last executing test programs:

8.199616772s ago: executing program 1 (id=5):
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66643d0c79d3846101009049ca56f0a2f705fb78526dce", @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,use', @ANYRESDEC=0x0, @ANYRESDEC=0x0, @ANYBLOB=','])
kexec_load(0x3, 0x2, &(0x7f00000005c0)=[{&(0x7f0000000100)="047715ac7141c111fab2fcda5de4dc8b278029bcb1bd17524f177856cac105f463c77e2d2ab44d875217dc82baa911f236f959fb9227524d4fe6b621a19823457d04c399283edbac755852623c82f7206d26e918a2981c8f68476969bf8c4bcd37ba24e4ba1683339879a11b854a7478f898805f327af12eaab8ac918c201b", 0x7f, 0x5, 0xffffffff}, {&(0x7f0000000340)="8c4e55be8948c65379def4df90ce301f71e7", 0x12, 0x100, 0x9}], 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002840)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x20}, 0x1c, 0x0}}], 0x1, 0x14018891)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x40880, 0x0)
sendmmsg$alg(r2, &(0x7f0000007640)=[{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000740)="bd9c629b909dddebc0508bf412865663aded7919352b141faa7dc00680ce5a44ff1ed1c813c6c1e58e28c509cd269d0e79fff4d2ea4c1da69fa672c4f5eb15788aa929e9f5c94e443cf68a1759ee805958a7c76c8c7f11a39ea32c019c2f2c8cce48d92d659f623081974c0135dc1fe2a057f725a843c083e0620ffa607d3b9570a5b4094fca255491844b3d5cb63bab3d76ad07f9503d1450f1fb860b18ac983285f983e51262c539312073482f1538d9588323b836e6e2b7704dff3cbf89c2b828c7613310eafd664c946b1a6728154b1877257a8abe3d983344da083b86aee35e6b9b0d9307", 0xe7}], 0x1, &(0x7f00000008c0)=ANY=[@ANYBLOB="b800000000d983fd49e32f4399000000a0000000bd19a432ebf20eb0a0ee39d005e869fe74b9842d9c92be0054aa20f9dbfeb8e59fa49c486a1a51c45c98c886185e506d1cf93255718fc79d6b6d1d434c678807c5ab4264c8ba94065d11d8ee27dd16f4a0342bed8a3c79acd4bb1f9f46ef28a63b329e09a86c62f907539c9af6f1b0bc00510c3b27f64245b6f4f00e00bca3c91538839a52c3c393aada6ed6155fa03c988b6658e106d043cc8652373dd8e2a7"], 0xb8, 0x40800}, {0x0, 0x0, &(0x7f0000003900)=[{&(0x7f00000009c0)="c2debd9e2d4617d17e01e704d3576f8b26b757ffa164a105efcaa28e5d52d4383258c148e95e4ee927dab4ba9cdbf4dbf6b0e19f8b7e9a95211ec6aedfd78a09200b7076afabdae9c87c6837e202845b6cf3ac6b728856d66eef286087e0154a40c153e5fe7505615fb53b33f629928c80aeea7fd091180968d44cd4544b6bb4c116f4d6c4c3d148eb273bd4fa76ad8f709ed07bd2a91564fc364f1b971b0e005fe1d24f1b0d7f157b695c625cc39aac2d6f07b11d926c801fb1", 0xba}, {&(0x7f0000000ac0)="3fe4c8a3288f097706", 0x9}, {&(0x7f0000000b40)="86545d2157646172b815818bfd0e1457556266898579380233e0e3853e4a118a5a2bcc52eeea6b2dc4fc32c3f8", 0x2d}, {&(0x7f0000000b80)="0d4842ef613cd072196eae2d74d31c309df1c61a888039b1a23acbea852fb54afae1761845284c6e484aa5154a2b418ffe2ac1d6363010c9d8f2d75a71eb55849202714884c6a0a760f5e028016a68fc07407f5671a5a4a8c91e9d056039df63390376a7359c6fc2059d1e3ffeec1ff0f4c09099e8e61c268324d0fc621f6dc2912e4bd5316ff808ac5126ade9b759e1489c04a517e992d7b56d9df469c0c906000e0f82c089ec12677e7ade15e68a", 0xaf}, {&(0x7f0000000c40)="176d6b3905505e2a41391bf6fd66d8ad4ebc86e07694005204b0151bfa8dc581a5be209d8850a950791f10f76de79651272a11f6d7267276ff1596a47826a90a0b74b425d8ff2bbea5c5732f69a908c45b4b348abc24d2cd2031a9508ef8e3594bd12ebc38c466f76d6ff3618471f4f6574e1043766375eb889750ca25429f976089462bf1b689280ebc67640f4534eef4b7ffd85963bc5d8b114670c00f76cbdd722662dce5fc58daf323bf987ef7d646a99794c02b62b30e189691c4be9094ea58e9df52d9dbd9e0", 0xc9}, {&(0x7f0000000d40)="7edb39aa76e39c9fc185dd49e1d028ba5e90ec3bb54d3c486f189f406945a495fe7b4ad51446c162f581368e4d711db9add53f7917e1dc55ae9543ea21d63f85d9a5a996f6fa32ead42a9b7e97a7ae1b4a8f76ff9321b4ec76606f9709bb57eda4e8c45e797ff2cabc03a3d03ca57b5239833610ac4306ac2a443c768b9365de67f9f9be49fe7d6f4d71abedeb55ab91ddd31154758fcaa8f25a56126152b9ba46d9bd4cd0d67de6fda9f72a37319681c1750045b363a3b90faecc5b5cbc0a241152a62edc2d081937058931cfb823591b49c610995a895f214c473ef6e1d49051b9198877e4e9d920ff", 0xea}], 0x6, 0x0, 0x0, 0xc0}], 0x2, 0x48040)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@id={0x1e, 0x3, 0x1, {0x4e21}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000300)="80", 0x1}], 0x1}, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

