last executing test programs:

4m3.243629673s ago: executing program 2 (id=1662):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
ioperm(0x0, 0x6, 0x10000)
sync()
r1 = dup(r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x13f, 0x1}}, 0x20)
ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f00000000c0)={0x600, 0x32200})
socket$igmp(0x2, 0x3, 0x2)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000b40)=ANY=[@ANYBLOB="1201000057eb0020fd070400fa8e0102030109021b00020000000009044a0000ff48"], 0x0)

4m0.812240794s ago: executing program 2 (id=1669):
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000030000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000030000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000a40)={0x2020}, 0x2)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3a)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000ff858500000071000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x8000000, 0xfc, 0xf, 0x1, 0xffffffff}}}}]}, 0x4c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r10, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000d40)={0x34, r11, 0x329, 0x0, 0x0, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="00000e00000000ead900128009000100626f6e64000000800c0002800500110001000000"], 0x3c}}, 0x0)

4m0.02098388s ago: executing program 2 (id=1672):
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdef0, 0x8000000000000000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
setitimer(0x2, 0x0, 0x0)
getitimer(0x2, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000500)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x0, 0x1)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f00000002c0)={0x0, 0x10000, 0x0, [0x0, 0x0, 0x1], [0x0, 0x0, 0x2, 0x800000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x404, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x2000000000000, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x20000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x400000000000, 0x0, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x763, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000]})
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='cifs\x00', 0x0, &(0x7f00000002c0)='cache=none')
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e25, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
mkdir(&(0x7f0000000140)='./file0\x00', 0x30)
mount(0x0, &(0x7f0000004580)='./file0\x00', 0x0, 0x0, 0x0)
creat(&(0x7f0000000100)='./bus\x00', 0x0)
r5 = open(&(0x7f0000000080)='./bus\x00', 0x143042, 0x83)
ftruncate(r5, 0x2008002)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)

3m59.445331809s ago: executing program 2 (id=1674):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100000010bd408205000000000000000109022400011b0000000904"], 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x7e, &(0x7f0000000080)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x68, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x15, 0x4, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x3}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@remote}, {@multicast1}, {@empty}, {@dev={0xac, 0x14, 0x14, 0x33}}, {}, {}, {@empty}]}]}}}}}}}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x110)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@userxattr}]})
chdir(&(0x7f0000000140)='./bus\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x40)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x6c, 0x0, 0x8}, {0xc, 0x81, 0x10}, {0x6, 0x7, 0x1}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$getregs(0xc, r4, 0xf7000000, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
pipe2$watch_queue(0x0, 0x80)
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000280)='./file1\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1607010, 0x0)
symlinkat(&(0x7f0000000100)='./bus\x00', r3, &(0x7f0000000300)='./bus\x00')
r5 = getpid()
fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x6, 0x8000040000000001, r5})
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

3m55.169448413s ago: executing program 2 (id=1686):
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x43, &(0x7f00000003c0)={0x0, 0xea60}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
open(&(0x7f00000000c0)='./file0\x00', 0x101000, 0x2)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
r3 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x0, &(0x7f0000004280)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@afid}, {@aname={'aname', 0x3d, '@#@'}}], [], 0x6b}})
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000100)=@nullb, &(0x7f0000000400)='./file0\x00', &(0x7f00000001c0)='ufs\x00', 0x0, &(0x7f0000000340))

3m54.467292714s ago: executing program 2 (id=1688):
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, 0x0, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
listen(r3, 0x20000005)
r4 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r5 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg$inet6(r5, &(0x7f00000001c0), 0x0, 0x0)

3m54.152299463s ago: executing program 32 (id=1688):
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, 0x0, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
listen(r3, 0x20000005)
r4 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r5 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg$inet6(r5, &(0x7f00000001c0), 0x0, 0x0)

3m6.373934431s ago: executing program 1 (id=1850):
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x43, &(0x7f00000003c0)={0x0, 0xea60}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r5, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r2, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r4, 0x0, <r6=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r3, 0x3ba0, &(0x7f0000000080)={0x48, 0x8, r6, 0x0, 0x7fffff, 0x6ae, &(0x7f0000000700)="85653f453420ca7d5107cac3b1c61de0a1009492a7c67d538843c3f5ba1f143fc6f1cd155f7653e1393744f396a94d8d0becf9445701326980185d6f5cc0c2ee263914da7695c86440305aa84ad2ff0c61d29e1218e6659aedbc1cea7416b5b4a991455d2534207f281a52670d763fdb36af099158c93f565c3ec3a6eddd7ee3974954d0d20fa5635c69037286a94ddd6f1a231625bcc29bdb05b5e8fef40e9a6a30de284e26f47210a18f5b1063528c16d560d916a6c811c1bae078daa7534d43906981300cd79bddf1b6c4bb873604d671da76de5d729fcd8bd703e97bde4721558c2a43dc7d5b6208acdcd8f82f3bba8753d4136b76471bd0d8d31a9f1596a15e0e18e14005249610e97f6bf581db1a50871d65742514336bc9e1fcee7dd958da853a56757f38a1009a8f81886992d594388aa4815b168d966b71b50f87b4a6ef57b5c8b1e0ce840c244d052ddf45923a7843883431b9bc43785c0e07a24459fe47642a251f6181f8c679e6bd568213f1df3cdd59dd9bd3c6131865f11570fe242d6551dc3201eaa3705cf9096561fce1273b3b767f0ea0657acf84783f609186b63533973d5b495b5bf5e66364d035214286f56748e275d2b4df9def6e844e69ba0958a9762a9c7e278811b2cda2c1abf4530cb5c3283a8bb8024bc3ed59524c6d5283bba208769540eb9f433d7a759ca5bab28ede3f39742350b9900e94c19407394b600510d553163392189c3cd831cb014260b48ed47e15fe8f89dc4e13933bf66f00d3570158130f73d641db28ddaa3dbd06fc777bc059ab7138cb7e72120e0c45135d4bff8d68dd33cebc410f116fc8bec4317e59ed5fdf7be27b64aad180ac6453b283c187072a232be84445ed91ef2ba779a7a445ee8199fafc1c74e0073fb3313a16d317b9aac2b37e215cf76984668446b2194712cd1cbcf78c9a10bc9dd104dbc03ffb0dc4a28484a0332f98cf1b99322b176546cf0c9b180e627a7e67bb16e671fdc739c255ddcba53457fb12d39700d2695f2414668f9665ec167bc763b2191f913efe3eab99a05c737662930f46567d0e2b7d3fdfaedda8ab53c4f4e0a700efe0c8cf34b30b1c2569216d1ddf1471c7cab5ccf0dae565dfcc42b2fb0d19fb92808b42d086c68eb3c0ed0a1954e19fa1e3d85bfd8a521d6230b407ed193a625f7f289c31a3a1738505c5e62177bb5b791bd861827d48655ea01d2a5009c4e8c78e426ccad4fcbe96b532eee5208967e6ee8a680319a005411ecb28e764aadf1aa83fd46f09028cd2b0ac6babc10f48c8ad3e886fb949672410b3ac31364753cabe3e9518fafc0189c7135445d202bd9703b8571ccc44c9de9f7b94c3f43afab423dddf2c8c621e2b0042b75cc198b1b93710e09fb36b4dc9c962bc4def0598eb76d9bb1e1dccf092461351b63de3c1ba850c0d82b6ebf932e32aab962b4da19fd9692164a3447f13c9eddaba5c298a76c195a86d2421906a8f242bc5c7553f0d45f23edda3a888278bc195bfb1d142361d398d8e94731fe0ff2d408ed5f6e9163623c3fb41c8cd92fed66fba7cf8799bd3a37855c1b13634190cfe32817dcc31cd320bf39a1a843d8f6c1f6cb1bd53bd45a341fc54b14bd129f1295de6f4e1693e0299dcd95a7c2d1fc909e5ee61215bdb01ea46a7d580ffe4bfb9b0bf1f5a4756151cbc3e768b77357f7b6bf568c5acb81d1d10fb7661ac5b47c0b89885857e1f0ae27a47b5890fcb316abf6a6de29ff9115f7826897f920c07816b8dfcae84d1f1baa252328caac033e723d136b8b23288a7d8db15598ba302b122ba18a300b593d1af073b8c2d627bf9c6305d79b9041f392d00bb53e18e485495d0429a873efb57fd4aefc6c5c18a37ff5cc728a86d6a06a56c390d743d0688f972cbf0d4741b77392735d0935662c150d42b74f841b463a3a91e7078e6c3cb4f627de75964a3d72b61ded7a056872ade46f34497e69922e5d900fa518042682c86ac4fd3488874c7c3e2650bbe330b7d3f8696c44199ff232ff7bcace227b6221f50c0a08378338ee81b5a86c4cbe1316c1a98761fb7979a04a3d42b9560d0852fde3054ee25e8f20db90c16de4a2de142006b7309870dfb1b4cf6a7daf418cf694a888adfce81687ab35b303f77b3437ad6c45cc35a6074ecba569d5e6d641e6b240177f0c8a1a1d4dc9f209ef748832578b0a6b80caf9ef4d0192ca8f73eee012a119c97e34bc6901ee7532345a5162d81fcd1981e9b0b6997b890277ed72604f5b29e82288924715dcb53888fbcc6dc338576e1819e2e252167b3bd01f9ec9e75cb4d62631906e728313a65c07d2778ecf3a9ee0c10fb4cf24966c4824cf23385008a892577c58d62278512160119fdc9e26d0dd617083be3c36439ffc1e074299ccde8049540ecfc", 0x4})

3m3.974675156s ago: executing program 1 (id=1860):
iopl(0x3)
kexec_load(0x6, 0x0, 0x0, 0x2) (fail_nth: 1)

3m3.631863349s ago: executing program 1 (id=1862):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdef0, 0x8000000000000000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r0, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x2, 0xfffffffd}}, 0x2e)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x3, 0x20000000, 0x4)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x48000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_emit_ethernet(0xbe, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0500000001000000400000004000000041000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32], 0x48)
syz_emit_ethernet(0x42, &(0x7f0000000240)=ANY=[@ANYBLOB="a5050f0000b5210000101f00080045000034000000060000000000000001ac1414aa05009078e00900e06300004000000000000600008c1414aaac1414aa44040003"], 0x0)
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'macvtap0\x00'})

3m3.168072561s ago: executing program 1 (id=1864):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x88580, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x400455cb, 0x0)
iopl(0x3)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x4)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000080)={0x0, 0x1cfb, 0x6a60}, &(0x7f00000000c0)=0x8)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000001080)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={r3, 0x8001}, 0x8)
getsockopt$bt_hci(r2, 0x84, 0x7f, &(0x7f0000000080)=""/4041, &(0x7f0000000000)=0xfc9)
kexec_load(0x3, 0x0, 0x0, 0x2)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000100)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000140)=0x18)

3m2.640391101s ago: executing program 1 (id=1867):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r0)
r2 = socket(0x1e, 0x1, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r2, &(0x7f0000000080), 0x2000011a)
sendmsg$TIPC_NL_NET_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x20, r1, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x4000, 0x2)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001200)=[r3], 0x1}, 0x58)

3m2.343729256s ago: executing program 1 (id=1871):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='numa_maps\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000480))
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
r2 = dup2(r1, r1)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000400)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/126, 0x0})
write$vhost_msg_v2(r2, &(0x7f0000000280)={0x2, 0x0, {&(0x7f0000000140)=""/128, 0x20000, 0x0, 0x0, 0x2}}, 0x48)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000100)=0x1)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f00000002c0)={0x1})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x42, 0x0, 0x0)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r7, &(0x7f0000000040)={0x1f, @fixed}, 0x8)
ioctl$KVM_GET_MSRS(r0, 0xc0189436, &(0x7f0000000100))

3m1.463345946s ago: executing program 33 (id=1871):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='numa_maps\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000480))
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
r2 = dup2(r1, r1)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000400)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/126, 0x0})
write$vhost_msg_v2(r2, &(0x7f0000000280)={0x2, 0x0, {&(0x7f0000000140)=""/128, 0x20000, 0x0, 0x0, 0x2}}, 0x48)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000100)=0x1)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f00000002c0)={0x1})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x5)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x42, 0x0, 0x0)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r7, &(0x7f0000000040)={0x1f, @fixed}, 0x8)
ioctl$KVM_GET_MSRS(r0, 0xc0189436, &(0x7f0000000100))

55.430570667s ago: executing program 4 (id=2243):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x3, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1802000001000000000000000000000085000000870000009500000000000000b334163d4483f5b784b1fe5b783a4a65a8e0ca908e7bc9c024d9f4c0a925698cf276bfdf0391ea50d9833ca70cecda062151c80b86894dcebd4c0c167f32caea3b4f83fc3acb6d4c6f1490e61f52f48501f8efb31eaacec710a0276e206cecbec72d8f2df0e072ff3accccc150e0dcdb4fdc8631267711d8823ac54a2d6fa4d9b0b81f3f1d789eeb67"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x6e}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc9, &(0x7f0000000080)=""/201, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8924, &(0x7f00000000c0)={'wlan0\x00', 0x1})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1e1242, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r2, 0x0, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000200)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r3, 0x3ba0, &(0x7f00000006c0)={0x48, 0x1, r4, 0x0, 0x155})
ioctl$IOMMU_VFIO_IOAS$SET(r3, 0x3b88, &(0x7f0000000240)={0xc, r4})
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r3, 0x3b70, &(0x7f0000000100)={0x30})
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r5, 0x47f9, 0x0, 0x0, 0x0, 0x0)
clock_nanosleep(0xb, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f00000001c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000a40)={'erspan0\x00', <r8=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x10012, 0x0, &(0x7f0000000140)={0x11, 0x0, r8}, 0x14)

54.617584776s ago: executing program 3 (id=2246):
r0 = socket(0x840000000002, 0x3, 0xff)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'dummy0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000003e00)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_red={{0x8}, {0x4}}]}, 0x30}}, 0x0)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f0000000080)={0x2, 0x0, @remote}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000600)="a90900000000746400006277000000003552bde5", 0x14}], 0x1}}], 0x1, 0x10)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = dup(r5)
sendmsg$NFNL_MSG_ACCT_NEW(r6, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="2c400000000701080000000000000000020000050c000340000000000000007f0900739a7a0800000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000080)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSTI(r8, 0x5412, &(0x7f0000000380)=0xff)
ioctl$TIOCSTI(r8, 0x5412, &(0x7f0000000080)=0x9)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
rt_sigpending(0x0, 0x0)
ioctl$TIOCSTI(r8, 0x5412, &(0x7f0000000000)=0x7f)
mkdir(&(0x7f0000000400)='./file1\x00', 0xa2)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r9 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x9)
mkdir(&(0x7f0000000200)='./file0\x00', 0x0)
r10 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
unlinkat(r10, &(0x7f0000000280)='./file0\x00', 0x200)
ioctl$AUTOFS_IOC_PROTOSUBVER(r9, 0x40049366, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, &(0x7f0000000340)="b9800000c00f3235000400000f300f0135f4ffff7fc4c1216c789dc4e154542264360fc77d060f01360f01c4b94e020000b8123a5d52ba68ff2a200f300f01cbd81e", 0x42}], 0x1, 0x13, 0x0, 0x0)

53.501214187s ago: executing program 6 (id=2250):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='source', &(0x7f00000001c0)='source', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x7, 0x423f}, 0x0)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=ANY=[], 0x48)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'\x00', 0x8411})
ioctl$TUNGETVNETBE(r3, 0x800454df, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(0x0)
splice(0xffffffffffffffff, 0x0, r2, 0x0, 0x1000, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
tkill(0x0, 0xb)
socket(0x11, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000180), 0xfea7)
socket$rxrpc(0x21, 0x2, 0xa)

52.510429448s ago: executing program 0 (id=2251):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000000c0)='source', &(0x7f00000001c0)='source', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x7, 0x423f}, 0x0)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=ANY=[], 0x48)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'\x00', 0x8411})
ioctl$TUNGETVNETBE(r3, 0x800454df, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(0x0)
splice(0xffffffffffffffff, 0x0, r2, 0x0, 0x1000, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
tkill(0x0, 0xb)
socket(0x11, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000180), 0xfea7)
socket$rxrpc(0x21, 0x2, 0xa)

52.414994517s ago: executing program 3 (id=2252):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x13f, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r1, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r2, 0x30, 0x0, @ib={0x1b, 0x4, 0xffff, {"00000000f30000000000000000000001"}, 0xfffffffffffffffd, 0x7ff}}}, 0x90)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_io_uring_setup(0x10d, &(0x7f00000003c0)={0x0, 0x5885}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000000)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r5, 0x3516, 0xeaff, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000200)={0x3, 0x1, 0x207, 0x0, 0x0, 0x1, 0x7, 0x8000}, 0x20)
setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040)={0x80b, 0x3, 0xfff9, 0x8}, 0x8)

51.831357216s ago: executing program 3 (id=2253):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'bridge_slave_0\x00'})
r1 = epoll_create1(0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f00000000c0)={0xe000001a})
read$char_usb(r2, &(0x7f0000001980)=""/179, 0xb3)
write$char_usb(r2, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000000))
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl2\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x1, 0x7800, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote}}}})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x4000010, r6, 0x0)
r7 = dup(r5)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r9 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r9, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6(0xa, 0x6, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
accept4(r3, 0x0, 0x0, 0x0)

51.771251251s ago: executing program 6 (id=2254):
bind$packet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
r0 = io_uring_setup(0x669, &(0x7f0000007940))
syz_open_dev$admmidi(&(0x7f0000000000), 0x2, 0x1a9882)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x981d41)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000080))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000}, 0xc, 0x0}, 0x0)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1410)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
semget$private(0x0, 0x5, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

51.17904327s ago: executing program 4 (id=2255):
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 000040'], 0x2a, 0xfffffffffffffffc)
r0 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000100), 0xa201, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000640)=0x10)
mmap(&(0x7f0000770000/0x4000)=nil, 0x4000, 0x2000008, 0x12, r1, 0x57e43000)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x10201, 0x3, 0xeeef0000, 0x1000, &(0x7f00005dc000/0x1000)=nil})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
epoll_create(0xc3f)
read$dsp(0xffffffffffffffff, &(0x7f0000000000)=""/122, 0x7a)
keyctl$read(0xb, r0, &(0x7f0000000240)=""/112, 0x349b7f55)

51.164365143s ago: executing program 6 (id=2256):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
syz_init_net_socket$llc(0x1a, 0x3, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x80000, 0x60)
statx(r2, &(0x7f0000000240)='./file0\x00', 0x3000, 0x200, &(0x7f0000000280))
io_setup(0x401, &(0x7f0000000000))

50.603698822s ago: executing program 0 (id=2257):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = syz_io_uring_setup(0x7de, &(0x7f0000000240)={0x0, 0x49cb, 0x10100, 0x1, 0x193}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000540)=<r2=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0xf00, 0x0, 0x0)

50.581912393s ago: executing program 4 (id=2258):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x3a, 0x40, 0x0, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000139209f422ca2f1d3568c599f830b1f821bc25fa46eaf53917fbae01ac86e06a0af31a9167ac93666cbfce317f4d89438ada20492c7e787769ae367b057e255f9fc7fcd3678acf258357e1e5a90d17a85ed2bb685014e05fe9dd53656818b6"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
sched_setscheduler(0x0, 0x0, 0x0)
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x800, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='uid_map\x00')
read$FUSE(0xffffffffffffffff, &(0x7f0000002080)={0x2020, 0x0, 0x0, <r5=>0x0}, 0x2020)
setuid(r5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x8, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYRES32=r6, @ANYBLOB='\x00'], 0x14)

50.487723252s ago: executing program 6 (id=2259):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
pipe2(&(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCFLSH(r4, 0x40384708, 0x20000000)
close_range(r3, 0xffffffffffffffff, 0x0)
semctl$SETALL(0x0, 0x0, 0x11, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x24, 0x2a, 0xb, 0x0, 0x0, {0x5}, [@typed={0x4, 0x3}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x135, 0x0, 0x0, @str='\x88H'}]}]}, 0x24}}, 0x0)
openat$cgroup_ro(r2, &(0x7f0000000180)='cgroup.controllers\x00', 0x0, 0x0)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r5, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r5, 0x29, 0x11, &(0x7f0000000000), 0x4)
r6 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r6, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
bind$tipc(r6, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r7 = socket$tipc(0x1e, 0x5, 0x0)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r8 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12', 0x2)
ftruncate(r8, 0xffff)
fcntl$addseals(r8, 0x409, 0x7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000000, 0x13, 0xffffffffffffffff, 0x0)
r9 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(r9, 0x28, 0x6, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
bind$tipc(r7, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10)
bind$tipc(r7, &(0x7f0000000240)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)

50.487479957s ago: executing program 0 (id=2260):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
io_setup(0x401, &(0x7f0000000000)) (fail_nth: 3)

49.919684089s ago: executing program 0 (id=2262):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = syz_io_uring_setup(0x7de, &(0x7f0000000240)={0x0, 0x49cb, 0x10100, 0x1, 0x193}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000540)=<r2=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6)

49.904079693s ago: executing program 6 (id=2263):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB="00000000000000000000000000000000000000004c9b88dc16f39366b7fb1aea0782abb6612af8aae4504a0e99d09480032c05d1c1480cce3ecff4514f376ed86d314189e9f4b97046308cde00fd46de7fdec57fa4b1e000a10948b6e64b5f7da82496149525dbb28ad53841ad643636406f99e51eb6f8a69b78cf13a8f06699500d75b9fd40b827206c83687dc0ea50d0de9759966fa7d8f17bc49b79959f2588494d5a617189626244e79e38c16dd7a3c435bf6cc199df5bb2f799ab00125f48e64f509f45fa26530b0132e4c2e7aae1b78ed7ec0eecbe0c7856aa0d659e89b17347ec43bf8a602382e71984d7", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x57, 0x2, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000013c0)=@newtaction={0x930, 0x30, 0xffff, 0x0, 0x0, {}, [{0x91c, 0x1, [@m_police={0x918, 0x1, 0x0, 0x0, {{0xb}, {0x850, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x2, 0x1ff, 0xe, 0x100, 0x2, 0x5, 0x4, 0x4, 0x9, 0x1, 0xb2, 0x8, 0x0, 0x85e2, 0xfffff000, 0x3, 0xfffff7d3, 0x4, 0x9, 0xa0, 0x7, 0x4, 0x7, 0x400, 0x6f, 0x9, 0x3, 0x8, 0x8, 0x6, 0x8e9, 0x7fffffff, 0x3, 0x400, 0x2, 0xb, 0x7, 0x7, 0x0, 0x101, 0x7, 0xd, 0x3ff, 0xaf, 0xe, 0x0, 0x9, 0x8, 0x0, 0x489, 0x9, 0x3, 0xce, 0x3, 0x8, 0x7f7c, 0x80000000, 0x63b, 0x6, 0x400, 0x3, 0x5, 0x4, 0x5aa, 0x3, 0x52b, 0x7, 0xfffffffa, 0x5, 0x8, 0x4, 0xf796, 0x0, 0x5, 0x3ff, 0x29, 0x3c, 0x771c, 0x4, 0x9, 0x9, 0xaffc, 0x6, 0x101, 0x3, 0xea00, 0x100, 0x8, 0x9, 0x4, 0xfffffff3, 0x32, 0xe, 0x7ff, 0x7, 0x0, 0x0, 0x9, 0x9, 0x9, 0x6, 0x81, 0xfff, 0x6, 0xffff0001, 0x4, 0x9, 0x0, 0x8, 0x200, 0xa, 0xbde, 0xe, 0x78500, 0x3, 0x443f4d4f, 0x8, 0x1, 0x800, 0x5, 0x8, 0x8, 0xfe, 0x54b, 0xfffffffe, 0xd91e, 0x1000, 0x6, 0x5, 0xac, 0xf, 0x7, 0x8091, 0xd78, 0x40000009, 0x9, 0x3, 0x3, 0x26, 0x364b, 0x80, 0x99, 0x1ff, 0x800, 0xc, 0xfaaf, 0x3, 0x6, 0x98ef, 0xa6be, 0x1, 0x2, 0x8, 0xa0000, 0x80000000, 0x1ff, 0xdac, 0x8, 0xe, 0x5, 0x2, 0x2f8c, 0x10000, 0x0, 0x8, 0x8, 0x9a9, 0xffffffff, 0x3, 0x644, 0x1, 0x6, 0x1, 0xb, 0x8, 0x5, 0x8, 0x3, 0x0, 0x3, 0x7ffc, 0xb8b, 0x9, 0x6, 0xffff0001, 0x10001, 0x8, 0x17b, 0xcb, 0x10001, 0xc9, 0x199, 0x9, 0xf7ee, 0x5, 0x9, 0x9, 0x0, 0x5, 0x5, 0x5, 0x1, 0x4, 0x6, 0x9, 0x0, 0xb, 0xffffffff, 0x0, 0x8, 0x8, 0x8, 0x7, 0x0, 0xba, 0x3, 0x2, 0x7fffffff, 0x68b459d7, 0xff0a, 0x4183, 0x10000, 0x0, 0x0, 0x40, 0x6, 0xfff, 0x5, 0xf, 0x9, 0x40, 0xffffffff, 0x5, 0x4, 0x9, 0x9, 0x80000000, 0x7, 0x1, 0x7f, 0x8, 0xffffc166, 0x2, 0x2, 0x10, 0x1000, 0xc, 0x2726, 0x7fffffff, 0x7, 0x2, 0xffffffff, 0x7fff, 0x8, 0x1, 0x6]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfff, 0x10000000, 0x1, 0xdfaa, 0x3, {0x7, 0x0, 0x5, 0x3, 0x6, 0xfff}, {0x5, 0x0, 0x7b, 0x7, 0x8, 0x1}, 0x6, 0xd, 0x10001}}, @TCA_POLICE_RESULT={0x8, 0x5, 0x1}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x7, 0x9, 0xeb2, 0x2e, 0x2, 0x1, 0xc, 0x5, 0x7, 0x2, 0x5, 0x0, 0x9, 0x0, 0xfffffffc, 0x8, 0x7ff, 0x8, 0x1b8e, 0xfe, 0x9, 0x7, 0xfffffff2, 0x2, 0x0, 0x0, 0x0, 0x1, 0x5, 0x5, 0x1, 0x5, 0x5, 0x8cf, 0x2f, 0x1829, 0x3, 0x0, 0x6, 0x64c, 0x9, 0x7, 0x2, 0x8, 0x8, 0x7ff, 0x0, 0x1, 0x4, 0x6, 0x542, 0x1, 0x286b6384, 0x9bb5, 0x8000, 0xde8, 0x9, 0x4, 0x2, 0x0, 0x6, 0x5, 0x2, 0x7, 0x7fffffff, 0x1, 0x6, 0x2, 0xbb1f, 0x40, 0x1, 0x8, 0x2, 0xfffffffe, 0x0, 0x3, 0x6, 0x4, 0x79, 0xffffffff, 0x3d, 0x80, 0x4, 0x8, 0x8, 0x6, 0xfffffffd, 0x2, 0x28662100, 0x1, 0xd3fe, 0x8, 0x9, 0x2, 0x4, 0x2, 0x5, 0x9, 0x8, 0x3, 0x564, 0x7fff, 0xc3b6, 0x200, 0x5de6, 0x8, 0x6, 0x800000, 0x1, 0x81, 0x8, 0x6, 0xd, 0x5, 0x7, 0xfffffff9, 0x7, 0x6, 0xfffffffb, 0x2, 0x100, 0x4ba, 0x7b40, 0xfffffff8, 0xc, 0x22, 0x7, 0x5, 0xfff, 0x4, 0xfffffff2, 0x5, 0xffff, 0x5, 0x6, 0x0, 0x0, 0x200, 0x40, 0x9, 0x13e, 0xff, 0x7, 0x7, 0x3, 0x720, 0xffffffff, 0xd, 0x1, 0x4c6a, 0x1, 0xc, 0x6, 0x7f, 0xa3, 0x79, 0x10000, 0x1, 0xc, 0x9, 0x8, 0x3, 0x6, 0x8, 0x5, 0x1, 0x9, 0x9, 0x8, 0x3, 0x5, 0xffff, 0x1, 0xffffff75, 0x8, 0x1, 0x1, 0x400, 0x2, 0x6, 0x6, 0x4, 0x3, 0x3, 0x6, 0x1, 0x2, 0x0, 0x4, 0xcf, 0x5, 0xfffffffe, 0x6, 0x8b, 0x4, 0x2000, 0x7, 0x2, 0x80, 0xc7, 0x0, 0xca, 0x9, 0x207, 0xd, 0x1, 0x2, 0x3, 0x3e6d, 0x2, 0x2, 0x6, 0x1000, 0x6, 0x5, 0x3, 0x4, 0x0, 0x1ff, 0x3, 0xfffff97b, 0x0, 0x2, 0x401, 0x80000001, 0x3, 0xfffffc00, 0xfdcb, 0x6, 0x0, 0x8, 0xfff, 0x46f, 0x1, 0x4, 0x8, 0x6, 0x7, 0xb, 0x59, 0x8, 0xb6, 0x1, 0x5, 0x3, 0xe444, 0x7, 0x9, 0xd1, 0xa1, 0xf3, 0xff, 0x1000, 0xffffff7f, 0x72a, 0x6]}]]}, {0x9e, 0x6, "a254260357765f559173a2b8cf9ef97c82c3d65655cdcb11d15c93c49e00df0d25d6518023e370d21a168d7cee758889d5770a0126f011fa9f793dd02cd032d0215727f2975cd97cb5eaffd7a6427886c0095ec65d5cb1a8b22e3f6b8b1fc492a7ca72edc7552a3119553bd319b1b2f3cf58701eb24352e53e319c947b2db3b7e930ef6273da891f2eabac0c7540b9e5892715ae70372766884a"}, {0xc}, {0xc}}}]}]}, 0x930}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', 0x0, 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})

