de467212d320df8565b361950506262efeebfac49ab693e90ff99b2b567a161b4aa3732771bf9dc7550de60b1afaef5b9f87f4cbdc61394a615550e1627d100a67e5e38f9d5ef70334a7e0af6dfa4ef696834d862b7769f1af8bb38b004c2403172da1f17bce55bc7b28d89dee90b0ef02c46a5e0c98d0c909cde04114501c74ff1f31db9ebce1dce5fcd9dd90787b3eb964b9c1aecff6ffeff93aef040517621dd10eb819df7e60e841e93dca4fe89e662751a4eb73214f1caa9aff9a0730b672060ea34eb43661b8bcad00fc22c24032bf57f099a9acccb8ff4335cecedf26cb584ccd1c4179e7e444253e7ee9e68da3cea784abfc3e2c31c5cf93ab13fa91b320b3f2f0f6babf7e0eec5bc38cce94ee52357d3f238153e75282264d00965737f8faaeb0e3193c01691d433ef023215c912e71fcbce620962bb7ec9c0ccbafb504bc55fe791683400130ccb3251698788da9728d57b2f1e5328151c5b619bb1e0a13b4dbb98f4ffb52faf4bcf7c2cf65361f9795bfc209d7531fe873c84d086ca51f91d0c2e57489069f2d5c61d1cc18a6d2f00e551a7850a7440840a55399b975b8c65b051d7a23056ed048a7c4c8e13e293d52604e63bdda3722e2a19d95a436b26689a58a9600e05760ec61de361c530751fd3a4d28cfd8132009e071f673f0a20c22ffe6b215d4ab87f16a35dbeddff1ff6887c2e096a9d2ed1dd41da1649272a8fc629ba6309d5553c59480e365ca31a39611f9b7ec423bf2a67942d9bac4b890e305afd2a3076fe9e2ddef9e8dae6e795d06b3c6eba8aaac4ecff4cdafa23da29bceeca150d2bea6242088bcbc7ab23254ef96919fef0ecc744a6cf4dfea9f7c936ddc17a546c78657ebe517a719cead6a6fa39f48977d516ed3130d72d95d915632861817be5f3ae36323ec906071fbf2090c46cad9e701aa6c6c39b2fb366f4e06594f1f3056b2038e9ce91c06fbe43ec4f7cd06d6906f1c6dabdcf58230a40ca71dc98c957825b29290a0590f95bfff596e9363e1216bb008d5de554d2ea60edf163325a9b5a498851f2a5a2db151dc19ffd5ab4fc3b08d08cd52acfb970adee7e8ab2280e79d3d057284c8b5365d1c1eb1b750ca9df05af64bf2ea746d8057cc73b2749a43381569ba759911b451398fd168d2e73c3eb8c204baf6da7b8abbd7ed970b11e72996345c989c5627e99fdafa1d671f656aba1fb13bdd706ca2280eaf15a08b4ad15942de5a461468dfa014c0c469286d1487ee421c0fa1c77f9083aca50865dabb4192f4709ea14a594e3c521c43ceaafb46ae12d9f14cb66f75098d4d48faa69b26c005e4c65b6ec4c701f83e81a1821c681c4abbf32fbad79dce13f21f00ca4d67df3c10121519c663cfb1f41dac7eeced009bfd4679a06581e4cef899020e7ecd81d5ed84283e3dfb285767da69b1f64aeb1ed89f13f40c57fa9422da1a1f0c5852d1ae91d639e96a2c4ba58659a2c93edb9a17bb7b1cc002a6b4b297a72b8951392c6745f2c66abaa5f5428a88ba4c18865f2e653b1dd7512042e73c7e6f2da9ed9df199e8d9e4127db78441defe04fdb3d5c02b0eff234b3a802bbbbc732bfe3a0217050f1303b321c69b58db7ef14b9b1c991effa44ce450e764cbd91250f2768dd0ca7e1b2585434a974db212288a355fa313db43e5273adda3ef0275cf1bce6bcf53a37e0a5f0c9b2c3d57c71be693b5e5cf66d80131a3189e854928da074d34f1d5c2dc2547416d5c899c5139207aecafea70a770f8eae8c8b27ce6614f10ec2b5db775926f8d2b98d18103b9ea39ba88e9bb988d4454787798311bb584e7d53bde9bf732d14ec79af96b893c79032ec731c27a469088f5d73bfe7e555cce7bf426503a1b1a713a1793b912db92271882b57498d449d0d81aeb402c52d237b0ba5b178cfaf050f5ee36002efc3676404aed31f2b7cbfa29d904287b3c0970389d76626b1c41fcf1d0f658adce214a2ced8c738f6ad027d43a359b13935a0510b5aad351dedbb6b9b94c0718ca13f73183aa4509d6fc73db56a934dba95ce7cefbfa3ac4e2bf225844c3556c2feecd0a4940c046a7190e223bb88729215ec5edfbf937457815f26782c6f35dafc94a6a43929c416da8f3e676c1645892cc15ea8b5034c9f5ad4b062b975d782c1062eade781327eb9bfddb7393781c2a7af01e81e3587f5f8e3c93f9191a4d84d1cea2c86a99739500e441e69ac3b9f01bb61441dd4b88de15427c1383baea6b55f7cbc26ec6b5bb00e969d41aa137e05d68149cabf4b293fda138b2849d36763ef01050ce4f24e4f48473d008560d874e0825d220261b5de417a0af32a7f2b917a487f31992226ec3f5af897721e2fe084eb172df52de4a0fc5695ec2f0e82c19ba3476f1c8aaa2fe1e9df537bb35c1b8b0e8cb6c832a1c53b3f71c34a839d95d32a7f90af95d101d404e140136806b6af1e4105853c4fac9e0aa7a17367974bc7a5e0cfa9e832ac9fc57335cd9445026561b34c1aec2c6b1f38a3429d48de3c82bb8fd67941af1308beff62d0d2d94fb7b323d81f61e87f7362918cb5b9302bd2fd5ede7bb59b003a6da194241f455d205c0788a47bebad76e40cb83ecfdd96b0865feb184bb81c8fd0a2f8f6a1c3a7c42232979e35925492b823b551d5b221918f0fe574481f6e87519d0e39f52bb5d132befebc682f532bb1e6c3c9292868b7dcf56949b6cace5daefdcadb1fd4e889399ad4353ae3ce0fd0d43438afd752520d067e77726271be8e0559fef43ba64ca748f8e7dc29af3f40cd3f665b76b38f8fbd5fc5f3bf6167c8dfc45afe4424995d01e5b75169f0d0f10446cae05a2b597df7084e8be94219d1bdf152bcad37acd3008df4b7d5fe082b5a33a74a3574757dac57acb84be398d493469057de9ca9627b3372c77da1488cfb24b9a3c1c6106c472fec79e38961a72e2a0f47df1c7ab2acf242c346ea36b29a10ca0f0bea03c495315cbb567adbee4022fdb7ec9ee5593b5337b7a69cdcf29a28d08962c9d66209b3da1cef522249f15b37248d5123799d456d7a30f337c6f32eb3124248a00dc96885f5b83da74a1b930f583ad3da0beaca11c7982ee62ed7396981c534654550774f90eae2549d227e57a6a5bde3abd7b5b990b24c9539a64f3d56681aa741a42dfb262b61e66c5142a04ed06735dca1bfc17bd1f0db72cc0a33869fce7d088e9b07de3d995bc9888664fad0df0670abec36232ce5a8bfcded0fe57e38dae4421d089ee7b7d7d78ed5e6f365c0730234649a4e7d87231aa7edda2deda1c729031ad953c941a629cd1e9cc05a70e45171cc5c3c167194094891919683a6b25b7256da756fd6bfa9e857a51f11714bb700b01d792665a38f20dd6bcbe47f5a753fa494d6daaf4bcc557afbb9c92a8cfa4a2915c28c52c4c3c6a7146740604e8258090b088a7b60d95b273e086f62a4a7867dd471932f11b3f25a52dceeeb6a29e70305d9e417ff8927dddb3d39996697dcfeace1e57daa7852845409d8474ce3915bfdc90f399e2237e044690c495d663060862a895723dd301a7bc8b788343b35fb668c3a2f9fd93da71a187f18f807ecb3c5fbac3d6a3ffdc1264c4d32dc1cef135ea8a4db63be09bcd13b8bbad023ed29e9323e27089516e5216db6e5502061fa5859bfe55002def2dc2e42770ec90eba7c33549a32ba70980ee6fbb3eedb69b048457e3043420aab4e3ece2089b2e9771ea073680219dd8fa1ea8396fee80ebd68596ccf3a46c5b1254a689de1c5a8a27c1288232c46e11", @ANYRES8, @ANYRESDEC=r7, @ANYRES16], 0x0, 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1b}, 0x94)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x0)
prlimit64(0x0, 0x7, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)

6m37.260501825s ago: executing program 4 (id=159):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r3}, 0x18)
ftruncate(0xffffffffffffffff, 0x6000000)
socket$nl_route(0x10, 0x3, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0x0, 0x1000, &(0x7f0000fe6000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r7, r8, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
recvmsg$unix(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000002380)=[{&(0x7f0000002480)=""/195, 0xc3}], 0x1}, 0x2000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{}, &(0x7f0000000280), &(0x7f0000000140)=r4}, 0x22)
sendmsg$inet(r4, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x0)

6m34.267722762s ago: executing program 4 (id=164):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000"], 0xec}}, 0x0)
io_setup(0x3, &(0x7f0000000040))
socket$phonet(0x23, 0x2, 0x1)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_buf(r0, 0x0, 0x4, &(0x7f0000000040)="9f0910bc996c301c8107070400", 0x28)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
rseq(&(0x7f00000006c0), 0x20, 0x0, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x4, 0x0, 0xffffffffffffffff, 0xf9ffffffffffffff)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = fcntl$dupfd(r4, 0x0, r5)
getsockopt$inet_IP_IPSEC_POLICY(r6, 0x11, 0x10, 0x0, &(0x7f00000000c0))
syz_open_dev$dri(&(0x7f0000000340), 0x9, 0x40000)
eventfd2(0x3, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff})
ioctl$SIOCGETNODEID(r7, 0x89e1, &(0x7f0000000040)={0x4})
r8 = add_key$user(&(0x7f0000000040), &(0x7f0000000180)={'syz', 0x0}, &(0x7f0000000080)='\x00', 0x1, 0xfffffffffffffffb)
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r9, 0x5760, 0x14)
keyctl$KEYCTL_WATCH_KEY(0x20, r8, r9, 0x100000000000f7)
socket$nl_sock_diag(0x10, 0x3, 0x4)

6m18.921926342s ago: executing program 32 (id=164):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000"], 0xec}}, 0x0)
io_setup(0x3, &(0x7f0000000040))
socket$phonet(0x23, 0x2, 0x1)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_buf(r0, 0x0, 0x4, &(0x7f0000000040)="9f0910bc996c301c8107070400", 0x28)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
rseq(&(0x7f00000006c0), 0x20, 0x0, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x4, 0x0, 0xffffffffffffffff, 0xf9ffffffffffffff)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = fcntl$dupfd(r4, 0x0, r5)
getsockopt$inet_IP_IPSEC_POLICY(r6, 0x11, 0x10, 0x0, &(0x7f00000000c0))
syz_open_dev$dri(&(0x7f0000000340), 0x9, 0x40000)
eventfd2(0x3, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff})
ioctl$SIOCGETNODEID(r7, 0x89e1, &(0x7f0000000040)={0x4})
r8 = add_key$user(&(0x7f0000000040), &(0x7f0000000180)={'syz', 0x0}, &(0x7f0000000080)='\x00', 0x1, 0xfffffffffffffffb)
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r9, 0x5760, 0x14)
keyctl$KEYCTL_WATCH_KEY(0x20, r8, r9, 0x100000000000f7)
socket$nl_sock_diag(0x10, 0x3, 0x4)

5m37.737113118s ago: executing program 0 (id=245):
socket(0x2, 0x80805, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x140, 0x0)
r0 = userfaultfd(0x80001)
r1 = epoll_create1(0x80000)
r2 = memfd_create(&(0x7f0000000640)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\xfd\x89\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\rW\xef\x10\xd6d#\xf2\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8\x1f\xb2C\xf8\'?]\x16C\x166\xc0\xbcJT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8', 0x2)
pwritev(r2, &(0x7f0000000540)=[{&(0x7f0000000600)='\x00', 0x1}], 0x1, 0x7fffff, 0x8)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x58)
r4 = accept$alg(r3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sendfile(r4, r2, 0x0, 0x2000081)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x30000000})
r6 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
r8 = socket$inet(0x2, 0x1, 0x100)
setsockopt$inet_tcp_int(r8, 0x6, 0x17, &(0x7f00000000c0)=0x7d, 0x4)
sendto$inet(r8, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7820fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b", 0x44, 0x11, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r6, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)

5m34.594333988s ago: executing program 0 (id=248):
socket$kcm(0x29, 0x2, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
syz_open_dev$dri(&(0x7f0000000340), 0x8, 0x2c2080)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB=':syt 00N004093\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x2a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000280)=ANY=[@ANYBLOB="91104f000000000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
read$char_usb(0xffffffffffffffff, &(0x7f0000000040)=""/20, 0x14)
r1 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
mount_setattr(0xffffffffffffffff, 0x0, 0x800, &(0x7f0000001b40)={0x70, 0xb3}, 0x20)
r2 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$read(0xb, r2, &(0x7f0000000240)=""/112, 0x349b7f55)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x45}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r5, 0xc1485544, &(0x7f0000000080))
connect$inet(r3, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440)={'syz', 0x2}, &(0x7f0000000480)="6eb62ffc13578fc984d5faafb8d0736a4978a56b7afaec369885c629ae3056467a59cdd8745e539487dfc01f305313f35c383e16d434d74b9d621ae7f772e3d172da67d880a91d6a032dfb3ca177a628aeeb5364ae22ba04d968dc6183b8b7c38d64a33d1d7977ce21b45db9d0e65b83c3f66a7bd103ad2cc345fef6a606fa7b72e56d65510abff546c096447ee70ca1bbd2ba27864ceabe8ad9700831ca628b8ff1ba0008ed413d35adcd9c49ef5cb94729009014ae73a44eba61e41e51751fe0eeb9f2ac44b5938d8fe78ae818043646e56878b997a73e9b9297a976bf47377f61771f", 0xe4, r1)
keyctl$read(0xb, r1, &(0x7f0000000240)=""/112, 0x349b7f55)
mount$cgroup2(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x18000, &(0x7f0000000300)={[{@memory_hugetlb_accounting}]})

5m33.396108958s ago: executing program 0 (id=251):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x211a, 0x80, 0x4, 0x306}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, &(0x7f00000002c0)=@raw={0xc, 0x4, "69d6c882680e"})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = socket(0x40000000015, 0x5, 0x2)
bind$inet6(r3, 0x0, 0x0)
r4 = getpid()
r5 = socket$unix(0x1, 0x1, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
syz_open_procfs(r4, &(0x7f0000000240)='smaps\x00')
landlock_restrict_self(0xffffffffffffffff, 0x300)
syz_usb_connect(0x0, 0x34, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000094ba78084e080110aeed010203010902220001000000000904000001437b6a00090501"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
sendmsg$nl_route_sched(r6, 0x0, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000040)=0xffefffdc, 0x0, 0x4)
r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x40, 0x0, 0x0, 0x0, &(0x7f000043c000/0x1000)=nil, 0x1000, 0x4, 0x0, {0x0, r10}})
io_uring_enter(r0, 0x3516, 0xc2de, 0x8, 0x0, 0x0)
syz_usb_connect(0x0, 0x5d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000551b8920b822276080c20102030109024b0001000000000904000000020a0000052413", @ANYBLOB="1395e4d2a70d7b391889c7f92955565c50ad40f25f565421a2c25aadd2fc723ea9fba752af04cd9f5d8b16953f5d288fdff5fb08d4cd58f64e38739dca981c7b7d652b5538ad4cd3"], 0x0)

5m30.246507847s ago: executing program 0 (id=257):
syz_io_uring_setup(0x10d, 0x0, &(0x7f0000000340)=<r0=>0x0, &(0x7f0000000280)=<r1=>0x0)
syz_io_uring_submit(r0, r1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f00000004c0)=ANY=[@ANYBLOB="0100000000e0ffffce"])
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
timer_gettime(0x0, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r7, 0x80045503, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f00000001c0)={0x0, 0xffffffffffffffdd, &(0x7f0000000180)={&(0x7f0000002300)={0x14, 0x34, 0x107, 0xffffffff, 0xfffffffe, {0x1, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0x200488c0}, 0x2004c010)
r9 = socket(0x400000000010, 0x3, 0x0)
write(r9, &(0x7f0000000040)="1c00000018002551075c0165ff0ffc0280200003001e030500e1000c04", 0x1d)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet6_IPV6_XFRM_POLICY(r9, 0x29, 0x23, &(0x7f0000000640)={{{@in6=@loopback, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@dev}, 0x0, @in=@loopback}}, &(0x7f0000000400)=0xfffffffffffffc86)
sendmsg$nl_generic(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a80)=ANY=[@ANYBLOB="20030000340001002dbd7000fddbdf2504000000df223d492414c9bdd9a8f2bc74336ae7c8fd3793b28bd81990694dbfb55444866104fc6d4c376896cee1521d787fae7bf802c10ae250aadd8045d50ae74710f9363182fe281ade7575d268d95f63951dea44c43baa34f475a8803c4220b50e0030d3504ca894d94b5550f7efe510aca73ff0740672ad8c13b24a4882f1ec0a9982d263ef16e9b4c55c8577e7de54b6c17140b523b762de1aa63a9edd7beac37110081e9bafad76fb7eaae246bfaf3199696a12f231de3608555a2678d6698e4a4df9b5dea385aa9a6779308699868f6ce33714ac4f2baae703cdf9b509c82b916d51ab7abbcec67268f8e4bb879165e2e32b15454196428bea12566a0ec52e8cfc46dda7f56b4bee328e78a113b315f713bcd0db66a63b56a343ee78b30af7883d4e24487a135259fab193d7809bf4f65aa3026146e798aba0d41934f555540b811a18c64783789387554b957dc51986f79dbb7cbf4d1ebae1e59dc97f498afa560894e4a97f32fbdb613e2e2f1c9c01a78095014c80040047800400858008003f00", @ANYRES32=r2, @ANYBLOB="08003400ac1414aacf004a0076cf203318d8e240c1d4549814599ac927dfa9f2a10c1b80241816a951a5479f4274d4bc9ae416b8d59c7df3e33113a44ddf2f0f2fe93ff00557ce61339c0eff7483f4f6af7536ddd1a5c8cda258c94973eb42731babc07f8f24992bc4be23ac39fd14c80bfbf6e94c209ac91e3b926f28e7b7d5bfa00289896f30af4c906d3af6efece3770aab6fda06fb667788dea1dae244d045ae38338188a2a9e2d45d31d46313e671e1a35fd377813c663a9b7c54079814f506bf13fb439988cf54b5000c0078000000000000000000040073801400810000000000000000000000ffffac1e0101dc4192360129a684e10324ba5789826a7b9acace4a5b5726fc0470837dec3c2f6988ea1b37e58a565e745da97d5c1b0e5b7860017b46ac86117ee1c01b495e19f275a9ee219ec1397326ceed357cd94f1c274ca06b1bf3c18281fb4ff30d53bca3a245470ffc07d140700e4f562001e1c2c004d275ad85bc1a7866452d0800000004fa725dd8d2eadcbf8c3e5367f9d7abcd6a9b6c0e25e1c5d11356cba9d559ff19c27983cd3c4bc47f757397cd84c6f309c57e741aab2e4a1f176e8f40a52ed42983a2e751b2a110bf257f4ba9ab90482db0c618cb2c56b50cbeea80f144bd56aff228fe680e75bfb4081a1c4b232f9cfff4c86b23696026a65876871050c42bdd9cc6d978d96ef3a068ee2d1db4249de617d80cf8ad83fc5619ae600b87500ff7e6ba4b51532ce127f8f3903ca8b5cde091a11e8d2597a2b600b3bc99d813c075606f946fe8a88e04dd00307a16b625d4411653974750a656ff7829846a3b78c578c7ef4b14432a", @ANYRES32=r11, @ANYBLOB='\x00\x00\x00\x00\x00'], 0x320}, 0x1, 0x0, 0x0, 0x50}, 0x4000040)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
setxattr$smack_xattr_label(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='security.SMACK64IPIN\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="6f76617208000000ff"], 0x9, 0x3)
r12 = geteuid()
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x210cae, &(0x7f00000005c0)={[], [{@fsuuid={'fsuuid', 0x3d, {[0x38, 0x62, 0x31, 0x61, 0x36, 0x64, 0x37, 0x31], 0x2d, [0x34, 0x61, 0x30, 0x39], 0x2d, [0x64, 0x39, 0x38, 0x38], 0x2d, [0x35, 0x62, 0x38, 0x66], 0x2d, [0x32, 0x36, 0x33, 0x35, 0x7b, 0x64, 0x35, 0x32]}}}, {@euid_eq={'euid', 0x3d, r12}}]})

