last executing test programs:

31m9.783339083s ago: executing program 32 (id=21):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

30m22.997686752s ago: executing program 33 (id=162):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000240)={0x1, 0x1, 0x0, &(0x7f0000000200)=""/51, 0x0})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000340))
r4 = dup(r3)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x1, r4})
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f00000003c0)={0x1, r1})

30m17.118965733s ago: executing program 34 (id=176):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_open_pts(0xffffffffffffffff, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000180)=0x7, 0x4)
sendmmsg(r1, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000ac0)='<', 0x1}], 0x1}}], 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r3, 0x1, 0x3, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xa}]}]}, 0x30}}, 0x20000010)

25m18.813510238s ago: executing program 35 (id=582):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001540)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000500000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e34ff65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd086004c4a56c6cce6e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e430a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b051f47db7aa110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c0000000000000000000a000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3938e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea875583e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba46cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5ccb9f10f615c87c441dc50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f246e891e20ecaad7059866506c3000000000c3230e901e885b7a4a36bdfdb5ce7a2e5807a0f4c1d461d1243fccf51b875b49490cd7d044e7a1e1a4c013fae1f070a8a37ab90da2efc6c875b3aab34b75a252072691fc97bef0fed8ee597ab83bb53f89c36bc2ee3ad54904542f66dc94132df75fc9944882d6f2e13b7057e0000000000000000000000000000000000001b726c0ccd24000000000000cfd2f4d005578b9ed06e1c41ef3b411066739de953d39b968caaca1507928d68c8f0"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r4, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d80)=@newtaction={0x68, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x7f, 0x0, 0x2, 0x4, 0x8}, 0x1, r5}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x68}}, 0x0)

22m44.462839841s ago: executing program 36 (id=780):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
ioctl$sock_netdev_private(0xffffffffffffffff, 0x89ff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f00000000c0)='tmpfs\x00', 0xa145c7, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
lseek(r4, 0xfff, 0x0)

20m5.722101124s ago: executing program 37 (id=920):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
fanotify_init(0x4, 0x2)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x810, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x4, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000240)=@file={0x0, './file0\x00'}, 0x6e)
sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x400c4)
syz_emit_ethernet(0x74, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x73, 0x0, @private=0x300, @multicast1}, {0x0, 0x0, 0xfffffe9a, 0x0, @gue={{0x2}}}}}}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
mount$9p_rdma(&(0x7f00000000c0), &(0x7f0000000140)='.\x00', &(0x7f00000001c0), 0x10000, &(0x7f0000000440)={'trans=rdma,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@rq={'rq', 0x3d, 0x9}}]}})

15m13.258296658s ago: executing program 7 (id=1116):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r1, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x80001)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r6, 0x4040534e, 0x0)
sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r7 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r7, 0x0, 0x0)

15m10.957336543s ago: executing program 7 (id=1117):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r1, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x80001)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r6, 0x4040534e, 0x0)
sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r7 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r7, 0x0, 0x0)

15m4.911460437s ago: executing program 7 (id=1122):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r1, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x80001)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r6, 0x4040534e, 0x0)
sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r7 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r7, 0x0, 0x0)

14m52.41794505s ago: executing program 7 (id=1128):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
ioctl$HIDIOCSREPORT(0xffffffffffffffff, 0x81044804, &(0x7f0000000400)={0x1, 0x2})
ioctl$XFS_IOC_AG_GEOMETRY(0xffffffffffffffff, 0xc080583d, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x10)
ioctl$HIDIOCGFLAG(0xffffffffffffffff, 0x8004480e, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
gettid()
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000800000/0x800000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r3 = creat(&(0x7f0000000240)='./file0\x00', 0x40)
close(r3)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, 0x930, 0x6000002, 0x4018831, r3, 0x0)
userfaultfd(0x80801)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x7)

14m42.230562509s ago: executing program 7 (id=1138):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r1, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x80001)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, 0x0)
sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r8, 0x0, 0x0)

14m40.357737594s ago: executing program 7 (id=1139):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000300)={0x4, 0xfc, "98f310", 0x3, 0x18})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newsa={0x144, 0x10, 0x1, 0xfffffffe, 0x25dfdbfd, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x80, 0x3a}, {@in=@broadcast, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8, 0x2}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3505, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @mark={0xc, 0x15, {0x35075b, 0x8}}]}, 0x144}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f0000000640)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1, 0x0, 0x2}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x3a}, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff, 0xfffffffe}}, 0xe8)
sendmmsg(r7, &(0x7f0000007fc0), 0x800001d, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x6, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xe1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0xa, 0x20}, {}, {}, {0x18, 0x2, 0x2, 0x0, r1}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

14m23.76987422s ago: executing program 38 (id=1139):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000300)={0x4, 0xfc, "98f310", 0x3, 0x18})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newsa={0x144, 0x10, 0x1, 0xfffffffe, 0x25dfdbfd, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x80, 0x3a}, {@in=@broadcast, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8, 0x2}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3505, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @mark={0xc, 0x15, {0x35075b, 0x8}}]}, 0x144}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f0000000640)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1, 0x0, 0x2}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x3a}, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff, 0xfffffffe}}, 0xe8)
sendmmsg(r7, &(0x7f0000007fc0), 0x800001d, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x6, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xe1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0xa, 0x20}, {}, {}, {0x18, 0x2, 0x2, 0x0, r1}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

14m22.426588903s ago: executing program 9 (id=1154):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000300)={0x4, 0xfc, "98f310", 0x3, 0x18})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newsa={0x144, 0x10, 0x1, 0xfffffffe, 0x25dfdbfd, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x80, 0x3a}, {@in=@broadcast, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8, 0x2}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3505, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @mark={0xc, 0x15, {0x35075b, 0x8}}]}, 0x144}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f0000000640)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1, 0x0, 0x2}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x3a}, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff, 0xfffffffe}}, 0xe8)
sendmmsg(r7, &(0x7f0000007fc0), 0x800001d, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x6, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xe1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0xa, 0x20}, {}, {}, {0x18, 0x2, 0x2, 0x0, r1}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

14m20.865311844s ago: executing program 9 (id=1155):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=0x0], 0x14}, 0x1, 0x0, 0x0, 0x20000801}, 0x4)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000380)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mknod$loop(0x0, 0xfff, 0x0)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f00000001c0)={{@host}, @host, 0x0, 0x2000000, 0x2449, 0xfffffffffffffffd})
utimes(0x0, 0x0)

14m13.157971302s ago: executing program 9 (id=1158):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r1, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x80001)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, 0x0)
sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r8, 0x0, 0x0)

14m11.385683834s ago: executing program 9 (id=1159):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000300)={0x4, 0xfc, "98f310", 0x3, 0x18})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newsa={0x144, 0x10, 0x1, 0xfffffffe, 0x25dfdbfd, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x80, 0x3a}, {@in=@broadcast, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8, 0x2}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3505, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @mark={0xc, 0x15, {0x35075b, 0x8}}]}, 0x144}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000000640)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1, 0x0, 0x2}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x3a}, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff, 0xfffffffe}}, 0xe8)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x1c)