49.71574943s ago: executing program 3 (id=2264):
syz_usb_connect(0x0, 0x3f, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000954c43400d051b01a46f0000000109022d00010000000009041200000202ff00052414000005240000000d240f0100000000f0ffffffff032402"], 0x0)
syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000240)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x20, 0x18d1, 0x5022, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x3, 0x0, 0x42, [{{0x9, 0x4, 0x0, 0x1, 0x1, 0x3, 0x1, 0x0, 0x2, {0x9, 0x21, 0x2, 0x3, 0x1, {0x22, 0xee3}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x10, 0x8, 0x6}}, [{{0x9, 0x5, 0x2, 0x3, 0x8, 0x7f, 0xff, 0x8}}]}}}]}}]}}, &(0x7f0000000680)={0xa, &(0x7f0000000280)={0xa, 0x6, 0x310, 0x7, 0xb, 0xfb, 0xff, 0x81}, 0x1f, &(0x7f00000002c0)={0x5, 0xf, 0x1f, 0x3, [@wireless={0xb, 0x10, 0x1, 0x4, 0x60, 0x8, 0x5, 0x3, 0x6}, @ssp_cap={0xc, 0x10, 0xa, 0x6, 0x0, 0x1, 0xff00, 0x6}, @ptm_cap={0x3}]}, 0x9, [{0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x3401}}, {0xb5, &(0x7f0000000340)=@string={0xb5, 0x3, "a66305d3f0f07f92455cb4feec376f5d53d8d97dd2b820650384c3f557264186c5a5437306ed7602a32695551d7a6d4b71b995129f661847e0f0e595f60a9a06c4ea7c070bb6da115b5e0adf05a3c147cec8902cc237f77289f9786cdb9e3ee50d2be3c787b888d35e5f225b06f8d444fd827b98d6c5d4539145c16ad807e3d6ac907f4ab58f18b0fb7b73dd71da0763dfd4fe4c86f6d38eace31a10f98014e89f96e6e5c815de7c8074cd12ad61bc9e3a6578"}}, {0xcf, &(0x7f0000000400)=@string={0xcf, 0x3, "3e32b4c27716dee97be9dc804e48339c340e52f3d86631e26f564b43705db214e2e11dda25bc22bbf24a98293b67e5942151fb2d28e5e173bb7dde7b1415cd03504690db1c29f738b7ee889c9d17be7dc2cf02db3997dfe5ba3f93c4b533641755845054fe0e743e4b1a70fc14e0de255c2910406b58c56bc53e8550de7ee98c67a2a05290c48f2a5db6a110fb01e392655a74a452c0ef9d533ae99f9601f9601d77818e95bbef0f74fcb74b3364e17d66a52f54e48af451226d6d6ed19e1a2ded2457845822f92d7bcd6c3c2c"}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x40d}}, {0x4, &(0x7f0000000540)=@lang_id={0x4, 0x3, 0x1409}}, {0x3d, &(0x7f0000000580)=@string={0x3d, 0x3, "54b6d0b0186417c910a045de4dd60834e8d651daaf1bcbba389d2d814f200684ea6e3f932c1568b9a916b0f07f5c58dfa298ef1a0926da95bf10da"}}, {0xb, &(0x7f00000005c0)=@string={0xb, 0x3, "a825cf4a0c2487ed41"}}, {0x4, &(0x7f0000000600)=@lang_id={0x4, 0x3, 0xfcff}}, {0x22, &(0x7f0000000640)=@string={0x22, 0x3, "524bc866474ff48467a1e50030dfbab063f1d3ac9935de1194539e72c2e64196"}}]})
syz_usb_connect$uac1(0x0, 0xb4, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xa2, 0x3, 0x1, 0x2, 0x30, 0x2, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x1, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x65, 0x0, 0x1}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0xfff7, 0x80, 0x5, "cb"}, @as_header={0x7, 0x24, 0x1, 0x5, 0x80}, @format_type_ii_discrete={0xe, 0x24, 0x2, 0x2, 0x2, 0x0, 0xff, "1469ad54ab"}, @as_header={0x7, 0x24, 0x1, 0x4, 0x2, 0x1}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x7, 0x2, 0x0, 0x4, "adbf", "e9"}]}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0x8, 0x5, 0x7f, {0x7, 0x25, 0x1, 0x1, 0x81, 0x384}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x5, 0x2, 0x0, 0x3, "9722", "05"}]}, {{0x9, 0x5, 0x82, 0x9, 0x8, 0x10, 0x4, 0x3, {0x7, 0x25, 0x1, 0x0, 0x8, 0x8341}}}}}}}]}}, &(0x7f0000000200)={0xa, &(0x7f00000000c0)={0xa, 0x6, 0x310, 0x7, 0x40, 0x4, 0x8, 0x10}, 0x5, &(0x7f0000000100)={0x5, 0xf, 0x5}, 0x2, [{0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0x2c09}}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x813}}]})

48.984068592s ago: executing program 4 (id=2265):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
read$msr(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = syz_open_dev$radio(&(0x7f0000000080), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f00000002c0)={0x0, 0x1})

48.814626068s ago: executing program 6 (id=2266):
openat$audio1(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r0 = socket$inet(0x2, 0x3, 0x2)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1, 0x0, 0x78497f2}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(r1, 0x4008f510, &(0x7f0000000080)=0x7)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
pread64(r3, &(0x7f00000000c0)=""/120, 0x78, 0x0)
syz_usb_connect(0x0, 0x34, &(0x7f0000000b00)=ANY=[@ANYBLOB="12010000a6ff0540cdabeecdb905000000010902220001000000000904000001010351000905030e0000000000072501", @ANYRES8=r0], 0x0)

48.492544806s ago: executing program 0 (id=2267):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x8241, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
r2 = syz_usb_connect$uac1(0x4, 0xe7, &(0x7f0000000580)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xd5, 0x3, 0x1, 0x8, 0x30, 0x8, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x6fff, 0x9}, [@input_terminal={0xc, 0x24, 0x2, 0x6, 0x201, 0x3, 0x8, 0x4, 0x9, 0x9}, @processing_unit={0xa, 0x24, 0x7, 0x5, 0x4, 0x1, "77a8e3"}, @output_terminal={0x9, 0x24, 0x3, 0x3, 0x300, 0x5, 0x2, 0x6}, @input_terminal={0xc, 0x24, 0x2, 0x2, 0x101, 0x1, 0x40, 0x3, 0xd, 0xff}, @feature_unit={0x13, 0x24, 0x6, 0x5, 0x2, 0x6, [0xa, 0x0, 0x4, 0x8, 0x5, 0x5], 0x7}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xa, 0x24, 0x2, 0x1, 0x7, 0x4, 0x5c, 0xc, "84b8"}]}, {{0x9, 0x5, 0x1, 0x9, 0x200, 0x23, 0x4, 0x7, {0x7, 0x25, 0x1, 0x0, 0x3, 0xa}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x6, 0x7c, 0x1007}, @format_type_ii_discrete={0x11, 0x24, 0x2, 0x2, 0x800, 0x7, 0x81, "431aae30c214981c"}, @format_type_i_continuous={0xfffffffffffffe00, 0x24, 0x2, 0x1, 0xe, 0x2, 0xb, 0x0, "cf6c", "6e65f1"}, @format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x4, 0x2, 0x7}]}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x6, 0xff, 0xff, {0x7, 0x25, 0x1, 0x81, 0x10, 0x6}}}}}}}]}}, &(0x7f0000000480)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x0, 0x1, 0x80, 0x1, 0x10, 0x25}, 0x19, &(0x7f0000000300)={0x5, 0xf, 0x19, 0x1, [@ss_container_id={0x14, 0x10, 0x4, 0x1, "3258bd73f15d17ddfdd8a8a163627471"}]}, 0x3, [{0xe, &(0x7f0000000340)=@string={0xe, 0x3, "9751d824da25acf628814933"}}, {0x40, &(0x7f0000000380)=@string={0x40, 0x3, "1bc0ed70e4f67589d2d24664d289c37b5a0736624b2eaec5417637e18dc1a5f5db7712a195e3a6625cba72113e72bde9df92ebd0553f2591a78c8d1a342e"}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x408}}]})
syz_usb_control_io$uac1(r2, &(0x7f0000000500)={0x14, &(0x7f0000000680)={0x0, 0x30, 0x91, {0x91, 0x31, "d495b17cf0b570dc4bc5f2b64a62083e140055f1a2f1f002c9edf2ac76ebf8ba77f7fd8872a9007de3aa8a799c1ef34e4a1b079a02c9be17417062edb9a457990dfdf22189f0df7696d735954dff99640f2b802634eb12ecebd00b5559a8e67eed7f9969c0c569899e3b41d2e269c0e4aaa61a6aee8b10865187858f98d5f8f2b2ab894ef60d5b67d40c1265cee832"}}, &(0x7f00000004c0)={0x0, 0x3, 0x4, @lang_id={0x4}}}, &(0x7f0000000a80)={0x44, &(0x7f0000000740)={0x20, 0x18, 0x82, "834dcf89f695ce8d5f2e12561642b10b4500243828f96b85ea8831e7a4c4e7d5bccb74c1f7d5baf24595e17d658d09245818f513993bed3f708e77d9a030f006eb46743a12a239f42c06237ecd5ea512d39806416cfd5bf29f8ca0525c3feb05b8a2ca01cb0ff303c84178dbb460045698a81f9d2970484da6d39ec2701ea666aa9f"}, &(0x7f0000000800)={0x0, 0xa, 0x1, 0xd0}, &(0x7f0000000840)={0x0, 0x8, 0x1, 0x1}, &(0x7f0000000880)={0x20, 0x81, 0x1, "14"}, &(0x7f00000008c0)={0x20, 0x82, 0x1, 'z'}, &(0x7f0000000900)={0x20, 0x83, 0x2, "df95"}, &(0x7f0000000940)={0x20, 0x84, 0x1, "8d"}, &(0x7f0000000a40)={0x20, 0x85, 0x3, "76d4c7"}})
syz_usb_control_io(r1, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r3 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCSFLAG(r3, 0x4004480f, &(0x7f0000000000)=0x3)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000380)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r4, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r5, 0x0, 0x0, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r4, 0x3b89, &(0x7f00000002c0)={0x18, 0x3, r6, r7, 0x0, 0x0, 0xdead, 0x4, &(0x7f0000000280)})
capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500))
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000100)={0x28, 0x6, r7, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x8000})
syz_usb_control_io(r1, 0x0, &(0x7f0000000980)={0x84, &(0x7f0000000440)=ANY=[@ANYBLOB="4001b14a7587"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$HIDIOCGUSAGE(r3, 0xc018480b, 0x0)
read$hiddev(r3, &(0x7f0000000140)=""/118, 0x76)
r8 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r8, 0x40045010, &(0x7f0000000000))
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x0, 0x2000000}, 0x20)
r9 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x6161, 0x4d15, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io(r9, 0x0, 0x0)
syz_usb_control_io(r9, &(0x7f0000000ac0)={0x2c, &(0x7f0000000740)={0x0, 0x0, 0x7, {0x7, 0x0, "8c8fde8535"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r9, &(0x7f00000006c0)={0x24, 0x0, &(0x7f0000000580)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r9, &(0x7f0000000200)={0x24, 0x0, &(0x7f0000000100)={0x0, 0x3, 0x4, @string={0x4, 0x3, '45'}}, 0x0, 0x0}, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r10 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x7ffffffffc, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r10, 0xc0884113, &(0x7f0000000240)={0x1, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0xfffffffe, 0x1})
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r10, 0xc06c4124, &(0x7f00000000c0))

48.490886205s ago: executing program 5 (id=2268):
r0 = socket$inet6(0xa, 0x3, 0xff)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4188aec6, 0x0)
syz_usb_connect(0x5, 0x2d, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0)
unshare(0x68040200)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0x24fa, 0x0, &(0x7f0000000100), 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
r3 = userfaultfd(0x1)
read(r3, 0x0, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000370200000000000000dbdf25010000000c38c2cfc7811ad179d4e118eee585c0fea483c9327698a13a9960c4ce002442af496642507c31c1879597fe5981e7fc31a8c41c4af4628eba5ec899113959a62b823a9ce4d4b4f538bd97b6b54386b6be7066c9eab164be7467d090df39412f18edad9c2ea1f8d117ba38a0f42f1c24411ff73b9bc7e933a9e27e63672ac486f22aa596d4ba7914b8837b64a1899a314209330fbf"], 0x14}}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000140)={0x0, 0xfc68, &(0x7f00000000c0)=[{&(0x7f00000011c0)="d8000000180081064e81f782db4cb904021d0800fe027c05e8fe55a10a0005000140020003600e41b0000900ac000600c68b586a85a00fdd11000000a4000500014002000000035c3b61c1d67f6f94007174cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001b14d6d930dfe1d9d322fe7c4650b5b9bd6ee6f63f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf73951f215ce3bb9ad809d5e1cace81ed0bffece0b4ff010000000000000dd6e4edef3d93452a09004b43370e9703920723f9", 0xd8}], 0x1}, 0x0)
sendto$l2tp6(r0, &(0x7f0000000040)="08c9", 0x2, 0x20008910, &(0x7f00000000c0)={0xa, 0x0, 0x9, @remote, 0x0, 0x1}, 0x20)

47.971863384s ago: executing program 4 (id=2269):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
r2 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x0, &(0x7f0000004280)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@afid}, {@aname={'aname', 0x3d, '@#@'}}], [], 0x6b}})
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000100)=@nullb, &(0x7f0000000400)='./file0\x00', &(0x7f00000001c0)='ufs\x00', 0x0, &(0x7f0000000340))

47.234486683s ago: executing program 5 (id=2270):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000005000000020000000400000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001, 0x0, 0x1}, 0x18, 0x0)
landlock_restrict_self(r3, 0x0)
bind$unix(r2, &(0x7f0000003000)=@file={0x1}, 0x6e)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000106d0417c100000000000109022400010000000009040009010300010009210500c70122050009058103"], 0x0)
listen(r2, 0x0)
r4 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_DV_TIMINGS(r4, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x10001, 0x7c5, 0x1, 0x3, 0xd59f80, 0x4, 0x5, 0x200b, 0x8, 0x5, 0x71e, 0xe72, 0x3, 0x8, 0x34, 0x13, {0x8, 0x1}, 0x8, 0xed}})
r5 = landlock_create_ruleset(&(0x7f00000002c0)={0x280, 0x3}, 0x10, 0x0)
landlock_restrict_self(r5, 0x0)
connect$unix(r1, &(0x7f0000000640)=@file={0x1}, 0x6e)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYRES64=r3], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r6}, 0x10)

46.897969031s ago: executing program 3 (id=2271):
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x43, &(0x7f00000003c0)={0x0, 0xea60}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r6, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r5, 0x0, <r7=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r4, 0x3ba0, &(0x7f0000000080)={0x48, 0x8, r7, 0x0, 0x7fffff, 0x6ae, &(0x7f0000000700)="85653f453420ca7d5107cac3b1c61de0a1009492a7c67d538843c3f5ba1f143fc6f1cd155f7653e1393744f396a94d8d0becf9445701326980185d6f5cc0c2ee263914da7695c86440305aa84ad2ff0c61d29e1218e6659aedbc1cea7416b5b4a991455d2534207f281a52670d763fdb36af099158c93f565c3ec3a6eddd7ee3974954d0d20fa5635c69037286a94ddd6f1a231625bcc29bdb05b5e8fef40e9a6a30de284e26f47210a18f5b1063528c16d560d916a6c811c1bae078daa7534d43906981300cd79bddf1b6c4bb873604d671da76de5d729fcd8bd703e97bde4721558c2a43dc7d5b6208acdcd8f82f3bba8753d4136b76471bd0d8d31a9f1596a15e0e18e14005249610e97f6bf581db1a50871d65742514336bc9e1fcee7dd958da853a56757f38a1009a8f81886992d594388aa4815b168d966b71b50f87b4a6ef57b5c8b1e0ce840c244d052ddf45923a7843883431b9bc43785c0e07a24459fe47642a251f6181f8c679e6bd568213f1df3cdd59dd9bd3c6131865f11570fe242d6551dc3201eaa3705cf9096561fce1273b3b767f0ea0657acf84783f609186b63533973d5b495b5bf5e66364d035214286f56748e275d2b4df9def6e844e69ba0958a9762a9c7e278811b2cda2c1abf4530cb5c3283a8bb8024bc3ed59524c6d5283bba208769540eb9f433d7a759ca5bab28ede3f39742350b9900e94c19407394b600510d553163392189c3cd831cb014260b48ed47e15fe8f89dc4e13933bf66f00d3570158130f73d641db28ddaa3dbd06fc777bc059ab7138cb7e72120e0c45135d4bff8d68dd33cebc410f116fc8bec4317e59ed5fdf7be27b64aad180ac6453b283c187072a232be84445ed91ef2ba779a7a445ee8199fafc1c74e0073fb3313a16d317b9aac2b37e215cf76984668446b2194712cd1cbcf78c9a10bc9dd104dbc03ffb0dc4a28484a0332f98cf1b99322b176546cf0c9b180e627a7e67bb16e671fdc739c255ddcba53457fb12d39700d2695f2414668f9665ec167bc763b2191f913efe3eab99a05c737662930f46567d0e2b7d3fdfaedda8ab53c4f4e0a700efe0c8cf34b30b1c2569216d1ddf1471c7cab5ccf0dae565dfcc42b2fb0d19fb92808b42d086c68eb3c0ed0a1954e19fa1e3d85bfd8a521d6230b407ed193a625f7f289c31a3a1738505c5e62177bb5b791bd861827d48655ea01d2a5009c4e8c78e426ccad4fcbe96b532eee5208967e6ee8a680319a005411ecb28e764aadf1aa83fd46f09028cd2b0ac6babc10f48c8ad3e886fb949672410b3ac31364753cabe3e9518fafc0189c7135445d202bd9703b8571ccc44c9de9f7b94c3f43afab423dddf2c8c621e2b0042b75cc198b1b93710e09fb36b4dc9c962bc4def0598eb76d9bb1e1dccf092461351b63de3c1ba850c0d82b6ebf932e32aab962b4da19fd9692164a3447f13c9eddaba5c298a76c195a86d2421906a8f242bc5c7553f0d45f23edda3a888278bc195bfb1d142361d398d8e94731fe0ff2d408ed5f6e9163623c3fb41c8cd92fed66fba7cf8799bd3a37855c1b13634190cfe32817dcc31cd320bf39a1a843d8f6c1f6cb1bd53bd45a341fc54b14bd129f1295de6f4e1693e0299dcd95a7c2d1fc909e5ee61215bdb01ea46a7d580ffe4bfb9b0bf1f5a4756151cbc3e768b77357f7b6bf568c5acb81d1d10fb7661ac5b47c0b89885857e1f0ae27a47b5890fcb316abf6a6de29ff9115f7826897f920c07816b8dfcae84d1f1baa252328caac033e723d136b8b23288a7d8db15598ba302b122ba18a300b593d1af073b8c2d627bf9c6305d79b9041f392d00bb53e18e485495d0429a873efb57fd4aefc6c5c18a37ff5cc728a86d6a06a56c390d743d0688f972cbf0d4741b77392735d0935662c150d42b74f841b463a3a91e7078e6c3cb4f627de75964a3d72b61ded7a056872ade46f34497e69922e5d900fa518042682c86ac4fd3488874c7c3e2650bbe330b7d3f8696c44199ff232ff7bcace227b6221f50c0a08378338ee81b5a86c4cbe1316c1a98761fb7979a04a3d42b9560d0852fde3054ee25e8f20db90c16de4a2de142006b7309870dfb1b4cf6a7daf418cf694a888adfce81687ab35b303f77b3437ad6c45cc35a6074ecba569d5e6d641e6b240177f0c8a1a1d4dc9f209ef748832578b0a6b80caf9ef4d0192ca8f73eee012a119c97e34bc6901ee7532345a5162d81fcd1981e9b0b6997b890277ed72604f5b29e82288924715dcb53888fbcc6dc338576e1819e2e252167b3bd01f9ec9e75cb4d62631906e728313a65c07d2778ecf3a9ee0c10fb4cf24966c4824cf23385008a892577c58d62278512160119fdc9e26d0dd617083be3c36439ffc1e074299ccde8049540ecfc", 0x4})

45.894740781s ago: executing program 4 (id=2272):
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r3 = fanotify_init(0x200, 0x0)
fanotify_mark(r3, 0x1, 0x4800003e, r2, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
syz_open_dev$loop(0x0, 0x75f, 0x103382)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0xfffffffffffffffe}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r7, 0x0)
socket$phonet(0x23, 0x2, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, 0x0, 0x20008000)
renameat2(r1, &(0x7f0000000300)='./file0\x00', r0, &(0x7f00000007c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2)

45.647752698s ago: executing program 5 (id=2273):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r1, &(0x7f00000027c0)={0x0, 0x0, 0x0}, 0x4000)
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCINQ(r5, 0x541b, 0x0)
connect$bt_sco(r5, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000600)={0x1f, @none}, 0x8)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000000)=0x5)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000440)=0x40, 0x4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_DEL(r7, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)={0x20, 0x3, 0x7, 0x201, 0x0, 0x0, {0x5, 0x0, 0x6}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x8800}, 0x20000090)
getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000180))
add_key$fscrypt_provisioning(&(0x7f0000005600), &(0x7f0000005640)={'syz', 0x2}, &(0x7f0000005680)={0x2, 0x0, @c}, 0x29, 0xfffffffffffffffc)
setsockopt$nfc_llcp_NFC_LLCP_RW(0xffffffffffffffff, 0x118, 0x0, &(0x7f0000000000)=0x10009, 0x4)

45.151109813s ago: executing program 0 (id=2274):
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x14)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x101, 0x0, 0x0, {0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x4}]}], {0x14, 0x10}}, 0x6c}, 0x1, 0x0, 0x0, 0x2000c0c0}, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fc00101}]})
socket(0x1, 0xa, 0xfffffe)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000001800)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000440)={0x1fd, 0x3, 0xeeee8000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000480)="2e0f01c8b803008ec866b881c5e89b0f23d00f21f866352000000b0f23f866b8040000000f23d00f21f866352000000f0f23f80f20e06635000100000f22e0dbc2baa100b8c425efbaf80c66b8e46d7b8366efbafc0cb000ee0facae3a6ae866b9160100000f32", 0x67}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000340)="0f2eab0200baf80c66b825e7e38166efbafc0cb005ee0f381c47000f019ee00066b9050100400f3266b98708000066b8fc97000066ba000000000f30baf80c66b82451768a66efbafc0c66b8e707000066efbad004b0c7ee650f01d10fae27", 0x5f}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000})
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="cf0400000000000000001300000008000300", @ANYRES32=0x0, @ANYBLOB="c28195bc4058e256569bfe4e45146eb7eb323b077723b98cbfc9d0d71eafe922c794fff71bbda5b2e803416d77639c21fba0c1961bddeb36b6ef4b20"], 0x1c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, 0x0)
ppoll(&(0x7f00000000c0)=[{r1, 0x21}], 0x1, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000300))
r6 = syz_io_uring_setup(0x112, &(0x7f0000000140)={0x0, 0xaeb0, 0x80}, &(0x7f00000002c0)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r9 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r9, 0xc1105517, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x5, 0x0, 0x0})
io_uring_enter(r6, 0x47f6, 0xb277, 0x0, 0x0, 0x0)
msgget$private(0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88))
socket$inet_sctp(0x2, 0x5, 0x84)

41.754163403s ago: executing program 5 (id=2275):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1fe8ffff0000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="21003300d0"], 0x40}}, 0x0)