5m27.989407661s ago: executing program 0 (id=258):
r0 = fsopen(&(0x7f00000001c0)='sysfs\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000007c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(sm4)\x00'}, 0x58)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x4814)
recvmmsg(0xffffffffffffffff, &(0x7f0000003c80)=[{{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0xffffff0d}], 0x2, 0x2001, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f00000000c0)=0xffb, 0x0, 0x4)
userfaultfd(0x1)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000005c0)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256-generic\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000013a40)={0x0, 0x0, &(0x7f0000013a00)={&(0x7f00000158c0), 0x10b8c}}, 0x0)
sendmsg$AUDIT_DEL_RULE(r4, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000d00)=ANY=[@ANYBLOB="44040000f40320002abd7000fddbdf2500000000000000002d000000030000004e00000002000000050000004900000047a900000000000005000000c73e0000846500000c000000060000001e0000000a00000000000000400000003b01000009000000020000000500000001000000e4000000010400000c000000ff0300000900000010000000000000000100000030000000000000000080000012750000060000000800000008000000550f000007000000f1f6ffff0f000000170c0000040000000200000007000000312a0000510000000008000019c9000000000000ff0f000000000000860000000300000009000000040000003e9800000700000004000000010000000f000000f7ffffffff7f0000ffffffffff0700000800000001000000730000002f0e0000080000002e0e0000070000000400000034ffffff5b0d00000600000002000000aafbffff030000000800000004000000ff0100007a0000000000000006000000e3be00000500000009000000ff0700001000000005000000a22d00000b000000b9b20000080000004708000005000000010100001f5900002ac10000010000000dd80000008000000300000003000000a3ffffff7f0000000600000005000000570000000100000000000100000100001a630000090000000700000000020000070000000000000003000000050000000600000033070000d600000001000080000001000300000006000000fcffffff61b2000010000000fcff"], 0x444}, 0x1, 0x0, 0x0, 0x800}, 0x4008000)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_test', 0x141a82, 0x0)
sendfile(r5, r5, 0x0, 0x4)
io_uring_enter(r5, 0x4c6e, 0xc67a, 0x34, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0xf)
setresuid(0x0, 0xee00, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000040)='dirsync\x00', 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socket$netlink(0x10, 0x3, 0x10)
r7 = socket$inet6(0xa, 0x3, 0x266c)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r7, 0x29, 0x45, &(0x7f0000000000)={'NETMAP\x00'}, &(0x7f00000000c0)=0x1e)

5m26.020396416s ago: executing program 0 (id=261):
socket$kcm(0x29, 0x2, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
syz_open_dev$dri(&(0x7f0000000340), 0x8, 0x2c2080)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB=':syt 00N004093\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x2a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000280)=ANY=[@ANYBLOB="91104f000000000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
read$char_usb(0xffffffffffffffff, &(0x7f0000000040)=""/20, 0x14)
r1 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
mount_setattr(0xffffffffffffffff, 0x0, 0x800, &(0x7f0000001b40)={0x70, 0xb3}, 0x20)
r2 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$read(0xb, r2, &(0x7f0000000240)=""/112, 0x349b7f55)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x45}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r5, 0xc1485544, &(0x7f0000000080))
connect$inet(r3, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440)={'syz', 0x2}, &(0x7f0000000480)="6eb62ffc13578fc984d5faafb8d0736a4978a56b7afaec369885c629ae3056467a59cdd8745e539487dfc01f305313f35c383e16d434d74b9d621ae7f772e3d172da67d880a91d6a032dfb3ca177a628aeeb5364ae22ba04d968dc6183b8b7c38d64a33d1d7977ce21b45db9d0e65b83c3f66a7bd103ad2cc345fef6a606fa7b72e56d65510abff546c096447ee70ca1bbd2ba27864ceabe8ad9700831ca628b8ff1ba0008ed413d35adcd9c49ef5cb94729009014ae73a44eba61e41e51751fe0eeb9f2ac44b5938d8fe78ae818043646e56878b997a73e9b9297a976bf47377f61771f", 0xe4, r1)
keyctl$read(0xb, r1, &(0x7f0000000240)=""/112, 0x349b7f55)
mount$cgroup2(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x18000, &(0x7f0000000300)={[{@memory_hugetlb_accounting}]})

5m9.7955925s ago: executing program 33 (id=261):
socket$kcm(0x29, 0x2, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
syz_open_dev$dri(&(0x7f0000000340), 0x8, 0x2c2080)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB=':syt 00N004093\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x2a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000280)=ANY=[@ANYBLOB="91104f000000000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
read$char_usb(0xffffffffffffffff, &(0x7f0000000040)=""/20, 0x14)
r1 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
mount_setattr(0xffffffffffffffff, 0x0, 0x800, &(0x7f0000001b40)={0x70, 0xb3}, 0x20)
r2 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$read(0xb, r2, &(0x7f0000000240)=""/112, 0x349b7f55)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x45}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r5, 0xc1485544, &(0x7f0000000080))
connect$inet(r3, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440)={'syz', 0x2}, &(0x7f0000000480)="6eb62ffc13578fc984d5faafb8d0736a4978a56b7afaec369885c629ae3056467a59cdd8745e539487dfc01f305313f35c383e16d434d74b9d621ae7f772e3d172da67d880a91d6a032dfb3ca177a628aeeb5364ae22ba04d968dc6183b8b7c38d64a33d1d7977ce21b45db9d0e65b83c3f66a7bd103ad2cc345fef6a606fa7b72e56d65510abff546c096447ee70ca1bbd2ba27864ceabe8ad9700831ca628b8ff1ba0008ed413d35adcd9c49ef5cb94729009014ae73a44eba61e41e51751fe0eeb9f2ac44b5938d8fe78ae818043646e56878b997a73e9b9297a976bf47377f61771f", 0xe4, r1)
keyctl$read(0xb, r1, &(0x7f0000000240)=""/112, 0x349b7f55)
mount$cgroup2(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x18000, &(0x7f0000000300)={[{@memory_hugetlb_accounting}]})

15.761493566s ago: executing program 3 (id=620):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYRESHEX=r1], 0x48)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
writev(r4, &(0x7f0000000040)=[{0x0}, {&(0x7f00000000c0)='n', 0x1}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
eventfd2(0x0, 0x0)
r5 = epoll_create1(0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r6, &(0x7f0000000400)={0xa})
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x3000)=nil)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/anycast6\x00')
preadv(r7, &(0x7f0000000d00)=[{&(0x7f0000001b80)=""/4096, 0x1000}], 0x1, 0x2, 0x200)
r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$SOUND_PCM_READ_RATE(r8, 0x80045002, 0x0)
mmap$dsp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x5, 0x11, r8, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r8, 0xc0045005, &(0x7f0000000040)=0x8000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000ac0)={0x6, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000000800a0018010000756c6c2500000000002020207b1af8ff000000009fa100000000000007010000f8ffffffb702000008000000b70300000000080085000000c800000095"], &(0x7f0000000080)='GPL\x00', 0x7, 0x7f, &(0x7f0000000140)=""/127, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)

14.559856449s ago: executing program 3 (id=622):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
syz_emit_ethernet(0xe6, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
accept4$rose(0xffffffffffffffff, &(0x7f00000000c0)=@full={0xb, @dev, @rose, 0x0, [@bcast, @null, @remote, @remote, @default, @rose]}, &(0x7f0000000040)=0x40, 0x80c00)
socket$l2tp6(0xa, 0x2, 0x73)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
getrandom(0xffffffffffffffff, 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000840)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x24}}, 0x10)
sendmsg$rds(r2, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0}, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
getdents64(r3, &(0x7f0000000100)=""/176, 0xb0)
setxattr(0x0, &(0x7f0000000080)=@known='security.selinux\x00', &(0x7f0000000300)='\x0e\xc2\xfeC\v\xf6\xd1C\xb3%\x1f\xe8\x7f\x1d\x9f\x05+\xcd\x88\xc6\v\xc8q^X\xc6v\xdc\x99\xf5\t\x1c\x93\xf2/G\xb4\xba\b\xaf+\xde\xdaG\x9f\xa4T$k\xa7\xaa\x85\x12\x97\x87\x8a\xc91\xcd7\xf01e\xc4SK9\x01\x852\x95\xc52\xe2\xc6\xe3\x06\xca\xe39\xbe4}\x033\\\xa8\xf8\x9aA\xd4\xf7\xfd\x9d\xacV>I\x16\xd9R\x17N\x9f\xab\xbe\x11@s~qi\xfb\xc6S\xca\xe6Q_\x1f\xa3\x19V\xbe\x13\xdb\x83PQ\x11\xdb\xbf\xda\xd6\x12w\x88\x99$\xd1\x12\x1c\xec\xe0u\xd9mfi\x06\xdc7\xf6L\xe9o\x19\xcfV\x18\xcb{\x89C$\xa8\xad\"*x\xf5\x1d\xdf\xe0>yk-\x8e\xea>\x13\xdd\xb6ih\x15\x112\xfe\x9dQWW\xe3\xaa\xe8\n\xaaA\x1d\xe2\vt\x1e\xb0o,\x0f\\W\xfa\xf6cs\x85\xab\xbdxh\x1b,Ak\x81ZV\x1eC\xfc\x99\xa1', 0xe8, 0x2)
r4 = openat$smackfs_cipsonum(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/fs/smackfs/doi\x00', 0x2, 0x0)
write$smackfs_cipsonum(r4, &(0x7f0000000700)=0xfffffffffffffffd, 0x14)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB="ce32f078aadfffc95416005e3b467122a49950dfd8dacadeba3aa118f27a19b63f3d56f9046642f4a521177fe5131063be399eabc6ba204fd2a1808dadf16f4ca518e86a170d3cfe4413dcb7d10ee696ee7612d1523bd8c502e0e1d77b507b275435f14995bb91d9b03a416ba5762bd3b793707d05b8e8e96b85d47204eb808b70ae5e46baac58c08e5d", @ANYRESHEX=r0, @ANYBLOB="c1153c9019ccdedfb5c45cc1b1e0db7b1d22a68772806621e96df2fd121bcadfa5ae537fa44fbdaac49b00678036a9f183d2f1c033f1cc4f2aae9c92bce68a677ad9af51fa98c2a1f46253a9ed22afde0490df31564bf29868fc6efadc584f32723f46b1086f8b60db3769389eeec0a8565295b98189df883d14dee9ff662b32d2e323e3"], 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x0)

12.761419785s ago: executing program 2 (id=624):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000100000000000000e9ff000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10)
membarrier(0x40, 0x0)
membarrier(0x20, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
syz_emit_ethernet(0x26, &(0x7f0000000000)={@local, @random="af4e6a961c0b", @void, {@ipv4={0x800, @generic={{0x6, 0x4, 0x0, 0x2, 0x18, 0x0, 0x0, 0x0, 0x32, 0x0, @dev, @rand_addr=0x1, {[@generic={0x7, 0x2}]}}}}}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioprio_get$uid(0x3, 0xee00)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffc4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x1000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xe4010000, &(0x7f0000000080)=[{&(0x7f00000000c0)="1400000017000b63d25a80648c2594f941a3c92b", 0x14}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\'\x00\x00\x00\a'], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='2', 0x1, 0x8)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r6, &(0x7f0000000000), 0xd)

12.760081559s ago: executing program 3 (id=625):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x6000000)
socket$nl_route(0x10, 0x3, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000"], 0x48)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0x0, 0x1000, &(0x7f0000fe6000/0x1000)=nil})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r5, <r9=>0xffffffffffffffff}, &(0x7f00000006c0), &(0x7f0000000700)=r4}, 0x20)
recvmsg$unix(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000002380)=[{&(0x7f0000002480)=""/195, 0xc3}], 0x1}, 0x2000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r9}, &(0x7f0000000280), &(0x7f0000000140)=r3}, 0x22)
sendmsg$inet(r3, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x0)

11.530856111s ago: executing program 3 (id=626):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {0xee00, 0xee01}}, './file0\x00'})
r2 = creat(&(0x7f00000001c0)='./file0\x00', 0x102)
sendto$inet6(r2, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x40488d0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = syz_open_dev$video4linux(&(0x7f0000000000), 0xfffb, 0x60082)
ioctl$VIDIOC_QUERY_EXT_CTRL(r5, 0xc0e85667, &(0x7f0000000300)={0xa0000000, 0x4, "6ff6ad4d49bf769c2fe25720ed5009622e709195057af5b6837b0b5f886643fa", 0x1, 0x2, 0x10000001, 0x8, 0x1, 0x87, 0x7fffffff, 0x0, [0xfffffffa, 0x10000, 0x1, 0x8]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x8c}]}, &(0x7f0000000080)='syzkaller\x00', 0x4}, 0x94)
openat$nullb(0xffffffffffffff9c, 0x0, 0x84042, 0x0)
r6 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000080)={0x84, @multicast2, 0x15, 0x3, 'none\x00', 0x1, 0x4, 0x43}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @empty, 0x4e20, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0x0, 0x12d5c, 0x12d5c}}, 0x44)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f0000001ac0)={r6, 0x4, {0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x14, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0x3]}})
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38)
r7 = socket$kcm(0x10, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
syz_open_dev$hiddev(&(0x7f0000000100), 0x4, 0x4101)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r8, &(0x7f0000000100), &(0x7f0000000000), 0x2}, 0x20)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000402505a1a4400001020301090254000101000000090400000002060000052406000005240000000d496d941f9d28f19c00000000042413001524120000a317a88b045e4f01a607c0ffcb7e392a0905820200000000"], 0x0)

10.121723103s ago: executing program 1 (id=627):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socket$kcm(0x2, 0x200000000000001, 0x106)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r6 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r6, 0x400448c8, &(0x7f0000000280)={r5, r5, 0xc, 0x0, 0x0, 0x9, 0x1, 0x457, 0x9, 0x9, 0x1, 0x1, 'syz1\x00'})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r6, 0x800448d2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='mountinfo\x00')
syz_io_uring_setup(0x186, &(0x7f0000000080)={0x0, 0x0, 0x13100}, 0x0, &(0x7f0000000000)=<r7=>0x0)
syz_io_uring_submit(0x0, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r6, 0x2def, 0x0, 0x38, 0x0, 0xfffffffffffffe0d)
mount$bind(&(0x7f0000000380)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
socket$kcm(0x10, 0x2, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000006, 0x40032, 0xffffffffffffffff, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00')
pread64(r8, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000300)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="480000000906010800000000000020000200feff0900020073797a310000000008000940000004390500010007000000100008800c000780084cb9a576"], 0x48}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

8.794973697s ago: executing program 1 (id=628):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0xfffffffffffffffd}, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x3, 0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61158800000000006113500000000000bfa000000000000007000000ee0016055e0301000000000064050000000000006916300000000000bf07000000000000260507000fff07206706000020000000470600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)
sched_setscheduler(r0, 0x1, &(0x7f0000000180)=0x3)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@updsa={0x104, 0x1a, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in=@empty, 0x0, 0x3c}, @in=@loopback, {}, {}, {0x0, 0x1ec}, 0x0, 0x0, 0xa, 0x2}, [@coaddr={0x14, 0xe, @in6=@private2}]}, 0x104}}, 0x0)
shmctl$SHM_LOCK(0x0, 0xb)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_dev$sndpcmp(&(0x7f0000000500), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r4, 0xc2604110, &(0x7f0000000580)={0x0, [[0x2, 0x0, 0x0, 0x0, 0x54], [0x3, 0x200, 0x0, 0x0, 0x0, 0x0, 0xffff], [0x44, 0x8, 0x0, 0x7f]], '\x00', [{}, {}, {0xfffffffc, 0x9}, {}, {}, {0x0, 0x1000}, {0x0, 0xfffffffc}, {}, {}, {}, {0x8}], '\x00', 0x0, 0x0, 0x0, 0x2, 0x0, 0x2})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r5)
socket$inet_smc(0x2b, 0x1, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r6, &(0x7f0000003000)=@file={0x1}, 0x6e)
shutdown(r6, 0x0)
r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r7, &(0x7f0000001180)={0x23d, 0x7d, 0x0, {{0x500, 0xfc, 0x0, 0xfffffffa, {}, 0x1bac0000, 0x0, 0x0, 0x0, 0x25, '\x04no\xc8f\xc9}`\x99\x06\x00\x00\x00\x00\x00\x00\x00\x90\x00\x00\x1d\xf6\xdb\x00\x00\x00\x00\x00\x00=\xd3\x00\x00\x00\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x17, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x0fX\x05\x02\xb6n\x00\xf3\x13\xf6\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x05\x00\x00\x00\x00\x00\x00\x00\xc2g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x23d)
listen(r6, 0x1)
connect$unix(r6, &(0x7f0000000640)=@file={0x1}, 0x6e)

7.47605777s ago: executing program 1 (id=629):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', 0xffffffffffffffff, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x2c, 0x2b, 0x107, 0x8000000, 0x0, {0x5, 0x7c}, [@nested={0x18, 0x1, 0x0, 0x1, [@typed={0x14, 0x0, 0x0, 0x0, @ipv6=@local}]}]}, 0x2c}}, 0x40080c0)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
ppoll(&(0x7f00000000c0)=[{r2, 0xd000}, {r2, 0x4018}], 0x2, 0x0, 0x0, 0x0)
write$vga_arbiter(r2, &(0x7f0000000040)=@other={'lock', ' ', 'io+mem'}, 0xc)
write$vga_arbiter(r2, &(0x7f0000000080)=@other={'decodes', ' ', 'none'}, 0xd)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
sendfile(r4, r3, 0x0, 0x6)
read$watch_queue(r4, &(0x7f0000000540)=""/4096, 0x1000)
r5 = gettid()
fsetxattr$trusted_overlay_origin(r3, &(0x7f0000000400), &(0x7f0000000440), 0x2, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
timer_settime(r6, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
preadv2(r7, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000001700)={&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000001540)="8c4a9cff497b9cdaf9d504d153e5adcbd9ac975419c349e65e8c6234d08f23df10b3df566db8342a4ee26a2d8f5e50c6cdc3ceb8495690a9364a12938f1171b6ea8513750424c93827357d7bba8ce3e6fdd5ac24330d3e66ea8639d9f1aa4cb93f460dd33f9c0b550f161bfaa7632b2ae73de4622c8161b71f82245e8f8f801b56d5035081cb020afe2513adfb5953e7b039", 0x92}, 0x68)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000000c0)=ANY=[@ANYRES32, @ANYRES64, @ANYBLOB], 0x10)