14m3.577307453s ago: executing program 9 (id=1162):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000300)={0x4, 0xfc, "98f310", 0x3, 0x18})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newsa={0x144, 0x10, 0x1, 0xfffffffe, 0x25dfdbfd, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x80, 0x3a}, {@in=@broadcast, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8, 0x2}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3505, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @mark={0xc, 0x15, {0x35075b, 0x8}}]}, 0x144}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r7, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f0000000640)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1, 0x0, 0x2}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x3a}, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff, 0xfffffffe}}, 0xe8)
sendmmsg(r7, &(0x7f0000007fc0), 0x800001d, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x6, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xe1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0xa, 0x20}, {}, {}, {0x18, 0x2, 0x2, 0x0, r1}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

14m1.876997319s ago: executing program 9 (id=1164):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, 0x0, 0x0)
r6 = syz_open_dev$loop(&(0x7f0000000100), 0x7, 0x0)
ioctl$LOOP_SET_FD(r6, 0x4c00, r4)
ioctl$LOOP_SET_STATUS64(r6, 0x4c04, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={0x0}}, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
mount_setattr(0xffffffffffffff9c, 0x0, 0x8100, 0x0, 0x0)
openat$dsp(0xffffff9c, &(0x7f0000000080), 0x480, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)

13m45.195189369s ago: executing program 39 (id=1164):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, 0x0, 0x0)
r6 = syz_open_dev$loop(&(0x7f0000000100), 0x7, 0x0)
ioctl$LOOP_SET_FD(r6, 0x4c00, r4)
ioctl$LOOP_SET_STATUS64(r6, 0x4c04, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={0x0}}, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
mount_setattr(0xffffffffffffff9c, 0x0, 0x8100, 0x0, 0x0)
openat$dsp(0xffffff9c, &(0x7f0000000080), 0x480, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)

8m19.537049767s ago: executing program 8 (id=1388):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VHOST_SET_VRING_NUM(r0, 0x4008af10, 0x0)
r1 = creat(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
getpid()
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_open_dev$video4linux(&(0x7f0000000380), 0xb9000000, 0xc00c0)
ioctl$VIDIOC_QUERY_EXT_CTRL(r3, 0xc0e85667, &(0x7f00000003c0)={0x80f0f000, 0x10e, "9a0400000066e934d198b1abaa7da80f000009000009dcb6740000b4d2002800", 0x0, 0x8000000000000001, 0x3, 0x4000000000003, 0x4, 0x7, 0x20001, 0x5, [0x0, 0xffffffff, 0x80000001, 0x70]})
ioctl$KVM_CAP_PMU_CAPABILITY(r1, 0x4068aea3, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
socket(0x10, 0x2, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x8040, 0x0)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000040)={0x0, 0xffffffff, 0x1, 0x0, 0x90, "ff00f7000000000000000020af88008300"})
r5 = syz_open_pts(r4, 0x141601)
write(r5, &(0x7f0000000000)="d5", 0xfffffedf)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000001c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6}, {0x7}, {0x3}}}, 0x24}}, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0xf)
sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x20000080, 0x0, 0x0)

8m16.03137651s ago: executing program 8 (id=1390):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x0, 0x0)
prlimit64(r1, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x80001)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, 0x0)
sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r8, 0x0, 0x0)

8m10.482097947s ago: executing program 8 (id=1393):
r0 = socket$inet(0xa, 0x801, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100020008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_open_dev$video(&(0x7f0000000080), 0x7, 0x0)
ioctl$VIDIOC_QUERYCTRL(r4, 0xc0445624, &(0x7f0000000000)={0x8000004, 0x6, "e22e845e3ede57135adc514d00000000001af2bb6b1543835f00", 0x0, 0x4, 0x8000, 0x9, 0x10})
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @rand_addr=0x64010100}, 0x10)
listen(r0, 0x6)
r5 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r5, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000780))
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/191, 0x0, 0x2000})
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r5, 0x4008af13, &(0x7f0000000040))
accept4(r0, 0x0, 0x0, 0x0)

8m7.924722784s ago: executing program 2 (id=1395):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
io_uring_setup(0x36df, &(0x7f0000000180)={0x0, 0x472f, 0x10000, 0x3, 0xdf})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
semctl$GETALL(0x0, 0x0, 0xd, 0xfffffffffffffffe)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=0x0], 0x14}, 0x1, 0x0, 0x0, 0x20000801}, 0x4)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000380)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mknod$loop(0x0, 0xfff, 0x0)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f00000009c0)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000140)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f00000001c0)={{@host}, @host, 0x0, 0x2000000, 0x2449, 0xfffffffffffffffd})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f0000000040)={{@my=0x1}, @any, 0x0, 0x1, 0x9, 0xfffffffffffffffd, 0x0, 0x8, 0x1})
utimes(0x0, 0x0)

8m6.324372347s ago: executing program 2 (id=1397):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r1, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x80001)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, 0x0)
sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r8, 0x0, 0x0)

7m59.938799111s ago: executing program 8 (id=1401):
r0 = socket(0x1, 0x5, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
close(r5)
close(r0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/stat\x00', 0x0, 0x0)
r6 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r0, &(0x7f0000000500)={0x80000000})
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r0, &(0x7f0000000040)={0x80002017})
r7 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000000c0)={0x28, r7, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x7fff}]}, 0x28}}, 0x20000000)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8ab8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYRES32=r8], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000030, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

7m59.707305056s ago: executing program 2 (id=1402):
r0 = socket$inet(0xa, 0x801, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100020008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_open_dev$video(&(0x7f0000000080), 0x7, 0x0)
ioctl$VIDIOC_QUERYCTRL(r4, 0xc0445624, &(0x7f0000000000)={0x8000004, 0x6, "e22e845e3ede57135adc514d00000000001af2bb6b1543835f00", 0x0, 0x4, 0x8000, 0x9, 0x10})
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @rand_addr=0x64010100}, 0x10)
listen(r0, 0x6)
r5 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r5, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, 0x0, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000780))
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/191, 0x0, 0x2000})
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f00000000c0)=0x1)
r6 = accept4(r0, 0x0, 0x0, 0x0)
close(r6)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f00000000c0)='test_dummy_encryption', 0x0, 0x0)

7m57.721578456s ago: executing program 8 (id=1404):
r0 = socket(0x1, 0x5, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
close(r5)
close(r0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/stat\x00', 0x0, 0x0)
r6 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r0, &(0x7f0000000500)={0x80000000})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8ab8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYRES32=r7], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000030, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

7m55.786844062s ago: executing program 8 (id=1405):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x0, 0x0)
prlimit64(r1, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x80001)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, 0x0)
sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r8, 0x0, 0x0)

7m55.715301654s ago: executing program 2 (id=1406):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
fsopen(&(0x7f0000000000)='exfat\x00', 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x44000, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom0\x00', 0x803, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000280)={'syzkaller0\x00', 0x7101})
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000180)={0x0, 0x7, 0x1d}, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000780))
r3 = gettid()
timer_create(0x4, &(0x7f0000533fa0)={0x0, 0x41, 0x800000000004, @tid=r3}, &(0x7f0000000340)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0xffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f909, 0x8000, '\x00', @p_u32=&(0x7f0000000080)=0x411b}})
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
r5 = shmget$private(0x0, 0x800000, 0x0, &(0x7f0000173000/0x800000)=nil)
shmctl$SHM_LOCK(r5, 0xb)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
shmctl$SHM_UNLOCK(r5, 0xc)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.controllers\x00', 0x0, 0x0)