41.739991786s ago: executing program 3 (id=2276):
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x43, &(0x7f00000003c0)={0x0, 0xea60}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
open(&(0x7f00000000c0)='./file0\x00', 0x101000, 0x2)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
creat(&(0x7f0000000340)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000004240)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r5, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x0, &(0x7f0000004280)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@afid}, {@aname={'aname', 0x3d, '@#@'}}], [], 0x6b}})
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000100)=@nullb, &(0x7f0000000400)='./file0\x00', &(0x7f00000001c0)='ufs\x00', 0x0, &(0x7f0000000340))
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000002240)="afaddbba376e1bba12e2f2262ec7a1f5b377313a7bcf2d9b013196c2f0f94bc244fc0dc1c1bfbd4ed45229ce0cb7ca58f4b8d430b30d6ad8e8a56099ff70f31257cbe8710542fbedf009e1a5799fb06a7e0301b43d31008caf089c4a5a49dc50ea4c476f63a8b0aa08dd78d9ff39d8dfafbe2c41ff5d2331dd2e9d784247d5272cdcd13e6d9d7a03fa6b0622e6f130e0489bf9105a2a511d6f5b7da1100ecfe5d6ce64f4aac5c00c26d636ac66f059201a3a790b946da4808f1d665484847b61faab09a5e4b45a17c4c55b64ecf6933705c22c85317cc5edeba3e9260033f6bac869ac3b08ed1c55ae3119c78761be6d934c3757d5f10079243e4f06429907163f81855b74887146d875d0e6ab4d5c7032e84c33ea24bb93b2ab6eaec0feeca93f006a0d2bc2bd601f2ede8f32b5fa2e37e0ad1460b8839676dedef30fb684f6fddfcd9a84f3efd78d076c996d92a186e921e16e5ac7aa1f70c585b3752cc1312876c758219645ad0a5540bc82074a497ffc3717c8e139c09b3d2e21fff27e12db18540448f7ff7b637f87b7a717a60a23934e4be7f55ac10d2c09098fa13c9f1c5ed9ba61cc3ddc320b5409071d2ddd25d5b8f79475e80b3b8257b25fad2c59c31c5855560f2600de1930cb1f2e57aed4fb0b79fa7aac52d54a73d62f424cbad6f82ce5d5749cce356f892488ed149283e51dfdded96136a90b5e0c63d1728a82c324b1dd756b9f9b257a9e7f4b07a007e8ed37274d686e4b1667b315b640cb610d48fbe98c07ddb82250e9399b1e705e3f805969b9a003902e2e7b85cb9e2171f5bd180fbb9bd26805fce0b2c6f87cd7d02a579ac24a5391ad2eec8868425034c5dc19dc7581bc0162ecb37a172175a859b143284e3146dfa01731b6ceca8e458cbdf8d785300d12c50c3bd9ca4b72cbb0480711b2cfe820c31887289b29fed60c04548ee3e24acaeed283a9400cbba31e1317ec6158ece4ce56af53e46e182a6d441ba04520f0e8b45b56eb378ddb17ef5d57b27941032e7c917313f555838ba5397816757da7bedb6c5ac760239455cf09861026920c2ab3119a3257d2eb61e8dac7c39ee5880cdfb7c4fcbcf28dc4fcceb81e81f5fbbc0179fe22fbac014b118ed1ec81652d34a67b53a9a8ee468d8e927a77ae79f381a249501d3055e7da0b7a8847850f4e35aaf5b5dd4338326da84d93091035bf10b80b3e79badd38fd5d2b9fdf0b0923c96193d93ae4d8753980f8c73e980934686f11acb266c161751367dc05e6ae5175bd304ae6b1fc016ff2a01eb05a1ba7ebf1b91cf25dc14852984acdfb008a5df08d5c8619c9211320b87a5f1b3902531050a147af6a7134316a7735ad310f6241258bd9b79e2dee1461840dfdd905bc2e17d55b49694a68f36bf4a64fb2f5a483b633398abaff7917d9f1216d70368ad4c8e4fcfb040040f32e8a6a534d02c4187fbd19b85f35f8c119e06e3dabaa210a649117722816b5a91c5125c84482d414edcd992c79aa80fd568a884c99d43b77a87daa96f662c53fba7367ee147daf620bc6d13d32c3d9cdf8095962a9bcb85a93b6598750cdbbf5925a2a0875afd1e58a568b89815ae420ea9553ed487a55393115a8907aaf3982827be1534576c257b8594b48d0d71fa1f56dd096a6ea3f7fa339b51585d36ef72d0bb0da4c2c84ace8d16be3ead998187df0e59045541b0a1e79e5ee5b1a55d8fcd157d49df504b6fc031c5fd1e01a8ee2ae9f84df78ef03595642a7812d737ad2595b922ee618823b53ae2594dc15193c7206591e9b16689c3d5bd4b4b8d6851c2e7f0550ba0178a64b8d3c08bfa35f064576ccac39e7936e2e10fd27785f66053580b45e9c93d666bb7d4eff042da50774049f0948b150a660e08e82fc352636cfa0fdc9409316e402440aba8ab8944840838d8121a76274a5f929101e25c2a7c0ccf84831c8981258b21679dd92b7c44a78acfd706cd25f8878873683a6f5aebc81d45375aefcb484bf517ec13dc814fdf390cd39f764a008777c9db7b22b1c7eb556a5f51fe9755916f84db7401744c015c1100b3d3cb8264b26c022d7f6441cd0f099681d7d9df8b3c9c6d153d6d0c30fefded15e74c7a9b5832032552ef6bfb3863330edac33a33df4a4839d661bf10ab6aed5d2093b57450ce6dd2fae63096d07e47b8ba3c5225625f6c8d98e007b49b907a4ca511aeefaf8ae3cf10ed63bf3a7dc0f7b0c1e48e6af2b158dc1ea12335ab91acaabacc104e79968f89999aec3b694aecc6783dfeb9a8efc140f18583d113454145bfbe1fe480bfb7de71fb394d08f453926208d5d595e09df3fa216fe78a2693c2c2a29cadb2c2e86ae09e912bd2ed18559a0f8b5f131b780fc8037081aa98eed56795f1bb5b44300f73b7ceb080d7c9b022b7246a93f7784aa3475e05e125d50b3a0cee066c609add2716ec88a70e1f0c79344b0cc80a543c28b970a186aefa24e9246882e790053d652b2175565a12916ce13f1865a40d34a9cc6555a7072b091e6e8b9c2c7137bca71cccc56e33281badaa73a30e67ff5ac9f489ab35bff85aa1daa10b23f4ca0d55f5850e6af0c5ac755364dcbd8c8cbd4bc76bfd220cb12d46361ef68dc9f90601a46a56140d19d05fe5be799c3af81340c9f07e252aa1768a5dfb4a0536481313d985d8ecb36cdbaa6891e0608ae5a842d9580400977d8a855308b85d1bd70e57523ca5c153640a2e7a778c9df5ad48e230d881c06e0222bba818738ee67ddb7cc2034d25a3ca5d259be6ad63f6cd84938be096d2ab5df0fa7249b57c7653a2c6a016d2890dbf6620c52e4594358c0711dea1bc6fbddb44f500bcbe64f269bf17e0c6c5d8e18ec56d3519706efb6c868d34643e48e5d05c91f458f8f3e0c6befc8511dfa508f5c26eafce1077a082abf8a868ddd62206f39e125cdfb52be753ac96f39341b797d23a3d173d783932271996f482fb80d8022700ab96efe2df6c19370fdf2030d784578a05594eb7905ab5125fc543713dad95d4467cd76f35de43e79a6eb5ede4edc8afb04ab682cf282ac865165329688e7a9a181cc42f9bc31c0203d5c4f8583f7f03ce0b69a5e7e5af7a87d8477dfe1ec64ec8e1132d7f36d3ce6c41dcbd347a50ba51c16340376f50f093269266f97a0b3570675d1bd54f7fccc8f99b264dcff9d057df961a6a4dc4268791091cc08208bd62e1088ca07ca5a2fa849978036554806fdfd9dcf231b28872715eb7b6f65b5ef064c49f0ad04e5bf4f50612a5f313b65eecf07c2b79f65a8b03058a043fcf4ca62a71027db9c2e5311febf53e8027d92f14ea0958000d1d388a323bdc70f6a2bffedd7d7697523b0c4add0e1234e35629014afd1789288e9ca6d65b49e5e2d31631da7674376781e7be087b9cdb58098744e4d6b9ffc2dd82d02ebe3886b869aae44f7080252dafd6d00718c5ddd1ef66d5a950ecd79a87ff35d286259e758e0a4bc552abe99a19d0abe5614e5e0474b8552c0b30cff0d44c816c7e23bec85bf466f7ab534b38e6d97fda0f42a3e2ad15d0f242b41818d7d0d99118a0c3230288a4fb7d18b19000cc58f46d26fefc703a00e6b5c592ad7e34caf29b9acf1d6cf3eec647b86ef3c5d5a8151914ec82320c546b92139e5c2ef2c7906413a0755d6bdb53441ef21a0d2d1400b4e024f4fd924a600d098f88649190cdb74a2390e497941743b87ff0d3e3016bc0f149b600232efa3a0403cbb6695520ad6aa4393c4f1cf201ac140e4a5e31bfdc1da895b0f38dd25d126cefd05fcde00f6f2afdb4e93c70cc3a6696c660c497b68072c3cfa7132d71a799cc1222c250df2aecee7d7656b888ccf61e9a572f76ba0a7d287ae7490365bd610bf9df142d131ee4324af19fb451e984a79b43026f516bec5e88a6aae9c6d37e13adfd2c99428dbd3dfab9ea008e15d01a2cada5c1e9482fd6e10de25ad362c83c27e913c6f27bed3dc5515d2e65eca95109c001782715fb897f3e572efda7196f96ec781f1e93201202a9596030d1936b25288dedde240d70dd3d01e5cd91e318a1ae3630d136e8e267deaac70079bf3282f93b08d12c9eb3f0b4617119857af8634531c922c75ca8b674e7cdf51a425fc0bb7f77c6a07e6a98293f991d7ba26e994d63cbb40becf54bdb74805006d55210e04bb31e8f97041cc9c345d8cc4783cf40a3007437872583ce7490a408f9d4d85d0fd063140e33078eb143d001f574ab412d8ab0affd504eacc1cf77ad14e2f3b7e78fb9ee66edb99fd6667e51bc522a6b61c0a7e81456097ce62b79fbf12dea8df4356f205f9ca4c0633aed65a0581952802be787bdbde12cd344f6cd0cd21cc3ce7515407051f61a8d686f25dd7dad9b3c8f9bd5ee578dd636028238eff03906b67751b275cd37d39b9c2458fa6b3bfeb9969ea1471ff982287efe8f31e3d50aa2a357c033691c78b5509c93272d674debc6a3a03a0ba7df7aa929888930de1b6a5aee0f599ea50ad079e183667142884be38b6715dbc6638c83a80f95bf9bad4e18bbd900da87964b7199ef9f49e3a1ae030d42107baba0e1170e48cd1b66d0bc63f1bded9748a2b8bea4a7d4b04e2d8dbd3b174d4a822470c2ffe4103fd2ecf0f9986935ae43cc8f2ed1e48ce542b197e6fee4ec1bd6f600a290d4e882b2fef318412aabd3fd1c9a57c313b81340bcded3505c0edd12fb88ec07e3743aaf48d93a3664a038953a3048f267c8f6b130e0d183f982cb4385dedf41e3dd68b0a00a8deb882476fe38cffce5f04c9dfd55a009051ef0608721d429b1f4731708d1c092eebe88382debdd0be1c6cb59ccf8d1951f350df8ca79972b3d35f420fd68b602ecaf29a94a0efe785042e8101d462a78ee0e215c380e7b115b74fe9b99d0762a0798d7e308d8594a158b28476dc1de2f4fa4bb68b9325d4bfb491212331eba8f2fabf611300d21fa9c7941306098a9ef3b5e66a40c3060bdc8f707956bcd95545db971d573b1cd9e4e9252b97d36a8a505855e8189b85cef25b736add58e74a67695e8f8e59a3bd97ed858a7c355ff674fd8402fa271bd3e50ccf88070408d31e76e9f166bd44f58fdfd682f8bdcc389ea33b4eee566f9a7e6174abcae98c0aacffae73c5b29fc5d210e35f7d42270b265ffde2de3d45439f8d71e371be19b0f2954bb9530ea5cc18f525c9c79990da81aac6c69550120d3c8ee98d82d8b6de6e59f86f41347d206411aa3a1cc39f841e8daf6a78f700170a140432126d3cd7c3b53cb592fd3aaaf7a45d02a8a537704cb5ea8d165315757d9477f0d52006525ef830dd7d16e82f9ef127689501ee55e2f69b79de0bab64b8325aa1f4bcae387fe84ed1baeecaa42413f684a1db7a120cb73853838f03565ade441ee66cb5f648e165fe617c539f6dec4f12a5f738171e8971184a9d6a14a123bf3cf888fc9e1253d6f98c26b3061e6358d36bdfdfdc85924b9114aec973f4d0e2d4b0c8cd66bf32fd208bb7485cb9c730c8d6e368fbf8fac16be225bcc8d320980f8f6d73ab1ed01d3db4a7e2c275da0fa6ee3eac4fb6b3831ce90b9d654a5039d0be542c3341ccae50193954a233b81e54a191e6cf1e0685ada89e21723ea1e836441d6b7d3da1d41e4e04f7cf770fdde3086c6dcc28b2bc4527b03fd5ca3fd5ce90c4ae665c34386d6bd423d391ea4a13bf62395846afd7bc8417889c02fe34373f20621d20d4912f1acef23169e7b45c7656643d1961fd1151a2a0df5b73fcb022a83d1b8b9a3669e00924a5af0d63bafb044eaaf09497f09187511254fe0d7343909f2b11ddea84191cbd14db3636c5458227ef53f8bd17bc933190958edcaf90453525b81cb0a2cc3088ae5c19fc7aa71b531ebf141a16bc11853bb82c320d21bd2ecf6556894fc586e253b659ab1545ee63e8a9a2d31765d07bc8ce446316aaf712cac59fa4e9d92e002c4421d2318e8b8dcbd67d1b9ca688d3d204a764e83e2d9b92cecd794b5f4763f482210165786b2892dd3a84b35c9348965de9f34ea2211d6062746c1053cd7d58cbef089c67209f301122fbcebd7ee15f627a78ccec7541a7b23f1f19f00238edadad3850fadea580aacf3f09261be6fd456d19c6c9b32e27f355178f0f8c4c9783b976a5555a198ad175274cbcf57ea23926fd38db0256ada2207115077ab6f0037c67a27532e68122ac57c990c581754736d72a81f4bba6d7a2ca7805873856a38c137e8a0b5741dcf16f3431d086e28ca138e2e75d129bff24137c930fb1f227083ed7055ad54d59d66fd4ec309b84767595a39d418d763b7f9c603d18d7992b2718cff68ad4975d1130b997a3a1f4fd27f583f95bf24cfdd49da653efe58d9a34703acca628938c8f395c701b1037151a3190d2eb174763fa78395b3e56bd716c8fe28d4e71d313e590561bf133c8a804c0c7f19453e0fcbf7315071120141780cf195ed34560ad38ecc7b81274768f96e37d6e655be2227eee8d0d1eea5e0c22502233377f56dab09a3f404e6216d65987066904c075bf09e39221dfc90f8c843abc9b145b9d5d7addf62d9016b8ee38b3a6c3d74f0656b3dc719782f6ea5cfb924e81e632d408d4b41c1aa56794c9a03c3527c826e2dc125b503d567536efef5c33e63507022f9615a503e52105f1357b8268a586e62a435b89f0aa4577baad3bda26c531e16ff99658f36fa86c2708d6a8142baf8db30db3fde91f51fe0ef9a19c9f4d79b16117ea59b8d92a9eb9cc4291f8fb758eea16dfffe3536ec690c02f767f36d4c1e93612dd09d6072501d5823adaa0183773b8ce6a841c1d78e97b364e527e5f2a5e185b1a9edbe425bb7c690d46fa65132d27834b0f1c06f69890fc5be997f7391da6324a2155b447470071f2435097e2ca46c0ee0dbda72d06dff6ef260934d198bad8a010023f2b8a04512732dcbb0ddc7c93cef9657dc4652789ad846958f9d696bd028d7e7f3b5876c25c01af0d252a2064c3a8663deb4d3f4692904152f758035f1746bbf8af5ced2837363de3a923a1ac1c1fb9d5258158d8f0b44e27a893820deb4f721f8cad92d7bdcfe26c098339719ce02bc54cf93b8760b36b6d8b7e2342e5ce7002dd9f46dc89fab1e878d574937e6969cb51a6f8a347ebcd48ce645aebcc2f7ed8e53c2564cdb80dad1040869650f5e16f334c19a479c4ae387648a372650d25101ba0deff30a944ca5cfefbbfaf0984687e5a2cb736b46f8df2a36784f4671f531c11c921cf4701de5b3395df8d88771326b3d7e2ff41b524abc75b9cdbdf40854f31c6a7e7847aea31900bcfe0b1311657ac591daffa773c6945c8444be06ddc0d5b49a4f713e04c7a78c423ca2177dc8c5ea898f5938105e8d5c560a4120a7d1444d546b09650b611013b9680f710cb843396aac34b91da40240098daad3672c45e35ff9bc804557d5b6ff3a46d455c7c8840e158a301b675de37558c4147c08fed3571af29da4d4a9ed9747f3c44a6f2cdfc7ac2be01b4180feb1997638a6fbd86227a0cec71b47312c0e3db7675f5939278008b93eaee1c09d7df8abf9e4d973c22c2b8a5743bec84fca15c855f231f15427b9e7d23f52b74e95577883322224a9cbdaf312afd780982666848d5e6e3dc403fa1061cc2c8914672e963909c14fb3612bca05aec976495c621f7fdb96ecb6714f966e3a44849ec256dbc9656d2d3166764a9608b6a91c9145367e764749d57a58d8e0b196921aa0e4520d6be238ccf9bdc462b63d02f95b36d62b93783f33bc56cb9cb224fccdadba782363b558985bedc9f079fb7bcb7cf91402bfbd8ece7e2840421fd2c1319728022ed81b4f24a9de307b127e09542fbfdf37e320dcf33c701f07cd1a64dfdf1bb3b34f303dff533b1ffa1abd7babc08395039b0f1165f132f5b131a47f51fab324d9502a3266a35cf6dfff372557b73bfb685ea46d2c38375231300ba10c6e16fcc873dc366f1cb7550659ccba00767bee15485c91aeee4a97d7af962d2f44e96e620bb2208410ef8aeb32c024e289668cad3c4e82e9fb0d76bd8d0343bd6fbd3460818594cca97be3d3140a244089b2ef22414b1fe8a4c1cd337532ed215bd7b73bb03753dbf26ec8e6d664dff003797bd34fc72fb6fcfdc916bd62b2ccb7193aee70869499b2349e6a4fcb35a9cba8dd8998de8afa734b854dc71e47f0103b0ff1c38562190def665509c76f037e393f8fe7ae05d8a4030640d99fda6f6e70d08709277e315e35e51a78dd3e1e47ee9cb06b9279989b97f42dae2cfd85296b570c3fe0f2615fadc33b09176b6e8c41978aa118ae407c3d8d12474d1aaab08b4067615d77c4373ac50715d9e9384461eb373790bbfe1b38976047eabb6ba9ecb4950110ceb95fbd11b32ed0b22b6d0c40bdcb44e9a08cca1e29dcf35da2db25606186a000bf157554ba7c55530dc3281336a272d9bc76814e2335db48c9980246214475f4dbc397e46d0b05cb1387d0551599ee0b67d612c085135f89472e99b275a48f7a90d2c6f377d023bc0f2ec69906856d4d05e94892d8aec469f800a76232f6b60fe170bde18df4702ae94556b976390d6aec61e6d017ebabe20fe7d0469b72207aff967865cc8dec893596449c640f486b2a8829d2973f65aadbd8b001f065b43ad57665887e1919f87a7e4d6e16b9beaf6099afffe31dca58f2869e707fa5f04d581ebcb8af9050a14a5a9fb333884e50a444563282118ab9c843f8152a7765901f392b32b22db3867bef3ef05fa41286bffc556e5357ae22bcde91e5a0d80dab8d0d83aa1d60f25b14dec69dcf15f3dc48e677b684c61d51c124bff09702d8e1e663cb87a7efefdbcf3576178e7dd614e3266b7f83f338250ffcf64260c7ca621c4750fe0345483202adab46eeb42779759e4974707b23e12bcc63371a9c1a39e681dd2bb6d2d304f3baefc9b38e16aeb4b33df166c0e19186b0fc8269bd9cd96d5b3adda68ccb9be58963a3865291d767fd6f8f133f30b9404ed1231cfa93d21d5f16941252650f6684b6499adef0aeae110ba35f9c611a08b57e3f219c2bd7bd5ffff509aa7cddd73bc62e681dabd8f15b24fd924f6ab00fbb2b16cc6af67fbeea2960ab6f5f98f1a6d0a870ccf10e3ba73d48e0ef1b38bfd7463b30309683e65dbf90776ab30cbf0e762c86c9864e27ca9a95e15a7b9d0b902f3dff2c8db81373ab7edc5eaf45a6230ff72837bed6fd2f0b3bcf829b5b75bbfa1b18af3c9f7490381eae64b553921c4da40db5a17afee6658acaf6a2eb1d381e1ccd9ec4e68eeae2f3e0d5de21a453ef99d99d65d6a067dff051822b9cacf5f1110e2972e2724c979b0c6c8bf5295716022c47c8f4af702bcfe1060602ba8f4be94815dd22ba2ee0d76f46eb4fd816d7e7b88a37a9cb65f1ef32e6cc6d101de6e94050eed22f6c0299a7cfb74a5f5f6ef4683f071839943017e0b58c8cc5a77251909888ab6f69b0e18b8ed8905654578f1604c620f7d8bcb0a0010a2b71a1b8d11e34f7c674912fbb61fad795b6fd455cf4feeff71d865d92ae41c3a5935d7ee5c28706de5cd4733a26320bc5e79b4352b63d7d320c69a63d9057187799ae483a6e9dc7ce101851cd598319173ab4ac49bf3b25ec8bd9fe8b664c87722223f1ee8c1b613e78729072ebcd51b7b9e3c5dd22b17b0dccf6a177b9fe279f56644476acb27f5c4a7bff77d0416dead2231d8f8ee44e6618ddcc2b9e34919bf21fa986d9e6b9d54c007e2f15293808b065c62aad7f9f42b0f39361528328071c4b5df273d2b41e2b9881a8c215fbb0280fd79a77570f93855d5d795a89613e0b4be1d8b1f50864637471d694ac417216294b08a4226fe098dee8d410bc3828ef27777489b9e6e3701e6ccf13151070b027fb53b00ee3a5e780348f47d314d04b353c76f920c69d571d7b674d2b1f9ad1597bd6f36e5ff82981d2158990e21b7102b20fbdbcbd2c2c25da51aceff00a1e7a56c8f75f9bf3655d6142ac74cbc8ee70ffec7a45bf1c4a3b6a65f629494670a84088a802598909031871dd576a5d47d911b509b0799e7178657dd66943ddc2666b7cae6b996c8b55b7cf0a6b9ce396cc3e262ebb83c2f640ec6a80538823a83fb3b74c8b51a8cbb18b4925b8045530ce8283c962561e3da3f7843720b4dc6afbe5278fe9a964860b88e33aedb298b61910e5c3ea4971e02cf869d5e68e8a95215e0e207af9b7e48f3452dc9aaf0bf15202932e71552a1f79a6482afc0c104fc70f3ffeb153a249620dafb5ef82308e97113ba4aee10301ea19ec5f0f2d643fba39a4a5f039003187255c1cd9a7d54253ab0c6f8c09cf51ea635d945231386fd891d80483ddb4f4d8e68a62a71b61bbd75b74fdff1610949508d33d740a72c633dde4db6a4cdc92a7de18a7b9ceec93ef8e130fbee0b66d7c4d3eb3d92d41f89b3bc7f276f275f827a5f5d4eee0ed7c0a90ca0a6639a974ed1311422372d7a84305ed6154a80f9cf4dc52a717c5ba57aa2e4fc2adb9da2b5c246706777fce38f6aba54534701314df2bb1725ec00b40bf6281ea0f45f3d085836934a8c884bbc3a89fca0240525fbc58969e7772709a3eb827e4da5035c852be598c14a36f71c78ca002bdc4161da2daf8db5303185b9dc97302a2df8f3adb1acfc5a19faa3066318892b44276606f537475b03d28b01182eba9be649c74b35dca086e4bbe0e9d6c5f3edf6c929e3ace7419cc7b106fe74d1b81eb675dd361a8099f8327cb99a72b1b83e194fd90c92450a6525445b7f2aac705920793ea1e0f1b33c754a0460fc681716fa70a383f81c6cf95f49e54baaae984bf931e9bd28942e5c4e90f57d2d398299669af06e62fcf860dec6158982f80331060f24af75ac27bf05e3652a822d6421c26c2dd33ddf1ce60d4c7a74abba565bec2e18b7a5cf21ac63c8271ac2c00ed736bc14998448dc4c19c5f50f9f9c75b4dc546a33c26e8ea26ab2ab05de5f4a346831bf743abd4119079d42df45b461258cbf1ca05370229802f7e0430c5496cac07658ac3ce55ad783a55b3414c0572dc3632a368c9395af43ad25a0e1fa3569366492bb9063a64b77a4d0001208ad093f98c1c3482e97015dcbae76f173bdce59db0bfd1015de911b3b652bae2dfba64f496e7bab5735fc3b683ffe19750b73ea2491b1f7a2be4db9ca703f11c360d7b2ef8f49b9d262900de5476f682bf7d526497f7825cebf9f136a4d6b347d1874fa6fe441fb95d338080b2a5268cfaea8fed039a1900028c4aecf225e0bb328522c2944f2a7281daebb2dd52d312be1c5824cb19317021d10ba3b89d02763677172ce0ae6ca996b147a934a266e75b2bf35d523b7f9eddf0afe102d4ee9db8926d10be781bbaa25b815ea2dad9a9908a827be0c0e5b6b960e99b702d76b2af58a2afe7eb1e2cf30e660cf6296bd11607c33e85fefbff67b0dd74c5110236048da6d92eabda02925f0816ec048cb1333894aa172ee73d5e3c833e3858a0e219debc74d89bda90c70f88bbe41c943375840ceb55064b2f2b239cfc769582cd410f1bdb26fc78d9728a30899b3460405b157a1dcd33b31fb6e2a4113e4bb41214aae4a037f99f8", 0x2000, &(0x7f0000007080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r7, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0), 0x400000, 0x0)

41.395695662s ago: executing program 5 (id=2277):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) (async)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) (async)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000100)='cgroup.threads\x00', 0x2, 0x0) (async)
socket$vsock_stream(0x28, 0x1, 0x0) (async)
syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00') (async)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x101040, 0x0) (async)
socket$kcm(0x23, 0x2, 0x0) (async)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r4 = syz_io_uring_setup(0x4a4, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x2000, 0x2}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0) (async)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) (async)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r7, &(0x7f00000001c0)='memory.events.local\x00', 0x275a, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) (async)
recvmsg$unix(r8, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0) (async)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r10, &(0x7f0000000180)=ANY=[], 0x118) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10010, r10, 0x8298d000) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x104, &(0x7f0000000080), 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x10, 0x0, 0x0, 0x1, 0x0}) (async)
io_uring_enter(r4, 0x3f70, 0x0, 0x0, 0x0, 0x0)
sendfile(r3, r3, 0x0, 0x2) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

40.784031913s ago: executing program 5 (id=2278):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
socket$netlink(0x10, 0x3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$amidi(0x0, 0x2, 0x80042)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newtaction={0x18, 0x30, 0x0, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x4000000)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(0xffffffffffffffff, 0x3ba0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000009c0)={0x0, 0x0, @pic={0x0, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x0, 0x3, 0x9, 0x40, 0x0, 0x4}})
bind$tipc(0xffffffffffffffff, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r6 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x2}, 0x10)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x217, 0x69, 0x0, 0x0, 0x0, 0x4003ff, 0x20000000006], 0x0, 0x2c0710})
r7 = eventfd2(0x9, 0x81002)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000000)={r7, 0x2, 0x2, r7})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

33.535672695s ago: executing program 34 (id=2266):
openat$audio1(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r0 = socket$inet(0x2, 0x3, 0x2)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1, 0x0, 0x78497f2}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(r1, 0x4008f510, &(0x7f0000000080)=0x7)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
pread64(r3, &(0x7f00000000c0)=""/120, 0x78, 0x0)
syz_usb_connect(0x0, 0x34, &(0x7f0000000b00)=ANY=[@ANYBLOB="12010000a6ff0540cdabeecdb905000000010902220001000000000904000001010351000905030e0000000000072501", @ANYRES8=r0], 0x0)

30.533038582s ago: executing program 35 (id=2272):
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r3 = fanotify_init(0x200, 0x0)
fanotify_mark(r3, 0x1, 0x4800003e, r2, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
syz_open_dev$loop(0x0, 0x75f, 0x103382)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0xfffffffffffffffe}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r7, 0x0)
socket$phonet(0x23, 0x2, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, 0x0, 0x20008000)
renameat2(r1, &(0x7f0000000300)='./file0\x00', r0, &(0x7f00000007c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2)

30.030938701s ago: executing program 36 (id=2274):
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x14)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x101, 0x0, 0x0, {0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x4}]}], {0x14, 0x10}}, 0x6c}, 0x1, 0x0, 0x0, 0x2000c0c0}, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fc00101}]})
socket(0x1, 0xa, 0xfffffe)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000001800)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000440)={0x1fd, 0x3, 0xeeee8000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000480)="2e0f01c8b803008ec866b881c5e89b0f23d00f21f866352000000b0f23f866b8040000000f23d00f21f866352000000f0f23f80f20e06635000100000f22e0dbc2baa100b8c425efbaf80c66b8e46d7b8366efbafc0cb000ee0facae3a6ae866b9160100000f32", 0x67}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000340)="0f2eab0200baf80c66b825e7e38166efbafc0cb005ee0f381c47000f019ee00066b9050100400f3266b98708000066b8fc97000066ba000000000f30baf80c66b82451768a66efbafc0c66b8e707000066efbad004b0c7ee650f01d10fae27", 0x5f}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000})
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="cf0400000000000000001300000008000300", @ANYRES32=0x0, @ANYBLOB="c28195bc4058e256569bfe4e45146eb7eb323b077723b98cbfc9d0d71eafe922c794fff71bbda5b2e803416d77639c21fba0c1961bddeb36b6ef4b20"], 0x1c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, 0x0)
ppoll(&(0x7f00000000c0)=[{r1, 0x21}], 0x1, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000300))
r6 = syz_io_uring_setup(0x112, &(0x7f0000000140)={0x0, 0xaeb0, 0x80}, &(0x7f00000002c0)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r9 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r9, 0xc1105517, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x5, 0x0, 0x0})
io_uring_enter(r6, 0x47f6, 0xb277, 0x0, 0x0, 0x0)
msgget$private(0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88))
socket$inet_sctp(0x2, 0x5, 0x84)

29.173334328s ago: executing program 7 (id=2279):
r0 = syz_open_dev$video(&(0x7f0000002c40), 0x7fffffff, 0x0)
ioctl$VIDIOC_ENUMINPUT(r0, 0xc050561a, &(0x7f0000000040)={0x2, "61a383835e7449d3f751591538e5fe23a81bcf9c307319290bd82a046f9c1290", 0x0, 0x3})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x18)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_int(r1, 0x0, 0x12, &(0x7f0000000040)=0xe, 0x4)
setsockopt$inet_int(r1, 0x0, 0x14, &(0x7f0000000180)=0x40000000, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0xb635773f06ebbeea, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001440), 0x2202, 0x0)
io_setup(0x104, &(0x7f0000000180)=<r6=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1801000021000000000000000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_submit(r6, 0x3, &(0x7f0000000340)=[&(0x7f00000000c0)={0x0, 0x0, 0x3, 0x1, 0x0, r5, &(0x7f0000000000)="de", 0xfdef}])
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000400)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00220023000078eca56701159c91451700"], 0x0}, 0x0)
add_key$user(&(0x7f0000000640), &(0x7f0000000540), &(0x7f00000000c0), 0xc6, 0xfffffffffffffffd)

27.664117568s ago: executing program 7 (id=2282):
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x14, 0x2, 0x6, 0x5}, 0x14}}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x2d, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x45833af92e4b39ff, 0x0)
syz_emit_ethernet(0xae, &(0x7f0000000000)=ANY=[], 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000200)={0x0, 'veth1_to_bridge\x00', {0x4}, 0x43})