7.475465736s ago: executing program 2 (id=630):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYRESHEX=r1], 0x48)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
writev(r4, &(0x7f0000000040)=[{0x0}, {&(0x7f00000000c0)='n', 0x1}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
eventfd2(0x0, 0x0)
r5 = epoll_create1(0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r5, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000400)={0xa})
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x3000)=nil)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/anycast6\x00')
preadv(r7, &(0x7f0000000d00)=[{&(0x7f0000001b80)=""/4096, 0x1000}], 0x1, 0x2, 0x200)
r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$SOUND_PCM_READ_RATE(r8, 0x80045002, 0x0)
mmap$dsp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x5, 0x11, r8, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r8, 0xc0045005, &(0x7f0000000040)=0x8000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000ac0)={0x6, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000000800a0018010000756c6c2500000000002020207b1af8ff000000009fa100000000000007010000f8ffffffb702000008000000b70300000000080085000000c800000095"], &(0x7f0000000080)='GPL\x00', 0x7, 0x7f, &(0x7f0000000140)=""/127, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)

4.896230849s ago: executing program 1 (id=631):
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a000000", 0x4)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
r1 = openat$vcsu(0xffffff9c, 0x0, 0x288a80, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRES32=r1], 0x48)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c)
sendto$inet6(r2, &(0x7f0000000140)="80003ee9620ca1ce", 0x8, 0x0, &(0x7f0000000340)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000300)={0xa, 0x3, 0x8, @loopback, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000000000)=@gcm_256={{0x303}, "41328ac34a4ad2ba", "e8582491a0c4050000000000f6542a9b6800000000000000003967d2daa45b4e", "61241765", "89b06aff130000fd"}, 0x38)
sendmsg$inet(r4, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000019600)=[@ip_tos_int={{0x14, 0x11a, 0x1, 0x8000003}}], 0x18}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={<r5=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000540)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000100)=0x1, r5, 0x0, 0x1, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r3, &(0x7f0000000140)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e23, 0xfffffffd, @empty, 0x5}, r5}}, 0x30)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="140100002b00010000000000ffdbdf25020100800c00020006000000000000001400010001007d48f225caf14f09b3000000000000000000000000000150bb2d6f67d29d6fabadb107d0def40588ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d962fbc08c029d1608a487f26fbe816b89f7cb81060000000000000056555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f07976773b2ec1a875f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f0000"], 0x114}], 0x1}, 0x0)
syz_open_dev$ndb(&(0x7f0000000280), 0x0, 0x101000)
write$RDMA_USER_CM_CMD_LISTEN(r3, &(0x7f0000000200)={0x7, 0x8, 0xfa00, {r5, 0xffffffff}}, 0x10)

4.837260629s ago: executing program 2 (id=632):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$getregset(0x4205, r3, 0x202, &(0x7f0000000240)={&(0x7f0000000180)=""/120, 0xffffffffffffff28})
r4 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
ioctl$TCSETS(r4, 0x40045431, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
r5 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r5, 0x1, 0x4000000000000002, 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x880, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_FILTER(r8, 0x6b, 0x1, &(0x7f00000001c0)=[{0x3, 0x0, {0x2, 0xff, 0x1}, {0x2, 0xff}, 0x2, 0xff}, {0x0, 0x3, {0x1, 0xf0, 0x3}, {0x2, 0x1, 0x1}, 0xff, 0xfe}, {0x2, 0x1, {0x0, 0xf0}, {0x1, 0xff, 0x3}, 0xff}, {0x1, 0x1, {0x1, 0x1, 0x3}, {0x1, 0xff, 0x1}, 0xfd, 0x1}, {0x3, 0x2, {0x0, 0x0, 0x4}, {0x0, 0x1, 0x4}, 0x1, 0xff}, {0x1, 0x1, {0x2, 0xff, 0x1}, {0x2, 0x0, 0x1}, 0x2, 0xfd}, {0x1, 0x2, {0x2, 0x1, 0x4}, {0x1, 0x0, 0x4}, 0x1, 0x1}], 0xe0)
r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_CLEAR_DIRTY_LOG(r7, 0xc018aec0, &(0x7f0000000000)={0x1000a, 0x380, 0x2c0, 0x0})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r9, 0x4090ae82, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_RUN(r9, 0x8090ae81, 0x0)

4.76032779s ago: executing program 3 (id=633):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000040)={0xc})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x1b00, 0x0, 0x3, 0x80}, &(0x7f0000000180)=<r3=>0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c000000020603000000000000000000ffea000005000100070000000900020073797a300000000014000780080012401b0000000800084000000000050005000000001005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf)
write$P9_RGETLOCK(0xffffffffffffffff, 0x0, 0x1f)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$TCFLSH(r6, 0x400455c8, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000040)=0xfc)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000280)=0x4)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000180)=0xff)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000380)=0xff)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f00000001c0)=0xfe)
syz_io_uring_submit(r3, 0x0, 0x0)

2.70585208s ago: executing program 2 (id=634):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x6000000)
socket$nl_route(0x10, 0x3, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000"], 0x48)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0x0, 0x1000, &(0x7f0000fe6000/0x1000)=nil})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r5, <r9=>0xffffffffffffffff}, &(0x7f00000006c0), &(0x7f0000000700)=r4}, 0x20)
recvmsg$unix(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000002380)=[{&(0x7f0000002480)=""/195, 0xc3}], 0x1}, 0x2000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r9}, &(0x7f0000000280), &(0x7f0000000140)=r3}, 0x22)
sendmsg$inet(r3, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x0)

2.7042501s ago: executing program 1 (id=635):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d0000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r3}, 0x18)
ftruncate(0xffffffffffffffff, 0x6000000)
socket$nl_route(0x10, 0x3, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x3, 0x0, 0x1000, &(0x7f0000fe6000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r7, r8, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
recvmsg$unix(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000002380)=[{&(0x7f0000002480)=""/195, 0xc3}], 0x1}, 0x2000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{}, &(0x7f0000000280), &(0x7f0000000140)=r4}, 0x22)
sendmsg$inet(r4, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x0)

1.399989418s ago: executing program 2 (id=636):
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r1, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
socket(0x2, 0x80805, 0x7f)
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r2, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @default}, 0x1c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r3, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

251.984525ms ago: executing program 3 (id=637):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r3 = add_key(&(0x7f00000001c0)='big_key\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000002240)="d790b0c9b0", 0x5, 0xfffffffffffffffe)
keyctl$update(0x2, r3, &(0x7f0000000240)="acb8fb8c9d1e141b4f27961496efdabf0855919880cfadeb8c5991ce880391c8f447ac3053576d71c0d8a0954164aef81534c7532f881ced306549c914db95e1543dd1d0e53cf7fc283e3828918640f2be989fd99c1f386d50990a529138a2fb7881467b52d52b35625018702a3a6158aaa251dea4022ca0205897a8259c8ed82bd77b691113793d9780c4fdcf7465e7f5e9d02ab90c1c6397b47a0b5e895f93a5615910bebfa7f4beb72d8aa6f9aeba2132d6bda9dae72f029b409d16e466ef6e8dc82e624eafe7e9ea7eae87b983bca2c176fdc0dd8fa3106452edcaf39cec79b3b309cf290c652b97a0d1335c11d6dad8510bc65625afad72ac190bdffed1fe565d2a1c3bf80a8aa3c73c553ec83b4d22b5fbb615e8dad256557647ec7df18d4977ee488342b459581045b2aec89aef08086fe107daffbf2fc8eabe397b913a7a8c0b42d7be0531e50d28cfdbdeea433daea16e0d8eda13895c0f59c28fec28750c37ea292b5a77aedbef1ff6d1c6c772ec16d3c8cb122ff4adcb12a95dc72d9f1c43db90f1c89405823b0220bbd84ada37628b729e8f82ba05368d0c1819107df1a1b94e82f6ad7d9029a7a851293d10b7bd090fa61c474a9e4ac831d5f11e5213a70e67d1a113c1804fd3271765da6f3e3b198ec81cc3b9a28e6911444f9dd4be976aaa41bd14096d5346990ec83f320f22877a16edcaca1d3d6c49514560a19218a12b21786f8a8cc66aa936496622ba1232bc7613b5319efde5ec858ca27cc1402750f198241faa46257b94b072d7deeadca73f912a2bea963404ae83f38156d776ce5b6ab5354be8e6c73bdff445fe88aabe3fe4b7734138253dff8aa23eca4bc08328de02aa9ef3ff34829742ba0e8c079714b8b4087d63f2b1bfc60d74a2406e40398cebcf8aee30c1a273fcf4f24ccbf87d222eddce971698010f151cab1d9e826fc6cdbae397bdceffd6b2b0578ec0f2bcd28fb7d0216149a4c9ab848c09933545096d5fbac9852a8980937031b7a93a07f1faaa6aa5eb61ff433c55d9504e93cb609c87b77102cff939386dff77a3860ed8728f14ccdda62cb42a9843cee12e6ed4a5f854c3361b037377365e3bf2885a2413af27a2aad098a5d62e501c61e1a360fd33e026b769a8284d1879811db6f302fd770d743ac2670e6326e0ad14e90c6a28cbfd1ef345db885b458d1c2e9b7e08dc624f57c8e5983a36516f1bc4a2c9c9887fb09677ee794cac583a8061a95dfb355720e5df7d250fe1b9a8560f494c6d10c44e3012bb4baece16e383484940f8bcb3ba4928ab52ddee880035248afdae083b069e72f582444dc4bd192a2d5d83502aca3c594cbb274cbfe741b7ec4c33816aa7ef18330f6c3c989b60d15e4875fd1a2bcd72e2f1b61fafb30c489b039bf67de66cc5a73a4a1d74b764c2ed224d1ba1bd447e1ae90ab62a0eb8c6267cbc5502b9bc742ed06ac5e1564dde874ab61f44421df40c0c22c68bdd6da2c42a6de593fffbcac236721515696aab29fd6619a0c14938fbb945fd0bafe42c5e74080c6acb530d498aa640734867272ad7d63446086967458b3b29ee5d2e474f13ed926928ba00ff2eff5cf164a1d73ab57efb277d9683fd7a1bc96d9861d05341821adf9e4660742d97e7bfa485fd4eda7699fb5b8234c03e3f2f25ed5a52a4b3f62e079ba110638b4622ed11aaf4636eb52249742cdb717f258318107e9c520b5f2eee1dca71dce4fde15a4beed9cca5003cffce9aa1d7fa1de1dfd80aa10beb334488085b8e1556edaa12fc7f05c6be3279c414fd04c6b74f66c89156e732b3f008fe397b137df19cba0eb9cfab82f90c7325241a0519f77cef51ebe9822491b716d90dc7477d8c9f92f74386a8aab524184f38eb5dca0573c8ee65b8fd768999eed112c4193234f2b3fd83536b3a36e6972136a8fa3afdb43f8442299696ff7cce89093e846bb80372882950b7a273279dba0bd38b98a4052dad0ec5827b9bb3b1db4d34002c26c83343efb518c4563ff92753d908c88291bdc76db86e09b9034296194fc80f499a85bc411bf5d0ac8f597d5e6386a99dc1989108d54cbd2cf735d3e0eb1b55be2c7dbd987227fa4d40b74ed3fd4796ebc6b78ab15a38253ab6c58b2fe055ed85c933c4632153e103a7e7ffd23106e1f24476ab4720090274c66e806387f2870b051324e2bb8444b6031ad33b93c8cea53d5ba24f71bcf7b67a771b153c4e158633148bb2bc48ca998fd141a780aa3834ab4f46048b22ac45aba1ffbcfe93971423e8805328a520c4a53bac1590de023ceb1cc2b54a79e8f68ce850ddabd6cba5c39695d120b1e04d1ec111a6fe4b918d7f8e4ff6cc15e11058bb9db5d696c10bba1b9717b9ee7fe2b5537325862fb97223d4e3271b148ccc62a9c57b6122926fc205062f95e345e0ee494aff8094544b7388e3eb896a09be3ff982375f62b5a8f9b3fc33e010023b271eb26964e89570879a161f69c5697c671f55943471752ed3865b0fafa9139cd3b1210e64a1942cb5ee211eb5c506d832af83a0e2949127143187553b8378b8970fe2ac3ff872ac8e1d24a27f0e8fa3e4f1389dac6faccc8798a691283d62f8f37a46b5b61449326712ed9553c834fede17da9c35950026dfbd4bc50951e0debe70b5fcc0c44be67aeb79d73a5b5910cda37427290ed09ef7fad69161cc72f46ab20d6be2c5ce479514817f5345429863f8ced9ed7cd7302076d1d69e76ca0529a8f48912a09b35d4a9815015307819d08666373eb864ab2520583793564a726384e06d759c2047ae47472fc52ce3c2ae77538984ec4d57bdfcb234a32bde305cfa0455c2f807bbd6a7c1c1b55cabb6ed026ce669900f5ea4ca89cc372d1ba8758f732f9cfcf307ec9af3147db86317de69cb70d673eb2fb172303c1486729631af0ee6278b3153c0a63a5da2f8af6fed6bf0cec794b79e2a4cb696ca795bcf5b32c535e5425b7283114901ca4e7818bd7eaa270ba39912662c750ee835cbdce5dde90ba31687459c8a056cce0cc6a64c3ed33cee48cf50fa9ece345b7f115d2aa0df07eff7b30dfa9949474e5883ed6c85c849b9f84b015b20c63ec81eded16aa4a04e8426b08380667a5df84abc76a62864f21ca9b5bf1d54fca9f635f41d547d9cf61641f450c8e7d6a2b17b4dd75bb4618b444142e3de441868e1a6790283c01e51d41579cce50cf37f49843b36ecf9afdbeb8404c2d66dbe7bb0353e610a6027f2162302323388f2a5e0c3fa7e523a0ad5522f6bb60cf2ca89f8c399516129694c052bbe5fb8955eb9a71e44b28fb3e76d49dc342b07bcd91a6ea534d78e9fd454b75d043e39416b205b34f5c3eeb1c7faa75a712ef9de21f8abddea4bcadf8c0ec8a0d04f01874b2bd4ef0dfe8b687ecca0353e9c7624df40ef47c45eb62feb123560f55e6e1f414d42ea23f54e633d8b769cc33ba6a02b7285b0517668b23b7f5d032ab21448b51a06fd1cbce94441d5e4844d8f41cb2b83afd9297be75c2425b667902faa972b36044f45c2c1c8a4c505e6e0eb4a9e79376f2470b789681f44501288d7f85fc46cad233edcfb52990ccdac469943b7e391f6138a64dfe082c27c87bad86b57bdd3ab284e0fe7709866aa7ace28538bc085fb2b355e0232a8807173771afd532290b5dc8548c9b4b2ee3853827c5b6ac901e5854fa0ac9409aa6551970ad2c87e8f761a5b21d9fb863ee4c6bca908c30da24e77dd6b5262e064f69b615dc9edf39fb10ef4c9b4954f6382b4cf82c231c35fb146853ead994fa558d189fe43b08181399fb7b2c9a6fdb2a7ecff1faa24b50cc79eb97e28149823ced10f474df0a2f5c0fdc90ef412d94623f71591df8a579e4fd2d9019ad250e5ec6bcae9194638fa8f757f76b9bb99136e86b78bce79cc86b616ac7062a0cf94bdb9f4da8594e6c890f212dc3d52b2d93c9c14e4f7bf9e8c8a8bf5a8819ba01d327e2fc6ffbd14dcdcb28a318d44d29e6c3146d82c6701b309a046a38c8367afa79fcb9710292d71004902901264beecc1b356555e16bb03362fde0808e7068704b11f68884eea128621bc3b9a5c6ff52f69136e7791432ec5b57b658101ee9c62e7f8ef31fa68ed6648f62fa65d37329362526e509376eb624a6055f21ee1558e4113871720eb6b7ef6f814f2950699828cfd90bb1dcbf0266d7646529efab410ab2b386016441140bc61a82fef0e407d3fff08256ee94dd2ab4893ee8121a2e7f34717182ab52b8d5dd0646a189ff11b2b08400df887274154d436a5a4cecf7463e525aa10c60f71d90cfbd3a02b463081f49b7bb0066b78e1687a8f79d10fdc674f282daddaa48aa748deedc37184a27f0d70922b41c3b5062d718eb1698906fd61f16f589e06034f62076c31496c96878b153589619d9670018cf931a80ffe4a8b4fb523826927750cd95aa2f3d4334a4b621f6ce0e12511869b1b1d1feb7de9427fc53564ef5714c562d51a679917300f4b7bf28064189ba6f9624edea9a60b7d50c172242cc7e792290aa50c19a811bd6ff2e122d1f0cd97a4a9fc3f6ceb1996cf5939ad420a828e5041d8dddf7acc5534fb6eb892881d28b40b105405dcdf9dc8f5180d9a5cc774fd293ee4a356b6760949dc8a6772129c7efdb9bef7c2a4294bf18f7ac0c6f9069ddca25775bb73828f4a601c8dad2b5734106cc3fa173fc8418b1da5c66941f05d8d68bff407f2f82eb3844b297763a9e2b13ea95df06c6927b7ca25d039357ce72c27c4d710be89306b3bdf541cafc0c5a83bc506258b6110a91c51f18fa84d3edeab0ae4ab132e830e53b00df41d1e8e75fbc0265262114b203448bd93b04213dfeebc8b1dc3c16ee6c6e96e8f9db851e63cc90e38e2c81f75a96380ad1b2cb95d213b9f5dfc60dc667d765b5ba6f09b11102c10cbc87a46beddf3a8f2ac08310118f16ed6ff870d609d6872f785e7105130753fc673bc862e64", 0xdc1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x14, r5, 0x200, 0x70bd29, 0xffffffff}, 0x14}, 0x1, 0x0, 0x0, 0x4000090}, 0x1)
keyctl$describe(0x6, r3, &(0x7f0000001240)=""/76, 0x4c)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000001040)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a2c000000180abf4c00003c0000000000020000000900020073797a30000000000900010073797a3000000000140000001100010000000400000000000000000a58798d83c65018075da42df07858cbc396e1b573740feeeaafc7101803c8925673fbc3caf251d29c1171d16354bee78b47c9e92e5a9c6ad81250126ca736a22dfa12ac8f44caa9e23a24e83215189c23bd264c019ef3f3c8d6d75931b7c1017c9e35e9e461cefcff9739e7f9a102362b8cc96c8dad2b265cfad0d311190140f707b8fbca92937c35919dd9d104978addc0ac454d6cb300df075126f434b3cdef7da1f44f6f9eb68471f3a8e29805b5f0c60badbd4fe43a35e122adb694ffcbc2034d0488712695ff2da16eb8779f5a391e98c4f4f5b43389d5c7e8bde58670eef8229f2908bb05e143143b2ceb452a6691b30dea95f137bb31484b290ad3d328319255d1f048a68edd1dd4eb41ea29d43ee940a070674beb9e5be9889dd28e665853d81cb3a55ab6ea9b810aa7a1e90da79f25e983ba6880b2ca2931cda34d79140b5e5fc73934c5a415fe2ece6fedafcaad786a420dbd80b50f6853a20f261c7973e16f8d814c29b1eed6a3dc3342833e06fca85bd02f801a08f528c0cd8c779f10a2febfc306c8"], 0x54}, 0x1, 0x0, 0x0, 0x24048001}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r8=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r8, 0x10, 0x0, @in={0x2, 0x4e23, @empty}}}, 0x90)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r10=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r9, &(0x7f0000001380)={0x14, 0x88, 0xfa00, {r10, 0x30, 0x0, @in6={0xa, 0x4e24, 0x0, @dev={0xfe, 0x80, '\x00', 0x21}, 0x58e}}}, 0x90)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x0, 0x200000}, 0x1c)
r11 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r11, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
getsockname$packet(r11, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect(0x5, 0x2d, &(0x7f00000000c0)={{0x12, 0x1, 0x110, 0x96, 0x6d, 0xf, 0x8, 0x8087, 0xa5a, 0x5f2c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0xa2, 0x0, 0x0, 0x3f, [{{0x9, 0x4, 0xf5, 0x1, 0x1, 0x37, 0xb0, 0x8b, 0x3, [], [{{0x9, 0x5, 0x9, 0x0, 0x0, 0x3, 0x0, 0x4}}]}}]}}]}}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x7a98, 0x0, 0x0, 0x0, 0xfffffffffffffc76)
setsockopt$sock_int(r0, 0x1, 0x3, &(0x7f0000000100)=0xf8, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000050000000060a050000000000000000000100000008000b4000000000280004800c0001800b000100657874686472000014000280080001400000000e05000200070000000900010073797a3000000000140000001100010000000000000000000700000a"], 0xf8}}, 0x0)