7m53.115174627s ago: executing program 2 (id=1409):
socket$netlink(0x10, 0x3, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x80001)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r6, 0x4040534e, 0x0)
sendto$inet(r4, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
r7 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r7, 0x0, 0x0)

7m50.15978926s ago: executing program 2 (id=1410):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r1, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x80001)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, 0x0)
sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r8, 0x0, 0x0)

7m39.703324324s ago: executing program 40 (id=1405):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x0, 0x0)
prlimit64(r1, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x80001)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, 0x0)
sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r8, 0x0, 0x0)

7m32.891485421s ago: executing program 41 (id=1410):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r1, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x80001)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, 0x0)
sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r8, 0x0, 0x0)

6m57.002267504s ago: executing program 6 (id=1435):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000300)={0x4, 0xfc, "98f310", 0x3, 0x18})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newsa={0x144, 0x10, 0x1, 0xfffffffe, 0x25dfdbfd, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x80, 0x3a}, {@in=@broadcast, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8, 0x2}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3505, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @mark={0xc, 0x15, {0x35075b, 0x8}}]}, 0x144}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000000640)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1, 0x0, 0x2}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x3a}, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff, 0xfffffffe}}, 0xe8)
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x6, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xe1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0xa, 0x20}, {}, {}, {0x18, 0x2, 0x2, 0x0, r1}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

6m52.327252518s ago: executing program 6 (id=1436):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VHOST_SET_VRING_NUM(r0, 0x4008af10, 0x0)
r1 = creat(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
getpid()
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_open_dev$video4linux(&(0x7f0000000380), 0xb9000000, 0xc00c0)
ioctl$VIDIOC_QUERY_EXT_CTRL(r3, 0xc0e85667, &(0x7f00000003c0)={0x80f0f000, 0x10e, "9a0400000066e934d198b1abaa7da80f000009000009dcb6740000b4d2002800", 0x0, 0x8000000000000001, 0x3, 0x4000000000003, 0x4, 0x7, 0x20001, 0x5, [0x0, 0xffffffff, 0x80000001, 0x70]})
ioctl$KVM_CAP_PMU_CAPABILITY(r1, 0x4068aea3, &(0x7f0000000240)={0xd4, 0x0, 0xaaf})
socket$igmp6(0xa, 0x3, 0x2)
socket(0x10, 0x2, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x8040, 0x0)
ioctl$TCSETS(r4, 0x40045431, 0x0)
r5 = syz_open_pts(r4, 0x141601)
write(r5, &(0x7f0000000000)="d5", 0xfffffedf)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000001c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6}, {0x7}, {0x3}}}, 0x24}}, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0xf)
sendto$unix(0xffffffffffffffff, 0x0, 0x0, 0x20000080, 0x0, 0x0)

6m48.083897219s ago: executing program 6 (id=1437):
r0 = socket(0x1, 0x5, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
close(r5)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/stat\x00', 0x0, 0x0)
r6 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r0, &(0x7f0000000500)={0x80000000})
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r0, &(0x7f0000000040)={0x80002017})
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
sendmsg$NBD_CMD_CONNECT(r7, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000000c0)={0x28, r8, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x7fff}]}, 0x28}}, 0x20000000)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8ab8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYRES32=r9], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000030, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

6m44.066767395s ago: executing program 6 (id=1439):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
fsopen(&(0x7f0000000000)='exfat\x00', 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x44000, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom0\x00', 0x803, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000280)={'syzkaller0\x00', 0x7101})
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000180)={0x0, 0x7, 0x1d}, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000780))
r3 = gettid()
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prlimit64(r3, 0xa, &(0x7f0000000040)={0x2, 0xfffffdffffffffff}, &(0x7f00000001c0))
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0xffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f909, 0x8000, '\x00', @p_u32=&(0x7f0000000080)=0x411b}})
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
r4 = shmget$private(0x0, 0x800000, 0x0, &(0x7f0000173000/0x800000)=nil)
shmctl$SHM_LOCK(r4, 0xb)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
shmctl$SHM_UNLOCK(r4, 0xc)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.controllers\x00', 0x0, 0x0)

6m36.729125034s ago: executing program 6 (id=1443):
r0 = socket(0x1, 0x5, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
close(r5)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/stat\x00', 0x0, 0x0)
r6 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r0, &(0x7f0000000500)={0x80000000})
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r0, &(0x7f0000000040)={0x80002017})
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
sendmsg$NBD_CMD_CONNECT(r7, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000000c0)={0x28, r8, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x7fff}]}, 0x28}}, 0x20000000)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8ab8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYRES32=r9], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000030, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

6m33.695348078s ago: executing program 6 (id=1444):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r1, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x80001)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, 0x0)
sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r8, 0x0, 0x0)

6m17.436657701s ago: executing program 42 (id=1444):
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(r1, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x80001)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, 0x0)
sendto$inet(r5, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$VT_DISALLOCATE(r0, 0x5608)
r8 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r8, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
keyctl$restrict_keyring(0x1d, r8, 0x0, 0x0)

1m45.711935085s ago: executing program 3 (id=1787):
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x1, 0x1, 0x405}}}, 0x7)

1m45.491432035s ago: executing program 3 (id=1789):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1m45.212619553s ago: executing program 3 (id=1792):
r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x48240)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x1})

1m44.981387321s ago: executing program 3 (id=1795):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=ANY=[], 0x188}}], 0x1, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
pwritev(0xffffffffffffffff, &(0x7f0000000d80)=[{&(0x7f0000000780)="42ebe7f5d8dde5f3e9c5c7e7bc09d8d80f373ae4dc85e6cb597bd322663b986ff272399bec41d811a763bcd2cdc221d2ac6cdeeca815ce250ce959444e7f296cb11433530cfccd0c6f450147b46eb5bbe281810c76577aaf554801815d1ee516cc0752832233d7610ce165a593e43cbaa4f52db28e5aead94767ad0d0ccf1cd422fcfd87e848c94a2be6e254d827012967db0758c0fa31fff90c60693957939c8ce4ed025b", 0xa5}, {&(0x7f0000000880)}, {&(0x7f0000000540)="b4e007f06d056aa0367c73", 0xb}, {&(0x7f0000000580)="1ab9a1fec95331b4b1bb5f840b0a198cb5add980a1e5cd402aaabeb7a27d1418376394238ae0a1", 0x27}, {&(0x7f0000000700)="741f5b18fef5626f948b1919860417488e3e5141e17a3031271340b8ac67e4", 0x1f}, {0x0}, {&(0x7f0000000ac0)}], 0x7, 0x4d9e, 0x8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a050000000000000000010000000900010073797a300000000040000000030a01010000000000000000010000000900030073797a310000090000000480080002400000000008000140000000000900010000008000000000004c000000060a0104000000000000000001000000240004802000018007000100727400001400028008000240ce31b6cf080001400000000308000b40000000000900010073797a3000e9ffff130000000100010000000000000aeeb9c7da275615ac46ea6889d53c4ae599307c3ebec1699a88c01503d6fa07347deedf1ea28f6f72f6f980cf56d609aa0aa2aba830c53cbb6f3d7823e6d132c066dd4c9ee3ec9c0b34dbefe68fa35363bb4c4fdded806dd29f43897acc350256c77f4e6e63466d3481f6bc59325ad99a551a874b901ed7478d589452109e200940bc27d0efb7bbce0bf88495c5e550beba28b917ea48cbb953b7ddf6fe250ead7aa0091e4679f3c41016ea"], 0xd4}}, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1m44.432454831s ago: executing program 3 (id=1802):
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000200)={0x4, "fa02791d2a69a2610f02000000000000001100010000000800", <r1=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000080)={"6739a34dd06472f036ebf314e262816800", 0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000180), 0x28d00, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f00000004c0)={0xfffff7fb, "34e6498c060e00e0a29b39f297adca000008000100", <r4=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f00000000c0)={"0e337b42cc00d331ff0007000000000000001a00", r4})