7.540962077s ago: executing program 1 (id=6):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000540)="e8700e444d50a969ff6734d3cb06376f78", 0x11}], 0x2, 0x0, 0x0, 0x1}], 0x1, 0x40800)
recvmsg(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

6.155750794s ago: executing program 2 (id=3):
r0 = openat$userfaultfd(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0)
fcntl$setown(r0, 0x8, 0x0)
socket$nl_crypto(0x10, 0x3, 0x15)
ioctl$FS_IOC_GETVERSION(r0, 0x80087601, 0x0)

5.921512235s ago: executing program 1 (id=7):
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0xe6, 0x2602)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x380000f, 0x12, r0, 0x0)
syz_usb_connect(0x0, 0x3f, &(0x7f0000002000)=ANY=[@ANYBLOB="11010000733336088dee1adb236100000001"], 0x0)
mbind(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x800004000000053, 0x3)

5.656414015s ago: executing program 2 (id=8):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
listen(0xffffffffffffffff, 0x6)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x4, 0xfffffe0000000001, 0xfa0d, 0x2}, 0x0)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000040)={0x1})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f00000001c0)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/90})
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000001cc0))
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x80c42, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
read(r2, &(0x7f0000000040)=""/148, 0xffffff96)

5.582609884s ago: executing program 3 (id=4):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r2, 0x5607, 0x2c)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x79})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_MOVE(r3, 0xc028aa05, &(0x7f00000001c0)={&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x2000})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB='4\x00\x00', @ANYRES16=0x0], 0x34}}, 0x800)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r7)
write$tun(r6, &(0x7f0000000400)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @generic="2a6ad5fde1b6554242ac10fef9878574f7e568ff42b7b7151d6986161da58b840d7a6e0eb304946c4b948e98ec852cd40c1b51c39a1487d8b9912cf4e3091607d53f02f0954c89d08eec9bb780ff23d2f0e347d88d0edf4ca5d5c4f8b2ed6a9e836bccb2c65020578c56730534689dc1cbb21044dc8cd15b50f1ed31887ebf8de493e0364362eec95799088df4f44503e509d0fc2c7867d80f8fdd6bdc48cab8187e71a8ff8f05285679ca69809a7b7d04e80a81a9e75924162806c973348c57c81c5ba24fde98d8006dafb1e0a6096257ced6ef5ff20b62e6e5042b0ebd20a4a1d845b4b3ca9750aba8758bcf"}}, 0xfb)
ioctl$TIOCL_SETVESABLANK(r5, 0x560e, &(0x7f0000000140))
ioctl$VT_ACTIVATE(r5, 0x5606, 0x2)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r8, 0x541c, &(0x7f0000000000))

5.36968381s ago: executing program 0 (id=9):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1, 0x4}, 0x8)
bind$bt_sco(r0, &(0x7f0000000400), 0x8)
listen(r0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = gettid()
r3 = syz_open_procfs(r2, &(0x7f0000000040)='timerslack_ns\x00')
write$binfmt_format(r3, &(0x7f0000000180)='1\x00', 0x2)

4.904743755s ago: executing program 0 (id=10):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, 0x0, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x10042)
close(0x3)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)

4.09336896s ago: executing program 3 (id=11):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000080)=0xb, 0x8, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x181202, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