27.315838ms ago: executing program 1 (id=638):
timer_create(0x1, 0x0, &(0x7f0000000000)=<r0=>0x0)
timer_settime(r0, 0x1, &(0x7f0000000880)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
gettid()
socket(0x11, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xb, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x4000084)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace$getregset(0x4204, r5, 0x202, &(0x7f0000000100)={0x0})
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x54, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth1_macvtap\x00'}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x4c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x20, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'veth1_macvtap\x00'}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x5}]}]}], {0x14}}, 0xe8}}, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000640)={@cgroup=r6, 0x34, 0x1, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r7 = socket$kcm(0x10, 0x2, 0x4)
syz_open_dev$sg(0x0, 0x6, 0x8003)
sendmsg$kcm(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3e7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00121000a6400d0c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)

0s ago: executing program 2 (id=639):
mkdir(&(0x7f0000000280)='./file0\x00', 0x54)
syz_open_dev$vim2m(0x0, 0x200000001000, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x315b83, 0x0)
r0 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsetxattr$security_ima(r0, &(0x7f0000000040), 0x0, 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000002040)={'#! ', './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0'}, 0x1002)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r5, 0x0, 0x0)
ioctl$SIOCPNENABLEPIPE(r5, 0x89ed, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r7, 0xae9a)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000080)={0x4800}, 0x10)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c5, 0x8000000, 0x0, 0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2], 0x0, 0x200})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