1m44.214749081s ago: executing program 3 (id=1804):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0x38)
r1 = syz_open_dev$ndb(&(0x7f00000001c0), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
ioctl$NBD_SET_SOCK(r1, 0xab00, r2)
ioctl$NBD_DO_IT(r1, 0xab03)

1m29.181007678s ago: executing program 43 (id=1804):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0x38)
r1 = syz_open_dev$ndb(&(0x7f00000001c0), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
ioctl$NBD_SET_SOCK(r1, 0xab00, r2)
ioctl$NBD_DO_IT(r1, 0xab03)

1.922250824s ago: executing program 4 (id=2518):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x60)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = open(0x0, 0x400, 0x43)
mknodat$loop(r0, &(0x7f0000000200)='./file1\x00', 0x40, 0x1)
chdir(&(0x7f00000003c0)='./bus\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
r2 = fanotify_init(0x200, 0x0)
fanotify_mark(r2, 0x1, 0x4800003e, r1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)

1.89962587s ago: executing program 0 (id=2519):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x58}, 0x1, 0x0, 0x0, 0x44000}, 0x0)

1.881069716s ago: executing program 5 (id=2520):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000500)="b31f69"})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000980)={0x10, 0x0, &(0x7f00000008c0)=[@request_death], 0x0, 0x0, 0x0})

1.704890404s ago: executing program 0 (id=2521):
rename(&(0x7f0000000100)='./file0/../file0/file0\x00', 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000400012800c00"], 0x68}}, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72)

1.701545643s ago: executing program 4 (id=2522):
syz_open_dev$usbfs(0x0, 0x76, 0x10200)
syz_emit_ethernet(0x72, &(0x7f0000000280)={@local, @random='\x00\x00\x00%\x00', @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x3c, 0x2b, 0x0, @local, @local, {[@hopopts={0x3c}, @dstopts={0x33, 0x3, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @ra={0x5, 0x2, 0x48d}, @padn]}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0)
open(0x0, 0x0, 0x2)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
read(r0, &(0x7f0000000080)=""/1, 0x1)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x1, 0x0)
r3 = openat$cgroup_subtree(r2, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
getsockopt$IP_SET_OP_GET_BYNAME(r0, 0x1, 0x53, 0x0, &(0x7f0000000180))
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000014c0)=[{&(0x7f0000000000)='|', 0xfd}], 0xf, 0x0)
read$FUSE(r0, &(0x7f0000000340)={0x2020}, 0x2020)

1.46372081s ago: executing program 4 (id=2524):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r1=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000b98bc2cc00000000002020207b1af8ff00000000bfa100"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000fddbdf251200000008000300", @ANYRES32=r1, @ANYBLOB="0a00060008021100000100000c00430002"], 0x34}}, 0x20048054)

1.267112833s ago: executing program 1 (id=2526):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0285629, &(0x7f0000000080)={0x3, @win={{}, 0x7, 0x0, 0x0, 0x0, 0x0}})

1.244109309s ago: executing program 0 (id=2527):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40ffffff"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4084)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

1.243465999s ago: executing program 4 (id=2528):
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100)=0x3)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0xa2442, 0x0)
r2 = syz_open_dev$sndpcmp(0x0, 0x0, 0xa2c65)
write$dsp(r1, &(0x7f0000000280)='\x00', 0x1)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0884113, &(0x7f0000000000)={0x0, 0x1fffffe, 0x800007, 0x100080000000006, 0x346a, 0x100000001, 0xfffdfffffffffffe, 0x4, 0x4, 0x2, 0xfffffffd, 0x1})
close(r1)

1.075057548s ago: executing program 0 (id=2529):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x58}, 0x1, 0x0, 0x0, 0x44000}, 0x0)

1.010682846s ago: executing program 1 (id=2530):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x60)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = open(0x0, 0x400, 0x43)
mknodat$loop(r0, &(0x7f0000000200)='./file1\x00', 0x40, 0x1)
chdir(&(0x7f00000003c0)='./bus\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
r2 = fanotify_init(0x200, 0x0)
fanotify_mark(r2, 0x1, 0x4800003e, r1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)

974.44771ms ago: executing program 0 (id=2531):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x10f, 0x4})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = dup3(r1, r2, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})

890.525004ms ago: executing program 1 (id=2532):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x298, 0x0, 0x168, 0x9, 0x0, 0xb, 0x250, 0x250, 0x250, 0x250, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'veth0_to_bridge\x00', 'sit0\x00', {}, {}, 0x6c}, 0x6000000, 0xa8, 0xf0, 0x0, {0x0, 0x28e}}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'dvmrp0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{}, {0x2}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f8)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{0x0}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

810.686069ms ago: executing program 5 (id=2533):
syz_open_dev$usbfs(0x0, 0x76, 0x10200)
syz_emit_ethernet(0x72, &(0x7f0000000280)={@local, @random='\x00\x00\x00%\x00', @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x3c, 0x2b, 0x0, @local, @local, {[@hopopts={0x3c}, @dstopts={0x33, 0x3, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @ra={0x5, 0x2, 0x48d}, @padn]}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4}}}}}}}, 0x0)
open(0x0, 0x0, 0x2)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
read(r0, &(0x7f0000000080)=""/1, 0x1)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x1, 0x0)
r3 = openat$cgroup_subtree(r2, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
getsockopt$IP_SET_OP_GET_BYNAME(r0, 0x1, 0x53, 0x0, &(0x7f0000000180))
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000014c0)=[{&(0x7f0000000000)='|', 0xfd}], 0xf, 0x0)
read$FUSE(r0, &(0x7f0000000340)={0x2020}, 0x2020)

747.369608ms ago: executing program 0 (id=2534):
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000274c0340ab0560000611000000010902120001000d00000904"], 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@grpquota_block_hardlimit}]})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)