3.639979587s ago: executing program 0 (id=12):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$AUTOFS_IOC_SETTIMEOUT(0xffffffffffffffff, 0x80049367, &(0x7f0000000100)=0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x6, 0x3, 0x4, 0x4, 0x2, 0x3, 0xf1, 0x0, 0x7fffffffffffb, 0x8000, 0x0, 0x1, 0x0, 0x5, 0x0, 0xbde], 0x1000, 0x3c53c5})
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000040)={0x10200, 0x80, 0xc0, &(0x7f0000000340)=[0x5, 0x0, 0xe, 0x80, 0xe6b4, 0x101, 0xfffffffffffffffa, 0x2, 0x8, 0x2, 0x2, 0x700000000000000, 0x9, 0xffff, 0xfffffffffffffffe, 0x7, 0x7fffffff, 0x5, 0x26, 0x9880, 0x5, 0x6, 0x8, 0xfffffffffffffffe, 0x4, 0x20000000009, 0x2, 0x1fd, 0x8, 0x0, 0x7, 0x5, 0x5, 0x2, 0x501, 0x40, 0xfffffffffffffff5, 0x4, 0x7fffffff, 0x7d, 0x0, 0x6, 0x20008, 0x2e2, 0x103, 0x6, 0x8000000000000001, 0xfffffffffffffff9, 0x4100000000, 0xfffffffffffffffd, 0x8, 0x9, 0x7fff, 0xec, 0x8000000000000000, 0x4, 0x94f, 0x7, 0x7fffffffffffffff, 0x8, 0xffffffffffffffff, 0xd, 0x11, 0xa, 0x5, 0xa8, 0x1, 0x2000000000000007, 0x7fffffffffffffff, 0x3, 0x7, 0x7, 0xae8f, 0x100001e30fa4c, 0xa, 0x0, 0x4000008, 0xdac, 0xe94, 0x7, 0xfffffffffffffffc, 0xa7, 0xba00, 0x4, 0x9, 0x0, 0x1, 0x3, 0x4, 0x10001, 0xfffffffffffffff9, 0x3, 0x5, 0x21, 0xfffffffffffffc01, 0xfffffffffffffffd, 0x401, 0x3, 0x1e4b, 0x2, 0x79, 0xf, 0x10000, 0xe, 0x2, 0x3, 0x3, 0xfffffffffffffff9, 0x0, 0x4, 0xa, 0x40000001, 0x9, 0x2, 0xfff, 0x80, 0x3, 0xd, 0x4, 0x9, 0xffff, 0x1, 0x401, 0x1, 0x2, 0x7, 0xea7, 0x1]})
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x408d6}, 0x24000010)

2.211900559s ago: executing program 3 (id=13):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
accept4(r0, &(0x7f0000000180)=@in={0x2, 0x0, @loopback}, 0x0, 0x800)

2.150689894s ago: executing program 1 (id=14):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000540)="e8700e444d50a969ff6734d3cb06376f78", 0x11}], 0x2, 0x0, 0x0, 0x1}], 0x1, 0x40800)
recvmsg(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

1.716828503s ago: executing program 1 (id=15):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001680), r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000000)={0x64, r1, 0x1, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_REKEY_DATA={0x48, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="7f49401beb969f59fb3fa9d0809d6e305eda806ea074be9126c9ab8128aff444"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="e48a1ffa3c85fa30cf6c4ee29ac88554"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "81bbaa1f9ac620f7"}]}]}, 0x64}, 0x1, 0x0, 0x0, 0xcd}, 0x448d0)

1.396879166s ago: executing program 0 (id=16):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x3c}}, 0x0)

1.396538047s ago: executing program 2 (id=17):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0xb})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000300)={@flat=@handle={0x73682a85, 0xa, 0x1}, @ptr={0x70742a85, 0x80002, 0x0, 0x0, 0x1, 0x31}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x1, 0xca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x400}], 0x0, 0x0, 0x0})

1.396308988s ago: executing program 3 (id=18):
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f00003fb000/0x1000)=nil)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0xc, 0x7, 0x0, 0x40000005, 0x1, 0x4, 0x2, 0x7}})
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e23, @empty}, 0x0, 0x3, 0x0, 0x3}}, 0x26)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
msgctl$IPC_SET(0x0, 0x1, &(0x7f00000002c0)={{0x3, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x7}, 0x0, 0x0, 0x1, 0x1414, 0x10002, 0x51, 0x1, 0x8, 0x8580, 0x3})
socket$tipc(0x1e, 0x2, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x803, 0x300, 0x0, 0x101, 0x300}})