26.488520107s ago: executing program 37 (id=2276):
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x43, &(0x7f00000003c0)={0x0, 0xea60}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
open(&(0x7f00000000c0)='./file0\x00', 0x101000, 0x2)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
creat(&(0x7f0000000340)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000004240)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r5, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x0, &(0x7f0000004280)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@afid}, {@aname={'aname', 0x3d, '@#@'}}], [], 0x6b}})
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000100)=@nullb, &(0x7f0000000400)='./file0\x00', &(0x7f00000001c0)='ufs\x00', 0x0, &(0x7f0000000340))
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000002240)="afaddbba376e1bba12e2f2262ec7a1f5b377313a7bcf2d9b013196c2f0f94bc244fc0dc1c1bfbd4ed45229ce0cb7ca58f4b8d430b30d6ad8e8a56099ff70f31257cbe8710542fbedf009e1a5799fb06a7e0301b43d31008caf089c4a5a49dc50ea4c476f63a8b0aa08dd78d9ff39d8dfafbe2c41ff5d2331dd2e9d784247d5272cdcd13e6d9d7a03fa6b0622e6f130e0489bf9105a2a511d6f5b7da1100ecfe5d6ce64f4aac5c00c26d636ac66f059201a3a790b946da4808f1d665484847b61faab09a5e4b45a17c4c55b64ecf6933705c22c85317cc5edeba3e9260033f6bac869ac3b08ed1c55ae3119c78761be6d934c3757d5f10079243e4f06429907163f81855b74887146d875d0e6ab4d5c7032e84c33ea24bb93b2ab6eaec0feeca93f006a0d2bc2bd601f2ede8f32b5fa2e37e0ad1460b8839676dedef30fb684f6fddfcd9a84f3efd78d076c996d92a186e921e16e5ac7aa1f70c585b3752cc1312876c758219645ad0a5540bc82074a497ffc3717c8e139c09b3d2e21fff27e12db18540448f7ff7b637f87b7a717a60a23934e4be7f55ac10d2c09098fa13c9f1c5ed9ba61cc3ddc320b5409071d2ddd25d5b8f79475e80b3b8257b25fad2c59c31c5855560f2600de1930cb1f2e57aed4fb0b79fa7aac52d54a73d62f424cbad6f82ce5d5749cce356f892488ed149283e51dfdded96136a90b5e0c63d1728a82c324b1dd756b9f9b257a9e7f4b07a007e8ed37274d686e4b1667b315b640cb610d48fbe98c07ddb82250e9399b1e705e3f805969b9a003902e2e7b85cb9e2171f5bd180fbb9bd26805fce0b2c6f87cd7d02a579ac24a5391ad2eec8868425034c5dc19dc7581bc0162ecb37a172175a859b143284e3146dfa01731b6ceca8e458cbdf8d785300d12c50c3bd9ca4b72cbb0480711b2cfe820c31887289b29fed60c04548ee3e24acaeed283a9400cbba31e1317ec6158ece4ce56af53e46e182a6d441ba04520f0e8b45b56eb378ddb17ef5d57b27941032e7c917313f555838ba5397816757da7bedb6c5ac760239455cf09861026920c2ab3119a3257d2eb61e8dac7c39ee5880cdfb7c4fcbcf28dc4fcceb81e81f5fbbc0179fe22fbac014b118ed1ec81652d34a67b53a9a8ee468d8e927a77ae79f381a249501d3055e7da0b7a8847850f4e35aaf5b5dd4338326da84d93091035bf10b80b3e79badd38fd5d2b9fdf0b0923c96193d93ae4d8753980f8c73e980934686f11acb266c161751367dc05e6ae5175bd304ae6b1fc016ff2a01eb05a1ba7ebf1b91cf25dc14852984acdfb008a5df08d5c8619c9211320b87a5f1b3902531050a147af6a7134316a7735ad310f6241258bd9b79e2dee1461840dfdd905bc2e17d55b49694a68f36bf4a64fb2f5a483b633398abaff7917d9f1216d70368ad4c8e4fcfb040040f32e8a6a534d02c4187fbd19b85f35f8c119e06e3dabaa210a649117722816b5a91c5125c84482d414edcd992c79aa80fd568a884c99d43b77a87daa96f662c53fba7367ee147daf620bc6d13d32c3d9cdf8095962a9bcb85a93b6598750cdbbf5925a2a0875afd1e58a568b89815ae420ea9553ed487a55393115a8907aaf3982827be1534576c257b8594b48d0d71fa1f56dd096a6ea3f7fa339b51585d36ef72d0bb0da4c2c84ace8d16be3ead998187df0e59045541b0a1e79e5ee5b1a55d8fcd157d49df504b6fc031c5fd1e01a8ee2ae9f84df78ef03595642a7812d737ad2595b922ee618823b53ae2594dc15193c7206591e9b16689c3d5bd4b4b8d6851c2e7f0550ba0178a64b8d3c08bfa35f064576ccac39e7936e2e10fd27785f66053580b45e9c93d666bb7d4eff042da50774049f0948b150a660e08e82fc352636cfa0fdc9409316e402440aba8ab8944840838d8121a76274a5f929101e25c2a7c0ccf84831c8981258b21679dd92b7c44a78acfd706cd25f8878873683a6f5aebc81d45375aefcb484bf517ec13dc814fdf390cd39f764a008777c9db7b22b1c7eb556a5f51fe9755916f84db7401744c015c1100b3d3cb8264b26c022d7f6441cd0f099681d7d9df8b3c9c6d153d6d0c30fefded15e74c7a9b5832032552ef6bfb3863330edac33a33df4a4839d661bf10ab6aed5d2093b57450ce6dd2fae63096d07e47b8ba3c5225625f6c8d98e007b49b907a4ca511aeefaf8ae3cf10ed63bf3a7dc0f7b0c1e48e6af2b158dc1ea12335ab91acaabacc104e79968f89999aec3b694aecc6783dfeb9a8efc140f18583d113454145bfbe1fe480bfb7de71fb394d08f453926208d5d595e09df3fa216fe78a2693c2c2a29cadb2c2e86ae09e912bd2ed18559a0f8b5f131b780fc8037081aa98eed56795f1bb5b44300f73b7ceb080d7c9b022b7246a93f7784aa3475e05e125d50b3a0cee066c609add2716ec88a70e1f0c79344b0cc80a543c28b970a186aefa24e9246882e790053d652b2175565a12916ce13f1865a40d34a9cc6555a7072b091e6e8b9c2c7137bca71cccc56e33281badaa73a30e67ff5ac9f489ab35bff85aa1daa10b23f4ca0d55f5850e6af0c5ac755364dcbd8c8cbd4bc76bfd220cb12d46361ef68dc9f90601a46a56140d19d05fe5be799c3af81340c9f07e252aa1768a5dfb4a0536481313d985d8ecb36cdbaa6891e0608ae5a842d9580400977d8a855308b85d1bd70e57523ca5c153640a2e7a778c9df5ad48e230d881c06e0222bba818738ee67ddb7cc2034d25a3ca5d259be6ad63f6cd84938be096d2ab5df0fa7249b57c7653a2c6a016d2890dbf6620c52e4594358c0711dea1bc6fbddb44f500bcbe64f269bf17e0c6c5d8e18ec56d3519706efb6c868d34643e48e5d05c91f458f8f3e0c6befc8511dfa508f5c26eafce1077a082abf8a868ddd62206f39e125cdfb52be753ac96f39341b797d23a3d173d783932271996f482fb80d8022700ab96efe2df6c19370fdf2030d784578a05594eb7905ab5125fc543713dad95d4467cd76f35de43e79a6eb5ede4edc8afb04ab682cf282ac865165329688e7a9a181cc42f9bc31c0203d5c4f8583f7f03ce0b69a5e7e5af7a87d8477dfe1ec64ec8e1132d7f36d3ce6c41dcbd347a50ba51c16340376f50f093269266f97a0b3570675d1bd54f7fccc8f99b264dcff9d057df961a6a4dc4268791091cc08208bd62e1088ca07ca5a2fa849978036554806fdfd9dcf231b28872715eb7b6f65b5ef064c49f0ad04e5bf4f50612a5f313b65eecf07c2b79f65a8b03058a043fcf4ca62a71027db9c2e5311febf53e8027d92f14ea0958000d1d388a323bdc70f6a2bffedd7d7697523b0c4add0e1234e35629014afd1789288e9ca6d65b49e5e2d31631da7674376781e7be087b9cdb58098744e4d6b9ffc2dd82d02ebe3886b869aae44f7080252dafd6d00718c5ddd1ef66d5a950ecd79a87ff35d286259e758e0a4bc552abe99a19d0abe5614e5e0474b8552c0b30cff0d44c816c7e23bec85bf466f7ab534b38e6d97fda0f42a3e2ad15d0f242b41818d7d0d99118a0c3230288a4fb7d18b19000cc58f46d26fefc703a00e6b5c592ad7e34caf29b9acf1d6cf3eec647b86ef3c5d5a8151914ec82320c546b92139e5c2ef2c7906413a0755d6bdb53441ef21a0d2d1400b4e024f4fd924a600d098f88649190cdb74a2390e497941743b87ff0d3e3016bc0f149b600232efa3a0403cbb6695520ad6aa4393c4f1cf201ac140e4a5e31bfdc1da895b0f38dd25d126cefd05fcde00f6f2afdb4e93c70cc3a6696c660c497b68072c3cfa7132d71a799cc1222c250df2aecee7d7656b888ccf61e9a572f76ba0a7d287ae7490365bd610bf9df142d131ee4324af19fb451e984a79b43026f516bec5e88a6aae9c6d37e13adfd2c99428dbd3dfab9ea008e15d01a2cada5c1e9482fd6e10de25ad362c83c27e913c6f27bed3dc5515d2e65eca95109c001782715fb897f3e572efda7196f96ec781f1e93201202a9596030d1936b25288dedde240d70dd3d01e5cd91e318a1ae3630d136e8e267deaac70079bf3282f93b08d12c9eb3f0b4617119857af8634531c922c75ca8b674e7cdf51a425fc0bb7f77c6a07e6a98293f991d7ba26e994d63cbb40becf54bdb74805006d55210e04bb31e8f97041cc9c345d8cc4783cf40a3007437872583ce7490a408f9d4d85d0fd063140e33078eb143d001f574ab412d8ab0affd504eacc1cf77ad14e2f3b7e78fb9ee66edb99fd6667e51bc522a6b61c0a7e81456097ce62b79fbf12dea8df4356f205f9ca4c0633aed65a0581952802be787bdbde12cd344f6cd0cd21cc3ce7515407051f61a8d686f25dd7dad9b3c8f9bd5ee578dd636028238eff03906b67751b275cd37d39b9c2458fa6b3bfeb9969ea1471ff982287efe8f31e3d50aa2a357c033691c78b5509c93272d674debc6a3a03a0ba7df7aa929888930de1b6a5aee0f599ea50ad079e183667142884be38b6715dbc6638c83a80f95bf9bad4e18bbd900da87964b7199ef9f49e3a1ae030d42107baba0e1170e48cd1b66d0bc63f1bded9748a2b8bea4a7d4b04e2d8dbd3b174d4a822470c2ffe4103fd2ecf0f9986935ae43cc8f2ed1e48ce542b197e6fee4ec1bd6f600a290d4e882b2fef318412aabd3fd1c9a57c313b81340bcded3505c0edd12fb88ec07e3743aaf48d93a3664a038953a3048f267c8f6b130e0d183f982cb4385dedf41e3dd68b0a00a8deb882476fe38cffce5f04c9dfd55a009051ef0608721d429b1f4731708d1c092eebe88382debdd0be1c6cb59ccf8d1951f350df8ca79972b3d35f420fd68b602ecaf29a94a0efe785042e8101d462a78ee0e215c380e7b115b74fe9b99d0762a0798d7e308d8594a158b28476dc1de2f4fa4bb68b9325d4bfb491212331eba8f2fabf611300d21fa9c7941306098a9ef3b5e66a40c3060bdc8f707956bcd95545db971d573b1cd9e4e9252b97d36a8a505855e8189b85cef25b736add58e74a67695e8f8e59a3bd97ed858a7c355ff674fd8402fa271bd3e50ccf88070408d31e76e9f166bd44f58fdfd682f8bdcc389ea33b4eee566f9a7e6174abcae98c0aacffae73c5b29fc5d210e35f7d42270b265ffde2de3d45439f8d71e371be19b0f2954bb9530ea5cc18f525c9c79990da81aac6c69550120d3c8ee98d82d8b6de6e59f86f41347d206411aa3a1cc39f841e8daf6a78f700170a140432126d3cd7c3b53cb592fd3aaaf7a45d02a8a537704cb5ea8d165315757d9477f0d52006525ef830dd7d16e82f9ef127689501ee55e2f69b79de0bab64b8325aa1f4bcae387fe84ed1baeecaa42413f684a1db7a120cb73853838f03565ade441ee66cb5f648e165fe617c539f6dec4f12a5f738171e8971184a9d6a14a123bf3cf888fc9e1253d6f98c26b3061e6358d36bdfdfdc85924b9114aec973f4d0e2d4b0c8cd66bf32fd208bb7485cb9c730c8d6e368fbf8fac16be225bcc8d320980f8f6d73ab1ed01d3db4a7e2c275da0fa6ee3eac4fb6b3831ce90b9d654a5039d0be542c3341ccae50193954a233b81e54a191e6cf1e0685ada89e21723ea1e836441d6b7d3da1d41e4e04f7cf770fdde3086c6dcc28b2bc4527b03fd5ca3fd5ce90c4ae665c34386d6bd423d391ea4a13bf62395846afd7bc8417889c02fe34373f20621d20d4912f1acef23169e7b45c7656643d1961fd1151a2a0df5b73fcb022a83d1b8b9a3669e00924a5af0d63bafb044eaaf09497f09187511254fe0d7343909f2b11ddea84191cbd14db3636c5458227ef53f8bd17bc933190958edcaf90453525b81cb0a2cc3088ae5c19fc7aa71b531ebf141a16bc11853bb82c320d21bd2ecf6556894fc586e253b659ab1545ee63e8a9a2d31765d07bc8ce446316aaf712cac59fa4e9d92e002c4421d2318e8b8dcbd67d1b9ca688d3d204a764e83e2d9b92cecd794b5f4763f482210165786b2892dd3a84b35c9348965de9f34ea2211d6062746c1053cd7d58cbef089c67209f301122fbcebd7ee15f627a78ccec7541a7b23f1f19f00238edadad3850fadea580aacf3f09261be6fd456d19c6c9b32e27f355178f0f8c4c9783b976a5555a198ad175274cbcf57ea23926fd38db0256ada2207115077ab6f0037c67a27532e68122ac57c990c581754736d72a81f4bba6d7a2ca7805873856a38c137e8a0b5741dcf16f3431d086e28ca138e2e75d129bff24137c930fb1f227083ed7055ad54d59d66fd4ec309b84767595a39d418d763b7f9c603d18d7992b2718cff68ad4975d1130b997a3a1f4fd27f583f95bf24cfdd49da653efe58d9a34703acca628938c8f395c701b1037151a3190d2eb174763fa78395b3e56bd716c8fe28d4e71d313e590561bf133c8a804c0c7f19453e0fcbf7315071120141780cf195ed34560ad38ecc7b81274768f96e37d6e655be2227eee8d0d1eea5e0c22502233377f56dab09a3f404e6216d65987066904c075bf09e39221dfc90f8c843abc9b145b9d5d7addf62d9016b8ee38b3a6c3d74f0656b3dc719782f6ea5cfb924e81e632d408d4b41c1aa56794c9a03c3527c826e2dc125b503d567536efef5c33e63507022f9615a503e52105f1357b8268a586e62a435b89f0aa4577baad3bda26c531e16ff99658f36fa86c2708d6a8142baf8db30db3fde91f51fe0ef9a19c9f4d79b16117ea59b8d92a9eb9cc4291f8fb758eea16dfffe3536ec690c02f767f36d4c1e93612dd09d6072501d5823adaa0183773b8ce6a841c1d78e97b364e527e5f2a5e185b1a9edbe425bb7c690d46fa65132d27834b0f1c06f69890fc5be997f7391da6324a2155b447470071f2435097e2ca46c0ee0dbda72d06dff6ef260934d198bad8a010023f2b8a04512732dcbb0ddc7c93cef9657dc4652789ad846958f9d696bd028d7e7f3b5876c25c01af0d252a2064c3a8663deb4d3f4692904152f758035f1746bbf8af5ced2837363de3a923a1ac1c1fb9d5258158d8f0b44e27a893820deb4f721f8cad92d7bdcfe26c098339719ce02bc54cf93b8760b36b6d8b7e2342e5ce7002dd9f46dc89fab1e878d574937e6969cb51a6f8a347ebcd48ce645aebcc2f7ed8e53c2564cdb80dad1040869650f5e16f334c19a479c4ae387648a372650d25101ba0deff30a944ca5cfefbbfaf0984687e5a2cb736b46f8df2a36784f4671f531c11c921cf4701de5b3395df8d88771326b3d7e2ff41b524abc75b9cdbdf40854f31c6a7e7847aea31900bcfe0b1311657ac591daffa773c6945c8444be06ddc0d5b49a4f713e04c7a78c423ca2177dc8c5ea898f5938105e8d5c560a4120a7d1444d546b09650b611013b9680f710cb843396aac34b91da40240098daad3672c45e35ff9bc804557d5b6ff3a46d455c7c8840e158a301b675de37558c4147c08fed3571af29da4d4a9ed9747f3c44a6f2cdfc7ac2be01b4180feb1997638a6fbd86227a0cec71b47312c0e3db7675f5939278008b93eaee1c09d7df8abf9e4d973c22c2b8a5743bec84fca15c855f231f15427b9e7d23f52b74e95577883322224a9cbdaf312afd780982666848d5e6e3dc403fa1061cc2c8914672e963909c14fb3612bca05aec976495c621f7fdb96ecb6714f966e3a44849ec256dbc9656d2d3166764a9608b6a91c9145367e764749d57a58d8e0b196921aa0e4520d6be238ccf9bdc462b63d02f95b36d62b93783f33bc56cb9cb224fccdadba782363b558985bedc9f079fb7bcb7cf91402bfbd8ece7e2840421fd2c1319728022ed81b4f24a9de307b127e09542fbfdf37e320dcf33c701f07cd1a64dfdf1bb3b34f303dff533b1ffa1abd7babc08395039b0f1165f132f5b131a47f51fab324d9502a3266a35cf6dfff372557b73bfb685ea46d2c38375231300ba10c6e16fcc873dc366f1cb7550659ccba00767bee15485c91aeee4a97d7af962d2f44e96e620bb2208410ef8aeb32c024e289668cad3c4e82e9fb0d76bd8d0343bd6fbd3460818594cca97be3d3140a244089b2ef22414b1fe8a4c1cd337532ed215bd7b73bb03753dbf26ec8e6d664dff003797bd34fc72fb6fcfdc916bd62b2ccb7193aee70869499b2349e6a4fcb35a9cba8dd8998de8afa734b854dc71e47f0103b0ff1c38562190def665509c76f037e393f8fe7ae05d8a4030640d99fda6f6e70d08709277e315e35e51a78dd3e1e47ee9cb06b9279989b97f42dae2cfd85296b570c3fe0f2615fadc33b09176b6e8c41978aa118ae407c3d8d12474d1aaab08b4067615d77c4373ac50715d9e9384461eb373790bbfe1b38976047eabb6ba9ecb4950110ceb95fbd11b32ed0b22b6d0c40bdcb44e9a08cca1e29dcf35da2db25606186a000bf157554ba7c55530dc3281336a272d9bc76814e2335db48c9980246214475f4dbc397e46d0b05cb1387d0551599ee0b67d612c085135f89472e99b275a48f7a90d2c6f377d023bc0f2ec69906856d4d05e94892d8aec469f800a76232f6b60fe170bde18df4702ae94556b976390d6aec61e6d017ebabe20fe7d0469b72207aff967865cc8dec893596449c640f486b2a8829d2973f65aadbd8b001f065b43ad57665887e1919f87a7e4d6e16b9beaf6099afffe31dca58f2869e707fa5f04d581ebcb8af9050a14a5a9fb333884e50a444563282118ab9c843f8152a7765901f392b32b22db3867bef3ef05fa41286bffc556e5357ae22bcde91e5a0d80dab8d0d83aa1d60f25b14dec69dcf15f3dc48e677b684c61d51c124bff09702d8e1e663cb87a7efefdbcf3576178e7dd614e3266b7f83f338250ffcf64260c7ca621c4750fe0345483202adab46eeb42779759e4974707b23e12bcc63371a9c1a39e681dd2bb6d2d304f3baefc9b38e16aeb4b33df166c0e19186b0fc8269bd9cd96d5b3adda68ccb9be58963a3865291d767fd6f8f133f30b9404ed1231cfa93d21d5f16941252650f6684b6499adef0aeae110ba35f9c611a08b57e3f219c2bd7bd5ffff509aa7cddd73bc62e681dabd8f15b24fd924f6ab00fbb2b16cc6af67fbeea2960ab6f5f98f1a6d0a870ccf10e3ba73d48e0ef1b38bfd7463b30309683e65dbf90776ab30cbf0e762c86c9864e27ca9a95e15a7b9d0b902f3dff2c8db81373ab7edc5eaf45a6230ff72837bed6fd2f0b3bcf829b5b75bbfa1b18af3c9f7490381eae64b553921c4da40db5a17afee6658acaf6a2eb1d381e1ccd9ec4e68eeae2f3e0d5de21a453ef99d99d65d6a067dff051822b9cacf5f1110e2972e2724c979b0c6c8bf5295716022c47c8f4af702bcfe1060602ba8f4be94815dd22ba2ee0d76f46eb4fd816d7e7b88a37a9cb65f1ef32e6cc6d101de6e94050eed22f6c0299a7cfb74a5f5f6ef4683f071839943017e0b58c8cc5a77251909888ab6f69b0e18b8ed8905654578f1604c620f7d8bcb0a0010a2b71a1b8d11e34f7c674912fbb61fad795b6fd455cf4feeff71d865d92ae41c3a5935d7ee5c28706de5cd4733a26320bc5e79b4352b63d7d320c69a63d9057187799ae483a6e9dc7ce101851cd598319173ab4ac49bf3b25ec8bd9fe8b664c87722223f1ee8c1b613e78729072ebcd51b7b9e3c5dd22b17b0dccf6a177b9fe279f56644476acb27f5c4a7bff77d0416dead2231d8f8ee44e6618ddcc2b9e34919bf21fa986d9e6b9d54c007e2f15293808b065c62aad7f9f42b0f39361528328071c4b5df273d2b41e2b9881a8c215fbb0280fd79a77570f93855d5d795a89613e0b4be1d8b1f50864637471d694ac417216294b08a4226fe098dee8d410bc3828ef27777489b9e6e3701e6ccf13151070b027fb53b00ee3a5e780348f47d314d04b353c76f920c69d571d7b674d2b1f9ad1597bd6f36e5ff82981d2158990e21b7102b20fbdbcbd2c2c25da51aceff00a1e7a56c8f75f9bf3655d6142ac74cbc8ee70ffec7a45bf1c4a3b6a65f629494670a84088a802598909031871dd576a5d47d911b509b0799e7178657dd66943ddc2666b7cae6b996c8b55b7cf0a6b9ce396cc3e262ebb83c2f640ec6a80538823a83fb3b74c8b51a8cbb18b4925b8045530ce8283c962561e3da3f7843720b4dc6afbe5278fe9a964860b88e33aedb298b61910e5c3ea4971e02cf869d5e68e8a95215e0e207af9b7e48f3452dc9aaf0bf15202932e71552a1f79a6482afc0c104fc70f3ffeb153a249620dafb5ef82308e97113ba4aee10301ea19ec5f0f2d643fba39a4a5f039003187255c1cd9a7d54253ab0c6f8c09cf51ea635d945231386fd891d80483ddb4f4d8e68a62a71b61bbd75b74fdff1610949508d33d740a72c633dde4db6a4cdc92a7de18a7b9ceec93ef8e130fbee0b66d7c4d3eb3d92d41f89b3bc7f276f275f827a5f5d4eee0ed7c0a90ca0a6639a974ed1311422372d7a84305ed6154a80f9cf4dc52a717c5ba57aa2e4fc2adb9da2b5c246706777fce38f6aba54534701314df2bb1725ec00b40bf6281ea0f45f3d085836934a8c884bbc3a89fca0240525fbc58969e7772709a3eb827e4da5035c852be598c14a36f71c78ca002bdc4161da2daf8db5303185b9dc97302a2df8f3adb1acfc5a19faa3066318892b44276606f537475b03d28b01182eba9be649c74b35dca086e4bbe0e9d6c5f3edf6c929e3ace7419cc7b106fe74d1b81eb675dd361a8099f8327cb99a72b1b83e194fd90c92450a6525445b7f2aac705920793ea1e0f1b33c754a0460fc681716fa70a383f81c6cf95f49e54baaae984bf931e9bd28942e5c4e90f57d2d398299669af06e62fcf860dec6158982f80331060f24af75ac27bf05e3652a822d6421c26c2dd33ddf1ce60d4c7a74abba565bec2e18b7a5cf21ac63c8271ac2c00ed736bc14998448dc4c19c5f50f9f9c75b4dc546a33c26e8ea26ab2ab05de5f4a346831bf743abd4119079d42df45b461258cbf1ca05370229802f7e0430c5496cac07658ac3ce55ad783a55b3414c0572dc3632a368c9395af43ad25a0e1fa3569366492bb9063a64b77a4d0001208ad093f98c1c3482e97015dcbae76f173bdce59db0bfd1015de911b3b652bae2dfba64f496e7bab5735fc3b683ffe19750b73ea2491b1f7a2be4db9ca703f11c360d7b2ef8f49b9d262900de5476f682bf7d526497f7825cebf9f136a4d6b347d1874fa6fe441fb95d338080b2a5268cfaea8fed039a1900028c4aecf225e0bb328522c2944f2a7281daebb2dd52d312be1c5824cb19317021d10ba3b89d02763677172ce0ae6ca996b147a934a266e75b2bf35d523b7f9eddf0afe102d4ee9db8926d10be781bbaa25b815ea2dad9a9908a827be0c0e5b6b960e99b702d76b2af58a2afe7eb1e2cf30e660cf6296bd11607c33e85fefbff67b0dd74c5110236048da6d92eabda02925f0816ec048cb1333894aa172ee73d5e3c833e3858a0e219debc74d89bda90c70f88bbe41c943375840ceb55064b2f2b239cfc769582cd410f1bdb26fc78d9728a30899b3460405b157a1dcd33b31fb6e2a4113e4bb41214aae4a037f99f8", 0x2000, &(0x7f0000007080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r7, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0), 0x400000, 0x0)

24.998249984s ago: executing program 38 (id=2278):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
socket$netlink(0x10, 0x3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$amidi(0x0, 0x2, 0x80042)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@newtaction={0x18, 0x30, 0x0, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x4000000)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(0xffffffffffffffff, 0x3ba0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000009c0)={0x0, 0x0, @pic={0x0, 0xc4, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x0, 0x3, 0x9, 0x40, 0x0, 0x4}})
bind$tipc(0xffffffffffffffff, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r6 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x2}, 0x10)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x217, 0x69, 0x0, 0x0, 0x0, 0x4003ff, 0x20000000006], 0x0, 0x2c0710})
r7 = eventfd2(0x9, 0x81002)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000000)={r7, 0x2, 0x2, r7})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

24.56936029s ago: executing program 7 (id=2285):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r1, &(0x7f00000027c0)={0x0, 0x0, 0x0}, 0x4000)
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCINQ(r5, 0x541b, 0x0)
connect$bt_sco(r5, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000600)={0x1f, @none}, 0x8)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000000)=0x5)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000440)=0x40, 0x4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_DEL(r7, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)={0x20, 0x3, 0x7, 0x201, 0x0, 0x0, {0x5, 0x0, 0x6}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x8800}, 0x20000090)
getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000180))
add_key$fscrypt_provisioning(&(0x7f0000005600), &(0x7f0000005640)={'syz', 0x2}, &(0x7f0000005680)={0x2, 0x0, @c}, 0x29, 0xfffffffffffffffc)
setsockopt$nfc_llcp_NFC_LLCP_RW(0xffffffffffffffff, 0x118, 0x0, &(0x7f0000000000)=0x10009, 0x4)

21.144173088s ago: executing program 8 (id=2280):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/fib_trie\x00')
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f0000000300), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r3, &(0x7f0000000080)={0x24, @short={0x2, 0x1, 0xaaa2}}, 0x4c)
lseek(r1, 0x7fffffffffffffff, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r5, 0x5420, &(0x7f00000000c0)=0x3ff)
sendfile(r4, r5, 0x0, 0x10ffff)
ioctl$TCSETS(r5, 0x5402, &(0x7f0000000080)={0x766, 0x0, 0x100000, 0x22c1, 0x0, "f694b8000000000000cc29e1f5eba328020016"})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{r0}, &(0x7f0000000400), &(0x7f0000000440)='%pI4   \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70501006fa70800000085000000a500000095000000000000007228605f7a8a5dc78af43c3bec1e7928ab956f3d731e9eb84844647814f846cd786de436f1d08e208ed7ef54b4b830e7613032838a07ed9d92902ea2a84c3655c5d9c0a3796cc0e57aaa2e2deeb4c90be9aa1603fa282f7fd8c2dd340c00"/141], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000039c0)=[{{&(0x7f0000000800)={0x2, 0x4e20, @multicast2}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000001380)='C', 0x1}], 0x1}}], 0x2, 0x2000c0c4)
syz_emit_ethernet(0x1ce, 0x0, 0x0)
r6 = getpid()
ptrace$setregset(0x4205, r6, 0x2, &(0x7f0000000180)={&(0x7f0000000100)="c207de5c0b2d6f9d7898969c227c0edc2c67598ddee3436953fdace8b396b608d6502ef39efdf933e5bd9d99b29c85b99d46fc", 0x33})

15.237873448s ago: executing program 9 (id=2281):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xd0, r1, 0x4, 0x70bd2c, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x8}, {0xc, 0x90, 0x8}}, {@pci={{0x8}, {0x11}}, {0x8}, {0xc, 0x8f, 0x17260}, {0xc, 0x90, 0x5fc0}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x3}, {0xc, 0x90, 0x8}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x4800}, 0xc805)
write(r0, &(0x7f0000000200)="1e6048b33bb601b057e8aa6e73be11865c23a8a288e3fe05da0b4ac37ce788e74396d56a7cf17e8f7d042a25af6d23e67d5242b0b7", 0x35) (async)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000280), r0)
sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, r2, 0x400, 0x70bd2d, 0x25dfdbfc, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x80) (async)
r3 = syz_open_dev$vcsa(&(0x7f0000000380), 0x101, 0x22200)
ioctl$VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f00000003c0)={0x2, @pix={0x4, 0x3, 0x34424752, 0x6, 0xb7, 0x1, 0x5, 0x5, 0x0, 0x8, 0x2, 0x1}})
fcntl$F_GET_FILE_RW_HINT(r3, 0x40d, &(0x7f00000004c0))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000500)={0x0, <r4=>0x0})
r5 = syz_open_procfs(r4, &(0x7f0000000580)='timers\x00')
sendmsg$NL80211_CMD_ASSOCIATE(r3, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x30, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0xc, 0x4f}}}}, [@NL80211_ATTR_PREV_BSSID={0xa, 0x4f, @random="69d963abddc4"}, @NL80211_ATTR_USE_RRM={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x0) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x7, &(0x7f00000006c0)) (async)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000740), r3)
sendmsg$IPVS_CMD_FLUSH(r0, &(0x7f0000000840)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x7c, r6, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x38, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xfffffdab}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@rand_addr=0x64010100}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x7}]}, @IPVS_CMD_ATTR_DAEMON={0x18, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}}]}, @IPVS_CMD_ATTR_DAEMON={0x18, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x48014}, 0x24008000)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000001, 0x2010, r0, 0xef38b000)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000880)='/proc/asound/card3/oss_mixer\x00', 0x9a400, 0x0) (async)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000900), r5)
sendmsg$NL80211_CMD_GET_POWER_SAVE(r5, &(0x7f00000009c0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x28, r7, 0x400, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x2a}}}}, ["", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x4800) (async)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r5, &(0x7f0000000ac0)={&(0x7f0000000a00), 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x14, r7, 0x400, 0x70bd26, 0x25dfdbff, {{}, {@void, @void}}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000000) (async)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000b00), 0x2, 0x0) (async)
ioctl$DRM_IOCTL_ADD_CTX(r3, 0xc0086420, &(0x7f0000000b40)) (async, rerun: 32)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000bc0), r3) (async, rerun: 32)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000c80)={r3, 0x58, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r3, &(0x7f0000000dc0)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000d80)={&(0x7f0000000cc0)={0x88, r8, 0x8, 0x70bd25, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xfffffffb}, @MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r9}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xa}]}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xb}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x43}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x9}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xf57}]}, 0x88}, 0x1, 0x0, 0x0, 0x801}, 0x20000000)
r10 = shmget(0x0, 0x3000, 0x54000000, &(0x7f0000ffd000/0x3000)=nil)
shmat(r10, &(0x7f0000ffb000/0x4000)=nil, 0x6000) (async)
sendmsg$NL80211_CMD_SET_PMKSA(r5, &(0x7f0000000e40)={&(0x7f0000000e00), 0xc, 0xfffffffffffffffc}, 0x1) (async)
ioctl$IOMMU_VFIO_IOAS$GET(r3, 0x3b88, &(0x7f0000000e80)={0xc, <r11=>0x0})
ioctl$IOMMU_IOAS_UNMAP(r5, 0x3b86, &(0x7f0000000ec0)={0x18, r11, 0x6, 0x3})

15.043737936s ago: executing program 9 (id=2286):
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r3 = fanotify_init(0x200, 0x0)
fanotify_mark(r3, 0x1, 0x4800003e, r2, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
syz_open_dev$loop(0x0, 0x75f, 0x103382)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0xfffffffffffffffe}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r7, 0x0)
r8 = socket$phonet(0x23, 0x2, 0x1)
ioctl$SIOCPNDELRESOURCE(r8, 0x89e0, &(0x7f0000001bc0))
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, 0x0, 0x20008000)
renameat2(r1, &(0x7f0000000300)='./file0\x00', r0, &(0x7f00000007c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2)