689.761447ms ago: executing program 5 (id=2535):
socket$kcm(0x10, 0x2, 0x10)
socket(0x2b, 0x1, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10)
sendmmsg$inet(r0, &(0x7f0000003100)=[{{&(0x7f0000000200)={0x2, 0x4e1e, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000f00)="b3bd296539fff3fb9bb64f722bbd5dd7f840dc1d194d5026fec2c15904a12bd66b750e44460230d41547fd623cb270eb7e3c56df888021bbe6fd81d83323babf985d67039100ab0439becd237d23d8f494a3d3e4201c35a616f64471bbd2c9e2d7e7bb62941fcb5454143359a3c740e313724a2c5f9884a23a544261f62961b547ec9ff7ea0a4da080123f4e6e98598e9cd620d5c3808fe39ce98ac6055b3aec24bb5bbdfed24e521cd347fcc0d376d622e3b561b1650e9135de383ca92da47ec7f43d66ac5efc60536df8345ecc3128039af59d00e4a44b1908bbfdcdbda5e344588d1ae0574663a1ba1694515cabce7f65b34f32ee6f4b73fe8a46140d41ec33add3f4f74bbcc82305777edd3fdecf24057e245d233bdd6bbacf368a46b709204773b2f860dbeb4fc78c116b8c187a3741811ffc75530cc67d3cdf83c378805aece5c6ea4dc87e260259e500276f53b6e95ece102907a9dcfed9e6d15d5c0ab5a6365cb6560951dc098ce1b8c4ae617343000afa98e14d4a35fb3a11990d1161a2ea56ea7e01a2f23c8f3d3e5e600a4e6c995a46ef717cb347fc9a5d830ab5f2520d098995605ba4e05b790a89392b9894a0c03ba5d92b910c1bd6641666a59d5126c4bdc7e149b5f77bf95d5efb5029a32671fffd7e638b3e4174121ed6f1b709b31d0bf7995a3b56338ecbc1b4008730ec53baa9e1048ea13e75e00c48c19a5cd4a0186a0dc9379cfda2565b2a5ef9ddd25669184ef5f0c4ece9bc010250e1437c78ce0ee713a5bafe9db7d19f870de835b6e397ffedd3506ecc8b6b09567195477d7ce09e3080be1f690d5f9d471b90130917f974a5ae026a89e4c5252311df4e97cd0324a25f2c7105a42e35554a92c44faa077c07149e629183e49b1ad78188460d2a6cf694489837ed81848c4eb88173d60b39e89f7314c261f91ef967b6702b5af2f4aa3a816b79be35789f59c6372e26be3c7652e851174cd36b101254f635e007f92d40c466be9da5f97918e87e855d416a1b9df8597222be13433dc89a117b4d9dfe75cb8caf0d6cac73c8d8de769e9bda3543c51d38ea05add9bbe2eeeb2609fbfdd7d69efe4957e36ba44fbe850627fb42a76fd9a6cffadaf25236437eb46679a263e8f94bb6ed2a05ead7e07c5d735a011c60b8cb5b5cb5e4e09b02150e2afaa1a7e9e4bf28363a88bb24e57a6beb2c112e0b0534774f4cd1f5ef850b54d3c298ab268048c9c29449288f04acba09e0905c2f63fc4b5c38559cbe44bcaf85f2cccfa0afce1d9c5ed25b58a085bc60373373d1271bfb6502df78347e6cc19f8a60eaf85915ead04dd4e2c6848054629bd1a913673cd71a3f2e458f22ed842f101980dfca0adbfa34df54125ff0cec25443633bff7758abb75b1c033e68035ee35c582c3697d183c862afd723e100ecc951467266ea3318229fc6d5e2670cfef67f159f3f27c12330466d5ca32a90ff348c0af3ac3604cb4b039579a7437c33c905e0a45d0c698ddfe20f9df5eb74f6cd95584fef838d105c3c14cdefbdbfef2e8943e65fc5cc71f8d4e58fc5fee478b563ae2bae5b90a2ae46aec745ee24a3c9b25c97103c49cc13768ca508d3bba21c864a5acd1aceebe3453dd1742853af72c51d3e6c3a3a27f2d068a3d51d655b90b7f2933b357b99ac1d6f8c3e95653645396255823edb0ff45eb4315d52837904fbfd1b180b6b0c6f8ac00adeccf4013725b7e3704eee76140b60dc596c1b3bb8e98cfc73ecf9dd3805139d7615743d4682d06def9791ef7c301820027ed3f49604d2b2eb2420acb77b65fd0308264975486866b68bfa2d34439a64928332892d755170b14aa80e2915683a5071bdb7030eaa93958cf4180e88cc308a239019313fd06d546a781600a7baed1493864e2b115b7587d9883be9181e03b815c6bbed065fe1e5a91cafdc9c23a315cb25e0bb5cd287d27d566a94007df245f9549d462c9b55e2c62a73d2fd4d6c21664615a439e60326287683cfc4e140e782524e501aaf0600000075b0adf44e1d4109916cbec3f7c7b285c86aa10cbdf455c34970b9f321197a2c47", 0x5be}], 0x1}}], 0x2, 0xc044)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'dummy0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000000)={'team0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c0000001000fbff27bd7002fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="14100400040004001c00128009000100766c616e000000000c000280060001000400000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r4], 0x4c}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002)
write$binfmt_misc(r0, 0x0, 0x0)

581.944288ms ago: executing program 4 (id=2536):
rename(&(0x7f0000000100)='./file0/../file0/file0\x00', 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000400012800c00"], 0x68}}, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72)

509.599674ms ago: executing program 5 (id=2537):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40ffffff"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4084)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

325.54366ms ago: executing program 1 (id=2538):
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), r0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000080)=ANY=[@ANYBLOB="88020000", @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="6102330050305400080211000001080211000000505050505050"], 0x288}, 0x1, 0x0, 0x0, 0x800}, 0x40000)

218.26864ms ago: executing program 5 (id=2539):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x58}, 0x1, 0x0, 0x0, 0x44000}, 0x0)

211.21655ms ago: executing program 1 (id=2540):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x60)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r0, 0x0, 0x40, 0x1)
chdir(&(0x7f00000003c0)='./bus\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
r2 = fanotify_init(0x200, 0x0)
fanotify_mark(r2, 0x1, 0x4800003e, r1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)

183.908324ms ago: executing program 4 (id=2541):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x20040040)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0xb})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000440)="42f7a85b"})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40}], 0x0, 0x0, 0x0})

23.080355ms ago: executing program 5 (id=2542):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000500)="b31f69"})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000980)={0x10, 0x0, &(0x7f00000008c0)=[@request_death], 0x0, 0x0, 0x0})

0s ago: executing program 1 (id=2543):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x10f, 0x4})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = dup3(r1, r2, 0x0)
mmap$binder(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})

kernel console output (not intermixed with test programs):