dir'
[  131.439793][ T6128] =======================================================
[  131.439793][ T6128] WARNING: The mand mount option has been deprecated and
[  131.439793][ T6128]          and is ignored by this kernel. Remove the mand
[  131.439793][ T6128]          option from the mount to silence this warning.
[  131.439793][ T6128] =======================================================
[  131.862427][ T6131] netlink: 4 bytes leftover after parsing attributes in process `syz.1.35'.
[  132.754986][ T6135] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  134.204651][ T6149] loop9: detected capacity change from 0 to 7
[  134.213164][ T6149] Buffer I/O error on dev loop9, logical block 0, async page read
[  134.221447][ T6149] Buffer I/O error on dev loop9, logical block 0, async page read
[  134.229572][ T6149] Buffer I/O error on dev loop9, logical block 0, async page read
[  134.237538][ T6149] Buffer I/O error on dev loop9, logical block 0, async page read
[  134.245752][ T6149] Buffer I/O error on dev loop9, logical block 0, async page read
[  134.253912][ T6149] Buffer I/O error on dev loop9, logical block 0, async page read
[  134.262659][ T6149] Buffer I/O error on dev loop9, logical block 0, async page read
[  134.271015][ T6149] ldm_validate_partition_table(): Disk read failed.
[  134.279419][ T6149] Buffer I/O error on dev loop9, logical block 0, async page read
[  134.287420][ T6149] Buffer I/O error on dev loop9, logical block 0, async page read
[  134.296256][ T6149] Buffer I/O error on dev loop9, logical block 0, async page read
[  134.304470][ T6149] Dev loop9: unable to read RDB block 0
[  134.310543][ T6149]  loop9: unable to read partition table
[  134.316444][ T6149] loop9: partition table beyond EOD, truncated
[  134.323123][ T6149] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[  134.323123][ T6149] 
) failed (rc=-5)
[  134.927551][ T6150] ceph: No mds server is up or the cluster is laggy
[  134.944522][ T6154] netlink: 8 bytes leftover after parsing attributes in process `syz.2.40'.
[  134.954654][ T6154] netlink: 8 bytes leftover after parsing attributes in process `syz.2.40'.
[  135.006949][   T24] libceph: connect (1)[c::]:6789 error -101
[  135.044889][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  135.742987][   T24] libceph: connect (1)[c::]:6789 error -101
[  135.769002][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  135.989246][ T6158] netlink: 24 bytes leftover after parsing attributes in process `syz.0.43'.
[  136.489327][ T6158] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  138.759731][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  138.766390][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  138.937998][ T6179] IPv6: Can't replace route, no match found
[  144.331911][ T6213] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  146.178194][ T6229] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  149.981219][ T6244] netlink: 36 bytes leftover after parsing attributes in process `syz.3.60'.
[  151.287981][ T6256] mkiss: ax0: crc mode is auto.
[  151.688972][ T6014] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[  152.675757][ T6014] usb 2-1: config 8 has an invalid interface number: 177 but max is 0
[  152.695733][ T6014] usb 2-1: config 8 has no interface number 0
[  152.775692][ T6265] veth0: entered promiscuous mode
[  153.461080][ T6014] usb 2-1: config 8 interface 177 altsetting 9 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[  153.472305][ T6014] usb 2-1: config 8 interface 177 has no altsetting 0
[  153.479198][ T6014] usb 2-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1
[  153.488294][ T6014] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.515404][ T6262] veth0: left promiscuous mode
[  155.486810][ T6278] netlink: 24 bytes leftover after parsing attributes in process `syz.4.70'.
[  155.597812][ T6278] vxcan3: entered promiscuous mode
[  156.391828][ T6281] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  158.952905][ T6291] ubi31: attaching mtd0
[  158.984472][ T6291] ubi31: scanning is finished
[  158.989678][ T6291] ubi31: empty MTD device detected
[  159.250188][ T6014] usb 2-1: can't set config #8, error -110
[  159.436889][ T6291] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  159.446288][ T6291] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  159.453808][ T6291] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  159.460939][ T6291] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  159.469176][ T6291] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  159.476076][ T6291] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  159.486513][ T6291] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2944356292
[  159.496682][ T6291] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  159.508586][ T6293] ubi31: background thread "ubi_bgt31d" started, PID 6293
[  160.024513][  T993] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 0
[  160.176406][ T5982] Bluetooth: hci5: Frame reassembly failed (-84)
[  160.668187][ T6014] usb 2-1: USB disconnect, device number 2
[  161.630696][ T6309] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  161.722200][ T6309] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  162.030254][ T5851] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  162.030968][ T5848] Bluetooth: hci5: command 0x1003 tx timeout
[  162.833857][ T6321] netlink: 20 bytes leftover after parsing attributes in process `syz.1.79'.
[  165.798363][ T6336] netlink: 24 bytes leftover after parsing attributes in process `syz.2.83'.
[  165.881473][ T6336] vxcan3: entered promiscuous mode
[  167.478177][ T6345] netlink: 'syz.2.84': attribute type 6 has an invalid length.
[  168.243429][ T6348] block device autoloading is deprecated and will be removed.
[  168.594536][ T6349] syz.2.84 (6349): attempted to duplicate a private mapping with mremap.  This is not supported.
[  168.708115][   T30] audit: type=1326 audit(1755001291.567:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6337 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fff8ebe9 code=0x7ffc0000
[  168.878014][   T30] audit: type=1326 audit(1755001291.567:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6337 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fff8ebe9 code=0x7ffc0000
[  168.917025][   T30] audit: type=1326 audit(1755001291.587:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6337 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f70fff8ebe9 code=0x7ffc0000
[  169.026806][   T30] audit: type=1326 audit(1755001291.907:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6337 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fff8ebe9 code=0x7ffc0000
[  169.027058][   T30] audit: type=1326 audit(1755001291.907:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6337 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f70fff8ebe9 code=0x7ffc0000
[  170.069608][ T6355] tipc: Started in network mode
[  170.070924][ T6355] tipc: Node identity ac14140f, cluster identity 4711
[  170.081153][ T6355] tipc: New replicast peer: 255.255.255.255
[  170.088516][ T6355] tipc: Enabled bearer <udp:syz2>, priority 10
[  170.389071][   T43] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  170.553999][ T6354] netlink: 12 bytes leftover after parsing attributes in process `syz.3.87'.
[  170.554022][ T6354] tipc: Disabling bearer <udp:syz2>
[  171.544304][   T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  171.556803][   T43] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0093, bcdDevice=23.5a
[  171.556838][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.556860][   T43] usb 1-1: Product: syz
[  171.556878][   T43] usb 1-1: Manufacturer: syz
[  171.556894][   T43] usb 1-1: SerialNumber: syz
[  171.563272][   T43] usb 1-1: config 0 descriptor??
[  171.741605][ T5936] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  172.350641][ T6379] netlink: 27 bytes leftover after parsing attributes in process `syz.4.91'.
[  173.110771][   T30] audit: type=1326 audit(1755001295.957:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  173.110818][   T30] audit: type=1326 audit(1755001295.967:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  173.110873][   T30] audit: type=1326 audit(1755001295.967:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  173.110904][   T30] audit: type=1326 audit(1755001295.967:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  173.110936][   T30] audit: type=1326 audit(1755001295.967:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  173.708945][ T5936] usb 4-1: device descriptor read/all, error -71
[  173.842867][ T6376] mmap: syz.1.102 (6376) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  173.852338][   T30] kauditd_printk_skb: 14 callbacks suppressed
[  173.852355][   T30] audit: type=1326 audit(1755001296.697:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  173.852405][   T30] audit: type=1326 audit(1755001296.727:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  173.852453][   T30] audit: type=1326 audit(1755001296.727:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  173.852502][   T30] audit: type=1326 audit(1755001296.727:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  173.852549][   T30] audit: type=1326 audit(1755001296.737:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  173.852596][   T30] audit: type=1326 audit(1755001296.737:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  173.852644][   T30] audit: type=1326 audit(1755001296.737:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  173.852691][   T30] audit: type=1326 audit(1755001296.737:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  173.852738][   T30] audit: type=1326 audit(1755001296.737:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  173.852786][   T30] audit: type=1326 audit(1755001296.737:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6367 comm="syz.1.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  176.074139][ T6393] fuseblk: Bad value for 'fd'
[  176.409328][   T43] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-8
[  176.409495][   T43] dvb_usb_af9035 1-1:0.0: probe with driver dvb_usb_af9035 failed with error -8
[  176.520930][   T43] usb 1-1: USB disconnect, device number 2
[  178.269961][ T6377] tty tty1: ldisc open failed (-12), clearing slot 0
[  178.445895][ T6413] tipc: Started in network mode
[  178.446075][ T6413] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[  178.447148][ T6413] tipc: Enabled bearer <eth:vlan0>, priority 10
[  178.455021][ T6413] lo speed is unknown, defaulting to 1000
[  178.455598][ T6413] lo speed is unknown, defaulting to 1000
[  178.464602][ T6413] lo speed is unknown, defaulting to 1000
[  178.498135][ T6413] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  178.563574][ T6413] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  179.072613][ T6413] lo speed is unknown, defaulting to 1000
[  179.074742][ T6413] lo speed is unknown, defaulting to 1000
[  179.077533][ T6413] lo speed is unknown, defaulting to 1000
[  179.079612][ T6413] lo speed is unknown, defaulting to 1000
[  179.081560][ T6413] lo speed is unknown, defaulting to 1000
[  179.163669][ T6411] tty tty4: ldisc open failed (-12), clearing slot 3
[  179.609344][   T24] tipc: Node number set to 10005162
[  180.666030][ T6426] veth0_to_team: entered promiscuous mode
[  180.671956][ T6426] veth0_to_team: entered allmulticast mode
[  181.426616][ T6424] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  181.513991][ T6424] 9pnet_fd: Insufficient options for proto=fd
[  181.829169][ T5918] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  181.943708][ T6434] netlink: 4 bytes leftover after parsing attributes in process `syz.3.104'.
[  182.044535][ T6434] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  182.088885][ T5918] usb 3-1: Using ep0 maxpacket: 8
[  182.319664][ T5918] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  182.898283][ T5918] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  182.907673][ T5918] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  182.939271][ T5918] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  183.030595][ T5918] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  183.064207][ T5918] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.106667][ T5918] usb 3-1: can't set config #1, error -71
[  183.236194][ T6434] batman_adv: batadv0: Removing interface: batadv_slave_1
[  183.959787][ T6423] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[  184.000811][ T6450] netlink: 16 bytes leftover after parsing attributes in process `syz.0.106'.
[  184.024005][ T5851] Bluetooth: hci2: SCO packet for unknown connection handle 954
[  184.026729][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout
[  184.044867][ T6423] Bluetooth: hci1: Opcode 0x0406 failed: -110
[  184.067905][ T5918] usb 3-1: USB disconnect, device number 2
[  184.384639][ T6423] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  185.752087][ T6423] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  185.758157][ T6423] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  185.868566][ T6423] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  185.875888][ T6423] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  185.881925][ T6423] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  185.914999][ T6423] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  185.925072][ T6423] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  185.931168][ T6423] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  185.948435][ T6423] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  186.109130][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout
[  186.343426][ T5904] libceph: connect (1)[c::]:6789 error -101
[  186.438146][ T5904] libceph: mon0 (1)[c::]:6789 connect error
[  186.748056][ T5904] libceph: connect (1)[c::]:6789 error -101
[  187.553853][ T5904] libceph: mon0 (1)[c::]:6789 connect error
[  187.626456][ T6461] overlayfs: failed to resolve './file1': -2
[  187.789008][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout
[  187.834240][ T6473] netlink: 'syz.4.111': attribute type 10 has an invalid length.
[  187.959964][ T5851] Bluetooth: hci2: command 0x0c1a tx timeout
[  187.968141][ T5848] Bluetooth: hci4: command 0x0c1a tx timeout
[  188.157057][ T5904] libceph: connect (1)[c::]:6789 error -101
[  188.199905][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout
[  188.304009][ T6459] ceph: No mds server is up or the cluster is laggy
[  188.312483][ T5904] libceph: mon0 (1)[c::]:6789 connect error
[  188.350543][ T6441] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.359885][ T6441] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.186733][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  189.186751][   T30] audit: type=1326 audit(1755001312.067:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6486 comm="syz.2.117" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f70fff8ebe9 code=0x0
[  189.825336][ T6491] netlink: 256 bytes leftover after parsing attributes in process `syz.2.117'.
[  189.870337][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout
[  190.039168][ T5851] Bluetooth: hci2: command 0x0c1a tx timeout
[  190.045994][ T5848] Bluetooth: hci4: command 0x0c1a tx timeout
[  190.249284][   T43] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  190.302552][ T6441] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  190.370574][ T6441] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  190.552535][   T43] usb 4-1: Using ep0 maxpacket: 16
[  190.602783][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.617574][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  190.629248][   T43] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  190.644526][   T43] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  190.653906][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.480547][   T43] usb 4-1: config 0 descriptor??
[  191.969013][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout
[  192.109305][ T5848] Bluetooth: hci4: command 0x0c1a tx timeout
[  192.116947][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout
[  192.598763][ T6441] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  192.621611][ T6441] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  192.632633][ T6441] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  192.642760][ T6441] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  192.781080][ T6450] bridge0: entered promiscuous mode
[  192.787723][ T6450] bridge0: port 3(macvlan2) entered blocking state
[  192.797034][ T6450] bridge0: port 3(macvlan2) entered disabled state
[  192.809979][ T6450] macvlan2: entered allmulticast mode
[  192.815626][ T6450] bridge0: entered allmulticast mode
[  192.833492][ T6450] macvlan2: left allmulticast mode
[  192.838709][ T6450] bridge0: left allmulticast mode
[  192.867810][ T6450] bridge0: left promiscuous mode
[  192.903867][ T6473] bond0: (slave bond_slave_0): Releasing backup interface
[  193.087033][   T43] usbhid 4-1:0.0: can't add hid device: -71
[  193.098292][ T6503] netlink: 16 bytes leftover after parsing attributes in process `syz.2.120'.
[  193.130367][   T43] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  193.163471][   T43] usb 4-1: USB disconnect, device number 5
[  193.195012][ T6506] Invalid ELF section header size
[  194.573509][ T6489] syz.3.116 (6489) used greatest stack depth: 17968 bytes left
[  196.608141][ T6520] tipc: Started in network mode
[  196.613495][ T6520] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[  196.623733][ T6520] tipc: Enabled bearer <eth:vlan0>, priority 10
[  196.638489][ T6520] siw: device registration error -23
[  196.656432][ T6520] netlink: 'syz.4.123': attribute type 1 has an invalid length.
[  197.739132][   T43] tipc: Node number set to 10005162
[  197.752497][ T6523] capability: warning: `syz.3.125' uses deprecated v2 capabilities in a way that may be insecure
[  199.793947][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  199.800628][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  201.490187][ T6566] Bluetooth: hci5: Frame reassembly failed (-84)
[  202.081539][ T6560] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  202.091424][ T6560] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  202.199240][ T6569] program syz.3.136 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  202.227093][ T6569] program syz.3.136 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  202.238240][ T6569] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  202.937895][ T6574] tipc: New replicast peer: 255.255.255.255
[  202.948083][ T6574] tipc: Enabled bearer <udp:syz2>, priority 10
[  203.068571][ T6574] netlink: 12 bytes leftover after parsing attributes in process `syz.1.137'.
[  203.077924][ T6574] tipc: Disabling bearer <udp:syz2>
[  203.551510][ T5848] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  203.611572][ T6579] netlink: 32 bytes leftover after parsing attributes in process `syz.4.138'.
[  204.389967][ T5918] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  204.398321][    C0] raw-gadget.0 gadget.1: ignoring, device is not running
[  204.577109][ T6581] netlink: 4 bytes leftover after parsing attributes in process `syz.0.139'.
[  204.636540][ T5918] usb 2-1: device descriptor read/64, error -32
[  204.744256][   T30] audit: type=1400 audit(1755001327.627:40): lsm=SMACK fn=smack_file_ioctl action=denied subject="y" object="_" requested=w pid=6577 comm="syz.0.139" path="/dev/dri/card1" dev="devtmpfs" ino=628
[  205.258895][ T5918] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  205.708331][ T6591] netlink: 24 bytes leftover after parsing attributes in process `syz.3.140'.
[  205.829042][ T6591] vxcan3: entered promiscuous mode
[  206.269141][ T5851] Bluetooth: hci5: command 0x1003 tx timeout
[  206.285298][ T5848] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  206.896994][ T6595] siw: device registration error -23
[  207.796680][ T5918] usb 2-1: unable to read config index 0 descriptor/start: -71
[  207.831246][ T5918] usb 2-1: can't read configurations, error -71
[  207.878337][ T6599] Bluetooth: MGMT ver 1.23
[  207.881462][ T5918] usb usb2-port1: attempt power cycle
[  207.996348][ T6600] netlink: 32 bytes leftover after parsing attributes in process `syz.4.143'.
[  208.569662][ T6604] netlink: 24 bytes leftover after parsing attributes in process `syz.3.144'.
[  211.369423][ T6612] FAT-fs (nullb0): bogus number of reserved sectors
[  211.376606][ T6612] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  212.898874][ T6621] netlink: 32 bytes leftover after parsing attributes in process `syz.3.148'.
[  213.118957][ T5936] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  213.289140][ T5936] usb 1-1: device descriptor read/64, error -71
[  213.661451][ T5936] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  213.771396][ T6630] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  215.032688][ T6640] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  216.000015][ T6638] sctp: failed to load transform for md5: -2
[  216.252199][ T6647] binder: BINDER_SET_CONTEXT_MGR already set
[  216.325917][ T6647] binder: 6645:6647 ioctl 4018620d 200000000040 returned -16
[  216.419977][ T6648] GUP no longer grows the stack in syz.1.153 (6648): 200000004000-20000000a000 (200000002000)
[  216.430993][ T6648] CPU: 0 UID: 0 PID: 6648 Comm: syz.1.153 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  216.431023][ T6648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  216.431043][ T6648] Call Trace:
[  216.431057][ T6648]  <TASK>
[  216.431067][ T6648]  dump_stack_lvl+0x189/0x250
[  216.431099][ T6648]  ? lockdep_hardirqs_on+0x9c/0x150
[  216.431143][ T6648]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.431190][ T6648]  __get_user_pages+0x2a60/0x30b0
[  216.431267][ T6648]  ? __pfx___get_user_pages+0x10/0x10
[  216.431313][ T6648]  get_user_pages_remote+0x2f9/0xaa0
[  216.431348][ T6648]  ? __pfx_mtree_load+0x10/0x10
[  216.431381][ T6648]  ? __pfx_get_user_pages_remote+0x10/0x10
[  216.431429][ T6648]  __access_remote_vm+0x215/0x5f0
[  216.431463][ T6648]  ? __pfx___access_remote_vm+0x10/0x10
[  216.431491][ T6648]  ? alloc_pages_noprof+0xbe/0x190
[  216.431522][ T6648]  proc_pid_cmdline_read+0x440/0x840
[  216.431547][ T6648]  ? __asan_memset+0x22/0x50
[  216.431588][ T6648]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  216.431618][ T6648]  ? rw_verify_area+0x258/0x650
[  216.431659][ T6648]  vfs_readv+0x5aa/0x850
[  216.431687][ T6648]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  216.431716][ T6648]  ? __pfx_vfs_readv+0x10/0x10
[  216.431762][ T6648]  ? __fget_files+0x2a/0x420
[  216.431794][ T6648]  ? __fget_files+0x3a0/0x420
[  216.431817][ T6648]  ? __fget_files+0x2a/0x420
[  216.431853][ T6648]  __x64_sys_preadv+0x197/0x2a0
[  216.431882][ T6648]  ? __pfx___x64_sys_preadv+0x10/0x10
[  216.431903][ T6648]  ? rcu_is_watching+0x15/0xb0
[  216.431935][ T6648]  ? do_syscall_64+0xbe/0x3b0
[  216.431965][ T6648]  do_syscall_64+0xfa/0x3b0
[  216.431992][ T6648]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.432013][ T6648]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  216.432035][ T6648]  ? clear_bhb_loop+0x60/0xb0
[  216.432063][ T6648]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.432086][ T6648] RIP: 0033:0x7f6713f8ebe9
[  216.432124][ T6648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.432144][ T6648] RSP: 002b:00007f67121f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  216.432176][ T6648] RAX: ffffffffffffffda RBX: 00007f67141b6090 RCX: 00007f6713f8ebe9
[  216.432193][ T6648] RDX: 0000000000000001 RSI: 00002000000003c0 RDI: 000000000000000a
[  216.432207][ T6648] RBP: 00007f6714011e19 R08: 0000000021000008 R09: 0000000000000000
[  216.432222][ T6648] R10: 0000000000000304 R11: 0000000000000246 R12: 0000000000000000
[  216.432235][ T6648] R13: 00007f67141b6128 R14: 00007f67141b6090 R15: 00007ffc6897e718
[  216.432272][ T6648]  </TASK>
[  217.752174][ T6659] netlink: 32 bytes leftover after parsing attributes in process `syz.2.155'.
[  218.575931][ T6660] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  218.582264][ T6660] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  219.107903][ T6660] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  219.113947][ T6660] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  219.123181][ T6660] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  219.129171][ T6660] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  219.137619][ T6660] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  219.143648][ T6660] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  221.151847][ T5851] Bluetooth: hci5: command 0x1003 tx timeout
[  221.159729][ T5848] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  223.527181][ T6693] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  225.642774][ T6694] warning: `syz.1.163' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  225.807185][ T6705] netlink: 116 bytes leftover after parsing attributes in process `syz.0.166'.
[  226.110145][ T6706] netlink: 8 bytes leftover after parsing attributes in process `syz.3.167'.
[  232.940027][ T6737] sctp: failed to load transform for md5: -2
[  235.290113][ T6759] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  235.752749][   T30] audit: type=1400 audit(1755001358.557:41): lsm=SMACK fn=smack_inode_remove_acl action=denied subject="w" object="_" requested=w pid=6750 comm="syz.3.177" name="file1" dev="tmpfs" ino=199
[  235.902375][ T6759] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  236.635148][ T6764] loop6: detected capacity change from 0 to 524287999
[  236.668881][ T6764] buffer_io_error: 4 callbacks suppressed
[  236.669088][ T6764] Buffer I/O error on dev loop6, logical block 0, async page read
[  236.690306][ T6764] Buffer I/O error on dev loop6, logical block 0, async page read
[  236.701458][ T6764] Buffer I/O error on dev loop6, logical block 0, async page read
[  236.710759][ T6764] Buffer I/O error on dev loop6, logical block 0, async page read
[  236.722659][ T6764] Buffer I/O error on dev loop6, logical block 0, async page read
[  236.732019][ T6764] Buffer I/O error on dev loop6, logical block 0, async page read
[  236.741253][ T6764] Buffer I/O error on dev loop6, logical block 0, async page read
[  236.750903][ T6764] Buffer I/O error on dev loop6, logical block 0, async page read
[  236.759753][ T6764] ldm_validate_partition_table(): Disk read failed.
[  236.767096][ T6764] Buffer I/O error on dev loop6, logical block 0, async page read
[  236.776755][ T6764] Buffer I/O error on dev loop6, logical block 0, async page read
[  236.792733][ T6764] Dev loop6: unable to read RDB block 0
[  236.803396][ T6764]  loop6: unable to read partition table
[  236.811404][ T6764] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  237.080926][ T6766] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[  237.449532][ T6768] orangefs_mount: mount request failed with -4
[  238.930756][ T6777] bpq0: entered allmulticast mode
[  239.041329][ T6781] Can't find a SQUASHFS superblock on nullb0
[  239.295101][ T6785] netlink: 'syz.0.185': attribute type 4 has an invalid length.
[  239.366899][ T6785] netlink: 'syz.0.185': attribute type 4 has an invalid length.
[  239.805041][ T6790] 9pnet_fd: Insufficient options for proto=fd
[  241.454858][ T6809] netlink: 8 bytes leftover after parsing attributes in process `syz.1.189'.
[  241.821163][ T6809] netlink: 8 bytes leftover after parsing attributes in process `syz.1.189'.
[  243.268062][ T6821] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  243.296819][ T6821] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  243.455775][ T5851] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  243.472249][ T5851] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  243.529679][ T5851] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  243.584754][ T5851] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  243.629278][ T5851] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  243.885612][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  243.894340][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  243.903018][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  243.919063][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  243.930677][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  244.275846][   T76] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.439527][ T5918] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  244.442387][   T76] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.537278][ T6819] lo speed is unknown, defaulting to 1000
[  244.743258][ T5918] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  244.780340][   T76] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.472815][ T5918] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.484128][ T6837] input: syz1 as /devices/virtual/input/input8
[  245.535798][ T5918] usb 3-1: config 0 descriptor??