8.998075945s ago: executing program 39 (id=2285):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r1, &(0x7f00000027c0)={0x0, 0x0, 0x0}, 0x4000)
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCINQ(r5, 0x541b, 0x0)
connect$bt_sco(r5, &(0x7f0000000040), 0x8)
connect$bt_sco(0xffffffffffffffff, &(0x7f0000000600)={0x1f, @none}, 0x8)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000000)=0x5)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000440)=0x40, 0x4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_DEL(r7, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)={0x20, 0x3, 0x7, 0x201, 0x0, 0x0, {0x5, 0x0, 0x6}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x8800}, 0x20000090)
getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000180))
add_key$fscrypt_provisioning(&(0x7f0000005600), &(0x7f0000005640)={'syz', 0x2}, &(0x7f0000005680)={0x2, 0x0, @c}, 0x29, 0xfffffffffffffffc)
setsockopt$nfc_llcp_NFC_LLCP_RW(0xffffffffffffffff, 0x118, 0x0, &(0x7f0000000000)=0x10009, 0x4)

5.985793034s ago: executing program 40 (id=2280):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/fib_trie\x00')
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f0000000300), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r3, &(0x7f0000000080)={0x24, @short={0x2, 0x1, 0xaaa2}}, 0x4c)
lseek(r1, 0x7fffffffffffffff, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r5, 0x5420, &(0x7f00000000c0)=0x3ff)
sendfile(r4, r5, 0x0, 0x10ffff)
ioctl$TCSETS(r5, 0x5402, &(0x7f0000000080)={0x766, 0x0, 0x100000, 0x22c1, 0x0, "f694b8000000000000cc29e1f5eba328020016"})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{r0}, &(0x7f0000000400), &(0x7f0000000440)='%pI4   \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70501006fa70800000085000000a500000095000000000000007228605f7a8a5dc78af43c3bec1e7928ab956f3d731e9eb84844647814f846cd786de436f1d08e208ed7ef54b4b830e7613032838a07ed9d92902ea2a84c3655c5d9c0a3796cc0e57aaa2e2deeb4c90be9aa1603fa282f7fd8c2dd340c00"/141], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000039c0)=[{{&(0x7f0000000800)={0x2, 0x4e20, @multicast2}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000001380)='C', 0x1}], 0x1}}], 0x2, 0x2000c0c4)
syz_emit_ethernet(0x1ce, 0x0, 0x0)
r6 = getpid()
ptrace$setregset(0x4205, r6, 0x2, &(0x7f0000000180)={&(0x7f0000000100)="c207de5c0b2d6f9d7898969c227c0edc2c67598ddee3436953fdace8b396b608d6502ef39efdf933e5bd9d99b29c85b99d46fc", 0x33})

0s ago: executing program 41 (id=2286):
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r3 = fanotify_init(0x200, 0x0)
fanotify_mark(r3, 0x1, 0x4800003e, r2, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
syz_open_dev$loop(0x0, 0x75f, 0x103382)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0xfffffffffffffffe}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r7, 0x0)
r8 = socket$phonet(0x23, 0x2, 0x1)
ioctl$SIOCPNDELRESOURCE(r8, 0x89e0, &(0x7f0000001bc0))
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, 0x0, 0x20008000)
renameat2(r1, &(0x7f0000000300)='./file0\x00', r0, &(0x7f00000007c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2)

kernel console output (not intermixed with test programs):

d, idVendor=05e1, idProduct=0408, bcdDevice=25.11
[  676.615998][T11696] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  676.899944][T11696] usb 6-1: Product: syz
[  676.904396][T11696] usb 6-1: Manufacturer: syz
[  676.909078][T11696] usb 6-1: SerialNumber: syz
[  676.921634][T11696] usb 6-1: config 0 descriptor??
[  676.959051][T11696] usb 6-1: no audio or video endpoints found
[  677.000511][T11050] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  677.149804][T13085] ufs: You didn't specify the type of your ufs filesystem
[  677.149804][T13085] 
[  677.149804][T13085] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  677.149804][T13085] 
[  677.149804][T13085] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  677.174655][ T5891] usb 6-1: USB disconnect, device number 6
[  677.180747][T13085] ufs: ufstype=old is supported read-only
[  677.195793][T13085] ufs: ufs_fill_super(): bad magic number
[  677.314259][T11050] usb 5-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice= 2.f0
[  677.375897][T11050] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  677.396368][T11050] usb 5-1: Product: syz
[  677.406003][T11050] usb 5-1: Manufacturer: syz
[  677.415825][T11050] usb 5-1: SerialNumber: syz
[  678.153116][T11050] usb 5-1: config 0 descriptor??
[  678.615617][T11050] usb 5-1: bad CDC descriptors
[  678.824824][T11050] pcwd_usb: The device isn't a Human Interface Device
[  680.331394][T13110] netlink: 'syz.6.1934': attribute type 1 has an invalid length.
[  680.430732][   T29] audit: type=1400 audit(2000000089.190:1143): avc:  denied  { bind } for  pid=13109 comm="syz.6.1934" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  680.492814][ T5891] usb 5-1: USB disconnect, device number 60
[  680.747726][T11050] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  680.864995][ T5839] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  681.410483][T11050] usb 6-1: Using ep0 maxpacket: 16
[  681.419651][T11050] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  681.430591][T11050] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x2 has an invalid bInterval 129, changing to 11
[  681.441940][T11050] usb 6-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  681.454990][T11050] usb 6-1: config 0 interface 0 has no altsetting 0
[  681.461670][T11050] usb 6-1: New USB device found, idVendor=1e71, idProduct=2010, bcdDevice= 0.00
[  681.470753][T11050] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  681.481206][T11050] usb 6-1: config 0 descriptor??
[  681.486809][ T5839] usb 4-1: Using ep0 maxpacket: 32
[  681.495025][ T5839] usb 4-1: config 0 has an invalid interface number: 74 but max is 1
[  681.503240][ T5839] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  681.513344][ T5839] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  681.522857][ T5839] usb 4-1: config 0 has no interface number 0
[  681.532813][ T5839] usb 4-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=8e.fa
[  681.550513][ T5839] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  681.559929][ T5839] usb 4-1: Product: syz
[  681.572275][ T5839] usb 4-1: Manufacturer: syz
[  681.577326][ T5839] usb 4-1: SerialNumber: syz
[  681.594541][ T5839] usb 4-1: config 0 descriptor??
[  681.849370][    T8] usb 4-1: USB disconnect, device number 49
[  681.994407][T11050] nzxt-smart2 0003:1E71:2010.001B: unknown main item tag 0x0
[  682.002111][T11050] nzxt-smart2 0003:1E71:2010.001B: unknown main item tag 0x0
[  682.061709][T11050] nzxt-smart2 0003:1E71:2010.001B: item fetching failed at offset 2/5
[  682.075689][T11050] nzxt-smart2 0003:1E71:2010.001B: probe with driver nzxt-smart2 failed with error -22
[  682.209394][T11050] usb 6-1: USB disconnect, device number 7
[  682.340675][ T5892] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  682.528612][ T5892] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  682.578158][ T5892] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  682.669061][ T5892] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  682.749164][ T5892] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  682.794537][ T5892] usb 5-1: config 0 descriptor??
[  682.880175][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  684.020930][ T5892] cm6533_jd 0003:0D8C:0022.001C: unknown main item tag 0x0
[  684.034225][ T5892] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0D8C:0022.001C/input/input38
[  684.051227][ T5892] cm6533_jd 0003:0D8C:0022.001C: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.4-1/input0
[  684.309949][   T51] usb 5-1: USB disconnect, device number 61
[  684.394158][ T5892] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  684.590152][ T5892] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  684.619475][ T5892] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  684.630808][ T5892] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  684.640038][ T5892] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  684.651077][ T5892] usb 4-1: Manufacturer: syz
[  684.658380][ T5892] usb 4-1: config 0 descriptor??
[  684.813271][ T5892] rc_core: IR keymap rc-hauppauge not found
[  684.819520][ T5892] Registered IR keymap rc-empty
[  684.824936][ T5892] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  684.840974][ T5892] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input39
[  684.876950][T13161] netlink: 'syz.3.1948': attribute type 4 has an invalid length.
[  684.894931][T13161] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1948'.
[  685.356771][T11696] usb 4-1: USB disconnect, device number 50
[  685.558488][T13179] bad cache= option: none

[  685.558488][T13179] 
[  685.585870][T13179] CIFS: VFS: bad cache= option: none

[  685.662580][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  685.669050][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  686.129708][T13189] (unnamed net_device) (uninitialized): ARP target 1.0.0.0 is already present
[  686.139478][T13189] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (1)
[  686.161158][   T29] audit: type=1400 audit(2000000094.950:1144): avc:  denied  { read } for  pid=13186 comm="syz.3.1954" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  686.570439][   T29] audit: type=1400 audit(2000000094.950:1145): avc:  denied  { open } for  pid=13186 comm="syz.3.1954" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  687.083654][   T51] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  687.250548][   T51] usb 5-1: Using ep0 maxpacket: 32
[  687.262411][   T51] usb 5-1: config 0 has an invalid interface number: 74 but max is 1
[  687.282721][   T51] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  687.672192][   T51] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  687.690249][   T51] usb 5-1: config 0 has no interface number 0
[  687.838832][   T51] usb 5-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=8e.fa
[  687.848433][   T51] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  687.856490][   T51] usb 5-1: Product: syz
[  687.861235][   T51] usb 5-1: Manufacturer: syz
[  687.865838][   T51] usb 5-1: SerialNumber: syz
[  687.892241][   T51] usb 5-1: config 0 descriptor??
[  688.185631][T13210] /dev/nullb0: Can't open blockdev
[  688.206224][   T29] audit: type=1400 audit(2000000097.020:1146): avc:  denied  { mounton } for  pid=13204 comm="syz.5.1959" path="/syzcgroup/unified/syz5" dev="cgroup2" ino=231 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  689.158304][   T51] usb 5-1: USB disconnect, device number 62
[  689.580853][T13221] ufs: You didn't specify the type of your ufs filesystem
[  689.580853][T13221] 
[  689.580853][T13221] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  689.580853][T13221] 
[  689.580853][T13221] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  689.611873][T13221] ufs: ufstype=old is supported read-only
[  689.618179][T13221] ufs: ufs_fill_super(): bad magic number
[  691.003381][T13234] netlink: 'syz.5.1968': attribute type 1 has an invalid length.
[  691.040518][T13234] netlink: 228 bytes leftover after parsing attributes in process `syz.5.1968'.
[  691.080113][T13234] netlink: 11 bytes leftover after parsing attributes in process `syz.5.1968'.
[  693.064276][T13251] fuse: Bad value for 'fd'
[  693.269845][T13258] ufs: Invalid option: "./file0" or missing value
[  693.276378][T13258] ufs: wrong mount options
[  693.790610][   T51] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  694.098989][T13267] mkiss: ax0: crc mode is auto.
[  694.440860][T11050] usb 1-1: new high-speed USB device number 70 using dummy_hcd
[  694.600773][   T51] usb 5-1: Using ep0 maxpacket: 16
[  694.619094][   T51] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  694.631756][   T51] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  694.642671][   T51] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  694.655422][   T51] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  694.664773][   T51] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  694.673052][T11050] usb 1-1: Using ep0 maxpacket: 32
[  694.673074][   T51] usb 5-1: Product: syz
[  694.682540][   T51] usb 5-1: Manufacturer: syz
[  694.687484][   T51] usb 5-1: SerialNumber: syz
[  694.710819][T11050] usb 1-1: config 0 has an invalid interface number: 74 but max is 1
[  694.718909][T11050] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  694.750676][T11050] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  694.769686][T11050] usb 1-1: config 0 has no interface number 0
[  694.777649][T11050] usb 1-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=8e.fa
[  694.787663][T11050] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  694.801105][T11050] usb 1-1: Product: syz
[  694.805280][T11050] usb 1-1: Manufacturer: syz
[  694.815931][T11050] usb 1-1: SerialNumber: syz
[  694.823062][T11050] usb 1-1: config 0 descriptor??
[  696.062974][T13288] mkiss: ax0: crc mode is auto.
[  696.222802][T11946] Bluetooth: hci1: command 0x0405 tx timeout
[  696.272375][   T51] usb 5-1: 2:1 : format type 0 is detected, processed as PCM
[  696.282626][   T51] usb 5-1: 2:1: cannot set freq 9338507 to ep 0x82
[  696.519023][   T51] usb 5-1: USB disconnect, device number 63
[  696.638030][T11050] usb 1-1: USB disconnect, device number 70
[  698.516967][T13320] mkiss: ax0: crc mode is auto.
[  698.776882][T13318] bad cache= option: none

[  698.776882][T13318] 
[  698.783823][T13318] CIFS: VFS: bad cache= option: none

[  699.961648][T13339] ufs: You didn't specify the type of your ufs filesystem
[  699.961648][T13339] 
[  699.961648][T13339] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  699.961648][T13339] 
[  699.961648][T13339] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  700.008829][T13339] ufs: ufstype=old is supported read-only
[  700.049883][T13339] ufs: ufs_fill_super(): bad magic number
[  701.111083][T13351] fuse: Bad value for 'fd'
[  701.420669][T11050] usb 1-1: new high-speed USB device number 71 using dummy_hcd
[  701.601363][T11050] usb 1-1: Using ep0 maxpacket: 16
[  701.630734][T11050] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  701.652346][T11050] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  701.671096][T11050] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  702.572365][T13371] mkiss: ax0: crc mode is auto.
[  702.592535][T11050] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  702.605537][T11050] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  702.615432][T11050] usb 1-1: Product: syz
[  702.619630][T11050] usb 1-1: Manufacturer: syz
[  702.624756][T11050] usb 1-1: SerialNumber: syz
[  702.900262][T13378] fuse: Unknown parameter '0x0000000000000003'
[  703.395917][T11050] usb 1-1: 2:1 : format type 0 is detected, processed as PCM
[  703.426048][T13386] netlink: 'syz.4.2008': attribute type 1 has an invalid length.
[  704.617482][T11050] usb 1-1: current rate 9338495 is different from the runtime rate 9338507
[  705.679888][T13418] mkiss: ax0: crc mode is auto.
[  706.456545][T13425] 9pnet_fd: Insufficient options for proto=fd
[  706.466884][T13425] ufs: Invalid option: "./file0" or missing value
[  706.473359][T13425] ufs: wrong mount options
[  707.200351][T11696] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  707.353246][T11050] usb 1-1: USB disconnect, device number 71
[  707.560517][T11696] usb 5-1: Using ep0 maxpacket: 8
[  707.634253][T11696] usb 5-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  707.965325][T13437] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2021'.
[  707.990787][   T29] audit: type=1400 audit(2000000116.750:1147): avc:  denied  { append } for  pid=13430 comm="syz.5.2021" name="usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  708.593457][T11696] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  708.601533][T11696] usb 5-1: Product: syz
[  708.605705][T11696] usb 5-1: Manufacturer: syz
[  708.610512][T11696] usb 5-1: SerialNumber: syz
[  708.890298][   T29] audit: type=1400 audit(2000000116.760:1148): avc:  denied  { map } for  pid=13430 comm="syz.5.2021" path="/dev/usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  709.564332][T11696] usb 5-1: config 0 descriptor??
[  709.630548][T11696] usb 5-1: can't set config #0, error -71
[  709.639283][T11696] usb 5-1: USB disconnect, device number 64
[  711.450596][    T8] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[  712.315448][    T8] usb 5-1: Using ep0 maxpacket: 16
[  712.353200][    T8] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  712.367610][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  712.487802][    T8] usb 5-1: Product: syz
[  712.492407][    T8] usb 5-1: Manufacturer: syz
[  712.497021][    T8] usb 5-1: SerialNumber: syz
[  712.522392][   T29] audit: type=1400 audit(2000000121.350:1149): avc:  denied  { setattr } for  pid=13472 comm="syz.5.2030" name="audio" dev="devtmpfs" ino=1284 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  712.522840][    T8] r8152-cfgselector 5-1: Unknown version 0x0000
[  712.552487][    T8] r8152-cfgselector 5-1: config 0 descriptor??
[  712.620345][T13479] 9pnet_fd: Insufficient options for proto=fd
[  712.633088][T13479] ufs: Invalid option: "./file0" or missing value
[  712.639599][T13479] ufs: wrong mount options
[  714.711711][T13466] skbuff: bad partial csum: csum=65506/2 headroom=144 headlen=65526
[  714.898378][T11946] Bluetooth: hci1: unexpected event 0x18 length: 8 < 23
[  716.137262][    T8] r8152-cfgselector 5-1: USB disconnect, device number 65
[  716.700738][T13516] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2041'.
[  716.748548][T13518] ufs: You didn't specify the type of your ufs filesystem
[  716.748548][T13518] 
[  716.748548][T13518] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  716.748548][T13518] 
[  716.748548][T13518] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  717.339382][T13518] ufs: ufstype=old is supported read-only
[  717.436911][T13518] ufs: ufs_fill_super(): bad magic number
[  717.981251][T13522] ceph: No mds server is up or the cluster is laggy
[  717.988753][T11050] libceph: connect (1)[c::]:6789 error -101
[  718.023127][T11050] libceph: mon0 (1)[c::]:6789 connect error
[  720.421043][T13541] netlink: 'syz.4.2046': attribute type 5 has an invalid length.
[  721.275232][T13565] mkiss: ax0: crc mode is auto.
[  721.570735][ T5839] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  721.707862][T11050] libceph: connect (1)[c::]:6789 error -101
[  721.713950][T11050] libceph: mon0 (1)[c::]:6789 connect error
[  721.722263][ T5839] usb 4-1: device descriptor read/64, error -71
[  721.744273][T13566] ceph: No mds server is up or the cluster is laggy
[  722.040160][ T5839] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  722.240835][ T5839] usb 4-1: device descriptor read/64, error -71
[  722.540937][ T5839] usb usb4-port1: attempt power cycle
[  722.930521][T13579] netlink: 'syz.0.2055': attribute type 5 has an invalid length.
[  723.000574][ T5839] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  723.071059][ T5839] usb 4-1: device descriptor read/8, error -71
[  723.330726][ T5839] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  723.547799][ T5839] usb 4-1: device descriptor read/8, error -71
[  723.707216][ T5839] usb usb4-port1: unable to enumerate USB device
[  724.812834][T13600] netlink: 260 bytes leftover after parsing attributes in process `syz.3.2057'.
[  724.822055][T13600] ksmbd: Daemon and kernel module version mismatch. ksmbd: 93, kernel module: 1. User-space ksmbd should terminate.
[  725.893963][ T5892] libceph: connect (1)[c::]:6789 error -101
[  725.900714][ T5892] libceph: mon0 (1)[c::]:6789 connect error
[  725.939766][T13607] ceph: No mds server is up or the cluster is laggy
[  726.796712][    T8] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[  727.040573][    T8] usb 5-1: Using ep0 maxpacket: 16
[  727.048155][    T8] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  727.059500][    T8] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  727.198829][    T8] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  727.485389][    T8] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  727.495852][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  727.538425][    T8] usb 5-1: Product: syz
[  727.548555][    T8] usb 5-1: Manufacturer: syz
[  727.560525][    T8] usb 5-1: SerialNumber: syz
[  728.160522][    T8] usb 5-1: 2:1 : format type 0 is detected, processed as PCM
[  728.207523][T13645] netlink: 'syz.5.2071': attribute type 1 has an invalid length.
[  728.371056][ T5839] usb 1-1: new high-speed USB device number 72 using dummy_hcd
[  728.590267][ T5839] usb 1-1: Using ep0 maxpacket: 8
[  728.648886][ T5839] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  728.657784][ T5839] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  728.668373][ T5839] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  728.678675][ T5839] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  728.689212][ T5839] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  728.703070][ T5839] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  728.712262][ T5839] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  728.964278][ T5839] usb 1-1: usb_control_msg returned -32
[  728.973349][ T5839] usbtmc 1-1:16.0: can't read capabilities
[  730.443348][    T8] usb 5-1: 2:1: cannot get freq at ep 0x82
[  730.474717][    T8] usb 5-1: USB disconnect, device number 66
[  730.636051][T13668] bad cache= option: none

[  730.636051][T13668] 
[  730.642874][T13668] CIFS: VFS: bad cache= option: none