1.351714721s ago: executing program 1 (id=19):
write$RDMA_USER_CM_CMD_GET_EVENT(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000000/0xc000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0}, 0x68)
syz_open_dev$dvb_dvr(0x0, 0x0, 0x13f)
close(0x3)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24044045)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$IOMMU_IOAS_MAP(0xffffffffffffffff, 0x3b85, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x8, 0x0, 0x0, 0xd, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
syz_usb_connect$lan78xx(0x0, 0x0, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x8)
fallocate(r0, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x200000c, 0x13, r0, 0x2000)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
r2 = fanotify_init(0x200, 0x0)
fanotify_mark(r2, 0x101, 0x1, r1, 0x0)

484.268295ms ago: executing program 3 (id=20):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, 0x0, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x10042)
close(0x3)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)

420.607865ms ago: executing program 0 (id=21):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0xb})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x8, 0x0, &(0x7f00000005c0)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x1058, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000300)={@flat=@handle={0x73682a85, 0xa, 0x1}, @ptr={0x70742a85, 0x80002, &(0x7f0000000440)=""/210, 0xd2, 0x1, 0x31}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x1, 0xca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x400}], 0x0, 0x0, 0x0})

249.972202ms ago: executing program 2 (id=22):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x60042, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c460e02f9b7ff7f00000000000002000300fffeffffdf02000000000000400000000000000003030000000000000000000008003a00011d040004000d00030000000080000000000000000000000700000000000000080000000000000005000000000000000204"], 0x78)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
listen(r1, 0x28)
unshare(0x30040c00)
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x6048800)
r2 = syz_open_dev$usbfs(0x0, 0x76, 0x101701)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r2, 0x8108551b, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x14, 0x0, 0x0, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x800)
ioctl$FE_GET_PROPERTY(0xffffffffffffffff, 0x80086f53, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000000)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)
ioctl$SNDCTL_SEQ_SYNC(r0, 0x5101)