[  245.655326][ T5918] cp210x 3-1:0.0: cp210x converter detected
[  246.216037][ T5848] Bluetooth: hci0: command tx timeout
[  246.396520][    T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  247.306271][   T76] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.352025][    T9] usb 4-1: Using ep0 maxpacket: 16
[  247.370463][    T9] usb 4-1: config index 0 descriptor too short (expected 16456, got 72)
[  247.390067][    T9] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[  247.406403][    T9] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[  247.415343][    T9] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[  247.432039][    T9] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  247.471295][    T9] usb 4-1: config 0 has no interface number 0
[  247.587190][    T9] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  247.621313][    T9] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  247.655281][    T9] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  247.765953][    T9] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  247.789156][    T9] usb 4-1: config 0 interface 125 has no altsetting 0
[  247.808859][    T9] usb 4-1: config 0 interface 125 has no altsetting 2
[  247.870519][    T9] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  247.936299][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.947377][    T9] usb 4-1: Product: syz
[  247.955446][    T9] usb 4-1: Manufacturer: syz
[  247.967479][    T9] usb 4-1: SerialNumber: syz
[  248.115680][ T5918] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -71
[  248.271841][ T5848] Bluetooth: hci0: command tx timeout
[  248.305538][ T5918] cp210x 3-1:0.0: failed to get vendor val 0x370c size 73: -71
[  248.350057][    T9] usb 4-1: config 0 descriptor??
[  248.404568][ T5918] cp210x 3-1:0.0: GPIO initialisation failed: -71
[  248.442186][    T9] usb 4-1: selecting invalid altsetting 2
[  248.631920][ T6856] netlink: 8 bytes leftover after parsing attributes in process `syz.1.202'.
[  249.026162][ T5918] usb 3-1: cp210x converter now attached to ttyUSB0
[  249.036605][    C0] usb 4-1: async_complete: urb error -71
[  249.042569][    C0] usb 4-1: async_complete: urb error -71
[  249.048377][    C0] usb 4-1: async_complete: urb error -71
[  249.054234][    C0] usb 4-1: async_complete: urb error -71
[  249.237441][    T9] get_1284_register: usb error -71
[  249.966813][    T9] uss720 4-1:0.125: probe with driver uss720 failed with error -71
[  249.981437][ T5918] usb 3-1: USB disconnect, device number 3
[  250.128538][    T9] usb 4-1: USB disconnect, device number 6
[  250.135964][ T5918] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  250.179269][ T5918] cp210x 3-1:0.0: device disconnected
[  250.449436][   T76] bridge_slave_1: left allmulticast mode
[  250.455474][   T76] bridge_slave_1: left promiscuous mode
[  250.466880][ T5848] Bluetooth: hci0: command tx timeout
[  250.479076][   T76] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.708109][   T76] bridge_slave_0: left allmulticast mode
[  251.757793][   T76] bridge_slave_0: left promiscuous mode
[  251.794909][   T76] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.747649][ T5848] Bluetooth: hci0: command tx timeout
[  256.400223][   T76] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  256.565718][   T76] bond0 (unregistering): Released all slaves
[  256.911441][   T76] tipc: Disabling bearer <eth:vlan0>
[  256.951923][   T76] tipc: Left network mode
[  259.984422][ T6819] chnl_net:caif_netlink_parms(): no params data found
[  261.269855][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  261.534292][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  264.148607][ T6955] mkiss: ax0: crc mode is auto.
[  264.854384][ T6975] overlayfs: failed to resolve './file0': -2
[  266.177642][ T6819] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.199158][ T6819] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.206473][ T6819] bridge_slave_0: entered allmulticast mode
[  266.271224][ T6819] bridge_slave_0: entered promiscuous mode
[  266.282790][ T6819] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.297996][ T6819] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.341634][ T6819] bridge_slave_1: entered allmulticast mode
[  266.381537][ T6819] bridge_slave_1: entered promiscuous mode
[  266.738008][   T76] hsr_slave_0: left promiscuous mode
[  267.885658][ T7001] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  267.934450][ T7001] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  268.293749][   T76] hsr_slave_1: left promiscuous mode
[  268.496213][   T76] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  268.593222][   T76] batman_adv: batadv0: Removing interface: batadv_slave_0
[  268.793690][   T76] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  268.802834][   T76] batman_adv: batadv0: Removing interface: batadv_slave_1
[  269.118688][   T76] veth1_macvtap: left promiscuous mode
[  269.139300][   T76] veth0_macvtap: left promiscuous mode
[  269.145146][   T76] veth1_vlan: left promiscuous mode
[  269.251081][   T76] veth0_vlan: left promiscuous mode
[  270.149320][ T7018] cgroup: Unknown subsys name 'cpuset'
[  273.767514][ T7036] netlink: 8 bytes leftover after parsing attributes in process `syz.1.236'.
[  273.905341][   T24] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  274.648640][   T24] usb 3-1: config 0 has an invalid interface number: 151 but max is 0
[  274.657464][   T24] usb 3-1: config 0 has no interface number 0
[  274.688112][   T24] usb 3-1: New USB device found, idVendor=0499, idProduct=6bb7, bcdDevice=68.2f
[  274.709566][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.719176][   T24] usb 3-1: Product: syz
[  274.723408][   T24] usb 3-1: Manufacturer: syz
[  274.743930][   T24] usb 3-1: SerialNumber: syz
[  274.761212][   T24] usb 3-1: config 0 descriptor??
[  274.774261][   T76] team0 (unregistering): Port device team_slave_1 removed
[  275.031951][   T76] team0 (unregistering): Port device team_slave_0 removed
[  275.039965][   T24] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  275.387522][   T24] usb 3-1: USB disconnect, device number 4
[  275.545435][ T5843] udevd[5843]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.151/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  278.014459][ T6819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  278.039269][ T6819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.280712][ T7076] netlink: 16 bytes leftover after parsing attributes in process `syz.3.243'.
[  280.672945][ T6819] team0: Port device team_slave_0 added
[  280.703342][ T6819] team0: Port device team_slave_1 added
[  282.092971][ T6819] batman_adv: batadv0: Adding interface: batadv_slave_0
[  282.112634][ T6819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.139273][    C1] vkms_vblank_simulate: vblank timer overrun
[  282.202645][ T6819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  282.215843][ T7091] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  282.228502][ T7091] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  282.317701][ T6819] batman_adv: batadv0: Adding interface: batadv_slave_1
[  282.329842][ T6819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.356464][    C1] vkms_vblank_simulate: vblank timer overrun
[  282.461146][ T6819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  282.708039][ T7092] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  282.716228][ T7092] batman_adv: batadv0: Removing interface: batadv_slave_0
[  282.732174][ T7092] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  282.740017][ T7092] batman_adv: batadv0: Removing interface: batadv_slave_1
[  283.358584][ T6819] hsr_slave_0: entered promiscuous mode
[  283.424627][ T6819] hsr_slave_1: entered promiscuous mode
[  283.465323][ T6819] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  283.501447][ T6819] Cannot create hsr debugfs directory
[  286.690819][ T7123] netlink: 'syz.2.255': attribute type 10 has an invalid length.
[  287.240648][ T7133] netlink: 780 bytes leftover after parsing attributes in process `syz.0.257'.
[  288.448412][ T7123] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  288.696477][ T7138] 9pnet: Could not find request transport: fd0x0000000000000003
[  289.772518][ T7127] netlink: 36 bytes leftover after parsing attributes in process `syz.1.256'.
[  292.515194][ T7155] sctp: failed to load transform for md5: -2
[  293.648624][ T7169] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  293.673029][ T7169] trusted_key: encrypted_key: master key parameter '00N004093' is invalid
[  295.012773][ T6819] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  295.320580][ T7181] netlink: 20 bytes leftover after parsing attributes in process `syz.1.264'.
[  295.947114][ T6819] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  295.978545][ T6819] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  296.003742][ T6819] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  296.385464][ T7186] overlay: Unknown parameter '/'
[  299.179711][ T6819] kthread_run failed with err -4
[  301.646581][ T7195] syz.3.267 (7195): drop_caches: 2
[  305.836746][ T5851] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  305.856492][ T5851] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  306.358429][ T5842] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  306.503712][ T5842] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  306.512294][ T5842] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  307.355405][ T7243] netlink: 'syz.1.274': attribute type 8 has an invalid length.
[  307.424707][ T7243] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  307.465823][ T7243] syzkaller0: entered promiscuous mode
[  307.474200][ T7243] syzkaller0: entered allmulticast mode
[  307.636178][ T7244] NILFS (nullb0): couldn't find nilfs on the device
[  308.056610][ T7229] lo speed is unknown, defaulting to 1000
[  308.158943][ T7239] tipc: Resetting bearer <eth:syzkaller0>
[  308.323605][ T7239] tipc: Disabling bearer <eth:syzkaller0>
[  308.815386][ T5842] Bluetooth: hci5: command tx timeout
[  311.200444][ T5851] Bluetooth: hci5: command tx timeout
[  311.206744][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  311.218621][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  311.240452][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  311.260273][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  311.274742][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  312.694632][ T7271] No control pipe specified
[  313.228971][ T5848] Bluetooth: hci5: command tx timeout
[  313.548917][ T5848] Bluetooth: hci0: command tx timeout
[  314.598662][ T7279] netlink: 16 bytes leftover after parsing attributes in process `syz.3.283'.
[  314.719203][ T7290] netlink: 'syz.2.285': attribute type 3 has an invalid length.
[  315.320701][ T5848] Bluetooth: hci5: command tx timeout
[  315.628988][ T5848] Bluetooth: hci0: command tx timeout
[  315.985309][ T7255] lo speed is unknown, defaulting to 1000
[  317.708966][ T5848] Bluetooth: hci0: command tx timeout
[  319.805584][ T5848] Bluetooth: hci0: command tx timeout
[  320.274056][ T7327] netlink: 4268 bytes leftover after parsing attributes in process `syz.2.291'.
[  320.284838][ T7327] netlink: 4268 bytes leftover after parsing attributes in process `syz.2.291'.
[  321.511251][ T7339] netlink: 32 bytes leftover after parsing attributes in process `syz.1.293'.
[  322.716798][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  323.332433][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  323.606485][ T7334] syz_tun: entered allmulticast mode
[  323.621549][ T7334] syz_tun: left allmulticast mode
[  323.781037][   T35] bridge_slave_1: left allmulticast mode
[  323.786788][   T35] bridge_slave_1: left promiscuous mode
[  323.807856][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.863340][   T35] bridge_slave_0: left allmulticast mode
[  323.880385][   T35] bridge_slave_0: left promiscuous mode
[  323.886280][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  324.031587][ T7350] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  324.059319][ T7350] CIFS: Unable to determine destination address
[  325.398854][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  325.474679][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  325.771778][   T35] bond0 (unregistering): Released all slaves
[  328.126508][ T7229] chnl_net:caif_netlink_parms(): no params data found
[  328.323863][   T35] hsr_slave_0: left promiscuous mode
[  328.357740][   T35] hsr_slave_1: left promiscuous mode
[  328.376962][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  328.411583][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  329.846670][ T7393] Can't find ip_set type hash:ma
[  331.511091][ T7406] Driver unsupported XDP return value 0 on prog  (id 80) dev N/A, expect packet loss!
[  332.245202][   T35] team0 (unregistering): Port device team_slave_1 removed
[  332.293200][   T35] team0 (unregistering): Port device team_slave_0 removed
[  334.204687][ T7430] dlm: no local IP address has been set
[  334.210727][ T7430] dlm: cannot start dlm midcomms -107
[  334.603615][ T7229] bridge0: port 1(bridge_slave_0) entered blocking state
[  334.629636][ T7229] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.637193][ T7229] bridge_slave_0: entered allmulticast mode
[  334.645880][ T7229] bridge_slave_0: entered promiscuous mode
[  334.822802][ T7229] bridge0: port 2(bridge_slave_1) entered blocking state
[  334.834159][ T7229] bridge0: port 2(bridge_slave_1) entered disabled state
[  334.845476][ T7229] bridge_slave_1: entered allmulticast mode
[  334.857228][ T7229] bridge_slave_1: entered promiscuous mode
[  335.016554][ T7436] Invalid source name
[  335.020959][ T7436] UBIFS error (pid: 7436): cannot open "./file0", error -22
[  335.037445][ T7436] binder: 7432:7436 ioctl 40046210 0 returned -14
[  335.056988][ T7436] netlink: 4 bytes leftover after parsing attributes in process `syz.3.310'.
[  335.634916][ T7255] chnl_net:caif_netlink_parms(): no params data found
[  335.963526][ T7444] netlink: 452 bytes leftover after parsing attributes in process `syz.2.312'.
[  338.129214][ T7453] Can't find ip_set type hash:ma
[  338.283019][ T7229] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  338.353400][ T7229] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  340.785390][ T7255] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.793031][ T7255] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.801104][ T7255] bridge_slave_0: entered allmulticast mode
[  340.809376][ T7255] bridge_slave_0: entered promiscuous mode
[  340.830543][ T7255] bridge0: port 2(bridge_slave_1) entered blocking state
[  340.837850][ T7255] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.845887][ T7255] bridge_slave_1: entered allmulticast mode
[  340.956921][ T7255] bridge_slave_1: entered promiscuous mode
[  341.258883][ T7465] netlink: 'syz.1.315': attribute type 10 has an invalid length.
[  341.266783][ T7465] netlink: 40 bytes leftover after parsing attributes in process `syz.1.315'.
[  341.668206][ T7465] batman_adv: batadv0: Adding interface: virt_wifi0
[  341.676070][ T7465] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  341.704690][ T7465] batman_adv: batadv0: Interface activated: virt_wifi0
[  341.760924][ T7471] netlink: 4 bytes leftover after parsing attributes in process `syz.2.316'.
[  342.274931][ T7480] Invalid source name
[  342.279098][ T7480] UBIFS error (pid: 7480): cannot open "./file0", error -22
[  342.307459][ T7480] binder: 7473:7480 ioctl 40046210 0 returned -14
[  342.333797][ T7480] netlink: 4 bytes leftover after parsing attributes in process `syz.3.317'.
[  342.933486][ T7229] team0: Port device team_slave_0 added
[  342.970443][ T7469] vlan2: entered promiscuous mode
[  342.987404][ T7469] vlan2: entered allmulticast mode
[  342.997458][ T7469] hsr_slave_1: entered allmulticast mode
[  343.143573][ T5936] libceph: connect (1)[c::]:6789 error -101
[  343.153098][ T5936] libceph: mon0 (1)[c::]:6789 connect error
[  343.178230][ T7484] ceph: No mds server is up or the cluster is laggy
[  343.256583][ T7255] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  343.321184][ T7480] team0: Port device team_slave_1 removed
[  343.946992][ T7229] team0: Port device team_slave_1 added
[  344.163592][ T7494] netlink: 4 bytes leftover after parsing attributes in process `syz.3.320'.
[  344.488496][ T7255] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  344.702064][ T7229] batman_adv: batadv0: Adding interface: batadv_slave_0
[  344.735989][ T7229] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  345.016445][ T7229] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  345.403463][ T7504] netlink: 'syz.2.321': attribute type 9 has an invalid length.
[  346.362540][ T7229] batman_adv: batadv0: Adding interface: batadv_slave_1
[  346.382264][ T7229] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  346.916607][ T7229] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  348.174960][ T7255] team0: Port device team_slave_0 added
[  348.221148][ T7255] team0: Port device team_slave_1 added
[  348.396741][ T7529] syz.2.327 uses obsolete (PF_INET,SOCK_PACKET)
[  349.815955][ T7539] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  349.862274][ T7539] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  353.250872][ T7255] batman_adv: batadv0: Adding interface: batadv_slave_0
[  353.369992][ T7255] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  353.400789][ T7255] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  353.527131][ T7255] batman_adv: batadv0: Adding interface: batadv_slave_1
[  353.573488][ T7255] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  353.774690][ T7255] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  354.484841][ T7229] hsr_slave_0: entered promiscuous mode
[  354.598212][ T7229] hsr_slave_1: entered promiscuous mode
[  354.779888][ T7229] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  354.787621][ T7229] Cannot create hsr debugfs directory
[  359.428993][ T5936] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  359.593964][ T7255] hsr_slave_0: entered promiscuous mode
[  359.601379][ T7255] hsr_slave_1: entered promiscuous mode
[  359.609676][ T7255] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  359.628522][ T7255] Cannot create hsr debugfs directory
[  359.967011][ T5936] usb 3-1: device descriptor read/64, error -71
[  362.445363][ T7637] netlink: 'syz.2.339': attribute type 10 has an invalid length.
[  362.453879][ T7637] netlink: 40 bytes leftover after parsing attributes in process `syz.2.339'.
[  362.997930][ T7643] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  363.531120][ T7637] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  363.579715][   T35] bridge_slave_1: left allmulticast mode
[  363.585447][   T35] bridge_slave_1: left promiscuous mode
[  363.609044][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.711342][   T35] bridge_slave_0: left allmulticast mode
[  363.737886][   T35] bridge_slave_0: left promiscuous mode
[  363.756835][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.119989][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  365.136292][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  365.145967][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  365.156445][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  365.160215][ T7655] xt_CT: No such helper "syz0"
[  365.176636][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  365.389823][ T7667] netlink: 12 bytes leftover after parsing attributes in process `syz.3.342'.
[  365.400174][ T7667] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  367.329219][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  367.352044][ T5848] Bluetooth: hci1: command tx timeout
[  367.365827][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  367.383311][   T35] bond0 (unregistering): Released all slaves
[  368.909623][ T5842] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  368.927318][ T5842] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  368.935994][ T5842] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  369.293074][ T5842] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  369.305905][ T5842] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  369.389031][ T5848] Bluetooth: hci1: command tx timeout
[  370.791061][ T7685] lo speed is unknown, defaulting to 1000
[  370.873859][ T7708] netlink: 24 bytes leftover after parsing attributes in process `syz.2.349'.
[  371.559657][ T5848] Bluetooth: hci5: command tx timeout
[  371.566316][ T5842] Bluetooth: hci1: command tx timeout
[  372.141029][ T7658] lo speed is unknown, defaulting to 1000
[  373.629014][ T5848] Bluetooth: hci5: command tx timeout
[  373.634769][ T5848] Bluetooth: hci1: command tx timeout
[  374.389136][ T7733] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  375.708870][ T5842] Bluetooth: hci5: command tx timeout
[  376.339995][   T35] hsr_slave_0: left promiscuous mode
[  376.422610][   T35] hsr_slave_1: left promiscuous mode
[  376.530688][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  376.685208][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  378.537767][ T5842] Bluetooth: hci5: command tx timeout
[  380.115825][   T35] team0 (unregistering): Port device team_slave_1 removed
[  380.170908][   T35] team0 (unregistering): Port device team_slave_0 removed
[  382.460587][ T7768] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[  382.469963][ T7768] netdevsim netdevsim2: Falling back to sysfs fallback for: ./file0
[  382.801824][ T7777] input: syz1 as /devices/virtual/input/input10
[  382.959046][ T5936] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  383.307469][ T5936] usb 2-1: config 0 has an invalid interface number: 168 but max is 0
[  383.491923][ T5936] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  383.587869][ T5936] usb 2-1: config 0 has no interface number 0
[  383.626918][ T7788] IPVS: Error connecting to the multicast addr
[  383.657112][ T5936] usb 2-1: config 0 interface 168 altsetting 0 endpoint 0x7 has an invalid bInterval 0, changing to 7
[  383.736447][ T5936] usb 2-1: config 0 interface 168 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 16
[  383.770636][ T7782] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  383.913980][ T5936] usb 2-1: New USB device found, idVendor=0959, idProduct=2bd0, bcdDevice=48.98
[  384.462659][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  384.476980][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  384.541126][ T5936] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  384.690015][ T5936] usb 2-1: config 0 descriptor??
[  384.738424][ T7685] chnl_net:caif_netlink_parms(): no params data found
[  384.752094][ T5936] HFC-S_USB 2-1:0.168: probe with driver HFC-S_USB failed with error -5
[  384.853761][ T7658] chnl_net:caif_netlink_parms(): no params data found
[  385.549318][ T7798] vivid-003: disconnect
[  385.558940][ T7798] vivid-003: reconnect
[  385.626816][ T5889] usb 2-1: USB disconnect, device number 6
[  385.905610][   T35] bridge_slave_1: left allmulticast mode
[  385.917179][   T35] bridge_slave_1: left promiscuous mode
[  385.953567][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.032338][   T35] bridge_slave_0: left allmulticast mode
[  386.038179][   T35] bridge_slave_0: left promiscuous mode
[  386.046445][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.919419][   T35] bridge_slave_1: left allmulticast mode
[  386.925370][   T35] bridge_slave_1: left promiscuous mode
[  386.933301][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.036015][   T35] bridge_slave_0: left allmulticast mode
[  387.042143][   T35] bridge_slave_0: left promiscuous mode
[  387.049759][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.513053][ T7806] netlink: 8 bytes leftover after parsing attributes in process `syz.1.368'.
[  388.524186][ T7806] netlink: 8 bytes leftover after parsing attributes in process `syz.1.368'.
[  388.627270][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  388.648960][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  388.665995][   T35] bond0 (unregistering): Released all slaves
[  389.335646][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  389.355907][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  389.399015][   T35] bond0 (unregistering): Released all slaves
[  390.737116][ T7847] Invalid source name
[  390.741317][ T7847] UBIFS error (pid: 7847): cannot open "/dev/sg0", error -22
[  390.760971][ T7847] netlink: 16 bytes leftover after parsing attributes in process `syz.1.373'.
[  391.558954][ T7844] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false
[  392.952425][ T7658] bridge0: port 1(bridge_slave_0) entered blocking state
[  393.081047][ T7658] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.088347][ T7658] bridge_slave_0: entered allmulticast mode
[  393.141375][ T7658] bridge_slave_0: entered promiscuous mode
[  393.357051][   T35] hsr_slave_0: left promiscuous mode
[  393.382578][   T35] hsr_slave_1: left promiscuous mode
[  393.389468][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  393.406320][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  393.435562][   T35] hsr_slave_0: left promiscuous mode
[  393.445683][   T35] hsr_slave_1: left promiscuous mode
[  393.456934][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  393.647177][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  394.632869][ T7868] netlink: 'syz.2.376': attribute type 1 has an invalid length.
[  394.677788][   T30] audit: type=1800 audit(1755001517.557:42): pid=7849 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.372" name="/" dev="9p" ino=2 res=0 errno=0
[  394.708581][ T7869] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  396.134309][   T35] team0 (unregistering): Port device team_slave_1 removed
[  396.205803][   T35] team0 (unregistering): Port device team_slave_0 removed
[  397.193911][   T35] team0 (unregistering): Port device team_slave_1 removed
[  397.241344][   T35] team0 (unregistering): Port device team_slave_0 removed
[  397.459288][ T7658] bridge0: port 2(bridge_slave_1) entered blocking state
[  397.466494][ T7658] bridge0: port 2(bridge_slave_1) entered disabled state
[  397.488992][ T7658] bridge_slave_1: entered allmulticast mode
[  397.508907][ T7658] bridge_slave_1: entered promiscuous mode
[  397.520082][ T7857] netdevsim netdevsim1: Direct firmware load for þ failed with error -2
[  397.528651][ T7857] netdevsim netdevsim1: Falling back to sysfs fallback for: þ
[  397.657186][ T7685] bridge0: port 1(bridge_slave_0) entered blocking state
[  397.667533][ T7685] bridge0: port 1(bridge_slave_0) entered disabled state
[  397.681368][ T7685] bridge_slave_0: entered allmulticast mode
[  397.713810][ T7685] bridge_slave_0: entered promiscuous mode
[  397.807006][ T7685] bridge0: port 2(bridge_slave_1) entered blocking state
[  397.861369][ T7685] bridge0: port 2(bridge_slave_1) entered disabled state
[  397.877384][ T7685] bridge_slave_1: entered allmulticast mode
[  397.993767][ T7685] bridge_slave_1: entered promiscuous mode
[  401.304817][ T7658] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  401.381048][ T7685] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  401.849447][ T7658] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  401.871124][ T7685] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  404.817647][ T7916] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  405.024601][ T7685] team0: Port device team_slave_0 added
[  405.324303][ T7658] team0: Port device team_slave_0 added
[  405.354606][ T7658] team0: Port device team_slave_1 added
[  406.495120][ T7685] team0: Port device team_slave_1 added
[  406.845055][ T7685] batman_adv: batadv0: Adding interface: batadv_slave_0
[  406.853321][ T7685] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  406.879301][    C0] vkms_vblank_simulate: vblank timer overrun
[  406.928180][ T7685] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  407.766110][ T7658] batman_adv: batadv0: Adding interface: batadv_slave_0
[  407.773286][ T7658] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  408.138520][ T7658] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  408.184425][ T7658] batman_adv: batadv0: Adding interface: batadv_slave_1
[  408.220025][ T7658] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  408.341121][ T7658] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  408.379330][ T7685] batman_adv: batadv0: Adding interface: batadv_slave_1
[  408.904045][ T7685] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  409.168815][ T7685] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  409.872877][ T7968] netlink: 4 bytes leftover after parsing attributes in process `syz.2.394'.
[  410.012434][ T7685] hsr_slave_0: entered promiscuous mode
[  410.057205][ T7685] hsr_slave_1: entered promiscuous mode