[  732.250150][ T5892] usb 1-1: USB disconnect, device number 72
[  733.454774][T13691] bridge0: port 2(bridge_slave_1) entered disabled state
[  734.140473][ T5846] Bluetooth: hci2: command 0x0405 tx timeout
[  736.331529][T11050] usb 1-1: new high-speed USB device number 73 using dummy_hcd
[  736.367781][   T29] audit: type=1400 audit(2000000145.200:1150): avc:  denied  { read } for  pid=13734 comm="syz.4.2091" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  736.402576][T13740] netlink: 'syz.3.2090': attribute type 21 has an invalid length.
[  736.410802][T13740] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2090'.
[  736.425432][T13740] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2090'.
[  736.672020][T11050] usb 1-1: Using ep0 maxpacket: 16
[  736.700920][ T5892] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  736.999009][T11050] usb 1-1: config 4 has an invalid interface number: 51 but max is 0
[  737.042924][T11050] usb 1-1: config 4 has no interface number 0
[  737.128450][T11050] usb 1-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  737.435169][T11050] usb 1-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  737.448184][T11050] usb 1-1: config 4 interface 51 has no altsetting 0
[  737.456982][T11050] usb 1-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  737.467240][T11050] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  737.475494][T11050] usb 1-1: Product: syz
[  737.475727][ T5892] usb 4-1: Using ep0 maxpacket: 32
[  737.479763][T11050] usb 1-1: Manufacturer: syz
[  737.489673][T11050] usb 1-1: SerialNumber: syz
[  737.502368][ T5892] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  737.518242][T13727] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  737.535053][ T5892] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  737.535146][T13727] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  737.556636][ T5892] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  737.566585][ T5892] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  737.587526][ T5892] usb 4-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  737.602159][ T5892] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  737.618631][ T5892] usb 4-1: Product: syz
[  737.627168][ T5892] usb 4-1: Manufacturer: syz
[  737.636701][ T5892] usb 4-1: SerialNumber: syz
[  737.644105][ T5892] usb 4-1: config 0 descriptor??
[  737.715902][T13746] FAULT_INJECTION: forcing a failure.
[  737.715902][T13746] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  737.740570][T13746] CPU: 1 UID: 0 PID: 13746 Comm: syz.5.2092 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  737.751005][T13746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  737.761063][T13746] Call Trace:
[  737.764336][T13746]  <TASK>
[  737.767260][T13746]  dump_stack_lvl+0x16c/0x1f0
[  737.771944][T13746]  should_fail_ex+0x497/0x5b0
[  737.776622][T13746]  ? fs_reclaim_acquire+0xae/0x150
[  737.781729][T13746]  should_fail_alloc_page+0xe7/0x130
[  737.787013][T13746]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  737.793168][T13746]  __alloc_pages_noprof+0x190/0x25a0
[  737.798460][T13746]  ? __pfx_lock_release+0x10/0x10
[  737.803480][T13746]  ? rcu_is_watching+0x12/0xc0
[  737.808254][T13746]  ? mark_held_locks+0x9f/0xe0
[  737.813017][T13746]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  737.818734][T13746]  ? lockdep_hardirqs_on+0x7c/0x110
[  737.823936][T13746]  ? __switch_to+0x749/0x1190
[  737.828616][T13746]  ? hlock_class+0x4e/0x130
[  737.833119][T13746]  ? mark_lock+0xb5/0xc60
[  737.837533][T13746]  ? __pfx_mark_lock+0x10/0x10
[  737.842294][T13746]  ? __pfx_mark_lock+0x10/0x10
[  737.847057][T13746]  ? __lock_acquire+0xcc5/0x3c40
[  737.851994][T13746]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  737.857896][T13746]  ? policy_nodemask+0xea/0x4e0
[  737.862749][T13746]  alloc_pages_mpol_noprof+0x2c9/0x610
[  737.868209][T13746]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  737.874198][T13746]  ? mark_held_locks+0x9f/0xe0
[  737.878961][T13746]  folio_alloc_mpol_noprof+0x36/0xd0
[  737.884252][T13746]  vma_alloc_folio_noprof+0xee/0x1b0
[  737.889538][T13746]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  737.895432][T13746]  ? __handle_mm_fault+0x102f/0x2a40
[  737.900719][T13746]  do_pte_missing+0x2021/0x3e70
[  737.905579][T13746]  __handle_mm_fault+0x103c/0x2a40
[  737.910694][T13746]  ? __pfx___handle_mm_fault+0x10/0x10
[  737.916325][T13746]  ? lockdep_hardirqs_on+0x7c/0x110
[  737.921538][T13746]  ? find_vma+0xc0/0x140
[  737.925771][T13746]  ? __pfx_find_vma+0x10/0x10
[  737.930442][T13746]  handle_mm_fault+0x3fa/0xaa0
[  737.935209][T13746]  do_user_addr_fault+0x7a3/0x13f0
[  737.940322][T13746]  exc_page_fault+0x5c/0xc0
[  737.944827][T13746]  asm_exc_page_fault+0x26/0x30
[  737.949680][T13746] RIP: 0010:rep_movs_alternative+0x33/0x70
[  737.955482][T13746] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
[  737.975087][T13746] RSP: 0000:ffffc9000d7d79c8 EFLAGS: 00050212
[  737.981152][T13746] RAX: 74207265646e6962 RBX: 0000000000000015 RCX: 0000000000000015
[  737.989115][T13746] RDX: ffffed1005267003 RSI: ffff888029338000 RDI: 0000000020006980
[  737.997080][T13746] RBP: 0000000000000015 R08: 0000000000000000 R09: ffffed1005267002
[  738.005044][T13746] R10: ffff888029338014 R11: 0000000000000002 R12: 0000000000000000
[  738.013014][T13746] R13: ffffc9000d7d7bd8 R14: ffff888029338000 R15: 0000000020006980
[  738.020993][T13746]  _copy_to_iter+0x4f1/0x1560
[  738.025674][T13746]  ? __pfx__copy_to_iter+0x10/0x10
[  738.030777][T13746]  ? __virt_addr_valid+0x1a4/0x590
[  738.035893][T13746]  ? __virt_addr_valid+0x5e/0x590
[  738.040914][T13746]  ? __phys_addr_symbol+0x30/0x80
[  738.045936][T13746]  ? __check_object_size+0x488/0x710
[  738.051219][T13746]  seq_read_iter+0xd00/0x12b0
[  738.055912][T13746]  seq_read+0x39f/0x4e0
[  738.060070][T13746]  ? __pfx_seq_read+0x10/0x10
[  738.064758][T13746]  ? lockdep_hardirqs_on+0x7c/0x110
[  738.069981][T13746]  ? rw_verify_area+0x180/0x700
[  738.074837][T13746]  full_proxy_read+0xfb/0x1b0
[  738.079512][T13746]  ? __pfx_full_proxy_read+0x10/0x10
[  738.084797][T13746]  vfs_read+0x1df/0xbe0
[  738.088947][T13746]  ? __fget_files+0x1fc/0x3a0
[  738.093622][T13746]  ? __pfx___mutex_lock+0x10/0x10
[  738.098647][T13746]  ? __pfx_vfs_read+0x10/0x10
[  738.103331][T13746]  ? __fget_files+0x206/0x3a0
[  738.108008][T13746]  ksys_read+0x12b/0x250
[  738.112245][T13746]  ? __pfx_ksys_read+0x10/0x10
[  738.117011][T13746]  do_syscall_64+0xcd/0x250
[  738.121521][T13746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.127419][T13746] RIP: 0033:0x7f223db80809
[  738.131832][T13746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  738.151436][T13746] RSP: 002b:00007f223ea2d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  738.159845][T13746] RAX: ffffffffffffffda RBX: 00007f223dd45fa0 RCX: 00007f223db80809
[  738.167813][T13746] RDX: 0000000000002020 RSI: 0000000020006980 RDI: 0000000000000004
[  738.175775][T13746] RBP: 00007f223ea2d0a0 R08: 0000000000000000 R09: 0000000000000000
[  738.183738][T13746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  738.191701][T13746] R13: 0000000000000000 R14: 00007f223dd45fa0 R15: 00007ffdd985bb68
[  738.199684][T13746]  </TASK>
[  738.256433][ T5892] usb 4-1: USB disconnect, device number 55
[  738.267419][T13727] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  738.303335][T13727] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  738.338385][T11050] cdc_eem 1-1:4.51 usb0: register 'cdc_eem' at usb-dummy_hcd.0-1, CDC EEM Device, 4e:93:6e:5e:59:4f
[  738.371778][T13746] Bluetooth: MGMT ver 1.23
[  738.627477][ T5846] Bluetooth: hci0: command 0x0406 tx timeout
[  738.633679][T11946] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  738.646011][T13744] usb 1-1: USB disconnect, device number 73
[  738.653333][T13744] cdc_eem 1-1:4.51 usb0: unregister 'cdc_eem' usb-dummy_hcd.0-1, CDC EEM Device
[  740.018005][T13764] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2096'.
[  740.109791][   T29] audit: type=1400 audit(2000000148.940:1151): avc:  denied  { write } for  pid=13760 comm="syz.5.2097" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  741.461663][ T5892] usb 1-1: new high-speed USB device number 74 using dummy_hcd
[  741.674034][ T5892] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  741.695863][ T5892] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  741.696119][ T5892] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  741.696224][ T5892] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  741.755660][ T5892] usb 1-1: config 0 descriptor??
[  742.055637][T13797] netlink: 'syz.5.2108': attribute type 21 has an invalid length.
[  742.194962][T13797] netlink: 132 bytes leftover after parsing attributes in process `syz.5.2108'.
[  742.213810][T13802] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2108'.
[  742.288742][ T5892] cm6533_jd 0003:0D8C:0022.001D: unknown main item tag 0x0
[  742.297571][ T5892] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0D8C:0022.001D/input/input40
[  742.312886][ T5892] cm6533_jd 0003:0D8C:0022.001D: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0
[  742.630011][T13810] mkiss: ax0: crc mode is auto.
[  743.193412][    T8] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  743.350442][    T8] usb 6-1: Using ep0 maxpacket: 32
[  743.361410][    T8] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  743.373078][    T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  743.390432][    T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  743.400196][    T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  743.450900][ T5892] usb 1-1: reset high-speed USB device number 74 using dummy_hcd
[  743.453044][    T8] usb 6-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  743.470469][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  743.478493][    T8] usb 6-1: Product: syz
[  743.504591][   T29] audit: type=1400 audit(2000000152.340:1152): avc:  denied  { mount } for  pid=13816 comm="syz.6.2112" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  743.529777][    T8] usb 6-1: Manufacturer: syz
[  743.539580][    T8] usb 6-1: SerialNumber: syz
[  743.551515][    T8] usb 6-1: config 0 descriptor??
[  743.648633][T13824] overlayfs: failed to get inode (-116)
[  743.655000][T13824] overlayfs: failed to look up (file0) for ino (-116)
[  743.769961][T11696] usb 6-1: USB disconnect, device number 8
[  744.552848][   T29] audit: type=1400 audit(2000000153.390:1153): avc:  denied  { read } for  pid=13836 comm="syz.5.2118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  745.107375][T13850] mkiss: ax0: crc mode is auto.
[  745.577993][ T5839] usb 1-1: USB disconnect, device number 74
[  746.011212][T13858] netlink: 'syz.4.2122': attribute type 5 has an invalid length.
[  746.303459][T13857] netlink: 'syz.0.2123': attribute type 5 has an invalid length.
[  746.516087][   T29] audit: type=1400 audit(2000000155.350:1154): avc:  denied  { unmount } for  pid=12865 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  746.670581][   T29] audit: type=1400 audit(2000000155.470:1155): avc:  denied  { mount } for  pid=13865 comm="syz.3.2125" name="/" dev="pstore" ino=4246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  747.159650][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  747.170511][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  747.326599][T13880] netlink: 'syz.4.2129': attribute type 21 has an invalid length.
[  747.445445][T13880] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2129'.
[  747.459578][T13880] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2129'.
[  747.740842][ T5839] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  748.830708][    T8] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  749.038722][    T8] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  749.205987][    T8] usb 4-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  749.506685][T13900] mkiss: ax0: crc mode is auto.
[  749.520523][    T8] usb 4-1: New USB device found, idVendor=0582, idProduct=0000, bcdDevice= 0.00
[  749.540464][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  749.546022][ T5839] usb 5-1: Using ep0 maxpacket: 32
[  749.613621][ T5839] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  749.625482][ T5839] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  749.637327][ T5839] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  749.658199][   T29] audit: type=1400 audit(2000000158.490:1156): avc:  denied  { module_load } for  pid=13903 comm="syz.5.2135" path="/sys/power/wakeup_count" dev="sysfs" ino=1386 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  749.694304][ T5839] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  749.752385][ T5839] usb 5-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  749.762349][ T5839] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  749.771559][ T5839] usb 5-1: Product: syz
[  749.775927][ T5839] usb 5-1: Manufacturer: syz
[  749.780717][ T5839] usb 5-1: SerialNumber: syz
[  749.790874][ T5839] usb 5-1: config 0 descriptor??
[  750.053118][ T5892] usb 4-1: USB disconnect, device number 56
[  750.063634][    T8] usb 5-1: USB disconnect, device number 67
[  750.290511][    T9] usb 1-1: new high-speed USB device number 75 using dummy_hcd
[  750.450695][    T9] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  750.459814][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  750.467837][    T9] usb 1-1: Product: syz
[  750.472274][    T9] usb 1-1: Manufacturer: syz
[  750.476929][    T9] usb 1-1: SerialNumber: syz
[  750.500782][    T9] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  750.652604][    T8] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  750.861181][T13920] FAULT_INJECTION: forcing a failure.
[  750.861181][T13920] name failslab, interval 1, probability 0, space 0, times 0
[  750.874147][T13920] CPU: 1 UID: 0 PID: 13920 Comm: syz.6.2140 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  750.884578][T13920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  750.894641][T13920] Call Trace:
[  750.897925][T13920]  <TASK>
[  750.900854][T13920]  dump_stack_lvl+0x16c/0x1f0
[  750.905554][T13920]  should_fail_ex+0x497/0x5b0
[  750.910246][T13920]  ? fs_reclaim_acquire+0xae/0x150
[  750.915369][T13920]  should_failslab+0xc2/0x120
[  750.920060][T13920]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  750.925439][T13920]  ? ptlock_alloc+0x1f/0x70
[  750.929945][T13920]  ptlock_alloc+0x1f/0x70
[  750.934269][T13920]  pte_alloc_one+0x74/0x390
[  750.938776][T13920]  __pte_alloc+0x6e/0x3b0
[  750.943101][T13920]  ? __pfx___pte_alloc+0x10/0x10
[  750.948024][T13920]  ? __pfx_lock_release+0x10/0x10
[  750.953052][T13920]  ? do_raw_spin_lock+0x12d/0x2c0
[  750.958099][T13920]  do_pte_missing+0x27ff/0x3e70
[  750.962956][T13920]  ? _raw_spin_unlock+0x28/0x50
[  750.967788][T13920]  ? __pmd_alloc+0x380/0x860
[  750.972369][T13920]  __handle_mm_fault+0x103c/0x2a40
[  750.977509][T13920]  ? __pfx___handle_mm_fault+0x10/0x10
[  750.982964][T13920]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  750.988619][T13920]  ? find_vma+0xc0/0x140
[  750.992862][T13920]  ? __pfx_find_vma+0x10/0x10
[  750.997538][T13920]  handle_mm_fault+0x3fa/0xaa0
[  751.002299][T13920]  do_user_addr_fault+0x7a3/0x13f0
[  751.007424][T13920]  exc_page_fault+0x5c/0xc0
[  751.011921][T13920]  asm_exc_page_fault+0x26/0x30
[  751.016759][T13920] RIP: 0010:__put_user_4+0x11/0x20
[  751.021858][T13920] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[  751.041449][T13920] RSP: 0018:ffffc9001228f870 EFLAGS: 00050206
[  751.047509][T13920] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020000400
[  751.055489][T13920] RDX: ffff888029bbc880 RSI: ffffffff88fb6916 RDI: ffffffff8bd1e4c0
[  751.063456][T13920] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff20c1852
[  751.071413][T13920] R10: ffffffff9060c297 R11: 0000000000000000 R12: 0000000020000400
[  751.079387][T13920] R13: 1ffff92002451f0f R14: 000000000000541b R15: 0000000000000005
[  751.087372][T13920]  ? sk_ioctl+0x1c6/0x360
[  751.091725][T13920]  sk_ioctl+0x1d2/0x360
[  751.095886][T13920]  ? __pfx_sk_ioctl+0x10/0x10
[  751.100557][T13920]  ? finish_task_switch.isra.0+0x212/0xcc0
[  751.106357][T13920]  ? __pfx_lock_release+0x10/0x10
[  751.111386][T13920]  ? rcu_is_watching+0x12/0xc0
[  751.116152][T13920]  inet_ioctl+0x1ef/0x3f0
[  751.120498][T13920]  ? __pfx_inet_ioctl+0x10/0x10
[  751.125358][T13920]  ? finish_task_switch.isra.0+0x217/0xcc0
[  751.131164][T13920]  ? lockdep_hardirqs_on+0x7c/0x110
[  751.136371][T13920]  sock_do_ioctl+0x116/0x280
[  751.140956][T13920]  ? __pfx_sock_do_ioctl+0x10/0x10
[  751.146093][T13920]  ? irqentry_exit+0x3b/0x90
[  751.150697][T13920]  ? lockdep_hardirqs_on+0x7c/0x110
[  751.155900][T13920]  sock_ioctl+0x228/0x6c0
[  751.160233][T13920]  ? __pfx_sock_ioctl+0x10/0x10
[  751.165086][T13920]  ? __rcu_read_unlock+0xb0/0x580
[  751.170108][T13920]  ? avc_has_perm_noaudit+0x143/0x3a0
[  751.175481][T13920]  ? __pfx_sock_ioctl+0x10/0x10
[  751.180343][T13920]  do_vfs_ioctl+0x682/0x1990
[  751.184943][T13920]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  751.189987][T13920]  ? inode_has_perm+0x16f/0x1d0
[  751.194843][T13920]  ? file_has_perm+0x280/0x350
[  751.199874][T13920]  ? __pfx_file_has_perm+0x10/0x10
[  751.205010][T13920]  ? selinux_file_ioctl+0xb4/0x270
[  751.210145][T13920]  __x64_sys_ioctl+0x11d/0x200
[  751.214922][T13920]  do_syscall_64+0xcd/0x250
[  751.219427][T13920]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  751.225335][T13920] RIP: 0033:0x7f6d28b80809
[  751.229742][T13920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  751.249340][T13920] RSP: 002b:00007f6d29a43058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  751.257756][T13920] RAX: ffffffffffffffda RBX: 00007f6d28d45fa0 RCX: 00007f6d28b80809
[  751.265733][T13920] RDX: 0000000020000400 RSI: 000000000000541b RDI: 0000000000000003
[  751.273706][T13920] RBP: 00007f6d29a430a0 R08: 0000000000000000 R09: 0000000000000000
[  751.281680][T13920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  751.289645][T13920] R13: 0000000000000000 R14: 00007f6d28d45fa0 R15: 00007ffd99352b78
[  751.297606][T13920]  </TASK>
[  751.702252][   T29] audit: type=1400 audit(2000000160.490:1157): avc:  denied  { write } for  pid=13909 comm="syz.0.2137" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  751.724058][   T29] audit: type=1400 audit(2000000160.510:1158): avc:  denied  { open } for  pid=13909 comm="syz.0.2137" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  751.746346][    T8] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  751.753991][    T8] ath9k_htc: Failed to initialize the device
[  751.946524][T13936] netlink: 'syz.4.2143': attribute type 5 has an invalid length.
[  752.161964][T13924] ceph: No mds server is up or the cluster is laggy
[  752.170246][T11696] libceph: connect (1)[c::]:6789 error -22
[  752.198284][T11696] libceph: mon0 (1)[c::]:6789 connect error
[  752.412529][    T8] usb 1-1: ath9k_htc: USB layer deinitialized
[  752.683136][    T8] usb 1-1: USB disconnect, device number 75
[  753.650377][T13955] netlink: 'syz.4.2150': attribute type 21 has an invalid length.
[  753.658559][T13955] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2150'.
[  754.610753][ T5921] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[  754.762476][ T5921] usb 5-1: Using ep0 maxpacket: 32
[  754.768963][T13973] ufs: You didn't specify the type of your ufs filesystem
[  754.768963][T13973] 
[  754.768963][T13973] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  754.768963][T13973] 
[  754.768963][T13973] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  754.771200][ T5921] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  754.819771][ T5921] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  754.838737][T13973] ufs: ufstype=old is supported read-only
[  754.839174][ T5921] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  754.855281][ T5921] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  754.867092][ T5921] usb 5-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  754.870290][T13973] ufs: ufs_fill_super(): bad magic number
[  754.876399][ T5921] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  754.890119][ T5921] usb 5-1: Product: syz
[  754.894423][ T5921] usb 5-1: Manufacturer: syz
[  754.899255][ T5921] usb 5-1: SerialNumber: syz
[  754.905771][ T5921] usb 5-1: config 0 descriptor??
[  755.127621][ T5839] usb 5-1: USB disconnect, device number 68
[  755.210569][ T5921] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  755.380600][ T5921] usb 4-1: Using ep0 maxpacket: 16
[  755.392150][ T5921] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  755.405017][ T5921] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  755.406220][T13981] ceph: No mds server is up or the cluster is laggy
[  755.423709][ T5921] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  755.424164][ T5921] usb 4-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  755.457892][    T9] libceph: connect (1)[c::]:6789 error -22
[  755.460459][ T5921] usb 4-1: config 0 interface 0 has no altsetting 0
[  755.465778][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  755.471112][ T5921] usb 4-1: New USB device found, idVendor=1e71, idProduct=2010, bcdDevice= 0.00
[  755.486252][ T5921] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  755.495625][ T5921] usb 4-1: config 0 descriptor??
[  755.889634][T13987] binder: BINDER_SET_CONTEXT_MGR already set
[  755.895694][T13987] binder: 13986:13987 ioctl 4018620d 200002c0 returned -16
[  756.323373][ T5921] nzxt-smart2 0003:1E71:2010.001E: unknown main item tag 0x0
[  756.331030][ T5921] nzxt-smart2 0003:1E71:2010.001E: unknown main item tag 0x0
[  756.370667][ T5921] nzxt-smart2 0003:1E71:2010.001E: item fetching failed at offset 2/5
[  756.395469][ T5921] nzxt-smart2 0003:1E71:2010.001E: probe with driver nzxt-smart2 failed with error -22
[  756.554018][ T5921] usb 4-1: USB disconnect, device number 57
[  757.243358][ T5921] usb 5-1: new low-speed USB device number 69 using dummy_hcd
[  757.770588][ T5921] usb 5-1: device descriptor read/64, error -71
[  757.983616][    T9] usb 1-1: new high-speed USB device number 76 using dummy_hcd
[  758.020597][ T5921] usb 5-1: new low-speed USB device number 70 using dummy_hcd
[  758.294182][ T5921] usb 5-1: device descriptor read/64, error -71
[  758.418958][ T5921] usb usb5-port1: attempt power cycle
[  758.563565][    T9] usb 1-1: Using ep0 maxpacket: 16
[  758.600877][    T9] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  758.618987][    T9] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  758.628845][    T9] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  758.772286][    T9] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  758.782067][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  758.791174][    T9] usb 1-1: Product: syz
[  758.795349][    T9] usb 1-1: Manufacturer: syz
[  758.810716][    T9] usb 1-1: SerialNumber: syz
[  759.045080][T14023] mkiss: ax0: crc mode is auto.
[  759.348948][ T5921] usb 5-1: new low-speed USB device number 71 using dummy_hcd
[  759.398265][ T5921] usb 5-1: device descriptor read/8, error -71
[  759.856900][    T9] usb 1-1: 2:1 : format type 0 is detected, processed as PCM
[  759.957034][ T5921] usb 5-1: new low-speed USB device number 72 using dummy_hcd
[  760.292749][T14039] x_tables: ip_tables: osf match: only valid for protocol 6
[  760.940790][ T5921] usb 5-1: device descriptor read/8, error -71
[  761.139733][    T9] usb 1-1: 2:1: cannot get freq at ep 0x82
[  761.185260][ T5921] usb usb5-port1: unable to enumerate USB device
[  761.211133][    T9] usb 1-1: USB disconnect, device number 76
[  761.767220][T14056] picdev_write: 93 callbacks suppressed
[  761.767237][T14056] kvm: pic: non byte write
[  761.770556][    T9] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  761.773039][T14056] kvm: pic: non byte write
[  761.789364][T14056] kvm: pic: non byte write
[  761.794540][T14056] kvm: pic: non byte write
[  761.799159][T14056] kvm: pic: non byte write
[  761.803850][T14056] kvm: pic: non byte write
[  761.808312][T14056] kvm: pic: non byte write
[  761.813663][T14056] kvm: pic: non byte write
[  761.818240][T14056] kvm: pic: non byte write
[  761.823131][T14056] kvm: pic: non byte write
[  761.960766][    T9] usb 6-1: Using ep0 maxpacket: 16
[  761.974091][    T9] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  762.001670][    T9] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  762.040988][    T9] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  762.065850][    T9] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  762.078524][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  762.121449][    T9] usb 6-1: Product: syz
[  762.131165][    T9] usb 6-1: Manufacturer: syz
[  762.142477][    T9] usb 6-1: SerialNumber: syz
[  762.257394][T14062] netlink: 'syz.3.2177': attribute type 1 has an invalid length.
[  762.680602][ T5921] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[  762.850600][    T9] usb 6-1: 2:1 : format type 0 is detected, processed as PCM
[  762.850790][ T5921] usb 5-1: Using ep0 maxpacket: 32
[  762.893954][ T5921] usb 5-1: config 0 has an invalid interface number: 74 but max is 1
[  763.012730][ T5921] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  763.059608][ T5921] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  763.097089][ T5921] usb 5-1: config 0 has no interface number 0
[  763.126423][ T5921] usb 5-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=8e.fa
[  763.135618][ T5921] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  763.150828][ T5921] usb 5-1: Product: syz
[  763.155009][ T5921] usb 5-1: Manufacturer: syz
[  763.159596][ T5921] usb 5-1: SerialNumber: syz
[  763.178248][ T5921] usb 5-1: config 0 descriptor??
[  763.281649][T14070] FAULT_INJECTION: forcing a failure.
[  763.281649][T14070] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  763.297560][T14070] CPU: 1 UID: 0 PID: 14070 Comm: syz.3.2180 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  763.307989][T14070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  763.318042][T14070] Call Trace:
[  763.321317][T14070]  <TASK>
[  763.324240][T14070]  dump_stack_lvl+0x16c/0x1f0
[  763.328926][T14070]  should_fail_ex+0x497/0x5b0
[  763.333615][T14070]  strncpy_from_user+0x3b/0x2d0
[  763.338485][T14070]  getname_flags.part.0+0x8f/0x550
[  763.343608][T14070]  getname_flags+0x93/0xf0
[  763.348025][T14070]  user_path_at+0x24/0x60
[  763.352352][T14070]  __x64_sys_mount+0x1fc/0x320
[  763.357116][T14070]  ? __pfx___x64_sys_mount+0x10/0x10
[  763.362407][T14070]  do_syscall_64+0xcd/0x250
[  763.366919][T14070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  763.372810][T14070] RIP: 0033:0x7f6a4ff80809
[  763.377215][T14070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  763.396827][T14070] RSP: 002b:00007f6a50e5d058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  763.405234][T14070] RAX: ffffffffffffffda RBX: 00007f6a50145fa0 RCX: 00007f6a4ff80809
[  763.413199][T14070] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000
[  763.421162][T14070] RBP: 00007f6a50e5d0a0 R08: 0000000020000140 R09: 0000000000000000
[  763.429125][T14070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  763.437089][T14070] R13: 0000000000000000 R14: 00007f6a50145fa0 R15: 00007ffeae5f0228
[  763.445062][T14070]  </TASK>
[  763.448471][T11050] usb 1-1: new high-speed USB device number 77 using dummy_hcd
[  763.600717][T11050] usb 1-1: Using ep0 maxpacket: 8
[  763.607310][T11050] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  763.618435][T11050] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  763.628685][T11050] usb 1-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[  763.639872][T11050] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  763.654115][T11050] usb 1-1: config 0 descriptor??
[  764.276465][T11050] usbhid 1-1:0.0: can't add hid device: -71
[  764.282636][T11050] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  764.308549][T11050] usb 1-1: USB disconnect, device number 77
[  765.025562][    T9] usb 6-1: 2:1: cannot get freq at ep 0x82
[  765.056018][    T9] usb 6-1: USB disconnect, device number 9
[  765.297034][ T5921] usb 5-1: USB disconnect, device number 73
[  766.622460][   T29] audit: type=1326 audit(2000000175.460:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14100 comm="syz.5.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f223db80809 code=0x7fc00000
[  766.646018][    C0] vkms_vblank_simulate: vblank timer overrun
[  769.866267][T13744] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  770.182753][T13744] usb 6-1: Using ep0 maxpacket: 32
[  770.261452][T13744] usb 6-1: config 0 has an invalid interface number: 74 but max is 1
[  770.358911][T13744] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  770.377407][T13744] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  770.386368][T13744] usb 6-1: config 0 has no interface number 0
[  770.398115][T13744] usb 6-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=8e.fa
[  770.425913][T13744] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  770.446858][T13744] usb 6-1: Product: syz
[  770.451243][T13744] usb 6-1: Manufacturer: syz
[  770.456053][T13744] usb 6-1: SerialNumber: syz
[  770.472037][T13744] usb 6-1: config 0 descriptor??
[  770.739982][T13744] usb 6-1: USB disconnect, device number 10
[  772.150741][T14180] picdev_write: 56 callbacks suppressed
[  772.150759][T14180] kvm: pic: non byte write
[  772.161765][T14180] kvm: pic: non byte write
[  772.166214][T14180] kvm: pic: non byte write
[  772.170803][T14180] kvm: pic: non byte write
[  772.175397][T14180] kvm: pic: non byte write
[  772.179838][T14180] kvm: pic: non byte write
[  772.184457][T14180] kvm: pic: non byte write
[  772.189051][T14180] kvm: pic: non byte write
[  772.193623][T14180] kvm: pic: non byte write
[  772.198220][T14180] kvm: pic: non byte write
[  773.550456][T14183] ceph: No mds server is up or the cluster is laggy
[  773.557542][T11696] libceph: connect (1)[c::]:6789 error -101
[  773.563619][T11696] libceph: mon0 (1)[c::]:6789 connect error
[  773.677831][T14194] ufs: You didn't specify the type of your ufs filesystem
[  773.677831][T14194] 
[  773.677831][T14194] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  773.677831][T14194] 
[  773.677831][T14194] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  773.708511][    C1] vkms_vblank_simulate: vblank timer overrun
[  773.715479][T14194] ufs: ufstype=old is supported read-only
[  773.722709][T14194] ufs: ufs_fill_super(): bad magic number
[  774.810667][T14205] mkiss: ax0: crc mode is auto.
[  774.827908][T14206] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2214'.
[  774.837074][T14206] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2214'.
[  778.395466][T14222] netlink: 'syz.0.2220': attribute type 5 has an invalid length.
[  781.179366][T14245] ceph: No mds server is up or the cluster is laggy
[  781.196484][T11050] libceph: connect (1)[c::]:6789 error -22
[  781.234618][T11050] libceph: mon0 (1)[c::]:6789 connect error
[  781.260595][T14255] bad cache= option: none

[  781.260595][T14255] 
[  781.267192][T14255] CIFS: VFS: bad cache= option: none