0s ago: executing program 0 (id=23):
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0xe6, 0x2602)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x380000f, 0x12, r0, 0x0)
syz_usb_connect(0x0, 0x3f, &(0x7f0000002000)=ANY=[@ANYBLOB="11010000733336088dee1adb2361000000010902"], 0x0)
mbind(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x800004000000053, 0x3)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.47' (ED25519) to the list of known hosts.
[   77.495808][ T5594] cgroup: Unknown subsys name 'net'
[   77.736751][ T5594] cgroup: Unknown subsys name 'cpuset'
[   77.812463][ T5594] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   79.635180][ T5594] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   83.154445][   T61] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   83.183160][ T5612] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   83.184144][ T5612] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   83.188650][ T5612] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   83.189916][ T5612] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   83.223741][ T4923] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   83.227945][ T5615] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   83.299472][ T5619] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   83.308346][ T4923] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   83.314641][ T5615] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   83.326204][ T5619] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   83.336633][ T5621] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   83.355848][ T5621] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   83.357298][ T5619] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   83.383621][ T5612] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   83.388731][ T5621] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   83.400994][ T5612] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   83.412081][ T5612] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   83.459334][ T5607] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   83.466833][ T5607] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   85.300242][ T5611] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.300487][ T5611] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.300685][ T5611] bridge_slave_0: entered allmulticast mode
[   85.310203][ T5611] bridge_slave_0: entered promiscuous mode
[   85.332765][ T5614] Bluetooth: hci0: command tx timeout
[   85.366907][ T5611] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.367116][ T5611] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.367526][ T5611] bridge_slave_1: entered allmulticast mode
[   85.371413][ T5611] bridge_slave_1: entered promiscuous mode
[   85.482035][ T5607] Bluetooth: hci1: command tx timeout
[   85.482201][ T5614] Bluetooth: hci2: command tx timeout
[   85.554921][ T5611] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.555402][ T5609] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.555779][ T5609] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.555989][ T5609] bridge_slave_0: entered allmulticast mode
[   85.558796][ T5609] bridge_slave_0: entered promiscuous mode
[   85.562224][ T5614] Bluetooth: hci3: command tx timeout
[   85.626548][ T5611] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.626965][ T5609] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.627219][ T5609] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.627407][ T5609] bridge_slave_1: entered allmulticast mode
[   85.630680][ T5609] bridge_slave_1: entered promiscuous mode
[   85.677752][ T5605] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.677998][ T5605] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.678419][ T5605] bridge_slave_0: entered allmulticast mode
[   85.681827][ T5605] bridge_slave_0: entered promiscuous mode
[   85.758432][ T5605] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.758777][ T5605] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.759413][ T5605] bridge_slave_1: entered allmulticast mode
[   85.773089][ T5605] bridge_slave_1: entered promiscuous mode
[   85.876928][ T5610] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.877233][ T5610] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.877514][ T5610] bridge_slave_0: entered allmulticast mode
[   85.881684][ T5610] bridge_slave_0: entered promiscuous mode
[   85.925853][ T5611] team0: Port device team_slave_0 added
[   85.931216][ T5609] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.931619][ T5610] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.931865][ T5610] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.935246][ T5610] bridge_slave_1: entered allmulticast mode
[   85.944226][ T5610] bridge_slave_1: entered promiscuous mode
[   85.992022][ T5611] team0: Port device team_slave_1 added
[   86.014665][ T5609] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.019830][ T5605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.087712][ T5605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.119206][ T5610] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.169228][ T5611] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.169240][ T5611] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   86.169258][ T5611] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.187496][ T5610] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.203248][ T5609] team0: Port device team_slave_0 added
[   86.244740][ T5611] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.244751][ T5611] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   86.244770][ T5611] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.299164][ T5609] team0: Port device team_slave_1 added
[   86.307421][ T5605] team0: Port device team_slave_0 added
[   86.363160][ T5605] team0: Port device team_slave_1 added
[   86.368747][ T5610] team0: Port device team_slave_0 added
[   86.412563][ T5610] team0: Port device team_slave_1 added