[  410.079956][ T7685] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  410.091309][ T7685] Cannot create hsr debugfs directory
[  410.439343][ T7972] netlink: 4 bytes leftover after parsing attributes in process `syz.3.395'.
[  410.467561][ T7973] netlink: 4 bytes leftover after parsing attributes in process `syz.3.395'.
[  410.509860][ T7967] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  410.518002][ T7967] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  410.533755][ T7967] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  410.555704][ T7967] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  410.571692][ T7967] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  410.588049][ T7973] netlink: 4 bytes leftover after parsing attributes in process `syz.3.395'.
[  410.617808][ T7967] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  410.662849][ T7658] hsr_slave_0: entered promiscuous mode
[  410.670254][ T7658] hsr_slave_1: entered promiscuous mode
[  410.685725][ T7658] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  410.693805][ T7658] Cannot create hsr debugfs directory
[  412.591708][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout
[  412.599783][ T5842] Bluetooth: hci5: command 0x0c1a tx timeout
[  414.675478][ T5842] Bluetooth: hci5: command 0x0c1a tx timeout
[  414.682692][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout
[  416.503026][ T8012] ubi: mtd0 is already attached to ubi31
[  416.755056][ T5842] Bluetooth: hci5: command 0x0c1a tx timeout
[  416.761493][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout
[  417.039261][ T8019] netlink: 24 bytes leftover after parsing attributes in process `syz.2.402'.
[  424.522696][ T7685] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  424.594444][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  424.615655][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  424.620695][ T7685] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  424.635534][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  424.653593][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  424.665004][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  424.677333][   T30] audit: type=1804 audit(1755001547.557:43): pid=8056 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.408" name="/newroot/106/file0" dev="tmpfs" ino=616 res=1 errno=0
[  424.887598][ T7685] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  424.977385][ T7685] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  426.800235][ T5842] Bluetooth: hci0: command tx timeout
[  427.577091][ T8078] lo speed is unknown, defaulting to 1000
[  427.680006][ T8104] autofs: Bad value for 'fd'
[  428.096295][ T8115] netlink: 8 bytes leftover after parsing attributes in process `syz.2.416'.
[  428.811619][ T7594] bridge_slave_1: left allmulticast mode
[  428.817356][ T7594] bridge_slave_1: left promiscuous mode
[  428.839336][ T5842] Bluetooth: hci0: command tx timeout
[  428.989105][ T7594] bridge0: port 2(bridge_slave_1) entered disabled state
[  429.458318][ T7594] bridge_slave_0: left allmulticast mode
[  429.464676][ T7594] bridge_slave_0: left promiscuous mode
[  429.479975][ T7594] bridge0: port 1(bridge_slave_0) entered disabled state
[  430.308581][ T8128] netlink: 'syz.3.418': attribute type 2 has an invalid length.
[  430.909267][ T5842] Bluetooth: hci0: command tx timeout
[  431.578061][ T5848] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  431.590831][ T5848] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  431.606350][ T5848] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  431.648949][ T5848] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  431.673472][ T5848] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  431.720867][ T7594] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  431.741527][ T7594] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  431.813286][ T7594] bond0 (unregistering): Released all slaves
[  432.051736][ T8132] 8021q: adding VLAN 0 to HW filter on device bond0
[  432.105747][ T8132] bond0: (slave rose0): Enslaving as an active interface with an up link
[  432.217958][ T8143] CIFS mount error: No usable UNC path provided in device string!
[  432.217958][ T8143] 
[  432.228449][ T8143] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  432.988798][ T5842] Bluetooth: hci0: command tx timeout
[  433.791076][ T5842] Bluetooth: hci1: command tx timeout
[  435.395669][ T7594] hsr_slave_0: left promiscuous mode
[  435.605391][ T7594] hsr_slave_1: left promiscuous mode
[  435.648242][ T7594] batman_adv: batadv0: Removing interface: batadv_slave_0
[  435.868954][ T5842] Bluetooth: hci1: command tx timeout
[  436.359195][ T7594] batman_adv: batadv0: Removing interface: batadv_slave_1
[  436.742412][ T8174] ptrace attach of "./syz-executor exec"[5852] was attempted by "./syz-executor exec"[8174]
[  436.807736][ T8173] Bluetooth: hci5: Frame reassembly failed (-84)
[  437.636429][ T7594] team0 (unregistering): Port device team_slave_1 removed
[  437.719426][ T7594] team0 (unregistering): Port device team_slave_0 removed
[  437.958855][ T5848] Bluetooth: hci1: command tx timeout
[  438.270276][ T8158] : entered promiscuous mode
[  438.703063][ T8178] netlink: 'syz.3.427': attribute type 10 has an invalid length.
[  438.711600][ T8178] netlink: 40 bytes leftover after parsing attributes in process `syz.3.427'.
[  438.748287][ T8178] batman_adv: batadv0: Adding interface: virt_wifi0
[  438.755152][ T8178] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  438.781255][ T8178] batman_adv: batadv0: Interface activated: virt_wifi0
[  438.816017][ T8137] lo speed is unknown, defaulting to 1000
[  439.019282][ T5842] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  439.027023][ T5848] Bluetooth: hci5: command 0x1003 tx timeout
[  439.505890][ T8184] netlink: 4 bytes leftover after parsing attributes in process `syz.2.428'.
[  440.030018][ T5848] Bluetooth: hci1: command tx timeout
[  440.367553][ T8185] syz.1.429 (8185): drop_caches: 2
[  440.696186][ T8078] chnl_net:caif_netlink_parms(): no params data found
[  442.214861][ T8207] input: syz1 as /devices/virtual/input/input11
[  443.818924][ T8078] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.826081][ T8078] bridge0: port 1(bridge_slave_0) entered disabled state
[  443.873750][ T8078] bridge_slave_0: entered allmulticast mode
[  444.021004][ T8078] bridge_slave_0: entered promiscuous mode
[  444.101012][ T8078] bridge0: port 2(bridge_slave_1) entered blocking state
[  444.125720][ T8078] bridge0: port 2(bridge_slave_1) entered disabled state
[  444.139239][ T8078] bridge_slave_1: entered allmulticast mode
[  444.358084][ T8232] netlink: 28 bytes leftover after parsing attributes in process `syz.1.434'.
[  444.933455][ T8078] bridge_slave_1: entered promiscuous mode
[  445.446808][ T8078] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  445.510418][ T8239] netlink: 'syz.2.436': attribute type 1 has an invalid length.
[  445.556169][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  445.573349][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  445.595751][ T8241] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  446.341515][ T8078] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  446.661789][ T8247] Bluetooth: hci5: Frame reassembly failed (-84)
[  447.442125][ T8137] chnl_net:caif_netlink_parms(): no params data found
[  447.791061][ T8251] netlink: 4 bytes leftover after parsing attributes in process `syz.2.438'.
[  448.051506][ T8078] team0: Port device team_slave_0 added
[  448.080346][ T8251] bridge_slave_1: left allmulticast mode
[  448.092942][ T8251] bridge_slave_1: left promiscuous mode
[  448.122737][ T8251] bridge0: port 2(bridge_slave_1) entered disabled state
[  448.146734][ T8251] bridge_slave_0: left allmulticast mode
[  448.156409][ T8251] bridge_slave_0: left promiscuous mode
[  448.174188][ T8251] bridge0: port 1(bridge_slave_0) entered disabled state
[  448.749117][ T5848] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  449.292215][ T8078] team0: Port device team_slave_1 added
[  450.778657][ T8078] batman_adv: batadv0: Adding interface: batadv_slave_0
[  450.927694][ T8078] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  451.096866][ T8078] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  451.950768][ T8078] batman_adv: batadv0: Adding interface: batadv_slave_1
[  451.974182][ T8078] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  452.021437][ T8078] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  452.164755][ T8137] bridge0: port 1(bridge_slave_0) entered blocking state
[  452.186758][ T8137] bridge0: port 1(bridge_slave_0) entered disabled state
[  452.199110][ T8137] bridge_slave_0: entered allmulticast mode
[  452.299119][ T8287] Invalid ELF section header size
[  452.324880][ T8137] bridge_slave_0: entered promiscuous mode
[  452.417609][ T8289] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  452.432887][ T8289] cramfs: wrong magic
[  452.445243][ T8289] bridge0: port 2(bridge_slave_1) entered disabled state
[  452.454400][ T8289] bridge0: port 1(bridge_slave_0) entered disabled state
[  457.522433][ T8297] Bluetooth: hci5: Frame reassembly failed (-84)
[  459.629431][ T5848] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  461.572328][ T8137] bridge0: port 2(bridge_slave_1) entered blocking state
[  461.979189][ T8303] netlink: 4 bytes leftover after parsing attributes in process `syz.1.450'.
[  462.013341][ T8137] bridge0: port 2(bridge_slave_1) entered disabled state
[  462.044441][ T8137] bridge_slave_1: entered allmulticast mode
[  462.228990][ T8137] bridge_slave_1: entered promiscuous mode
[  463.286135][ T8078] hsr_slave_0: entered promiscuous mode
[  463.293783][ T8078] hsr_slave_1: entered promiscuous mode
[  463.301136][ T8078] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  463.309228][ T8078] Cannot create hsr debugfs directory
[  463.401740][ T8137] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  463.580309][ T8317] netlink: 14 bytes leftover after parsing attributes in process `syz.3.453'.
[  463.718431][   T30] audit: type=1804 audit(1755001586.497:44): pid=8320 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.452" name="/newroot/132/file0" dev="tmpfs" ino=745 res=1 errno=0
[  465.299591][ T8316] ALSA: mixer_oss: invalid OSS volume ''
[  466.866351][ T8339] netlink: 4268 bytes leftover after parsing attributes in process `syz.1.456'.
[  466.876428][ T8339] netlink: 4268 bytes leftover after parsing attributes in process `syz.1.456'.
[  467.803239][ T8345] Bluetooth: hci5: Frame reassembly failed (-84)
[  467.852203][ T8317] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  468.172997][ T8317] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  468.304293][ T8317] bond0 (unregistering): Released all slaves
[  468.592091][ T8321] ipvlan0: entered allmulticast mode
[  468.604277][ T8321] veth0_vlan: entered allmulticast mode
[  468.845100][ T8137] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  469.322192][ T8356] input: syz1 as /devices/virtual/input/input12
[  469.869412][ T5848] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  470.492895][ T8137] team0: Port device team_slave_0 added
[  471.027972][ T8361] netlink: 'syz.2.461': attribute type 4 has an invalid length.
[  471.035882][ T8361] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.461'.
[  471.763223][ T8137] team0: Port device team_slave_1 added
[  471.891253][ T7594] bridge_slave_1: left allmulticast mode
[  471.907163][ T7594] bridge_slave_1: left promiscuous mode
[  471.937762][ T7594] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.973753][ T7594] bridge_slave_0: left allmulticast mode
[  471.985217][ T7594] bridge_slave_0: left promiscuous mode
[  471.994182][ T7594] bridge0: port 1(bridge_slave_0) entered disabled state
[  472.173482][ T5918] Process accounting resumed
[  472.828316][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  472.847159][ T7594] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  472.863051][ T7594] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  472.879692][ T7594] bond0 (unregistering): Released all slaves
[  474.136617][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.164303][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.463230][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.687214][ T8389] netlink: 4 bytes leftover after parsing attributes in process `syz.2.466'.
[  475.276159][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  475.441529][ T7594] hsr_slave_0: left promiscuous mode
[  475.584490][ T7594] hsr_slave_1: left promiscuous mode
[  475.652087][ T7594] batman_adv: batadv0: Removing interface: batadv_slave_0
[  475.687377][ T8391] syz.3.467 (8391): drop_caches: 2
[  475.854560][ T7594] batman_adv: batadv0: Removing interface: batadv_slave_1
[  476.361749][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  477.393884][ T8400] Can't find ip_set type has
[  477.398128][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  477.426899][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  477.537678][ T7594] team0 (unregistering): Port device team_slave_1 removed
[  477.596071][ T7594] team0 (unregistering): Port device team_slave_0 removed
[  477.935888][ T8409] Bluetooth: hci6: Frame reassembly failed (-84)
[  478.425913][ T8137] batman_adv: batadv0: Adding interface: batadv_slave_0
[  478.433620][ T8137] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  478.460200][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  478.468882][ T8137] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  478.482048][ T8137] batman_adv: batadv0: Adding interface: batadv_slave_1
[  478.492122][ T8137] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  478.518513][ T8137] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  479.188176][ T8137] hsr_slave_0: entered promiscuous mode
[  479.195630][ T8137] hsr_slave_1: entered promiscuous mode
[  479.207761][ T8137] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  479.216283][ T8137] Cannot create hsr debugfs directory
[  479.469141][ T5842] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  479.475798][ T5851] Bluetooth: hci5: command 0x1003 tx timeout
[  479.476228][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.064125][ T5848] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  480.605223][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.700199][    T9] IPVS: starting estimator thread 0...
[  480.755096][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.798831][ T8422] IPVS: using max 32 ests per chain, 76800 per kthread
[  481.283973][   T30] audit: type=1800 audit(1755001604.057:45): pid=8427 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.473" name="bus" dev="overlay" ino=789 res=0 errno=0
[  482.070663][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  482.730509][ T8429] delete_channel: no stack
[  483.160074][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  483.631740][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  484.199089][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  484.600666][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  485.130278][ T8456] IPv6: Can't replace route, no match found
[  487.703101][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  487.733769][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  487.959942][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  487.974308][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  487.983463][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  487.993642][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  488.011670][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  488.170426][ T8460] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  488.436129][ T8462] lo speed is unknown, defaulting to 1000
[  488.671171][ T8473] netlink: 'syz.3.482': attribute type 20 has an invalid length.
[  488.751026][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  489.689479][ T8478] Can't find ip_set type hash:m
[  489.790156][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  490.095331][ T8477] dvmrp17: entered allmulticast mode
[  490.111388][ T5848] Bluetooth: hci0: command tx timeout
[  490.174742][ T5851] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  490.184859][ T5851] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  490.194363][ T5851] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  490.202263][ T5851] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  490.210044][ T5851] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  490.706846][ T8488] binder: Unknown parameter 'func'
[  490.920577][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  490.928787][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  490.936913][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  491.114316][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  491.122752][ T8483] lo speed is unknown, defaulting to 1000
[  491.130167][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  491.138518][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  491.184856][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  491.202666][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  491.949185][ T5842] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  492.219137][ T5842] Bluetooth: hci0: command tx timeout
[  492.269601][ T5842] Bluetooth: hci6: command tx timeout
[  493.031411][ T7577] bridge_slave_1: left allmulticast mode
[  493.037147][ T7577] bridge_slave_1: left promiscuous mode
[  493.067450][ T7577] bridge0: port 2(bridge_slave_1) entered disabled state
[  493.929349][ T6014] net_ratelimit: 491 callbacks suppressed
[  493.929367][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  493.951191][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  494.029836][ T7577] bridge_slave_0: left allmulticast mode
[  494.057981][ T7577] bridge_slave_0: left promiscuous mode
[  494.071615][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  494.089322][ T7577] bridge0: port 1(bridge_slave_0) entered disabled state
[  494.108521][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  494.118721][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  494.127562][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  494.136095][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  494.145061][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  494.196398][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  494.266826][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  494.293449][ T5842] Bluetooth: hci0: command tx timeout
[  494.344272][ T8514] netlink: 52 bytes leftover after parsing attributes in process `syz.1.488'.
[  494.359697][ T5842] Bluetooth: hci6: command tx timeout
[  494.404729][ T8514] netlink: 12 bytes leftover after parsing attributes in process `syz.1.488'.
[  494.437705][ T8514] nbd: must specify a size in bytes for the device
[  494.497081][ T8514] netlink: 12 bytes leftover after parsing attributes in process `syz.1.488'.
[  494.508809][ T8514] netlink: 4 bytes leftover after parsing attributes in process `syz.1.488'.
[  494.728764][ T7577] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  494.849388][ T7577] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  494.864272][ T7577] bond0 (unregistering): Released all slaves
[  495.006825][ T8462] chnl_net:caif_netlink_parms(): no params data found
[  495.108751][ T7577] hsr_slave_0: left promiscuous mode
[  495.123218][ T7577] hsr_slave_1: left promiscuous mode
[  495.129808][ T7577] batman_adv: batadv0: Removing interface: batadv_slave_0
[  495.355965][ T7577] batman_adv: batadv0: Removing interface: batadv_slave_1
[  496.781672][ T5848] Bluetooth: hci6: command tx timeout
[  496.788956][ T5842] Bluetooth: hci0: command tx timeout
[  497.430455][ T8533] Bluetooth: MGMT ver 1.23
[  498.296736][   T30] audit: type=1326 audit(1755001621.177:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8530 comm="syz.2.493" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f70fff8ebe9 code=0x0
[  498.414200][ T8535] netlink: 28 bytes leftover after parsing attributes in process `syz.2.493'.
[  498.423292][ T8535] netlink: 'syz.2.493': attribute type 7 has an invalid length.
[  498.431224][ T8535] netlink: 'syz.2.493': attribute type 8 has an invalid length.
[  498.438943][ T8535] netlink: 4 bytes leftover after parsing attributes in process `syz.2.493'.
[  498.468065][ T8541] netlink: 12 bytes leftover after parsing attributes in process `syz.1.494'.
[  498.688848][ T8543] netlink: 72 bytes leftover after parsing attributes in process `syz.1.494'.
[  498.697864][ T8543] netlink: 20 bytes leftover after parsing attributes in process `syz.1.494'.
[  498.812739][ T7577] team0 (unregistering): Port device team_slave_1 removed
[  498.814236][ T8543] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  498.830765][ T5842] Bluetooth: hci6: command tx timeout
[  498.984009][ T7577] team0 (unregistering): Port device team_slave_0 removed
[  499.242231][ T5936] net_ratelimit: 17 callbacks suppressed
[  499.242251][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  499.771339][ T8549] Bluetooth: hci1: Frame reassembly failed (-84)
[  500.245415][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  500.284682][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  501.372531][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  501.766269][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  502.194329][ T5842] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  502.915608][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  503.138866][ T6014] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  503.343307][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  504.412819][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  505.578535][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  505.657476][ T8462] bridge0: port 1(bridge_slave_0) entered blocking state
[  505.665631][ T8462] bridge0: port 1(bridge_slave_0) entered disabled state
[  505.680239][ T8462] bridge_slave_0: entered allmulticast mode
[  505.704475][ T8462] bridge_slave_0: entered promiscuous mode
[  505.752923][ T6014] usb 3-1: Using ep0 maxpacket: 8
[  506.078258][ T8462] bridge0: port 2(bridge_slave_1) entered blocking state
[  506.099872][ T6014] usb 3-1: device descriptor read/all, error -71
[  506.125823][ T8462] bridge0: port 2(bridge_slave_1) entered disabled state
[  506.199978][ T8462] bridge_slave_1: entered allmulticast mode
[  506.349025][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  506.353409][ T8462] bridge_slave_1: entered promiscuous mode
[  506.589881][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  507.009739][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  508.441859][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  509.392761][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  509.443437][ T8462] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  509.469721][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  509.509788][ T8483] chnl_net:caif_netlink_parms(): no params data found
[  509.608438][ T8462] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  510.510097][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  511.026502][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  511.179839][ T8462] team0: Port device team_slave_0 added
[  511.238978][ T8462] team0: Port device team_slave_1 added
[  511.560121][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  512.862115][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  512.889305][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  513.818788][ T8462] batman_adv: batadv0: Adding interface: batadv_slave_0
[  513.848815][ T8462] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  513.907748][ T8462] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  513.949581][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  514.008258][ T8462] batman_adv: batadv0: Adding interface: batadv_slave_1
[  514.139656][ T8462] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  514.177147][ T8462] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  515.019135][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  515.038026][ T8483] bridge0: port 1(bridge_slave_0) entered blocking state
[  515.078036][ T8483] bridge0: port 1(bridge_slave_0) entered disabled state
[  515.086818][ T8483] bridge_slave_0: entered allmulticast mode
[  515.125438][ T8483] bridge_slave_0: entered promiscuous mode
[  515.151627][ T8483] bridge0: port 2(bridge_slave_1) entered blocking state
[  515.173125][ T8483] bridge0: port 2(bridge_slave_1) entered disabled state
[  515.272391][ T8483] bridge_slave_1: entered allmulticast mode
[  515.367675][ T8483] bridge_slave_1: entered promiscuous mode
[  515.444720][ T8633] netlink: 44 bytes leftover after parsing attributes in process `syz.1.513'.
[  516.274799][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  516.283126][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  516.797289][ T8462] hsr_slave_0: entered promiscuous mode
[  516.828276][ T8462] hsr_slave_1: entered promiscuous mode
[  516.852891][ T8462] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  516.866367][ T8462] Cannot create hsr debugfs directory
[  517.309216][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  517.340148][ T8641] vti0: entered promiscuous mode
[  517.345279][ T8641] vti0: entered allmulticast mode
[  517.920550][ T8483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  518.030693][ T8483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  518.281002][ T8483] team0: Port device team_slave_0 added
[  518.349426][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  518.380939][ T8483] team0: Port device team_slave_1 added
[  519.376597][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  519.482957][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  519.611656][ T8483] batman_adv: batadv0: Adding interface: batadv_slave_0
[  519.627957][ T8483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  519.663983][ T8483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  519.714127][ T7577] bridge_slave_1: left allmulticast mode
[  519.720575][ T7577] bridge_slave_1: left promiscuous mode
[  519.726514][ T7577] bridge0: port 2(bridge_slave_1) entered disabled state
[  519.738181][ T7577] bridge_slave_0: left allmulticast mode
[  520.587747][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  520.595945][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  520.604208][ T7577] bridge_slave_0: left promiscuous mode
[  521.320214][ T7577] bridge0: port 1(bridge_slave_0) entered disabled state
[  522.629626][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  523.951842][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  523.979097][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  525.099133][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  526.232272][ T8689] netlink: 1408 bytes leftover after parsing attributes in process `syz.2.524'.
[  526.378898][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  526.433210][ T7577] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  526.452451][ T7577] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  526.473883][ T7577] bond0 (unregistering): Released all slaves
[  526.521072][ T8691] binder: BINDER_SET_CONTEXT_MGR already set
[  526.527133][ T8691] binder: 8690:8691 ioctl 4018620d 200000000040 returned -16
[  526.536897][ T8483] batman_adv: batadv0: Adding interface: batadv_slave_1
[  526.568392][ T8483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  526.595434][ T8483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  526.961737][ T7577] hsr_slave_0: left promiscuous mode
[  526.975602][ T7577] hsr_slave_1: left promiscuous mode
[  526.996065][ T7577] batman_adv: batadv0: Removing interface: batadv_slave_0
[  527.017983][ T7577] batman_adv: batadv0: Removing interface: batadv_slave_1
[  527.195299][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  527.913251][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  528.160391][ T8704] netlink: 36 bytes leftover after parsing attributes in process `syz.2.528'.
[  529.151175][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  530.511122][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  530.520708][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  530.529130][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  532.069371][ T8727] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  532.987182][ T8711] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  532.995279][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  533.006922][ T7594] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  533.016949][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  533.027916][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  533.039818][ T8728] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  533.085455][ T7577] team0 (unregistering): Port device team_slave_1 removed