[  781.960015][T14260] picdev_write: 56 callbacks suppressed
[  781.960034][T14260] kvm: pic: non byte write
[  782.271754][T14268] netlink: 'syz.4.2232': attribute type 5 has an invalid length.
[  782.850500][T11050] usb 1-1: new high-speed USB device number 78 using dummy_hcd
[  783.651889][T11050] usb 1-1: Using ep0 maxpacket: 16
[  783.721187][T11050] usb 1-1: config 0 has an invalid interface number: 161 but max is 0
[  783.749756][T11050] usb 1-1: config 0 has no interface number 0
[  783.776316][T11050] usb 1-1: config 0 interface 161 has no altsetting 0
[  783.837770][T11050] usb 1-1: New USB device found, idVendor=05dc, idProduct=0001, bcdDevice= 0.01
[  783.847010][T11050] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  783.862835][T11050] usb 1-1: Product: syz
[  783.867013][T11050] usb 1-1: Manufacturer: syz
[  783.883068][T11050] usb 1-1: SerialNumber: syz
[  784.171404][T11050] usb 1-1: config 0 descriptor??
[  784.310559][T11050] ums-jumpshot 1-1:0.161: USB Mass Storage device detected
[  784.348428][T11050] ums-jumpshot 1-1:0.161: Quirks match for vid 05dc pid 0001: 2
[  784.594607][T11050] usb 1-1: USB disconnect, device number 78
[  785.080227][T11946] Bluetooth: hci1: command 0x0405 tx timeout
[  786.200494][T11050] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[  786.683413][T11050] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  786.729683][T11050] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  786.765986][T11050] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  786.827246][T11050] usb 5-1: config 0 descriptor??
[  788.314877][T14329] ceph: No mds server is up or the cluster is laggy
[  788.330495][ T5921] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  788.331872][    T9] libceph: connect (1)[c::]:6789 error -101
[  788.345479][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  788.391933][T11050] ath6kl: Failed to read usb control message: -71
[  788.400361][T11050] ath6kl: Unable to read the bmi data from the device: -71
[  788.780512][ T5921] usb 6-1: Using ep0 maxpacket: 16
[  788.802360][T11050] ath6kl: Unable to recv target info: -71
[  788.803600][ T5921] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  788.827865][ T5921] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  788.837624][ T5921] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  788.929953][T11050] ath6kl: Failed to init ath6kl core: -71
[  788.945380][T14336] ceph: No mds server is up or the cluster is laggy
[  788.953172][T11050] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71
[  788.976757][T11050] usb 5-1: USB disconnect, device number 74
[  789.007159][   T51] libceph: connect (1)[c::]:6789 error -101
[  789.017458][   T51] libceph: mon0 (1)[c::]:6789 connect error
[  789.064333][ T5921] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  789.090476][ T5921] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  789.099241][ T5921] usb 6-1: Product: syz
[  789.107188][ T5921] usb 6-1: Manufacturer: syz
[  789.117194][ T5921] usb 6-1: SerialNumber: syz
[  789.761880][ T5921] usb 6-1: 2:1 : format type 0 is detected, processed as PCM
[  790.137630][T14354] trusted_key: encrypted_key: key user:syz not found
[  790.344890][T14365] FAULT_INJECTION: forcing a failure.
[  790.344890][T14365] name failslab, interval 1, probability 0, space 0, times 0
[  790.451594][T14365] CPU: 1 UID: 0 PID: 14365 Comm: syz.0.2260 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  790.462044][T14365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  790.472091][T14365] Call Trace:
[  790.475357][T14365]  <TASK>
[  790.478278][T14365]  dump_stack_lvl+0x16c/0x1f0
[  790.482961][T14365]  should_fail_ex+0x497/0x5b0
[  790.487643][T14365]  ? fs_reclaim_acquire+0xae/0x150
[  790.492756][T14365]  should_failslab+0xc2/0x120
[  790.497432][T14365]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  790.502802][T14365]  ? __thp_vma_allowable_orders+0x1ca/0xb30
[  790.508690][T14365]  ? __khugepaged_enter+0xc8/0x380
[  790.513802][T14365]  __khugepaged_enter+0xc8/0x380
[  790.518739][T14365]  khugepaged_enter_vma+0x135/0x2c0
[  790.523937][T14365]  do_huge_pmd_anonymous_page+0x1c8/0x20f0
[  790.529741][T14365]  __handle_mm_fault+0x1c14/0x2a40
[  790.534858][T14365]  ? __pfx___handle_mm_fault+0x10/0x10
[  790.540316][T14365]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  790.545955][T14365]  ? find_vma+0xc0/0x140
[  790.550186][T14365]  ? __pfx_find_vma+0x10/0x10
[  790.554858][T14365]  handle_mm_fault+0x3fa/0xaa0
[  790.559892][T14365]  do_user_addr_fault+0x7a3/0x13f0
[  790.565006][T14365]  exc_page_fault+0x5c/0xc0
[  790.569514][T14365]  asm_exc_page_fault+0x26/0x30
[  790.574370][T14365] RIP: 0010:__get_user_8+0x1a/0x30
[  790.579475][T14365] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 ba 00 f0 ff ff ff 7f 00 00 48 39 c2 48 19 d2 48 09 d0 0f 01 cb <48> 8b 10 31 c0 0f 01 ca c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00
[  790.599089][T14365] RSP: 0018:ffffc9000c2b7ef0 EFLAGS: 00050206
[  790.605156][T14365] RAX: 0000000020000000 RBX: ffffc9000c2b7f58 RCX: ffffc9000c2b7e58
[  790.613212][T14365] RDX: 0000000000000000 RSI: ffffffff821d0b9b RDI: ffffffff8bd1e4c0
[  790.621178][T14365] RBP: 0000000020000000 R08: 0000000000000000 R09: fffffbfff20c1852
[  790.629163][T14365] R10: ffffffff9060c297 R11: 0000000000000000 R12: 00000000000000ce
[  790.637130][T14365] R13: 0000000000000401 R14: 0000000000000000 R15: 0000000000000000
[  790.645107][T14365]  ? __x64_sys_io_setup+0x6b/0x210
[  790.650230][T14365]  __x64_sys_io_setup+0x73/0x210
[  790.655170][T14365]  do_syscall_64+0xcd/0x250
[  790.659680][T14365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.665592][T14365] RIP: 0033:0x7fa286380809
[  790.670005][T14365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  790.689611][T14365] RSP: 002b:00007fa287249058 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  790.698025][T14365] RAX: ffffffffffffffda RBX: 00007fa286545fa0 RCX: 00007fa286380809
[  790.705991][T14365] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000401
[  790.713953][T14365] RBP: 00007fa2872490a0 R08: 0000000000000000 R09: 0000000000000000
[  790.721915][T14365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  790.729874][T14365] R13: 0000000000000000 R14: 00007fa286545fa0 R15: 00007ffedb784748
[  790.737854][T14365]  </TASK>
[  790.806228][ T5921] usb 6-1: 2:1: cannot set freq 9338507 to ep 0x82
[  790.827038][ T5921] usb 6-1: USB disconnect, device number 11
[  791.045572][T14374] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  791.064134][T14374] audit: out of memory in audit_log_start
[  792.562644][T11050] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  792.798024][T14387] netlink: 'syz.5.2268': attribute type 5 has an invalid length.
[  792.927544][    T9] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[  792.951823][T11050] usb 4-1: config 0 has an invalid interface number: 18 but max is 0
[  792.967683][T11050] usb 4-1: config 0 descriptor has 1 excess byte, ignoring
[  792.975000][T11050] usb 4-1: config 0 has no interface number 0
[  792.982262][T11050] usb 4-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4
[  792.991838][T11050] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  793.001223][T11050] usb 4-1: config 0 descriptor??
[  793.007266][T11050] usb 4-1: bad CDC descriptors
[  793.090565][    T9] usb 1-1: Using ep0 maxpacket: 16
[  793.097893][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  793.116518][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  793.127288][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  793.151298][T14398] ufs: You didn't specify the type of your ufs filesystem
[  793.151298][T14398] 
[  793.151298][T14398] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  793.151298][T14398] 
[  793.151298][T14398] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  793.196765][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  793.201063][T14398] ufs: ufstype=old is supported read-only
[  793.206412][    T9] usb 1-1: config 0 descriptor??
[  793.233971][T14383] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  793.244948][T14398] ufs: ufs_fill_super(): bad magic number
[  793.250557][T14383] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  793.276757][T14383] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  793.302332][T14383] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  793.322341][ T5921] usb 4-1: USB disconnect, device number 58
[  793.643517][    T9] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:05AC:8241.001F/input/input41
[  793.722274][    T9] appleir 0003:05AC:8241.001F: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  793.857181][T14386] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  793.870559][T11050] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  794.030557][T11050] usb 6-1: Using ep0 maxpacket: 16
[  794.040099][T11050] usb 6-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  794.070496][T11050] usb 6-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[  794.080261][T11050] usb 6-1: config 0 interface 0 has no altsetting 0
[  794.110459][T11050] usb 6-1: New USB device found, idVendor=046d, idProduct=c117, bcdDevice= 0.00
[  794.140275][T11050] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  794.163288][T11050] usb 6-1: config 0 descriptor??
[  794.314206][T14404] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  794.351245][T14404] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  794.382636][ T5921] usb 6-1: USB disconnect, device number 12
[  794.920680][T11050] usb 1-1: reset high-speed USB device number 79 using dummy_hcd
[  796.714951][    T8] usb 1-1: USB disconnect, device number 79
[  799.553933][T14430] ufs: Invalid option: "./file0" or missing value
[  799.560454][T14430] ufs: wrong mount options
[  799.876045][   T29] audit: type=1326 audit(2000000208.710:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14412 comm="syz.0.2274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa286380809 code=0x7fc00000
[  807.567302][T11946] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  807.578573][T11946] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  807.588672][T11946] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  807.600129][T11946] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  807.607943][T11946] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  807.615105][T11946] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  807.855649][T14440] chnl_net:caif_netlink_parms(): no params data found
[  808.001393][T14440] bridge0: port 1(bridge_slave_0) entered blocking state
[  808.010658][T14440] bridge0: port 1(bridge_slave_0) entered disabled state
[  808.017758][T14440] bridge_slave_0: entered allmulticast mode
[  808.046093][T14440] bridge_slave_0: entered promiscuous mode
[  808.059505][T14440] bridge0: port 2(bridge_slave_1) entered blocking state
[  808.078680][T14440] bridge0: port 2(bridge_slave_1) entered disabled state
[  808.102949][T14440] bridge_slave_1: entered allmulticast mode
[  808.119376][T14440] bridge_slave_1: entered promiscuous mode
[  808.158654][T14440] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  808.187184][T14440] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  808.249762][T14440] team0: Port device team_slave_0 added
[  808.272425][T14440] team0: Port device team_slave_1 added
[  808.322980][T14440] batman_adv: batadv0: Adding interface: batadv_slave_0
[  808.329913][T14440] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  808.397234][T14440] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  808.433630][T14440] batman_adv: batadv0: Adding interface: batadv_slave_1
[  808.448713][T14440] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  808.515331][T14440] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  808.570790][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  808.577052][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  808.599817][T14440] hsr_slave_0: entered promiscuous mode
[  808.617930][T14440] hsr_slave_1: entered promiscuous mode
[  808.634723][T14440] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  808.657799][T14440] Cannot create hsr debugfs directory
[  808.855849][T14440] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  808.889851][T14440] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  808.916750][T14440] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  808.937733][T14440] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  809.057804][T14440] 8021q: adding VLAN 0 to HW filter on device bond0
[  809.097885][T14440] 8021q: adding VLAN 0 to HW filter on device team0
[  809.123034][ T6770] bridge0: port 1(bridge_slave_0) entered blocking state
[  809.130077][ T6770] bridge0: port 1(bridge_slave_0) entered forwarding state
[  809.166158][ T6770] bridge0: port 2(bridge_slave_1) entered blocking state
[  809.173224][ T6770] bridge0: port 2(bridge_slave_1) entered forwarding state
[  809.232323][T14440] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  809.257886][T14440] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  809.460028][T14440] 8021q: adding VLAN 0 to HW filter on device batadv0
[  809.661094][T11946] Bluetooth: hci5: command tx timeout
[  809.719153][T14440] veth0_vlan: entered promiscuous mode
[  809.749388][T14440] veth1_vlan: entered promiscuous mode
[  809.792161][T14440] veth0_macvtap: entered promiscuous mode
[  809.809769][T14440] veth1_macvtap: entered promiscuous mode
[  809.839405][T14440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  809.867903][T14440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  809.893743][T14440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  809.919837][T14440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  809.945739][T14440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  809.973597][T14440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  809.999990][T14440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  810.025808][T14440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.051686][T14440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  810.079067][T14440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.107745][T14440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  810.133578][T14440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.164564][T14440] batman_adv: batadv0: Interface activated: batadv_slave_0
[  810.194006][T14440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  810.215514][T14440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.265853][T14440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  810.319066][T14440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.361999][T14440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  810.406005][T14440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.452348][T14440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  810.495201][T14440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.541604][T14440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  810.582004][T14440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.628911][T14440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  810.670543][T14440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  810.713236][T14440] batman_adv: batadv0: Interface activated: batadv_slave_1
[  810.761729][ T5846] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  810.771917][ T5846] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  810.781135][ T5846] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  810.789150][ T5846] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  810.799178][ T5846] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  810.806650][ T5846] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  810.842923][T14440] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  810.880959][T14440] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  810.889662][T14440] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  810.943548][T14440] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  811.275646][ T6780] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  811.332568][ T6780] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  811.351700][T11946] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  811.361543][T11946] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  811.369881][T11946] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  811.381605][T11946] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  811.390352][T11946] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  811.398731][T11946] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  811.407134][ T6769] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  811.417145][T14459] chnl_net:caif_netlink_parms(): no params data found
[  811.462024][ T6769] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  811.640726][T14459] bridge0: port 1(bridge_slave_0) entered blocking state
[  811.647795][T14459] bridge0: port 1(bridge_slave_0) entered disabled state
[  811.692724][T14459] bridge_slave_0: entered allmulticast mode
[  811.718482][T14459] bridge_slave_0: entered promiscuous mode
[  811.740791][T11946] Bluetooth: hci5: command tx timeout
[  811.759885][T14459] bridge0: port 2(bridge_slave_1) entered blocking state
[  811.786802][T14459] bridge0: port 2(bridge_slave_1) entered disabled state
[  811.827625][T14459] bridge_slave_1: entered allmulticast mode
[  811.845768][T14459] bridge_slave_1: entered promiscuous mode
[  811.937835][T14459] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  811.999056][T14459] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  812.076012][T14465] chnl_net:caif_netlink_parms(): no params data found
[  812.108500][T14459] team0: Port device team_slave_0 added
[  812.147796][T14459] team0: Port device team_slave_1 added
[  812.224139][T14459] batman_adv: batadv0: Adding interface: batadv_slave_0
[  812.245495][T14459] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  812.309589][T14459] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  812.357135][T14459] batman_adv: batadv0: Adding interface: batadv_slave_1
[  812.376872][T14459] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  812.446730][T14459] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  812.516878][T14465] bridge0: port 1(bridge_slave_0) entered blocking state
[  812.537576][T14465] bridge0: port 1(bridge_slave_0) entered disabled state
[  812.563401][T14465] bridge_slave_0: entered allmulticast mode
[  812.582174][T14465] bridge_slave_0: entered promiscuous mode
[  812.623077][T14465] bridge0: port 2(bridge_slave_1) entered blocking state
[  812.630126][T14465] bridge0: port 2(bridge_slave_1) entered disabled state
[  812.659062][T14465] bridge_slave_1: entered allmulticast mode
[  812.678039][T14465] bridge_slave_1: entered promiscuous mode
[  812.697478][T14459] hsr_slave_0: entered promiscuous mode
[  812.715398][T14459] hsr_slave_1: entered promiscuous mode
[  812.728431][T14459] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  812.755295][T14459] Cannot create hsr debugfs directory
[  812.809923][T14465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  812.851526][T14465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  812.861464][T11946] Bluetooth: hci6: command tx timeout
[  812.946173][T14465] team0: Port device team_slave_0 added
[  812.995609][T14465] team0: Port device team_slave_1 added
[  813.061686][T14465] batman_adv: batadv0: Adding interface: batadv_slave_0
[  813.068613][T14465] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  813.176924][T14465] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  813.223068][T14465] batman_adv: batadv0: Adding interface: batadv_slave_1
[  813.243544][T14465] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  813.308547][T14465] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  813.427942][T14465] hsr_slave_0: entered promiscuous mode
[  813.449272][T14465] hsr_slave_1: entered promiscuous mode
[  813.467300][T14465] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  813.488225][T14465] Cannot create hsr debugfs directory
[  813.500895][T11946] Bluetooth: hci7: command tx timeout
[  813.582067][T14459] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  813.609894][T14459] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  813.658406][T14459] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  813.711749][T14459] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  813.820756][T11946] Bluetooth: hci5: command tx timeout
[  813.895136][T14459] 8021q: adding VLAN 0 to HW filter on device bond0
[  813.963533][T14459] 8021q: adding VLAN 0 to HW filter on device team0
[  814.081237][ T6780] bridge0: port 1(bridge_slave_0) entered blocking state
[  814.088313][ T6780] bridge0: port 1(bridge_slave_0) entered forwarding state
[  814.143355][ T6780] bridge0: port 2(bridge_slave_1) entered blocking state
[  814.150466][ T6780] bridge0: port 2(bridge_slave_1) entered forwarding state
[  814.249560][T14459] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  814.337329][T14459] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  814.396119][T14465] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  814.471364][T14465] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  814.517877][T14465] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  814.586647][T14465] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  814.808733][T14459] 8021q: adding VLAN 0 to HW filter on device batadv0
[  814.868479][T14465] 8021q: adding VLAN 0 to HW filter on device bond0
[  814.929277][T14465] 8021q: adding VLAN 0 to HW filter on device team0
[  814.942954][T11946] Bluetooth: hci6: command tx timeout
[  814.979634][ T5846] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  814.989931][ T5846] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  814.997746][ T5846] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  815.005639][ T5846] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  815.012949][ T5846] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  815.020035][ T5846] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  815.063849][ T6780] bridge0: port 1(bridge_slave_0) entered blocking state
[  815.070921][ T6780] bridge0: port 1(bridge_slave_0) entered forwarding state
[  815.110325][ T6780] bridge0: port 2(bridge_slave_1) entered blocking state
[  815.117382][ T6780] bridge0: port 2(bridge_slave_1) entered forwarding state
[  815.211353][T14465] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  815.261422][T14465] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  815.524511][T14459] veth0_vlan: entered promiscuous mode
[  815.573159][T14459] veth1_vlan: entered promiscuous mode
[  815.581645][T11946] Bluetooth: hci7: command tx timeout
[  815.631609][T14487] chnl_net:caif_netlink_parms(): no params data found
[  815.675931][T14459] veth0_macvtap: entered promiscuous mode
[  815.699453][T14465] 8021q: adding VLAN 0 to HW filter on device batadv0
[  815.773585][T14459] veth1_macvtap: entered promiscuous mode
[  815.906752][T11946] Bluetooth: hci5: command tx timeout
[  815.989127][T14459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  816.028200][T14459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  816.072992][T14459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  816.115125][T14459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  816.156709][T14459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  816.224492][T14459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  816.291618][T14459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  816.309534][ T5846] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  816.320749][ T5846] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  816.328578][ T5846] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  816.338439][ T5846] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  816.345768][ T5846] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  816.352928][ T5846] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  816.407000][T14459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  816.452194][T14459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  816.494105][T14459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  816.533485][T14459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  816.580674][T14459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  816.618947][T14459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  816.666728][T14459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  816.708680][T14459] batman_adv: batadv0: Interface activated: batadv_slave_0
[  816.859056][T14459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  816.929584][T14459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  817.001074][T14459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  817.020648][T11946] Bluetooth: hci6: command tx timeout
[  817.067916][T14459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  817.100642][T11946] Bluetooth: hci8: command tx timeout
[  817.138338][T14459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  817.193584][T14459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  817.246283][T14459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  817.300076][T14459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  817.344363][T14459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  817.392134][T14459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  817.433471][T14459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  817.479803][T14459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  817.516402][T14459] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  817.563904][T14459] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  817.611254][T14459] batman_adv: batadv0: Interface activated: batadv_slave_1
[  817.660898][T11946] Bluetooth: hci7: command tx timeout
[  817.698091][T14487] bridge0: port 1(bridge_slave_0) entered blocking state
[  817.717250][T14487] bridge0: port 1(bridge_slave_0) entered disabled state
[  817.751705][T14487] bridge_slave_0: entered allmulticast mode
[  817.772374][T14487] bridge_slave_0: entered promiscuous mode
[  817.802402][T14487] bridge0: port 2(bridge_slave_1) entered blocking state
[  817.809446][T14487] bridge0: port 2(bridge_slave_1) entered disabled state
[  817.863388][T14487] bridge_slave_1: entered allmulticast mode
[  817.884236][T14487] bridge_slave_1: entered promiscuous mode
[  817.920083][T14516] mkiss: ax0: crc mode is auto.
[  817.952918][T14459] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  817.991832][T14459] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  818.022035][T14459] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  818.052152][T14459] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  818.167227][T14487] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  818.197984][T14487] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  818.247069][T14465] veth0_vlan: entered promiscuous mode
[  818.354654][T14487] team0: Port device team_slave_0 added
[  818.390159][T14465] veth1_vlan: entered promiscuous mode
[  818.421904][T14487] team0: Port device team_slave_1 added
[  818.456887][T14508] chnl_net:caif_netlink_parms(): no params data found
[  818.464242][T11946] Bluetooth: hci9: command tx timeout
[  818.505820][T14487] batman_adv: batadv0: Adding interface: batadv_slave_0
[  818.529616][T14487] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  818.598303][T14487] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  818.642485][T14465] veth0_macvtap: entered promiscuous mode
[  818.670353][ T6786] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  818.695451][ T6786] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  818.720782][T14487] batman_adv: batadv0: Adding interface: batadv_slave_1
[  818.741593][T14487] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  818.817581][T14487] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  818.859859][T14465] veth1_macvtap: entered promiscuous mode
[  818.948871][ T6786] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  818.963731][ T6786] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  818.973169][T14408] sched: DL replenish lagged too much
[  818.973980][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  818.990186][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.017043][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  819.049971][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.079740][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  819.100957][T11946] Bluetooth: hci6: command tx timeout
[  819.121863][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.147315][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  819.178927][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.189045][T11946] Bluetooth: hci8: command tx timeout
[  819.218136][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  819.246049][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.276745][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  819.307982][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.337189][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  819.366736][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.393157][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  819.426270][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.455551][T14465] batman_adv: batadv0: Interface activated: batadv_slave_0
[  819.499478][T14487] hsr_slave_0: entered promiscuous mode
[  819.532472][T14487] hsr_slave_1: entered promiscuous mode
[  819.549082][T14487] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  819.567884][T14487] Cannot create hsr debugfs directory
[  819.635131][T14508] bridge0: port 1(bridge_slave_0) entered blocking state
[  819.670265][T14508] bridge0: port 1(bridge_slave_0) entered disabled state
[  819.693679][T14508] bridge_slave_0: entered allmulticast mode
[  819.713354][T14508] bridge_slave_0: entered promiscuous mode
[  819.735868][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  819.747202][T11946] Bluetooth: hci7: command tx timeout
[  819.778058][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.805029][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  819.848508][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.875758][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  819.930736][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  819.979774][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  820.021584][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  820.047356][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  820.094921][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  820.123257][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  820.156213][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  820.187583][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  820.214487][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  820.243682][T14465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  820.275276][T14465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  820.308344][T14465] batman_adv: batadv0: Interface activated: batadv_slave_1
[  820.332814][T14465] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  820.365570][T14465] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  820.390862][T14465] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  820.416017][T14465] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  820.446547][T14508] bridge0: port 2(bridge_slave_1) entered blocking state
[  820.466233][T14508] bridge0: port 2(bridge_slave_1) entered disabled state
[  820.487876][T14508] bridge_slave_1: entered allmulticast mode
[  820.507421][T14508] bridge_slave_1: entered promiscuous mode
[  820.540739][T11946] Bluetooth: hci9: command 0x041b tx timeout
[  820.652006][T14508] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  820.715300][T14508] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  820.793507][T14508] team0: Port device team_slave_0 added
[  820.836320][T14508] team0: Port device team_slave_1 added
[  820.865920][ T6772] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  820.903179][ T6772] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  821.260548][ T5846] Bluetooth: hci8: command tx timeout
[  822.621752][ T5846] Bluetooth: hci9: command 0x041b tx timeout
[  823.341470][ T5846] Bluetooth: hci8: command tx timeout
[  824.700826][ T5846] Bluetooth: hci9: command 0x041b tx timeout
[  824.970190][T14487] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  825.035330][T14508] batman_adv: batadv0: Adding interface: batadv_slave_0
[  825.058105][T14508] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  825.128128][T14508] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  825.164943][T14508] batman_adv: batadv0: Adding interface: batadv_slave_1
[  825.188407][T14508] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  825.258489][T14508] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  825.330162][ T6788] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  825.357286][T14508] hsr_slave_0: entered promiscuous mode
[  825.371936][ T6788] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  825.397981][T14508] hsr_slave_1: entered promiscuous mode
[  825.418017][T14508] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  825.439660][T14508] Cannot create hsr debugfs directory
[  825.628683][   T29] audit: type=1400 audit(2000000234.460:1161): avc:  denied  { map } for  pid=14531 comm="syz.9.2281" path="socket:[58110]" dev="sockfs" ino=58110 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  826.780662][ T5846] Bluetooth: hci9: command 0x041b tx timeout
[  832.187670][T11946] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  832.200546][T11946] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  832.209175][T11946] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  832.217541][T11946] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  832.226459][T11946] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  832.233692][T11946] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  832.446963][T14540] chnl_net:caif_netlink_parms(): no params data found
[  832.558571][T14540] bridge0: port 1(bridge_slave_0) entered blocking state
[  832.583574][T14540] bridge0: port 1(bridge_slave_0) entered disabled state
[  832.605855][T14540] bridge_slave_0: entered allmulticast mode
[  832.629082][T14540] bridge_slave_0: entered promiscuous mode
[  832.649822][T14540] bridge0: port 2(bridge_slave_1) entered blocking state
[  832.674267][T14540] bridge0: port 2(bridge_slave_1) entered disabled state
[  832.694813][T14540] bridge_slave_1: entered allmulticast mode
[  832.715157][T14540] bridge_slave_1: entered promiscuous mode
[  832.770018][T14540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  832.802432][T14540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  832.867804][T14540] team0: Port device team_slave_0 added
[  832.894036][T14540] team0: Port device team_slave_1 added
[  832.952128][T14540] batman_adv: batadv0: Adding interface: batadv_slave_0
[  832.959067][T14540] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  833.036314][T14540] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  833.077515][T14540] batman_adv: batadv0: Adding interface: batadv_slave_1
[  833.100292][T14540] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  833.170210][T14540] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  833.247215][T14540] hsr_slave_0: entered promiscuous mode
[  833.267893][T14540] hsr_slave_1: entered promiscuous mode
[  833.289113][T14540] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  833.313142][T14540] Cannot create hsr debugfs directory
[  834.300578][T11946] Bluetooth: hci10: command tx timeout
[  835.188629][ T5846] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  835.198065][ T5846] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  835.206909][ T5846] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  835.214929][ T5846] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  835.222789][ T5846] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  835.229952][ T5846] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  835.443641][T14549] chnl_net:caif_netlink_parms(): no params data found
[  835.545300][T14549] bridge0: port 1(bridge_slave_0) entered blocking state
[  835.552546][T14549] bridge0: port 1(bridge_slave_0) entered disabled state
[  835.559636][T14549] bridge_slave_0: entered allmulticast mode
[  835.566205][T14549] bridge_slave_0: entered promiscuous mode
[  835.584485][T14549] bridge0: port 2(bridge_slave_1) entered blocking state
[  835.608443][T14549] bridge0: port 2(bridge_slave_1) entered disabled state
[  835.631675][T14549] bridge_slave_1: entered allmulticast mode
[  835.652952][T14549] bridge_slave_1: entered promiscuous mode
[  835.710879][T14549] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  835.750609][T14549] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  835.820033][T14549] team0: Port device team_slave_0 added
[  835.841679][T14549] team0: Port device team_slave_1 added
[  835.889845][T14549] batman_adv: batadv0: Adding interface: batadv_slave_0
[  835.916039][T14549] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  835.989845][T14549] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  836.032288][T14549] batman_adv: batadv0: Adding interface: batadv_slave_1
[  836.039213][T14549] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  836.137134][T14549] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  836.229640][T14549] hsr_slave_0: entered promiscuous mode
[  836.251876][T14549] hsr_slave_1: entered promiscuous mode
[  836.272975][T14549] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  836.297854][T14549] Cannot create hsr debugfs directory
[  836.382563][ T5846] Bluetooth: hci10: command tx timeout
[  837.260670][ T5846] Bluetooth: hci11: command tx timeout
[  838.460580][ T5846] Bluetooth: hci10: command tx timeout
[  839.340524][ T5846] Bluetooth: hci11: command tx timeout
[  840.541235][ T5846] Bluetooth: hci10: command tx timeout
[  841.176574][T11946] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  841.192831][T11946] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  841.200791][T11946] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  841.208800][T11946] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  841.216738][T11946] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  841.224783][T11946] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  841.420610][T11946] Bluetooth: hci11: command tx timeout
[  841.458292][T14558] chnl_net:caif_netlink_parms(): no params data found
[  841.571468][T14558] bridge0: port 1(bridge_slave_0) entered blocking state
[  841.578595][T14558] bridge0: port 1(bridge_slave_0) entered disabled state
[  841.605699][T14558] bridge_slave_0: entered allmulticast mode
[  841.626244][T14558] bridge_slave_0: entered promiscuous mode
[  841.647843][T14558] bridge0: port 2(bridge_slave_1) entered blocking state
[  841.672551][T14558] bridge0: port 2(bridge_slave_1) entered disabled state
[  841.679669][T14558] bridge_slave_1: entered allmulticast mode
[  841.718970][T14558] bridge_slave_1: entered promiscuous mode
[  841.782780][T14558] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  841.821891][T14558] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  841.877872][T14558] team0: Port device team_slave_0 added
[  841.905129][T14558] team0: Port device team_slave_1 added
[  841.964679][T14558] batman_adv: batadv0: Adding interface: batadv_slave_0
[  841.983669][T14558] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  842.064775][T14558] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  842.098301][T14558] batman_adv: batadv0: Adding interface: batadv_slave_1
[  842.119997][T14558] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  842.191483][T14558] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  842.282382][T14558] hsr_slave_0: entered promiscuous mode
[  842.305339][T14558] hsr_slave_1: entered promiscuous mode
[  842.324242][T14558] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  842.349017][T14558] Cannot create hsr debugfs directory
[  843.260760][T11946] Bluetooth: hci12: command tx timeout
[  843.500574][T11946] Bluetooth: hci11: command tx timeout