 process `syz.6.1436'.
[ 1557.549892][T14122] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1557.574053][ T1131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1557.605868][ T1131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1557.695089][T14122] 8021q: adding VLAN 0 to HW filter on device team0
[ 1557.752298][ T3440] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1557.759486][ T3440] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1557.823331][  T142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1557.826628][ T3440] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1557.838471][ T3440] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1557.861799][  T142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1558.153326][T14125] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1558.210177][T14122] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1559.495472][T14125] veth0_vlan: entered promiscuous mode
[ 1559.564826][T14125] veth1_vlan: entered promiscuous mode
[ 1560.374063][T14395] nbd: must specify at least one socket
[ 1562.117361][T14398] nbd: must specify at least one socket
[ 1563.134378][T14125] veth0_macvtap: entered promiscuous mode
[ 1563.195607][T14125] veth1_macvtap: entered promiscuous mode
[ 1563.331217][T14125] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1563.355997][T14125] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1563.381265][T14125] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1563.401085][T14125] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1563.429854][T14125] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1563.487859][T14125] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1563.512066][T14125] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1563.556211][T14125] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1563.584756][T14125] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1563.602999][T14125] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1563.643417][T14122] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1563.684657][T14125] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1563.714330][T14125] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1563.740945][T14125] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1563.749755][T14125] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1563.989567][T14122] veth0_vlan: entered promiscuous mode
[ 1564.072532][T14122] veth1_vlan: entered promiscuous mode
[ 1564.104800][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1564.152351][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1564.276290][T14122] veth0_macvtap: entered promiscuous mode
[ 1564.295260][ T3440] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1564.314516][ T3440] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1564.343960][T14122] veth1_macvtap: entered promiscuous mode
[ 1564.402683][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1564.428842][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1564.471431][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1564.490954][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1564.511088][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1564.541649][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1564.573722][T14122] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1564.614005][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1564.637079][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1564.670087][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1564.895732][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1564.944724][T14122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1566.428998][T14122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1566.562481][T14122] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1567.224860][T14122] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1567.286057][T14122] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1567.838496][T14122] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1568.151334][T14122] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1571.663216][ T9754] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1571.684340][ T9754] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1571.811784][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1571.819696][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1578.732307][T13070] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1578.743577][T13070] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1578.776097][T13070] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1578.793481][T13070] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1578.811145][T13070] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1578.818647][T13070] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1579.352191][   T27] kauditd_printk_skb: 13 callbacks suppressed
[ 1579.352230][   T27] audit: type=1326 audit(6067098488.287:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14478 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f794039c799 code=0x7ffc0000
[ 1579.940514][   T27] audit: type=1326 audit(6067098488.287:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14478 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f794039c799 code=0x7ffc0000
[ 1579.990366][   T27] audit: type=1326 audit(6067098488.287:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14478 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f794039c799 code=0x7ffc0000
[ 1580.071015][   T27] audit: type=1326 audit(6067098488.287:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14478 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f794039c799 code=0x7ffc0000
[ 1580.150280][   T27] audit: type=1326 audit(6067098488.287:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14478 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f794039c799 code=0x7ffc0000
[ 1580.191069][   T27] audit: type=1326 audit(6067098488.287:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14478 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f794039c799 code=0x7ffc0000
[ 1580.259147][   T27] audit: type=1326 audit(6067098488.297:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14478 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f794039c799 code=0x7ffc0000
[ 1580.292476][   T27] audit: type=1326 audit(6067098488.297:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14478 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f794039c799 code=0x7ffc0000
[ 1580.322000][   T27] audit: type=1326 audit(6067098488.297:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14478 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f794039c799 code=0x7ffc0000
[ 1580.371082][   T27] audit: type=1326 audit(6067098488.297:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14478 comm="syz.1.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f794039c799 code=0x7ffc0000
[ 1580.756432][ T1131] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1581.130406][T14126] Bluetooth: hci4: command tx timeout
[ 1581.934287][ T1131] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1586.092177][T14126] Bluetooth: hci4: command tx timeout
[ 1587.848409][ T1131] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1589.645630][T14126] Bluetooth: hci4: command tx timeout
[ 1590.467771][ T1131] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1592.074188][T14126] Bluetooth: hci4: command tx timeout
[ 1592.862115][T14474] chnl_net:caif_netlink_parms(): no params data found
[ 1593.903192][T13070] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1594.015049][T11829] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1594.034909][T11829] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1594.046380][T11829] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1594.065040][T11829] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1594.074747][T11829] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1596.127948][T14474] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1596.147947][T14474] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1596.170478][T14474] bridge_slave_0: entered allmulticast mode
[ 1596.191194][T14126] Bluetooth: hci2: command tx timeout
[ 1596.206446][T14474] bridge_slave_0: entered promiscuous mode
[ 1596.247392][T14474] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1596.259356][T14474] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1596.268439][T14474] bridge_slave_1: entered allmulticast mode
[ 1596.283221][T14474] bridge_slave_1: entered promiscuous mode
[ 1596.745180][T14474] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1596.800613][T14474] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1597.068188][T14474] team0: Port device team_slave_0 added
[ 1597.185623][T14474] team0: Port device team_slave_1 added
[ 1597.617549][T14474] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1597.655552][T14474] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1597.715746][T14474] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1597.829213][T14474] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1597.869557][T14474] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1598.067143][T14474] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1598.272095][T14126] Bluetooth: hci2: command tx timeout
[ 1600.351250][T14126] Bluetooth: hci2: command tx timeout
[ 1600.991866][T14474] hsr_slave_0: entered promiscuous mode
[ 1601.003348][T14474] hsr_slave_1: entered promiscuous mode
[ 1601.011942][T14474] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1601.020118][T14474] Cannot create hsr debugfs directory
[ 1602.335403][T14536] chnl_net:caif_netlink_parms(): no params data found
[ 1602.440941][T14126] Bluetooth: hci2: command tx timeout
[ 1603.689227][ T1131] hsr_slave_0: left promiscuous mode
[ 1603.718639][ T1131] hsr_slave_1: left promiscuous mode
[ 1603.818553][ T1131] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1603.827242][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1603.855985][ T1131] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1603.868148][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1604.192819][ T1131] bridge_slave_1: left allmulticast mode
[ 1604.215283][ T1131] bridge_slave_1: left promiscuous mode
[ 1604.726019][ T1131] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1604.980411][ T1131] bridge_slave_0: left allmulticast mode
[ 1605.020733][ T1131] bridge_slave_0: left promiscuous mode
[ 1605.027028][ T1131] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1607.095920][ T1131] veth1_macvtap: left promiscuous mode
[ 1607.103216][ T1131] veth0_macvtap: left promiscuous mode
[ 1607.108958][ T1131] veth1_vlan: left promiscuous mode
[ 1607.114528][ T1131] veth0_vlan: left promiscuous mode
[ 1608.555191][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1608.561948][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1610.111914][T14633] nbd: must specify at least one socket
[ 1612.571898][ T1131] team0 (unregistering): Port device team_slave_1 removed
[ 1613.663879][ T1131] team0 (unregistering): Port device team_slave_0 removed
[ 1613.734307][ T1131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1613.865227][ T1131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1618.086262][ T1131] bond0 (unregistering): Released all slaves