[   86.413986][ T5609] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.413996][ T5609] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   86.414013][ T5609] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.501079][ T5609] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.501091][ T5609] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   86.501108][ T5609] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.507876][ T5605] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.507910][ T5605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   86.507981][ T5605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.628214][ T5605] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.628231][ T5605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   86.628249][ T5605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.692525][ T5611] hsr_slave_0: entered promiscuous mode
[   86.694824][ T5611] hsr_slave_1: entered promiscuous mode
[   86.700123][ T5610] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.700137][ T5610] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   86.700165][ T5610] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.781716][ T5610] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.781732][ T5610] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   86.781757][ T5610] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.260971][ T5609] hsr_slave_0: entered promiscuous mode
[   87.264745][ T5609] hsr_slave_1: entered promiscuous mode
[   87.277230][ T5609] debugfs: 'hsr0' already exists in 'hsr'
[   87.277311][ T5609] Cannot create hsr debugfs directory
[   87.343460][ T5605] hsr_slave_0: entered promiscuous mode
[   87.345214][ T5605] hsr_slave_1: entered promiscuous mode
[   87.346663][ T5605] debugfs: 'hsr0' already exists in 'hsr'
[   87.346685][ T5605] Cannot create hsr debugfs directory
[   87.403334][ T5614] Bluetooth: hci0: command tx timeout
[   87.449985][ T5610] hsr_slave_0: entered promiscuous mode
[   87.451512][ T5610] hsr_slave_1: entered promiscuous mode
[   87.456119][ T5610] debugfs: 'hsr0' already exists in 'hsr'
[   87.456173][ T5610] Cannot create hsr debugfs directory
[   87.562206][ T5614] Bluetooth: hci2: command tx timeout
[   87.562236][ T5614] Bluetooth: hci1: command tx timeout
[   87.642187][ T5614] Bluetooth: hci3: command tx timeout
[   88.314718][ T5611] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   88.383154][ T5611] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   88.397021][ T5611] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   88.437738][ T5611] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   88.448981][ T5611] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   88.478047][ T5611] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   88.509099][ T5611] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   88.537032][ T5611] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   88.677358][ T5605] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   88.717137][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   88.735785][ T5605] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   88.776240][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   88.779176][ T5605] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   88.817390][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   88.841690][ T5605] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   88.878271][ T5605] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   89.052932][ T5610] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   89.088541][ T5610] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   89.104727][ T5610] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   89.153089][ T5610] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   89.157260][ T5610] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   89.186630][ T5610] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   89.218290][ T5610] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   89.247570][ T5610] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   89.433843][ T5609] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   89.479110][ T5609] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   89.482122][ T5614] Bluetooth: hci0: command tx timeout
[   89.499301][ T5609] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   89.527282][ T5609] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   89.540311][ T5609] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   89.576119][ T5609] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   89.590481][ T5609] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   89.620070][ T5609] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   89.642118][ T5614] Bluetooth: hci1: command tx timeout
[   89.642149][ T5614] Bluetooth: hci2: command tx timeout
[   89.711787][ T5611] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.724195][ T5607] Bluetooth: hci3: command tx timeout
[   89.820046][ T5611] 8021q: adding VLAN 0 to HW filter on device team0
[   89.866302][ T5605] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.881416][   T88] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.881598][   T88] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.949433][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.949566][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.040301][ T5605] 8021q: adding VLAN 0 to HW filter on device team0
[   90.090799][ T5610] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.105757][   T88] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.105920][   T88] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.155664][   T88] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.155795][   T88] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.260143][ T5610] 8021q: adding VLAN 0 to HW filter on device team0
[   90.301753][ T5609] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.329936][ T3357] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.330075][ T3357] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.396193][ T3357] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.396341][ T3357] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.503946][ T5609] 8021q: adding VLAN 0 to HW filter on device team0
[   90.589593][ T1457] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.589781][ T1457] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.655795][ T1027] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.655911][ T1027] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.369035][ T5611] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.562486][ T5607] Bluetooth: hci0: command tx timeout
[   91.725421][ T5607] Bluetooth: hci2: command tx timeout
[   91.725450][ T5607] Bluetooth: hci1: command tx timeout
[   91.799787][   T10] cfg80211: failed to load regulatory.db