[  845.340743][T11946] Bluetooth: hci12: command tx timeout
[  847.420665][T11946] Bluetooth: hci12: command tx timeout
[  849.501927][T11946] Bluetooth: hci12: command tx timeout
[  869.983013][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  869.989306][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  875.355363][T11946] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  875.364188][T11946] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  875.372098][T11946] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  875.380732][T11946] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  875.388062][T11946] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  875.395297][T11946] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  875.703716][T14572] chnl_net:caif_netlink_parms(): no params data found
[  875.931212][T14572] bridge0: port 1(bridge_slave_0) entered blocking state
[  875.939053][T14572] bridge0: port 1(bridge_slave_0) entered disabled state
[  875.999804][T14572] bridge_slave_0: entered allmulticast mode
[  876.049620][T14572] bridge_slave_0: entered promiscuous mode
[  876.073115][T14572] bridge0: port 2(bridge_slave_1) entered blocking state
[  876.080178][T14572] bridge0: port 2(bridge_slave_1) entered disabled state
[  876.137586][T14572] bridge_slave_1: entered allmulticast mode
[  876.162838][T14572] bridge_slave_1: entered promiscuous mode
[  876.234215][T14572] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  876.292962][T14572] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  876.348423][T11946] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  876.358169][T11946] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  876.366743][T11946] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  876.374796][T11946] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  876.383181][T11946] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  876.390453][T11946] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  876.465264][T14572] team0: Port device team_slave_0 added
[  876.504883][T14572] team0: Port device team_slave_1 added
[  876.589613][T14572] batman_adv: batadv0: Adding interface: batadv_slave_0
[  876.617258][T14572] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  876.691084][T14572] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  876.736656][T14572] batman_adv: batadv0: Adding interface: batadv_slave_1
[  876.767884][T14572] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  876.839617][T14572] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  876.960960][T14572] hsr_slave_0: entered promiscuous mode
[  876.980215][T14572] hsr_slave_1: entered promiscuous mode
[  877.001628][T14572] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  877.009163][T14572] Cannot create hsr debugfs directory
[  877.139357][T14581] chnl_net:caif_netlink_parms(): no params data found
[  877.402964][T14581] bridge0: port 1(bridge_slave_0) entered blocking state
[  877.410010][T14581] bridge0: port 1(bridge_slave_0) entered disabled state
[  877.420586][T11946] Bluetooth: hci13: command tx timeout
[  877.449273][T14581] bridge_slave_0: entered allmulticast mode
[  877.473327][T14581] bridge_slave_0: entered promiscuous mode
[  877.494482][T14581] bridge0: port 2(bridge_slave_1) entered blocking state
[  877.515395][T14581] bridge0: port 2(bridge_slave_1) entered disabled state
[  877.539501][T14581] bridge_slave_1: entered allmulticast mode
[  877.562112][T14581] bridge_slave_1: entered promiscuous mode
[  877.613002][T14581] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  877.646709][T14581] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  877.732495][T14581] team0: Port device team_slave_0 added
[  877.740309][T14581] team0: Port device team_slave_1 added
[  877.808029][T14581] batman_adv: batadv0: Adding interface: batadv_slave_0
[  877.829377][T14581] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  877.918243][T14581] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  877.957635][T14581] batman_adv: batadv0: Adding interface: batadv_slave_1
[  877.985046][T14581] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  878.060266][T14581] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  878.137096][T14581] hsr_slave_0: entered promiscuous mode
[  878.156362][T14581] hsr_slave_1: entered promiscuous mode
[  878.179368][T14581] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  878.199878][T14581] Cannot create hsr debugfs directory
[  878.460570][T11946] Bluetooth: hci14: command tx timeout
[  879.500638][T11946] Bluetooth: hci13: command tx timeout
[  880.540677][T11946] Bluetooth: hci14: command tx timeout
[  881.580554][T11946] Bluetooth: hci13: command tx timeout
[  882.620517][T11946] Bluetooth: hci14: command tx timeout
[  883.660553][T11946] Bluetooth: hci13: command tx timeout
[  884.702542][T11946] Bluetooth: hci14: command tx timeout
[  892.376353][T14591] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  892.385794][T11946] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  892.393588][T11946] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  892.401693][T11946] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  892.409252][T11946] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[  892.417013][T11946] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  892.629430][T14590] chnl_net:caif_netlink_parms(): no params data found
[  892.744056][T14590] bridge0: port 1(bridge_slave_0) entered blocking state
[  892.762084][T14590] bridge0: port 1(bridge_slave_0) entered disabled state
[  892.769248][T14590] bridge_slave_0: entered allmulticast mode
[  892.811005][T14590] bridge_slave_0: entered promiscuous mode
[  892.833172][T14590] bridge0: port 2(bridge_slave_1) entered blocking state
[  892.840256][T14590] bridge0: port 2(bridge_slave_1) entered disabled state
[  892.864418][T14590] bridge_slave_1: entered allmulticast mode
[  892.888622][T14590] bridge_slave_1: entered promiscuous mode
[  892.953905][T14590] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  892.990322][T14590] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  893.073263][T14590] team0: Port device team_slave_0 added
[  893.098439][T14590] team0: Port device team_slave_1 added
[  893.151424][T14590] batman_adv: batadv0: Adding interface: batadv_slave_0
[  893.158352][T14590] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  893.256078][T14590] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  893.287538][T14590] batman_adv: batadv0: Adding interface: batadv_slave_1
[  893.318512][T14590] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  893.401315][T14590] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  893.487209][T14590] hsr_slave_0: entered promiscuous mode
[  893.518219][T14590] hsr_slave_1: entered promiscuous mode
[  893.545349][T14590] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  893.568380][T14590] Cannot create hsr debugfs directory
[  894.460702][T11946] Bluetooth: hci15: command tx timeout
[  895.241043][ T5846] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  895.250621][ T5846] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  895.258291][ T5846] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  895.266782][ T5846] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  895.274279][ T5846] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3
[  895.282034][ T5846] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  895.503255][T14600] chnl_net:caif_netlink_parms(): no params data found
[  895.751833][T14600] bridge0: port 1(bridge_slave_0) entered blocking state
[  895.762131][T14600] bridge0: port 1(bridge_slave_0) entered disabled state
[  895.769320][T14600] bridge_slave_0: entered allmulticast mode
[  895.810783][T14600] bridge_slave_0: entered promiscuous mode
[  895.825363][T14600] bridge0: port 2(bridge_slave_1) entered blocking state
[  895.852091][T14600] bridge0: port 2(bridge_slave_1) entered disabled state
[  895.876689][T14600] bridge_slave_1: entered allmulticast mode
[  895.902199][T14600] bridge_slave_1: entered promiscuous mode
[  895.958400][T14600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  895.996547][T14600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  896.084185][T14600] team0: Port device team_slave_0 added
[  896.106634][T14600] team0: Port device team_slave_1 added
[  896.164531][T14600] batman_adv: batadv0: Adding interface: batadv_slave_0
[  896.181745][T14600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  896.261907][T14600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  896.297821][T14600] batman_adv: batadv0: Adding interface: batadv_slave_1
[  896.323815][T14600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  896.407907][T14600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  896.493964][T14600] hsr_slave_0: entered promiscuous mode
[  896.516747][T14600] hsr_slave_1: entered promiscuous mode
[  896.532517][T14600] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  896.540054][T14600] Cannot create hsr debugfs directory
[  896.545626][ T5846] Bluetooth: hci15: command tx timeout
[  897.340890][ T5846] Bluetooth: hci16: command tx timeout
[  898.620597][ T5846] Bluetooth: hci15: command tx timeout
[  899.420667][ T5846] Bluetooth: hci16: command tx timeout
[  900.701362][ T5846] Bluetooth: hci15: command tx timeout
[  901.241789][T11946] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[  901.251377][T11946] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[  901.260349][T11946] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[  901.272809][T11946] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[  901.280102][T11946] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3
[  901.288460][T11946] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[  901.497978][T14609] chnl_net:caif_netlink_parms(): no params data found
[  901.505829][T11946] Bluetooth: hci16: command tx timeout
[  901.604343][T14609] bridge0: port 1(bridge_slave_0) entered blocking state
[  901.628168][T14609] bridge0: port 1(bridge_slave_0) entered disabled state
[  901.656095][T14609] bridge_slave_0: entered allmulticast mode
[  901.684213][T14609] bridge_slave_0: entered promiscuous mode
[  901.707757][T14609] bridge0: port 2(bridge_slave_1) entered blocking state
[  901.733573][T14609] bridge0: port 2(bridge_slave_1) entered disabled state
[  901.754905][T14609] bridge_slave_1: entered allmulticast mode
[  901.779124][T14609] bridge_slave_1: entered promiscuous mode
[  901.827437][T14609] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  901.870994][T14609] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  901.938907][T14609] team0: Port device team_slave_0 added
[  901.968148][T14609] team0: Port device team_slave_1 added
[  902.017258][T14609] batman_adv: batadv0: Adding interface: batadv_slave_0
[  902.042888][T14609] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  902.123487][T14609] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  902.165058][T14609] batman_adv: batadv0: Adding interface: batadv_slave_1
[  902.183563][T14609] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  902.266486][T14609] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  902.346554][T14609] hsr_slave_0: entered promiscuous mode
[  902.371075][T14609] hsr_slave_1: entered promiscuous mode
[  902.393660][T14609] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  902.412618][T14609] Cannot create hsr debugfs directory
[  903.340629][T11946] Bluetooth: hci17: command tx timeout
[  903.580721][T11946] Bluetooth: hci16: command tx timeout
[  905.420662][T11946] Bluetooth: hci17: command tx timeout
[  907.500569][T11946] Bluetooth: hci17: command tx timeout
[  909.580638][T11946] Bluetooth: hci17: command tx timeout
[  931.424275][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  931.445690][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  933.514061][ T5846] Bluetooth: hci5: command 0x0406 tx timeout
[  933.520063][ T5846] Bluetooth: hci6: command 0x0406 tx timeout
[  936.428122][T14619] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1
[  936.437803][T14619] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9
[  936.445957][T14619] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9
[  936.454700][T14619] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4
[  936.463974][T14619] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3
[  936.471234][T14619] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2
[  936.524888][T14619] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1
[  936.533873][T14619] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9
[  936.624187][T14627] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9
[  936.631858][T14627] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4
[  936.639189][T14627] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3
[  936.646488][T14627] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2
[  937.082405][T14622] chnl_net:caif_netlink_parms(): no params data found
[  937.127877][T14624] chnl_net:caif_netlink_parms(): no params data found
[  937.387486][T14622] bridge0: port 1(bridge_slave_0) entered blocking state
[  937.412263][T14622] bridge0: port 1(bridge_slave_0) entered disabled state
[  937.419379][T14622] bridge_slave_0: entered allmulticast mode
[  937.460539][T14622] bridge_slave_0: entered promiscuous mode
[  937.481592][T14622] bridge0: port 2(bridge_slave_1) entered blocking state
[  937.488626][T14622] bridge0: port 2(bridge_slave_1) entered disabled state
[  937.521914][T14622] bridge_slave_1: entered allmulticast mode
[  937.545127][T14622] bridge_slave_1: entered promiscuous mode
[  937.564196][T14624] bridge0: port 1(bridge_slave_0) entered blocking state
[  937.572490][T14624] bridge0: port 1(bridge_slave_0) entered disabled state
[  937.598265][T14624] bridge_slave_0: entered allmulticast mode
[  937.621928][T14624] bridge_slave_0: entered promiscuous mode
[  937.642910][T14624] bridge0: port 2(bridge_slave_1) entered blocking state
[  937.649944][T14624] bridge0: port 2(bridge_slave_1) entered disabled state
[  937.692343][T14624] bridge_slave_1: entered allmulticast mode
[  937.711391][T14624] bridge_slave_1: entered promiscuous mode
[  937.761215][T14622] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  937.823533][T14622] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  937.862871][T14624] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  937.895689][T14624] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  937.952158][T14622] team0: Port device team_slave_0 added
[  937.988175][T14622] team0: Port device team_slave_1 added
[  938.021189][T14624] team0: Port device team_slave_0 added
[  938.047906][T14622] batman_adv: batadv0: Adding interface: batadv_slave_0
[  938.072382][T14622] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  938.152040][T14622] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  938.196329][T14624] team0: Port device team_slave_1 added
[  938.237819][T14622] batman_adv: batadv0: Adding interface: batadv_slave_1
[  938.263551][T14622] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  938.342981][T14622] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  938.397984][T14624] batman_adv: batadv0: Adding interface: batadv_slave_0
[  938.422141][T14624] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  938.503090][T14624] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  938.540591][T14627] Bluetooth: hci18: command tx timeout
[  938.574644][T14624] batman_adv: batadv0: Adding interface: batadv_slave_1
[  938.591974][T14624] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  938.688348][T14624] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  938.703872][T14591] Bluetooth: hci19: command tx timeout
[  938.709882][T14591] Bluetooth: hci7: command 0x0406 tx timeout
[  938.716086][T11946] Bluetooth: hci8: command 0x0406 tx timeout
[  938.722163][T11946] Bluetooth: hci9: command 0x041b tx timeout
[  938.773761][T14622] hsr_slave_0: entered promiscuous mode
[  938.797706][T14622] hsr_slave_1: entered promiscuous mode
[  938.821661][T14622] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  938.829195][T14622] Cannot create hsr debugfs directory
[  938.916995][T14624] hsr_slave_0: entered promiscuous mode
[  938.936915][T14624] hsr_slave_1: entered promiscuous mode
[  938.957022][T14624] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  938.980599][T14624] Cannot create hsr debugfs directory
[  940.620493][T14591] Bluetooth: hci18: command tx timeout
[  940.780860][T14591] Bluetooth: hci19: command tx timeout
[  942.700606][T14591] Bluetooth: hci18: command tx timeout
[  942.863556][T14591] Bluetooth: hci19: command tx timeout
[  944.780912][T14591] Bluetooth: hci18: command tx timeout
[  944.941466][T14591] Bluetooth: hci19: command tx timeout
[  952.944145][T14619] Bluetooth: hci20: unexpected cc 0x0c03 length: 249 > 1
[  952.955178][T14619] Bluetooth: hci20: unexpected cc 0x1003 length: 249 > 9
[  952.970561][T14619] Bluetooth: hci20: unexpected cc 0x1001 length: 249 > 9
[  952.981787][T14619] Bluetooth: hci20: unexpected cc 0x0c23 length: 249 > 4
[  952.989662][T14619] Bluetooth: hci20: unexpected cc 0x0c25 length: 249 > 3
[  952.997922][T14619] Bluetooth: hci20: unexpected cc 0x0c38 length: 249 > 2
[  953.204704][T14641] chnl_net:caif_netlink_parms(): no params data found
[  953.319574][T14641] bridge0: port 1(bridge_slave_0) entered blocking state
[  953.342592][T14641] bridge0: port 1(bridge_slave_0) entered disabled state
[  953.365058][T14641] bridge_slave_0: entered allmulticast mode
[  953.386358][T14641] bridge_slave_0: entered promiscuous mode
[  953.411420][T14641] bridge0: port 2(bridge_slave_1) entered blocking state
[  953.418457][T14641] bridge0: port 2(bridge_slave_1) entered disabled state
[  953.463665][T14641] bridge_slave_1: entered allmulticast mode
[  953.478407][T14641] bridge_slave_1: entered promiscuous mode
[  953.546338][T14641] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  953.585930][T14641] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  953.652780][T14641] team0: Port device team_slave_0 added
[  953.691213][T14641] team0: Port device team_slave_1 added
[  953.728946][T14641] batman_adv: batadv0: Adding interface: batadv_slave_0
[  953.753587][T14641] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  953.820842][   T30] INFO: task syz.0.2274:14412 blocked for more than 143 seconds.
[  953.828556][   T30]       Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  953.853510][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  953.863489][T14641] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  953.894608][   T29] audit: type=1400 audit(2000000362.710:1162): avc:  denied  { write } for  pid=5827 comm="syz-executor" path="pipe:[3885]" dev="pipefs" ino=3885 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  953.930737][   T30] task:syz.0.2274      state:D stack:26048 pid:14412 tgid:14412 ppid:5847   flags:0x00004004
[  953.983801][T14641] batman_adv: batadv0: Adding interface: batadv_slave_1
[  954.032558][   T30] Call Trace:
[  954.035837][   T30]  <TASK>
[  954.038753][   T30]  __schedule+0xe58/0x5ad0
[  954.043359][T14641] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  954.092085][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  954.097286][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  954.123068][   T30]  ? __pfx___schedule+0x10/0x10
[  954.127920][   T30]  ? schedule+0x298/0x350
[  954.147166][T14641] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  954.166289][   T30]  ? __pfx_lock_release+0x10/0x10
[  954.183554][   T30]  ? __mutex_trylock_common+0x78/0x250
[  954.189008][   T30]  ? lock_acquire+0x2f/0xb0
[  954.227258][   T30]  ? schedule+0x1fd/0x350
[  954.243461][   T30]  schedule+0xe7/0x350
[  954.247536][   T30]  schedule_preempt_disabled+0x13/0x30
[  954.271616][   T30]  __mutex_lock+0x62b/0xa60
[  954.276120][   T30]  ? trace_lock_acquire+0x146/0x1e0
[  954.301739][   T30]  ? rcu_barrier+0x48/0x700
[  954.306260][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  954.333674][   T30]  ? tdp_mmu_next_root+0xdb/0x620
[  954.338709][   T30]  ? kvm_mmu_uninit_tdp_mmu+0x25/0xe0
[  954.365009][   T30]  ? rcu_barrier+0x48/0x700
[  954.369524][   T30]  rcu_barrier+0x48/0x700
[  954.395079][   T30]  ? do_raw_read_unlock+0x44/0xe0
[  954.400118][   T30]  kvm_mmu_uninit_vm+0x5b/0x60
[  954.427459][   T30]  kvm_arch_destroy_vm+0x360/0x490
[  954.444838][   T30]  ? __pfx_kvm_arch_destroy_vm+0x10/0x10
[  954.464070][   T30]  kvm_put_kvm+0x4fa/0xb40
[  954.468485][   T30]  ? __pfx_kvm_vm_release+0x10/0x10
[  954.491922][   T30]  kvm_vm_release+0x3c/0x50
[  954.496425][   T30]  __fput+0x3f8/0xb60
[  954.517298][   T30]  task_work_run+0x14e/0x250
[  954.534147][   T30]  ? __pfx_task_work_run+0x10/0x10
[  954.539256][   T30]  ? __pfx___do_sys_close_range+0x10/0x10
[  954.572112][   T30]  syscall_exit_to_user_mode+0x27b/0x2a0
[  954.592204][   T30]  do_syscall_64+0xda/0x250
[  954.596718][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  954.622169][   T30] RIP: 0033:0x7fa286380809
[  954.626589][   T30] RSP: 002b:00007ffedb7848a8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  954.663329][   T30] RAX: 0000000000000000 RBX: 00007fa286547ba0 RCX: 00007fa286380809
[  954.692134][   T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  954.700109][   T30] RBP: 00007fa286547ba0 R08: 0000000000000294 R09: 00007ffedb784b8f
[  954.742151][   T30] R10: 00007fa286547ac0 R11: 0000000000000246 R12: 00000000000c3059
[  954.750123][   T30] R13: 00007fa286546160 R14: 0000000000000032 R15: ffffffffffffffff
[  954.795010][   T30]  </TASK>
[  954.811352][   T30] INFO: task syz.3.2276:14429 blocked for more than 144 seconds.
[  954.819055][   T30]       Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  954.876506][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  954.916676][   T30] task:syz.3.2276      state:D stack:26272 pid:14429 tgid:14422 ppid:5837   flags:0x00004004
[  954.970607][   T30] Call Trace:
[  954.973891][   T30]  <TASK>
[  954.976806][   T30]  __schedule+0xe58/0x5ad0
[  955.016266][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  955.044217][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  955.049431][   T30]  ? __pfx___schedule+0x10/0x10
[  955.075824][   T30]  ? schedule+0x298/0x350
[  955.080193][   T30]  ? __pfx_lock_release+0x10/0x10
[  955.103502][T14619] Bluetooth: hci20: command tx timeout
[  955.114151][   T30]  ? __mutex_trylock_common+0x78/0x250
[  955.119611][   T30]  ? lock_acquire+0x2f/0xb0
[  955.145943][   T30]  ? schedule+0x1fd/0x350
[  955.150279][   T30]  schedule+0xe7/0x350
[  955.173620][   T30]  schedule_preempt_disabled+0x13/0x30
[  955.179080][   T30]  __mutex_lock+0x62b/0xa60
[  955.205004][   T30]  ? __flush_work+0x791/0xc30
[  955.209682][   T30]  ? rcu_barrier+0x48/0x700
[  955.236522][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  955.252007][   T30]  ? enable_work+0x29e/0x340
[  955.256594][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  955.281106][   T30]  ? rcu_barrier+0x48/0x700
[  955.285609][   T30]  rcu_barrier+0x48/0x700
[  955.289922][   T30]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  955.331014][   T30]  flush_rcu_work+0x54/0xd0
[  955.335540][   T30]  kvfree_rcu_barrier+0x1cf/0x370
[  955.365003][   T30]  kmem_cache_destroy+0x2c/0x170
[  955.369976][   T30]  p9_client_destroy+0x2de/0x480
[  955.395832][   T30]  ? __pfx_p9_client_destroy+0x10/0x10
[  955.410852][   T30]  ? __pfx_ida_free+0x10/0x10
[  955.415529][   T30]  ? do_raw_spin_unlock+0x172/0x230
[  955.441360][   T30]  v9fs_session_close+0x49/0x2d0
[  955.446325][   T30]  v9fs_kill_super+0x4d/0xa0
[  955.471222][   T30]  deactivate_locked_super+0xbe/0x1a0
[  955.476604][   T30]  v9fs_mount+0x62c/0xa30
[  955.502322][   T30]  ? __pfx_v9fs_mount+0x10/0x10
[  955.507182][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  955.533313][   T30]  ? __pfx_v9fs_mount+0x10/0x10
[  955.538169][   T30]  legacy_get_tree+0x109/0x220
[  955.566534][   T30]  vfs_get_tree+0x8f/0x380
[  955.582487][   T30]  path_mount+0x14e6/0x1f20
[  955.587019][   T30]  ? __pfx_path_mount+0x10/0x10
[  955.615130][   T30]  __x64_sys_mount+0x294/0x320
[  955.619901][   T30]  ? __pfx___x64_sys_mount+0x10/0x10
[  955.644978][   T30]  do_syscall_64+0xcd/0x250
[  955.649483][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  955.680516][   T30] RIP: 0033:0x7f6a4ff80809
[  955.684927][   T30] RSP: 002b:00007f6a50e1b058 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  955.718039][   T30] RAX: ffffffffffffffda RBX: 00007f6a50146160 RCX: 00007f6a4ff80809
[  955.752081][   T30] RDX: 0000000020004380 RSI: 0000000020000180 RDI: 0000000000000000
[  955.773675][   T30] RBP: 00007f6a4fff393e R08: 0000000020004280 R09: 0000000000000000
[  955.797952][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  955.828016][   T30] R13: 0000000000000000 R14: 00007f6a50146160 R15: 00007ffeae5f0228
[  955.855022][   T30]  </TASK>
[  955.874094][   T30] INFO: task syz.5.2278:14433 blocked for more than 145 seconds.
[  955.903918][   T30]       Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  955.924666][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  955.951997][   T30] task:syz.5.2278      state:D stack:25024 pid:14433 tgid:14433 ppid:12198  flags:0x00004006
[  955.985724][   T30] Call Trace:
[  955.988995][   T30]  <TASK>
[  956.004933][   T30]  __schedule+0xe58/0x5ad0
[  956.020708][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  956.025908][   T30]  ? __pfx___schedule+0x10/0x10
[  956.053575][   T30]  ? schedule+0x298/0x350
[  956.057904][   T30]  ? __pfx_lock_release+0x10/0x10
[  956.084989][   T30]  ? __mutex_trylock_common+0x78/0x250
[  956.103431][   T30]  ? lock_acquire+0x2f/0xb0
[  956.107935][   T30]  ? schedule+0x1fd/0x350
[  956.133543][   T30]  schedule+0xe7/0x350
[  956.137611][   T30]  schedule_preempt_disabled+0x13/0x30
[  956.164986][   T30]  __mutex_lock+0x62b/0xa60
[  956.175359][   T30]  ? trace_lock_acquire+0x146/0x1e0
[  956.196073][   T30]  ? rcu_barrier+0x48/0x700
[  956.217544][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  956.231082][   T30]  ? tdp_mmu_next_root+0xdb/0x620
[  956.236106][   T30]  ? kvm_mmu_uninit_tdp_mmu+0x25/0xe0
[  956.262055][   T30]  ? rcu_barrier+0x48/0x700
[  956.266550][   T30]  rcu_barrier+0x48/0x700
[  956.292110][   T30]  ? do_raw_read_unlock+0x44/0xe0
[  956.297137][   T30]  kvm_mmu_uninit_vm+0x5b/0x60
[  956.324343][   T30]  kvm_arch_destroy_vm+0x360/0x490
[  956.329468][   T30]  ? __pfx_kvm_arch_destroy_vm+0x10/0x10
[  956.354491][   T30]  kvm_put_kvm+0x4fa/0xb40
[  956.358905][   T30]  ? __pfx_kvm_vm_release+0x10/0x10
[  956.391091][   T30]  kvm_vm_release+0x3c/0x50
[  956.395591][   T30]  __fput+0x3f8/0xb60
[  956.399562][   T30]  task_work_run+0x14e/0x250
[  956.428194][   T30]  ? __pfx_task_work_run+0x10/0x10
[  956.453513][   T30]  ? __pfx___do_sys_close_range+0x10/0x10
[  956.459230][   T30]  syscall_exit_to_user_mode+0x27b/0x2a0
[  956.483491][   T30]  do_syscall_64+0xda/0x250
[  956.487997][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  956.514970][   T30] RIP: 0033:0x7f223db80809
[  956.519377][   T30] RSP: 002b:00007ffdd985bcc8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  956.562029][   T30] RAX: 0000000000000000 RBX: 00007f223dd47ba0 RCX: 00007f223db80809
[  956.570002][   T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  956.612003][   T30] RBP: 00007f223dd47ba0 R08: 000000000000023c R09: 00007ffdd985bfaf
[  956.619973][   T30] R10: 00000000003ffba8 R11: 0000000000000246 R12: 00000000000c384c
[  956.661612][   T30] R13: 00007f223dd46160 R14: 0000000000000032 R15: ffffffffffffffff
[  956.669591][   T30]  </TASK>
[  956.704540][   T30] 
[  956.704540][   T30] Showing all locks held in the system:
[  956.740880][   T30] 1 lock held by khungtaskd/30:
[  956.745741][   T30]  #0: ffffffff8e1bbb40 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390
[  956.792091][   T30] 3 locks held by kworker/u8:2/35:
[  956.797191][   T30]  #0: ffff88801b081148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  956.843499][   T30]  #1: ffffc90000ab7d80 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  956.877448][   T30]  #2: ffffffff8fef3588 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0
[  956.905047][   T30] 2 locks held by getty/5596:
[  956.909710][   T30]  #0: ffff8880367da0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  956.951228][   T30]  #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480
[  956.984945][   T30] 2 locks held by kworker/1:3/5839:
[  957.001281][   T30] 2 locks held by kworker/1:4/5892:
[  957.006468][   T30] 3 locks held by kworker/0:6/5896:
[  957.039226][   T30]  #0: ffff88801b078948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  957.071199][   T30]  #1: ffffc90003037d80 (ser_release_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  957.107802][   T30]  #2: ffffffff8e1c7340 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x700
[  957.138716][   T30] 3 locks held by kworker/1:5/5921:
[  957.153495][   T30] 2 locks held by kworker/u8:14/6769:
[  957.158849][   T30] 3 locks held by kworker/u8:22/6780:
[  957.185260][   T30]  #0: ffff88814dcfb148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  957.223175][   T30]  #1: ffffc9000c547d80 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  957.271879][   T30]  #2: ffffffff8fef3588 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x12/0x30
[  957.295190][   T30] 2 locks held by kworker/1:0/11696:
[  957.316062][   T30] 1 lock held by syz.6.2266/14380:
[  957.331370][   T30] 1 lock held by syz.0.2274/14412:
[  957.336471][   T30]  #0: ffffffff8e1c7340 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x700
[  957.381980][   T30] 1 lock held by syz.3.2276/14429:
[  957.387088][   T30]  #0: ffffffff8e1c7340 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x700
[  957.426895][   T30] 1 lock held by syz.5.2278/14433:
[  957.446199][   T30]  #0: ffffffff8e1c7340 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x700
[  957.477936][   T30] 7 locks held by syz-executor/14487:
[  957.491973][   T30]  #0: ffff88802410e420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  957.522260][   T30]  #1: ffff88807e701888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  957.558610][   T30]  #2: ffff888143f70788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  957.585052][   T30]  #3: ffffffff8f488748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  957.616273][   T30]  #4: ffff88805b8c30e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xa4/0x610
[  957.662448][   T30]  #5: ffff88805b8c4250 (&devlink->lock_key#5){+.+.}-{4:4}, at: nsim_drv_remove+0x4a/0x1d0
[  957.692101][   T30]  #6: ffffffff8e1c7340 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x700
[  957.722186][   T30] 3 locks held by syz.7.2285/14517:
[  957.727398][   T30]  #0: ffff88805cd491c0 (&tty->legacy_mutex){+.+.}-{4:4}, at: __tty_hangup.part.0+0xb8/0x890
[  957.772149][   T30]  #1: ffff88805cd490a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_lock+0x65/0xb0
[  957.801413][   T30]  #2: ffffffff8e1c7340 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x700
[  957.833512][   T30] 4 locks held by syz-executor/14508:
[  957.838874][   T30]  #0: ffff88802410e420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  957.881210][   T30]  #1: ffff8880489dd088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  957.910270][   T30]  #2: ffff888143f70788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  957.942180][   T30]  #3: ffffffff8f488748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  957.969100][   T30] 1 lock held by syz.9.2286/14536:
[  957.993464][   T30]  #0: ffffffff8e1c7340 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x700
[  958.025121][   T30] 4 locks held by syz-executor/14540:
[  958.041388][   T30]  #0: ffff88802410e420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  958.050346][   T30]  #1: ffff88806f706888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  958.103559][   T30]  #2: ffff888143f70788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  958.133460][   T30]  #3: ffffffff8f488748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  958.164427][   T30] 4 locks held by syz-executor/14549:
[  958.169785][   T30]  #0: ffff88802410e420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  958.215847][   T30]  #1: ffff88803c811088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  958.243494][   T30]  #2: ffff888143f70788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  958.272757][   T30]  #3: ffffffff8f488748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  958.307078][   T30] 4 locks held by syz-executor/14558:
[  958.331364][   T30]  #0: ffff88802410e420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  958.340342][   T30]  #1: ffff888079d14c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  958.384584][   T30]  #2: ffff888143f70788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  958.421232][   T30]  #3: ffffffff8f488748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  958.451449][   T30] 4 locks held by syz-executor/14572:
[  958.456824][   T30]  #0: ffff88802410e420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  958.503514][   T30]  #1: ffff88808832c488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  958.531949][   T30]  #2: ffff888143f70788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  958.563606][   T30]  #3: ffffffff8f488748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  958.596497][   T30] 4 locks held by syz-executor/14581:
[  958.611956][   T30]  #0: ffff88802410e420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  958.651076][   T30]  #1: ffff888038fb3c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  958.672460][   T30]  #2: ffff888143f70788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  958.712115][   T30]  #3: ffffffff8f488748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  958.744923][   T30] 4 locks held by syz-executor/14590:
[  958.750290][   T30]  #0: ffff88802410e420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  958.785411][   T30]  #1: ffff88805a1df488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  958.816138][   T30]  #2: ffff888143f70788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  958.848194][   T30]  #3: ffffffff8f488748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  958.882124][   T30] 3 locks held by kworker/u9:1/14591:
[  958.887489][   T30]  #0: ffff88807be54148 ((wq_completion)hci10){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  958.936329][   T30]  #1: ffffc900047efd80 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  958.976301][   T30]  #2: ffff88807890cd80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x170/0x410
[  959.008013][   T30] 4 locks held by syz-executor/14600:
[  959.023676][   T30]  #0: ffff88802410e420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  959.052133][   T30]  #1: ffff88803d84c888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  959.085470][   T30]  #2: ffff888143f70788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  959.106626][T14627] Bluetooth: hci10: command 0x0406 tx timeout
[  959.112854][T14627] Bluetooth: hci11: command 0x0406 tx timeout
[  959.135701][   T30]  #3: ffffffff8f488748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  959.170710][   T30] 4 locks held by syz-executor/14609:
[  959.176071][   T30]  #0: ffff88802410e420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  959.220718][   T30]  #1: ffff88808a04ac88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  959.253544][   T30]  #2: ffff888143f70788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  959.286309][   T30]  #3: ffffffff8f488748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  959.314372][   T30] 6 locks held by kworker/u9:3/14619:
[  959.319731][   T30]  #0: ffff88802684b148 ((wq_completion)hci11){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  959.364961][   T30]  #1: ffffc900045efd80 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  959.403348][   T30]  #2: ffff888012724d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x170/0x410
[  959.436607][   T30]  #3: ffff888012724078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x147/0xb40
[  959.466477][   T30]  #4: ffffffff9015d088 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x14f/0x330
[  959.498699][   T30]  #5: ffffffff8e1c7478 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a4/0x3b0
[  959.528886][   T30] 4 locks held by syz-executor/14622:
[  959.547905][   T30]  #0: ffff88802410e420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  959.573854][   T30]  #1: ffff88809996d088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  959.611263][   T30]  #2: ffff888143f70788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  959.643485][   T30]  #3: ffffffff8f488748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  959.676516][   T30] 4 locks held by syz-executor/14624:
[  959.692440][   T30]  #0: ffff88802410e420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  959.722542][   T30]  #1: ffff888099943888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  959.753037][   T30]  #2: ffff888143f70788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  959.783639][   T30]  #3: ffffffff8f488748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  959.817331][   T30] 2 locks held by syz-executor/14641:
[  959.833148][   T30]  #0: ffffffff8fef3588 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230
[  959.871792][   T30]  #1: ffffffff8fff1bc8 (flowtable_lock){+.+.}-{4:4}, at: nf_flow_table_cleanup+0x81/0x3d0
[  959.913659][   T30] 
[  959.915979][   T30] =============================================
[  959.915979][   T30] 
[  959.958661][   T30] NMI backtrace for cpu 0
[  959.962980][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  959.973121][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  959.983153][   T30] Call Trace:
[  959.986408][   T30]  <TASK>
[  959.989319][   T30]  dump_stack_lvl+0x116/0x1f0
[  959.993983][   T30]  nmi_cpu_backtrace+0x27b/0x390
[  959.998899][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  960.004859][   T30]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  960.010827][   T30]  watchdog+0xf14/0x1240
[  960.015052][   T30]  ? __pfx_watchdog+0x10/0x10
[  960.019729][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  960.024914][   T30]  ? __kthread_parkme+0x148/0x220
[  960.029923][   T30]  ? __pfx_watchdog+0x10/0x10
[  960.034582][   T30]  kthread+0x2c1/0x3a0
[  960.038631][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  960.043813][   T30]  ? __pfx_kthread+0x10/0x10
[  960.048386][   T30]  ret_from_fork+0x45/0x80
[  960.052779][   T30]  ? __pfx_kthread+0x10/0x10
[  960.057348][   T30]  ret_from_fork_asm+0x1a/0x30
[  960.062105][   T30]  </TASK>
[  960.066418][   T30] Sending NMI from CPU 0 to CPUs 1:
[  960.072298][    C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x1a/0x20
[  960.308765][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  960.315618][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  960.325744][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  960.335774][   T30] Call Trace:
[  960.339030][   T30]  <TASK>
[  960.341939][   T30]  dump_stack_lvl+0x3d/0x1f0
[  960.346536][   T30]  panic+0x71d/0x800
[  960.350414][   T30]  ? __pfx_panic+0x10/0x10
[  960.354829][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  960.360179][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  960.366138][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  960.371494][   T30]  ? watchdog+0xd7e/0x1240
[  960.375890][   T30]  ? watchdog+0xd71/0x1240
[  960.380284][   T30]  watchdog+0xd8f/0x1240
[  960.384510][   T30]  ? __pfx_watchdog+0x10/0x10
[  960.389164][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  960.394344][   T30]  ? __kthread_parkme+0x148/0x220
[  960.399347][   T30]  ? __pfx_watchdog+0x10/0x10
[  960.404001][   T30]  kthread+0x2c1/0x3a0
[  960.408049][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  960.413229][   T30]  ? __pfx_kthread+0x10/0x10
[  960.417802][   T30]  ret_from_fork+0x45/0x80
[  960.422192][   T30]  ? __pfx_kthread+0x10/0x10
[  960.426763][   T30]  ret_from_fork_asm+0x1a/0x30
[  960.431514][   T30]  </TASK>
[  960.434726][   T30] Kernel Offset: disabled
[  960.439031][   T30] Rebooting in 86400 seconds..