[ 1624.228388][T14536] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1624.249618][T14536] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1624.283347][T14536] bridge_slave_0: entered allmulticast mode
[ 1624.306400][T14536] bridge_slave_0: entered promiscuous mode
[ 1624.596794][T14536] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1624.621747][T14536] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1624.632684][T14536] bridge_slave_1: entered allmulticast mode
[ 1624.662030][T14536] bridge_slave_1: entered promiscuous mode
[ 1624.847398][T14536] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1624.963356][T14536] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1625.250311][T14536] team0: Port device team_slave_0 added
[ 1626.272181][T14536] team0: Port device team_slave_1 added
[ 1627.848622][ T1131] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1627.955954][ T1131] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1628.502826][T14536] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1628.509838][T14536] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1628.548700][T14536] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1628.634074][ T1131] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1628.655947][ T1131] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1628.678068][T14536] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1628.689769][T14536] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1628.768968][T14536] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1628.846719][ T1131] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1628.871064][ T1131] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1630.128798][T14536] hsr_slave_0: entered promiscuous mode
[ 1630.190016][T14536] hsr_slave_1: entered promiscuous mode
[ 1630.353357][T14536] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1630.370959][T14536] Cannot create hsr debugfs directory
[ 1630.431166][T14126] Bluetooth: hci0: command 0x0406 tx timeout
[ 1631.599710][T14474] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1631.684644][T14474] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1631.864203][T14474] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1631.930161][T14474] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1633.060362][T14474] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1633.205845][T14474] 8021q: adding VLAN 0 to HW filter on device team0
[ 1633.269315][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1633.276596][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1633.341570][T14732] 9pnet_virtio: no channels available for device 127.0.0.1
[ 1636.394045][T14126] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1636.422247][T14126] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1636.462766][T14126] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1636.481231][T14126] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1636.500616][T14126] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1636.510712][T14126] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1638.227309][T14763] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[ 1638.332052][T14763] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1491'.
[ 1638.433617][   T27] kauditd_printk_skb: 6 callbacks suppressed
[ 1638.433635][   T27] audit: type=1326 audit(6067098547.447:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14748 comm="syz.0.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1638.596922][T14126] Bluetooth: hci1: command tx timeout
[ 1638.626322][   T27] audit: type=1326 audit(6067098547.447:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14748 comm="syz.0.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1638.690965][   T27] audit: type=1326 audit(6067098547.447:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14748 comm="syz.0.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1638.752007][   T27] audit: type=1326 audit(6067098547.447:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14748 comm="syz.0.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1638.854302][   T27] audit: type=1326 audit(6067098547.447:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14748 comm="syz.0.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1638.889671][   T27] audit: type=1326 audit(6067098547.447:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14748 comm="syz.0.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1638.924906][   T27] audit: type=1326 audit(6067098547.447:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14748 comm="syz.0.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1639.026731][   T27] audit: type=1326 audit(6067098547.447:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14748 comm="syz.0.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1639.062648][   T27] audit: type=1326 audit(6067098547.447:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14748 comm="syz.0.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1639.181877][   T27] audit: type=1326 audit(6067098547.447:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14748 comm="syz.0.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1640.981106][T11829] Bluetooth: hci3: command 0x0406 tx timeout
[ 1640.989739][T13070] Bluetooth: hci1: command tx timeout
[ 1641.972333][T14536] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1642.024641][T14536] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1642.206460][ T1131] hsr_slave_0: left promiscuous mode
[ 1642.242055][ T1131] hsr_slave_1: left promiscuous mode
[ 1642.281215][ T1131] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1642.288714][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1642.554703][ T1131] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1642.562321][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1642.604472][ T1131] bridge_slave_1: left allmulticast mode
[ 1642.620987][ T1131] bridge_slave_1: left promiscuous mode
[ 1642.636942][ T1131] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1643.178127][T14126] Bluetooth: hci1: command tx timeout
[ 1643.195051][ T1131] bridge_slave_0: left allmulticast mode
[ 1643.201016][ T1131] bridge_slave_0: left promiscuous mode
[ 1643.207040][ T1131] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1643.572718][ T1131] veth1_macvtap: left promiscuous mode
[ 1643.578348][ T1131] veth0_macvtap: left promiscuous mode
[ 1643.615631][ T1131] veth1_vlan: left promiscuous mode
[ 1643.635807][ T1131] veth0_vlan: left promiscuous mode
[ 1645.361122][T14126] Bluetooth: hci1: command tx timeout
[ 1646.678400][T14807] nbd: must specify at least one socket
[ 1650.912206][T14833] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1498'.
[ 1651.121744][T13070] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1651.145994][T13070] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1651.161299][T13070] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1651.173592][T13070] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1651.188449][T13070] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1651.198970][T13070] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1651.609011][T14842] 9pnet_virtio: no channels available for device 127.0.0.1
[ 1652.146959][ T1131] team_slave_1 (unregistering): left promiscuous mode
[ 1652.175644][ T1131] team0 (unregistering): Port device team_slave_1 removed
[ 1652.367019][ T1131] team_slave_0 (unregistering): left promiscuous mode
[ 1652.377776][ T1131] team0 (unregistering): Port device team_slave_0 removed
[ 1652.791181][   T27] kauditd_printk_skb: 5 callbacks suppressed
[ 1652.791199][   T27] audit: type=1326 audit(6067098561.467:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14839 comm="syz.0.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1652.848010][   T27] audit: type=1326 audit(6067098561.467:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14839 comm="syz.0.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1652.884423][   T27] audit: type=1326 audit(6067098561.467:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14839 comm="syz.0.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1653.158883][   T27] audit: type=1326 audit(6067098561.467:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14839 comm="syz.0.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1653.196190][   T27] audit: type=1326 audit(6067098561.467:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14839 comm="syz.0.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1653.225596][   T27] audit: type=1326 audit(6067098561.467:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14839 comm="syz.0.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1653.254167][   T27] audit: type=1326 audit(6067098561.467:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14839 comm="syz.0.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1653.281056][T14126] Bluetooth: hci4: command tx timeout
[ 1653.300318][   T27] audit: type=1326 audit(6067098561.467:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14839 comm="syz.0.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1653.337898][   T27] audit: type=1326 audit(6067098561.467:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14839 comm="syz.0.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1653.366748][   T27] audit: type=1326 audit(6067098561.467:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14839 comm="syz.0.1500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1653.464857][ T1131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1653.636415][ T1131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1655.410618][T14126] Bluetooth: hci4: command tx timeout
[ 1656.843592][T14857] nbd: must specify at least one socket
[ 1657.760910][T13070] Bluetooth: hci4: command tx timeout
[ 1657.814543][ T1131] bond0 (unregistering): Released all slaves
[ 1658.126939][T14536] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1658.349015][T14751] chnl_net:caif_netlink_parms(): no params data found
[ 1660.027114][T13070] Bluetooth: hci4: command tx timeout
[ 1660.294207][T14751] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1660.371102][T14751] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1660.391159][T14751] bridge_slave_0: entered allmulticast mode
[ 1660.432763][T14751] bridge_slave_0: entered promiscuous mode
[ 1660.463234][T14751] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1660.470458][T14751] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1661.258796][T14887] nbd: must specify at least one socket
[ 1662.257993][T14751] bridge_slave_1: entered allmulticast mode
[ 1662.306132][T14751] bridge_slave_1: entered promiscuous mode
[ 1662.675078][T14751] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1662.721703][T14834] chnl_net:caif_netlink_parms(): no params data found
[ 1662.827807][T14751] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1663.007525][T14751] team0: Port device team_slave_0 added
[ 1663.017448][T14751] team0: Port device team_slave_1 added
[ 1663.300402][T14751] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1663.307608][T14751] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1663.367852][   T27] kauditd_printk_skb: 4 callbacks suppressed