[   91.802295][ T5614] Bluetooth: hci3: command tx timeout
[   91.897341][ T5611] veth0_vlan: entered promiscuous mode
[   91.929593][ T5605] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.986538][ T5610] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.005052][ T5611] veth1_vlan: entered promiscuous mode
[   92.180440][ T5609] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.255430][ T5611] veth0_macvtap: entered promiscuous mode
[   92.274052][ T5605] veth0_vlan: entered promiscuous mode
[   92.289484][ T5610] veth0_vlan: entered promiscuous mode
[   92.304022][ T5611] veth1_macvtap: entered promiscuous mode
[   92.344524][ T5605] veth1_vlan: entered promiscuous mode
[   92.386481][ T5610] veth1_vlan: entered promiscuous mode
[   92.423758][ T5611] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.472941][ T5611] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.517272][ T5609] veth0_vlan: entered promiscuous mode
[   92.524516][   T88] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.545183][   T88] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.567076][   T88] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.588920][   T88] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.605594][ T5605] veth0_macvtap: entered promiscuous mode
[   92.679335][ T5609] veth1_vlan: entered promiscuous mode
[   92.716579][ T5605] veth1_macvtap: entered promiscuous mode
[   92.724335][ T5610] veth0_macvtap: entered promiscuous mode
[   92.804526][ T5610] veth1_macvtap: entered promiscuous mode
[   93.001397][ T5605] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.055431][ T5610] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.093708][ T5605] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.115108][ T5610] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.118634][ T5609] veth0_macvtap: entered promiscuous mode
[   93.135720][ T1027] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.135777][ T1027] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.182045][   T88] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.185362][   T88] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.189580][   T88] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.230655][   T88] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.231456][ T5609] veth1_macvtap: entered promiscuous mode
[   93.261266][   T88] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.280775][   T88] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.308405][   T88] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.359499][   T88] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.493056][ T1457] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.493079][ T1457] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.655618][ T5609] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.772312][ T5609] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.999127][ T1457] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.999147][ T1457] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.020632][   T88] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.035295][   T88] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.038989][   T88] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.087219][   T88] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.263890][   T88] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.263909][   T88] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.379461][ T3357] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.379480][ T3357] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.705505][ T1457] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.705540][ T1457] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.874702][ T5764] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   95.070215][ T1226] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.070233][ T1226] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.553805][ T1530] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.553823][ T1530] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.965924][ T5718] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   98.193424][ T5718] usb 2-1: Using ep0 maxpacket: 8
[   98.278231][ T5718] usb 2-1: unable to read config index 0 descriptor/start: -61
[   98.278259][ T5718] usb 2-1: can't read configurations, error -61
[   98.432662][ T5718] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   98.598928][ T5718] usb 2-1: Using ep0 maxpacket: 8
[   98.601351][ T5718] usb 2-1: unable to read config index 0 descriptor/start: -61
[   98.601374][ T5718] usb 2-1: can't read configurations, error -61
[   98.603158][ T5718] usb usb2-port1: attempt power cycle
[   99.034116][ T5718] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   99.055818][ T5718] usb 2-1: Using ep0 maxpacket: 8
[   99.114930][ T5718] usb 2-1: unable to read config index 0 descriptor/start: -61
[   99.114969][ T5718] usb 2-1: can't read configurations, error -61
[  100.586606][ T5718] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  100.671083][ T5718] usb 2-1: device descriptor read/8, error -71
[  100.838604][ T5718] usb usb2-port1: unable to enumerate USB device
[  102.475370][ T5815] binder: BINDER_SET_CONTEXT_MGR already set
[  102.475387][ T5815] binder: 5813:5815 ioctl 4018620d 200000000040 returned -16
[  103.277054][ T5823] ------------[ cut here ]------------
[  103.277066][ T5823] task_rq(p) != rq
[  103.277075][ T5823] WARNING: kernel/sched/fair.c:7656 at hrtick_start_fair+0x196/0x1f0, CPU#0: syz.3.20/5823
[  103.277112][ T5823] Modules linked in:
[  103.277140][ T5823] CPU: 0 UID: 0 PID: 5823 Comm: syz.3.20 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  103.277158][ T5823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  103.277170][ T5823] RIP: 0010:hrtick_start_fair+0x196/0x1f0
[  103.277193][ T5823] Code: 42 80 3c 20 00 74 08 4c 89 ff e8 85 f5 97 00 4d 39 37 0f 85 0c ff ff ff 48 89 df 5b 41 5c 41 5d 41 5e 41 5f e9 7b 64 fa ff 90 <0f> 0b 90 e9 d1 fe ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 82
[  103.277206][ T5823] RSP: 0018:ffffc90005af7900 EFLAGS: 00010087
[  103.277219][ T5823] RAX: ffff8880b873ba40 RBX: ffff8880b863ba40 RCX: ffffffff8197d8ae
[  103.277230][ T5823] RDX: 0000000000000000 RSI: ffff888028731f00 RDI: ffff8880b863ba40
[  103.277241][ T5823] RBP: dffffc0000000000 R08: ffffffff8fcf390f R09: 1ffffffff1f9e721
[  103.277253][ T5823] R10: dffffc0000000000 R11: fffffbfff1f9e722 R12: dffffc0000000000