[  533.120775][ T7577] team0 (unregistering): Port device team_slave_0 removed
[  533.301974][ T8483] hsr_slave_0: entered promiscuous mode
[  533.308472][ T8483] hsr_slave_1: entered promiscuous mode
[  533.322962][ T8483] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  533.332591][ T8483] Cannot create hsr debugfs directory
[  533.338220][ T8701] netlink: 28 bytes leftover after parsing attributes in process `syz.2.528'.
[  533.348692][ T8701] tipc: Started in network mode
[  533.353594][ T8701] tipc: Node identity 7, cluster identity 5
[  533.359960][ T8701] tipc: Node number set to 7
[  533.521811][ T8724] infiniband syz!: set active
[  533.526745][ T8724] infiniband syz!: added team_slave_0
[  533.534574][ T8724] syz!: rxe_create_cq: returned err = -12
[  533.540601][ T8724] infiniband syz!: Couldn't create ib_mad CQ
[  533.546727][ T8724] infiniband syz!: Couldn't open port 1
[  533.549191][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  533.592691][ T8724] RDS/IB: syz!: added
[  533.597200][ T8724] smc: adding ib device syz! with port count 1
[  533.603746][ T8724] smc:    ib device syz! port 1 has pnetid 
[  533.630400][ T7292] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  533.639383][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  533.650619][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  534.053966][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  535.301242][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  535.525788][ T5991] kernel write not supported for file /616/attr/sockcreate (pid: 5991 comm: kworker/1:5)
[  536.330002][ T8462] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  536.638143][ T8753] Bluetooth: hci1: Frame reassembly failed (-84)
[  537.359787][ T8750] netlink: 12 bytes leftover after parsing attributes in process `syz.1.535'.
[  537.730001][ T8462] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  537.767479][ T8462] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  537.832383][ T8462] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  538.510245][ T5991] net_ratelimit: 11 callbacks suppressed
[  538.510266][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  538.748938][ T5842] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  539.291960][ T7594] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  539.304180][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  539.563159][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  539.608346][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  539.633552][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  539.757540][ T7292] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  539.769423][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  539.778899][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  539.866461][ T8462] 8021q: adding VLAN 0 to HW filter on device bond0
[  539.947752][ T8462] 8021q: adding VLAN 0 to HW filter on device team0
[  540.219944][   T30] audit: type=1800 audit(1755001663.037:47): pid=8788 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.540" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  540.655167][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  540.688347][ T7577] bridge0: port 1(bridge_slave_0) entered blocking state
[  540.695665][ T7577] bridge0: port 1(bridge_slave_0) entered forwarding state
[  540.956712][ T7596] bridge0: port 2(bridge_slave_1) entered blocking state
[  540.963967][ T7596] bridge0: port 2(bridge_slave_1) entered forwarding state
[  541.602603][ T8483] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  541.695560][ T8462] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  541.875521][ T8483] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  541.901823][ T8483] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  541.956738][ T8483] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  542.375850][ T8483] 8021q: adding VLAN 0 to HW filter on device bond0
[  542.556383][ T8483] 8021q: adding VLAN 0 to HW filter on device team0
[  543.055156][ T7577] bridge0: port 1(bridge_slave_0) entered blocking state
[  543.062376][ T7577] bridge0: port 1(bridge_slave_0) entered forwarding state
[  543.151966][ T7594] bridge0: port 2(bridge_slave_1) entered blocking state
[  543.159206][ T7594] bridge0: port 2(bridge_slave_1) entered forwarding state
[  543.812252][   T43] net_ratelimit: 3 callbacks suppressed
[  543.812275][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  543.982452][ T8831] xt_hashlimit: max too large, truncated to 1048576
[  544.099198][ T8831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  544.108151][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  544.152791][ T8831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  544.161305][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  544.179113][ T8831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  544.188905][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  544.259011][ T8831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  544.267349][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  544.337550][ T8831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  546.328337][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  546.343679][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  546.359063][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  546.370549][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  546.382290][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  546.518842][ T5889] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  547.358748][ T5889] usb 4-1: Using ep0 maxpacket: 16
[  547.380054][ T5889] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  547.399766][ T5889] usb 4-1: config 0 interface 0 has no altsetting 0
[  547.410973][ T5889] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  547.585406][ T5889] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  547.809940][ T5889] usb 4-1: config 0 descriptor??
[  547.828522][ T5889] usb 4-1: can't set config #0, error -71
[  547.880734][ T5889] usb 4-1: USB disconnect, device number 7
[  549.006871][ T5842] Bluetooth: hci0: command tx timeout
[  549.104095][ T5991] net_ratelimit: 1460 callbacks suppressed
[  549.104127][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.123709][ T8483] 8021q: adding VLAN 0 to HW filter on device batadv0
[  549.149843][ T8873] netlink: 28 bytes leftover after parsing attributes in process `syz.2.552'.
[  549.287960][ T8831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.296370][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.308911][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.349534][ T8831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.357820][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.395207][ T8879] netlink: 36 bytes leftover after parsing attributes in process `syz.2.552'.
[  549.404784][ T8831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.413170][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.453658][ T8831] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.462087][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  549.583407][ T8855] lo speed is unknown, defaulting to 1000
[  551.084934][ T5848] Bluetooth: hci0: command tx timeout
[  553.096849][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  553.106035][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  553.114903][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  553.125426][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  553.139163][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  553.148786][ T5842] Bluetooth: hci0: command tx timeout
[  553.191956][ T8922] netlink: 'syz.2.559': attribute type 1 has an invalid length.
[  553.200065][ T8922] netlink: 216 bytes leftover after parsing attributes in process `syz.2.559'.
[  553.317441][ T8927] netlink: 'syz.3.560': attribute type 1 has an invalid length.
[  553.499628][ T8927] netlink: 224 bytes leftover after parsing attributes in process `syz.3.560'.
[  554.746422][   T43] net_ratelimit: 585 callbacks suppressed
[  554.746444][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  555.460873][ T5842] Bluetooth: hci1: command tx timeout
[  555.467285][ T5842] Bluetooth: hci0: command tx timeout
[  556.129441][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  556.590840][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  556.599319][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  556.614950][ T8933] xt_CT: No such helper "snmp"
[  556.754081][ T8915] lo speed is unknown, defaulting to 1000
[  557.248967][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  557.283515][ T6492] bridge_slave_1: left allmulticast mode
[  557.298688][ T6492] bridge_slave_1: left promiscuous mode
[  557.304614][ T6492] bridge0: port 2(bridge_slave_1) entered disabled state
[  557.424129][ T6492] bridge_slave_0: left allmulticast mode
[  557.435428][ T6492] bridge_slave_0: left promiscuous mode
[  557.469352][ T6492] bridge0: port 1(bridge_slave_0) entered disabled state
[  557.566990][ T5848] Bluetooth: hci1: command tx timeout
[  558.281419][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  559.275759][ T8950] netlink: 12 bytes leftover after parsing attributes in process `syz.3.562'.
[  559.309126][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  559.719289][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  559.728587][ T5848] Bluetooth: hci1: command tx timeout
[  560.386100][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  561.504245][ T8985] No such timeout policy "syz0"
[  561.789093][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  561.806180][ T5848] Bluetooth: hci1: command tx timeout
[  562.211492][ T8988] netlink: 36 bytes leftover after parsing attributes in process `syz.2.568'.
[  562.436075][ T8989] 9pnet: Could not find request transport: fd0x0000000000000003
[  562.749726][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  562.842175][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  562.880982][ T6492] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  562.899512][ T6492] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  562.912958][ T6492] bond0 (unregistering): Released all slaves
[  563.362218][ T9016] usb usb1: check_ctrlrecip: process 9016 (syz.2.572) requesting ep 01 but needs 81
[  563.870175][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  564.327370][ T6492] hsr_slave_0: left promiscuous mode
[  565.122240][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  565.242031][ T6492] hsr_slave_1: left promiscuous mode
[  565.248474][ T6492] batman_adv: batadv0: Removing interface: batadv_slave_0
[  565.414073][ T6492] batman_adv: batadv0: Removing interface: batadv_slave_1
[  565.793208][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  565.870937][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  566.189513][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  567.239418][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  568.338155][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  568.603883][ T9057] 9pnet_fd: Insufficient options for proto=fd
[  569.257704][ T9054] netlink: 'syz.1.580': attribute type 6 has an invalid length.
[  569.258059][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  569.269633][ T9054] netlink: 24 bytes leftover after parsing attributes in process `syz.1.580'.
[  569.449403][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  569.480836][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  570.519185][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  570.527665][   T30] audit: type=1326 audit(1755001693.407:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9052 comm="syz.1.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  570.622958][   T30] audit: type=1326 audit(1755001693.407:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9052 comm="syz.1.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  570.823452][   T30] audit: type=1326 audit(1755001693.407:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9052 comm="syz.1.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  570.846118][ T6492] team0 (unregistering): Port device team_slave_1 removed
[  571.068857][   T30] audit: type=1326 audit(1755001693.947:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9052 comm="syz.1.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  571.574536][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  571.584484][ T6492] team0 (unregistering): Port device team_slave_0 removed
[  571.622580][   T30] audit: type=1326 audit(1755001693.947:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9052 comm="syz.1.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6713f8ebe9 code=0x7ffc0000
[  571.976566][ T9068] ALSA: mixer_oss: invalid OSS volume ''
[  572.565379][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  572.599002][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  573.758147][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  574.880944][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  575.751084][ T9102] ubi: mtd0 is already attached to ubi31
[  576.492480][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  576.515503][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  577.264831][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  577.799765][ T9111] netlink: 8 bytes leftover after parsing attributes in process `syz.2.592'.
[  578.268943][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  579.117645][ T8855] chnl_net:caif_netlink_parms(): no params data found
[  579.845903][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  579.879931][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  580.946897][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  581.950138][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  582.908938][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  582.977382][ T8855] bridge0: port 1(bridge_slave_0) entered blocking state
[  582.988005][ T8855] bridge0: port 1(bridge_slave_0) entered disabled state
[  582.998283][ T8855] bridge_slave_0: entered allmulticast mode
[  583.945738][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  585.129878][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  585.140627][ T8855] bridge_slave_0: entered promiscuous mode
[  585.416375][ T9156] evm: overlay not supported
[  585.465412][ T8915] chnl_net:caif_netlink_parms(): no params data found
[  585.505976][ T8855] bridge0: port 2(bridge_slave_1) entered blocking state
[  585.520662][ T8855] bridge0: port 2(bridge_slave_1) entered disabled state
[  585.553103][ T8855] bridge_slave_1: entered allmulticast mode
[  585.570785][ T8855] bridge_slave_1: entered promiscuous mode
[  585.794782][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  586.006446][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  586.201832][ T5936] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  586.726775][ T8855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  586.772207][ T9172] netlink: 12 bytes leftover after parsing attributes in process `syz.1.603'.
[  586.809612][ T9172] netlink: 12 bytes leftover after parsing attributes in process `syz.1.603'.
[  586.841117][ T9172] [U] ^C
[  586.919000][ T9168] tipc: Resetting bearer <eth:vlan0>
[  586.928927][ T9168] vlan0: entered promiscuous mode
[  586.965164][ T8855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  587.241007][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  588.641121][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  588.663436][ T8855] team0: Port device team_slave_0 added
[  589.710558][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  589.719254][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  589.777783][ T8855] team0: Port device team_slave_1 added
[  590.034527][ T8915] bridge0: port 1(bridge_slave_0) entered blocking state
[  590.196218][ T9205] xt_hashlimit: size too large, truncated to 1048576
[  590.765083][ T8915] bridge0: port 1(bridge_slave_0) entered disabled state
[  590.772777][ T8915] bridge_slave_0: entered allmulticast mode
[  590.781125][ T8915] bridge_slave_0: entered promiscuous mode
[  590.808223][ T8915] bridge0: port 2(bridge_slave_1) entered blocking state
[  590.833142][ T8915] bridge0: port 2(bridge_slave_1) entered disabled state
[  590.892964][ T8915] bridge_slave_1: entered allmulticast mode
[  590.997955][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  591.056552][ T8915] bridge_slave_1: entered promiscuous mode
[  592.269734][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  592.878759][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  593.314912][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  593.464254][ T8855] batman_adv: batadv0: Adding interface: batadv_slave_0
[  593.474950][ T8855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  593.501132][    C0] vkms_vblank_simulate: vblank timer overrun
[  593.512582][ T8855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  593.687449][ T8915] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  593.724986][ T8855] batman_adv: batadv0: Adding interface: batadv_slave_1
[  593.763264][ T8855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  593.789256][    C0] vkms_vblank_simulate: vblank timer overrun
[  593.845234][ T8855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  593.881446][ T8915] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  594.910164][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  596.109010][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  596.255885][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  596.530889][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  598.830411][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  599.018385][ T9252] No control pipe specified
[  599.169610][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  599.869748][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  600.013339][ T9265] vivid-003: disconnect
[  600.029024][ T9265] Bluetooth: MGMT ver 1.23
[  600.146204][ T8855] hsr_slave_0: entered promiscuous mode
[  600.159952][ T8855] hsr_slave_1: entered promiscuous mode
[  600.169696][ T8855] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  600.178174][ T8855] Cannot create hsr debugfs directory
[  600.910122][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  600.950401][ T8915] team0: Port device team_slave_0 added
[  601.949152][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  602.016082][ T8915] team0: Port device team_slave_1 added
[  602.470185][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  602.643525][ T9260] vivid-003: reconnect
[  603.103507][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  603.392043][ T8915] batman_adv: batadv0: Adding interface: batadv_slave_0
[  603.412005][ T8915] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  603.445380][ T8915] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  603.486185][ T8915] batman_adv: batadv0: Adding interface: batadv_slave_1
[  603.493831][ T8915] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  603.520438][ T8915] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  603.717158][ T8915] hsr_slave_0: entered promiscuous mode
[  603.742898][ T8915] hsr_slave_1: entered promiscuous mode
[  603.749892][ T8915] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  603.757509][ T8915] Cannot create hsr debugfs directory
[  603.999809][ T9301] netlink: 16 bytes leftover after parsing attributes in process `syz.1.623'.
[  604.109190][   T43] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  605.153701][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  605.510835][ T9316] netlink: 'syz.3.626': attribute type 39 has an invalid length.
[  605.808831][ T5925] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  605.979753][ T5925] usb 4-1: config 1 has an invalid descriptor of length 246, skipping remainder of the config
[  606.045888][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  606.061568][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  606.107721][ T5925] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  606.152332][ T6492] bridge_slave_1: left allmulticast mode
[  606.169136][ T5925] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  606.180034][ T6492] bridge_slave_1: left promiscuous mode
[  606.185960][ T6492] bridge0: port 2(bridge_slave_1) entered disabled state
[  606.189741][ T5925] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  606.208817][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  606.225549][ T5925] usb 4-1: Product: syz
[  606.241001][ T5925] usb 4-1: Manufacturer: syz
[  606.258227][ T5925] usb 4-1: SerialNumber: syz
[  606.277204][ T6492] bridge_slave_0: left allmulticast mode
[  606.308755][ T6492] bridge_slave_0: left promiscuous mode
[  606.314667][ T6492] bridge0: port 1(bridge_slave_0) entered disabled state
[  606.320368][ T5925] cdc_ether 4-1:1.0: skipping garbage
[  606.327189][ T5925] usb 4-1: bad CDC descriptors
[  606.548469][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  606.559993][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  606.569138][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  606.581119][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  606.593903][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  606.988189][ T9332] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input18
[  607.059006][ T9333] netlink: 8 bytes leftover after parsing attributes in process `syz.1.627'.
[  607.068071][ T9333] netlink: 8 bytes leftover after parsing attributes in process `syz.1.627'.
[  607.244376][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  608.912752][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  608.930883][ T5842] Bluetooth: hci0: command tx timeout
[  609.068914][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  609.326757][ T9343] netlink: 'syz.1.629': attribute type 1 has an invalid length.
[  610.391875][ T6014] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  610.998744][ T5842] Bluetooth: hci0: command tx timeout
[  611.055740][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  611.175006][ T9340] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  611.201906][ T6492] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  611.213616][ T6492] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  611.225308][ T6492] bond0 (unregistering): Released all slaves
[  611.527478][ T9320] lo speed is unknown, defaulting to 1000
[  611.647514][ T5904] usb 4-1: USB disconnect, device number 8
[  612.109500][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  612.796006][ T5889] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  612.944412][ T9353] netlink: 'syz.1.631': attribute type 1 has an invalid length.
[  612.952303][ T9353] netlink: 224 bytes leftover after parsing attributes in process `syz.1.631'.
[  613.118918][ T5842] Bluetooth: hci0: command tx timeout
[  613.149109][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  614.190329][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  614.238861][ T6492] hsr_slave_0: left promiscuous mode
[  614.938786][ T6492] hsr_slave_1: left promiscuous mode
[  614.949339][ T6492] batman_adv: batadv0: Removing interface: batadv_slave_0
[  615.119544][ T6492] batman_adv: batadv0: Removing interface: batadv_slave_1
[  615.149183][ T5848] Bluetooth: hci0: command tx timeout
[  615.228978][ T5925] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  615.349604][ T5851] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  615.369887][ T5851] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  615.382394][ T5851] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  615.410214][ T5851] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  615.418095][ T5851] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  615.950951][ T5848] Bluetooth: hci5: command 0x1003 tx timeout
[  616.037643][ T5842] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  616.154618][ T5904] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  616.274248][ T5991] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  616.595704][ T9400] ucma_write: process 788 (syz.3.637) changed security contexts after opening file descriptor, this is not allowed.
[  617.735117][ T5842] Bluetooth: hci1: command tx timeout
[  617.796261][    C1] ------------[ cut here ]------------
[  617.802213][    C1] kernel BUG at arch/x86/mm/physaddr.c:28!
[  617.808134][    C1] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  617.814430][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  617.824288][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  617.834391][    C1] RIP: 0010:__phys_addr+0x16b/0x180
[  617.839620][    C1] Code: 9d ab 00 e9 45 ff ff ff e8 82 b6 4b 00 48 c7 c7 10 f7 fa 8d 48 89 de 4c 89 f2 e8 60 58 7a 03 e9 4d ff ff ff e8 66 b6 4b 00 90 <0f> 0b e8 5e b6 4b 00 90 0f 0b e8 56 b6 4b 00 90 0f 0b 0f 1f 00 90
[  617.859264][    C1] RSP: 0018:ffffc900001d7878 EFLAGS: 00010246
[  617.865348][    C1] RAX: ffffffff81746f5a RBX: 00007780fffc0000 RCX: ffff88801da8da00
[  617.873335][    C1] RDX: 0000000000000100 RSI: 000000017ffc0000 RDI: 00007780fffc0000
[  617.881322][    C1] RBP: ffffc900001d7b50 R08: 0000000000000000 R09: ffffffff81a8c084
[  617.889314][    C1] R10: dffffc0000000000 R11: ffffffff89edbc30 R12: ffffffff89edbc30
[  617.897301][    C1] R13: ffffffff81a8c084 R14: 000000017ffc0000 R15: dffffc0000000000
[  617.905284][    C1] FS:  0000000000000000(0000) GS:ffff888125d57000(0000) knlGS:0000000000000000
[  617.914314][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  617.921034][    C1] CR2: 00007fa1f7431317 CR3: 000000005b1bc000 CR4: 00000000003526f0
[  617.929111][    C1] Call Trace:
[  617.932410][    C1]  <TASK>
[  617.935353][    C1]  ? in_dev_free_rcu+0x49/0x60
[  617.940146][    C1]  kfree+0x77/0x440
[  617.943985][    C1]  ? __pfx_in_dev_free_rcu+0x10/0x10
[  617.949290][    C1]  ? rcu_core+0xc34/0x1710
[  617.954157][    C1]  in_dev_free_rcu+0x49/0x60
[  617.958776][    C1]  rcu_core+0xca5/0x1710
[  617.963036][    C1]  ? __lock_acquire+0xab9/0xd20
[  617.967928][    C1]  ? __pfx_rcu_core+0x10/0x10
[  617.972646][    C1]  ? rcu_qs+0xc4/0x170
[  617.976768][    C1]  ? __pfx_rcu_qs+0x10/0x10
[  617.981301][    C1]  ? sched_clock_cpu+0x74/0x430
[  617.986182][    C1]  ? rcu_softirq_qs+0xf2/0x350
[  617.991239][    C1]  ? __pfx_rcu_softirq_qs+0x10/0x10
[  617.996460][    C1]  handle_softirqs+0x283/0x870
[  618.001244][    C1]  ? schedule+0x165/0x360
[  618.005596][    C1]  ? run_ksoftirqd+0x9b/0x100
[  618.010300][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  618.015639][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  618.020698][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  618.025736][    C1]  run_ksoftirqd+0x9b/0x100
[  618.030266][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  618.035414][    C1]  smpboot_thread_fn+0x53f/0xa60
[  618.040385][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  618.045431][    C1]  kthread+0x70e/0x8a0
[  618.049521][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  618.054994][    C1]  ? __pfx_kthread+0x10/0x10
[  618.059606][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  618.064821][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  618.070032][    C1]  ? __pfx_kthread+0x10/0x10
[  618.074663][    C1]  ret_from_fork+0x3fc/0x770
[  618.079270][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  618.084408][    C1]  ? __switch_to_asm+0x39/0x70
[  618.089191][    C1]  ? __switch_to_asm+0x33/0x70
[  618.093974][    C1]  ? __pfx_kthread+0x10/0x10
[  618.098586][    C1]  ret_from_fork_asm+0x1a/0x30
[  618.103393][    C1]  </TASK>
[  618.106440][    C1] Modules linked in:
[  618.110422][    C1] ---[ end trace 0000000000000000 ]---
[  618.115916][    C1] RIP: 0010:__phys_addr+0x16b/0x180
[  618.121236][    C1] Code: 9d ab 00 e9 45 ff ff ff e8 82 b6 4b 00 48 c7 c7 10 f7 fa 8d 48 89 de 4c 89 f2 e8 60 58 7a 03 e9 4d ff ff ff e8 66 b6 4b 00 90 <0f> 0b e8 5e b6 4b 00 90 0f 0b e8 56 b6 4b 00 90 0f 0b 0f 1f 00 90
[  618.140938][    C1] RSP: 0018:ffffc900001d7878 EFLAGS: 00010246
[  618.147059][    C1] RAX: ffffffff81746f5a RBX: 00007780fffc0000 RCX: ffff88801da8da00
[  618.155126][    C1] RDX: 0000000000000100 RSI: 000000017ffc0000 RDI: 00007780fffc0000
[  618.163210][    C1] RBP: ffffc900001d7b50 R08: 0000000000000000 R09: ffffffff81a8c084
[  618.171276][    C1] R10: dffffc0000000000 R11: ffffffff89edbc30 R12: ffffffff89edbc30
[  618.179315][    C1] R13: ffffffff81a8c084 R14: 000000017ffc0000 R15: dffffc0000000000
[  618.187330][    C1] FS:  0000000000000000(0000) GS:ffff888125d57000(0000) knlGS:0000000000000000
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  618.196351][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  618.203012][    C1] CR2: 00007fa1f7431317 CR3: 000000005b1bc000 CR4: 00000000003526f0
[  618.211156][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[  618.218853][    C1] Kernel Offset: disabled
[  618.223212][    C1] Rebooting in 86400 seconds..