[  103.277265][ T5823] R13: 1ffff110170c78d6 R14: ffff888028731f00 R15: ffffffff8dc257d8
[  103.277277][ T5823] FS:  0000555557816500(0000) GS:ffff888125a6b000(0000) knlGS:0000000000000000
[  103.277290][ T5823] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  103.277301][ T5823] CR2: ffff88823bfcd000 CR3: 0000000041354000 CR4: 00000000003526f0
[  103.277314][ T5823] Call Trace:
[  103.277324][ T5823]  <TASK>
[  103.277333][ T5823]  set_next_task_fair+0xa68/0xce0
[  103.277360][ T5823]  __schedule+0x3e03/0x5550
[  103.277397][ T5823]  ? __pfx___schedule+0x10/0x10
[  103.277422][ T5823]  ? schedule+0x90/0x360
[  103.277441][ T5823]  schedule+0x164/0x360
[  103.277460][ T5823]  do_nanosleep+0x287/0x730
[  103.277481][ T5823]  ? do_nanosleep+0x8a/0x730
[  103.277501][ T5823]  ? __pfx_do_nanosleep+0x10/0x10
[  103.277518][ T5823]  ? __asan_memset+0x22/0x50
[  103.277541][ T5823]  ? __hrtimer_setup+0x1c2/0x260
[  103.277556][ T5823]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  103.277576][ T5823]  hrtimer_nanosleep+0x217/0x450
[  103.277595][ T5823]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[  103.277615][ T5823]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  103.277640][ T5823]  __se_sys_clock_nanosleep+0x35b/0x3b0
[  103.277661][ T5823]  ? __pfx___se_sys_clock_nanosleep+0x10/0x10
[  103.277684][ T5823]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.277702][ T5823]  do_syscall_64+0x174/0x580
[  103.277724][ T5823]  ? clear_bhb_loop+0x40/0x90
[  103.277743][ T5823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.277759][ T5823] RIP: 0033:0x7f788441d68e
[  103.277776][ T5823] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  103.277789][ T5823] RSP: 002b:00007fff0c230ad8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
[  103.277804][ T5823] RAX: ffffffffffffffda RBX: 0000555557816500 RCX: 00007f788441d68e
[  103.277815][ T5823] RDX: 00007fff0c230b30 RSI: 0000000000000000 RDI: 0000000000000000
[  103.277825][ T5823] RBP: 00007f78846d7da0 R08: 0000000000000000 R09: 0000000000000000
[  103.277834][ T5823] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000001943a
[  103.277848][ T5823] R13: 00007f78846d609c R14: 0000000000019193 R15: 00007f78846d6090
[  103.277871][ T5823]  </TASK>
[  103.277879][ T5823] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  103.277890][ T5823] CPU: 0 UID: 0 PID: 5823 Comm: syz.3.20 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  103.277918][ T5823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  103.277926][ T5823] Call Trace:
[  103.277932][ T5823]  <TASK>
[  103.277938][ T5823]  vpanic+0x56c/0xa60
[  103.277961][ T5823]  ? __pfx__printk+0x10/0x10
[  103.277977][ T5823]  ? __pfx_vpanic+0x10/0x10
[  103.277997][ T5823]  ? is_bpf_text_address+0x292/0x2b0
[  103.278019][ T5823]  ? is_bpf_text_address+0x26/0x2b0
[  103.278046][ T5823]  panic+0xc5/0xd0
[  103.278067][ T5823]  ? __pfx_panic+0x10/0x10
[  103.278099][ T5823]  __warn+0x315/0x4c0
[  103.278120][ T5823]  ? hrtick_start_fair+0x196/0x1f0
[  103.278141][ T5823]  ? hrtick_start_fair+0x196/0x1f0
[  103.278162][ T5823]  __report_bug+0x339/0x540
[  103.278186][ T5823]  ? hrtick_start_fair+0x196/0x1f0
[  103.278206][ T5823]  ? __pfx___report_bug+0x10/0x10
[  103.278225][ T5823]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  103.278251][ T5823]  ? hrtick_start_fair+0x196/0x1f0
[  103.278271][ T5823]  report_bug+0x16a/0x220
[  103.278291][ T5823]  ? hrtick_start_fair+0x196/0x1f0
[  103.278309][ T5823]  ? hrtick_start_fair+0x198/0x1f0
[  103.278328][ T5823]  handle_bug+0x9c/0x200
[  103.278353][ T5823]  exc_invalid_op+0x1a/0x50
[  103.278374][ T5823]  asm_exc_invalid_op+0x1a/0x20
[  103.278389][ T5823] RIP: 0010:hrtick_start_fair+0x196/0x1f0
[  103.278426][ T5823] Code: 42 80 3c 20 00 74 08 4c 89 ff e8 85 f5 97 00 4d 39 37 0f 85 0c ff ff ff 48 89 df 5b 41 5c 41 5d 41 5e 41 5f e9 7b 64 fa ff 90 <0f> 0b 90 e9 d1 fe ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 82
[  103.278439][ T5823] RSP: 0018:ffffc90005af7900 EFLAGS: 00010087
[  103.278451][ T5823] RAX: ffff8880b873ba40 RBX: ffff8880b863ba40 RCX: ffffffff8197d8ae
[  103.278463][ T5823] RDX: 0000000000000000 RSI: ffff888028731f00 RDI: ffff8880b863ba40
[  103.278474][ T5823] RBP: dffffc0000000000 R08: ffffffff8fcf390f R09: 1ffffffff1f9e721
[  103.278486][ T5823] R10: dffffc0000000000 R11: fffffbfff1f9e722 R12: dffffc0000000000
[  103.278498][ T5823] R13: 1ffff110170c78d6 R14: ffff888028731f00 R15: ffffffff8dc257d8
[  103.278516][ T5823]  ? set_next_task_fair+0xa4e/0xce0
[  103.278549][ T5823]  set_next_task_fair+0xa68/0xce0
[  103.278571][ T5823]  __schedule+0x3e03/0x5550
[  103.278605][ T5823]  ? __pfx___schedule+0x10/0x10
[  103.278628][ T5823]  ? schedule+0x90/0x360
[  103.278647][ T5823]  schedule+0x164/0x360
[  103.278682][ T5823]  do_nanosleep+0x287/0x730
[  103.278702][ T5823]  ? do_nanosleep+0x8a/0x730
[  103.278751][ T5823]  ? __pfx_do_nanosleep+0x10/0x10
[  103.278773][ T5823]  ? __asan_memset+0x22/0x50
[  103.278802][ T5823]  ? __hrtimer_setup+0x1c2/0x260
[  103.278815][ T5823]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  103.278857][ T5823]  hrtimer_nanosleep+0x217/0x450
[  103.278902][ T5823]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[  103.278923][ T5823]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  103.278949][ T5823]  __se_sys_clock_nanosleep+0x35b/0x3b0
[  103.278968][ T5823]  ? __pfx___se_sys_clock_nanosleep+0x10/0x10
[  103.278992][ T5823]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.279009][ T5823]  do_syscall_64+0x174/0x580
[  103.279031][ T5823]  ? clear_bhb_loop+0x40/0x90
[  103.279050][ T5823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.279066][ T5823] RIP: 0033:0x7f788441d68e
[  103.279079][ T5823] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  103.279091][ T5823] RSP: 002b:00007fff0c230ad8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
[  103.279106][ T5823] RAX: ffffffffffffffda RBX: 0000555557816500 RCX: 00007f788441d68e
[  103.279118][ T5823] RDX: 00007fff0c230b30 RSI: 0000000000000000 RDI: 0000000000000000
[  103.279128][ T5823] RBP: 00007f78846d7da0 R08: 0000000000000000 R09: 0000000000000000
[  103.279138][ T5823] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000001943a
[  103.279148][ T5823] R13: 00007f78846d609c R14: 0000000000019193 R15: 00007f78846d6090
[  103.279171][ T5823]  </TASK>
[  104.431663][ T5823] Shutting down cpus with NMI
[  104.432321][ T5823] Kernel Offset: disabled