[ 1663.367872][   T27] audit: type=1326 audit(6067098572.367:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.0.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1663.420075][T14751] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1663.519006][   T27] audit: type=1326 audit(6067098572.367:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.0.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1663.647783][   T27] audit: type=1326 audit(6067098572.367:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.0.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1663.721233][T14834] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1663.768861][T14834] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1663.776505][   T27] audit: type=1326 audit(6067098572.367:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.0.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1663.812202][T14834] bridge_slave_0: entered allmulticast mode
[ 1663.846537][T14834] bridge_slave_0: entered promiscuous mode
[ 1663.896233][T14751] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1663.910926][   T27] audit: type=1326 audit(6067098572.367:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.0.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1663.947893][T14751] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1664.001273][   T27] audit: type=1326 audit(6067098572.367:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.0.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1664.197795][T14751] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1664.216052][   T27] audit: type=1326 audit(6067098572.367:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.0.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1664.257598][   T27] audit: type=1326 audit(6067098572.367:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.0.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1666.468044][   T27] audit: type=1326 audit(6067098572.367:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.0.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1666.647147][   T27] audit: type=1326 audit(6067098572.367:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14890 comm="syz.0.1509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1667.064647][T14834] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1667.111041][T14834] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1667.118378][T14834] bridge_slave_1: entered allmulticast mode
[ 1667.132372][T14834] bridge_slave_1: entered promiscuous mode
[ 1669.337751][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1669.480992][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1669.565017][T14834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1669.627809][T14751] hsr_slave_0: entered promiscuous mode
[ 1669.827719][T14751] hsr_slave_1: entered promiscuous mode
[ 1669.847551][T14834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1673.598181][T14834] team0: Port device team_slave_0 added
[ 1679.194689][T14834] team0: Port device team_slave_1 added
[ 1680.351435][T14955] nbd: must specify at least one socket
[ 1682.461734][T14834] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1682.468877][T14834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1682.610164][T14834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1682.664686][T14834] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1682.694986][T14834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1682.815265][T14834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1686.623351][T14834] hsr_slave_0: entered promiscuous mode
[ 1686.673896][T14834] hsr_slave_1: entered promiscuous mode
[ 1686.703894][T14834] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1686.737623][T14834] Cannot create hsr debugfs directory
[ 1698.388589][T14126] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1698.405702][T14126] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1698.428227][T14126] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1698.441667][T14126] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1698.449580][T14126] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1698.457231][T14126] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1699.410030][ T1131] hsr_slave_0: left promiscuous mode
[ 1699.426584][ T1131] hsr_slave_1: left promiscuous mode
[ 1699.448980][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1699.471919][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1699.481905][ T1131] bridge_slave_1: left allmulticast mode
[ 1699.498932][ T1131] bridge_slave_1: left promiscuous mode
[ 1699.511338][ T1131] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1699.526083][ T1131] bridge_slave_0: left allmulticast mode
[ 1699.540898][ T1131] bridge_slave_0: left promiscuous mode
[ 1699.546781][ T1131] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1699.578835][ T1131] hsr_slave_0: left promiscuous mode
[ 1699.591776][ T1131] hsr_slave_1: left promiscuous mode
[ 1699.631059][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1699.651732][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1699.673818][ T1131] bridge_slave_1: left allmulticast mode
[ 1699.679538][ T1131] bridge_slave_1: left promiscuous mode
[ 1699.691286][ T1131] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1699.768716][ T1131] bridge_slave_0: left allmulticast mode
[ 1699.786817][ T1131] bridge_slave_0: left promiscuous mode
[ 1699.801103][ T1131] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1699.931133][T15060] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[ 1700.182156][T15060] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1530'.
[ 1701.440458][T14126] Bluetooth: hci2: command tx timeout
[ 1703.479924][T13070] Bluetooth: hci2: command tx timeout
[ 1703.666236][ T1131] team0 (unregistering): Port device team_slave_1 removed
[ 1704.124233][ T1131] team0 (unregistering): Port device team_slave_0 removed
[ 1704.208791][ T1131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1704.402277][ T1131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1705.930880][T13070] Bluetooth: hci2: command tx timeout
[ 1706.234493][ T1131] bond0 (unregistering): Released all slaves
[ 1708.108624][T15087] nbd: must specify at least one socket
[ 1709.058445][T13070] Bluetooth: hci2: command tx timeout
[ 1710.264662][ T1131] team0 (unregistering): Port device team_slave_1 removed
[ 1710.542154][ T1131] team0 (unregistering): Port device team_slave_0 removed
[ 1710.567795][T14126] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1710.579974][T14126] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1710.592595][T14126] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1710.632883][T14126] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1710.641175][T14126] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1710.649865][T14126] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1710.864385][ T1131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1711.122298][ T1131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1712.781145][T14126] Bluetooth: hci1: command tx timeout
[ 1713.800597][   T27] kauditd_printk_skb: 4 callbacks suppressed
[ 1713.800615][   T27] audit: type=1326 audit(6067098622.147:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15097 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1713.882486][   T27] audit: type=1326 audit(6067098622.147:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15097 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1714.006275][   T27] audit: type=1326 audit(6067098622.147:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15097 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1714.032938][   T27] audit: type=1326 audit(6067098622.147:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15097 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1714.271222][   T27] audit: type=1326 audit(6067098622.147:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15097 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1714.441109][   T27] audit: type=1326 audit(6067098622.157:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15097 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1714.490994][   T27] audit: type=1326 audit(6067098622.157:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15097 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1714.536488][   T27] audit: type=1326 audit(6067098622.157:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15097 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1714.571270][   T27] audit: type=1326 audit(6067098622.157:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15097 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1714.599358][   T27] audit: type=1326 audit(6067098622.157:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15097 comm="syz.0.1537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1714.698182][ T1131] bond0 (unregistering): Released all slaves
[ 1714.832850][T14126] Bluetooth: hci1: command tx timeout
[ 1716.432079][T15110] nbd: must specify at least one socket
[ 1717.381269][T14126] Bluetooth: hci1: command tx timeout
[ 1718.563542][T15090] chnl_net:caif_netlink_parms(): no params data found
[ 1718.687178][T15042] chnl_net:caif_netlink_parms(): no params data found
[ 1719.400934][T14126] Bluetooth: hci1: command tx timeout
[ 1719.586445][T15090] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1719.637803][T15090] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1719.651832][T15090] bridge_slave_0: entered allmulticast mode
[ 1719.694065][T15090] bridge_slave_0: entered promiscuous mode
[ 1719.733084][T15090] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1719.740401][T15090] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1719.791159][T15090] bridge_slave_1: entered allmulticast mode
[ 1720.065047][T15090] bridge_slave_1: entered promiscuous mode
[ 1722.452591][T15042] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1722.460452][T15042] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1722.481411][T15042] bridge_slave_0: entered allmulticast mode
[ 1722.489065][T15042] bridge_slave_0: entered promiscuous mode
[ 1722.609629][T15042] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1722.627684][T15042] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1722.658197][T15042] bridge_slave_1: entered allmulticast mode
[ 1722.669679][T15042] bridge_slave_1: entered promiscuous mode
[ 1722.939754][T15167] 9pnet_virtio: no channels available for device 127.0.0.1
[ 1726.177136][T15090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1726.205673][T15090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1726.235227][T15042] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1726.288616][T15042] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1726.386079][T15090] team0: Port device team_slave_0 added
[ 1726.440390][T15090] team0: Port device team_slave_1 added
[ 1726.467473][T15042] team0: Port device team_slave_0 added
[ 1726.516583][T15042] team0: Port device team_slave_1 added
[ 1726.589250][T15090] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1726.651522][T15090] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1727.002561][T15090] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1727.642285][T15042] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1727.665901][T15042] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1727.866872][T15042] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1727.906764][T15090] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1727.947940][T15090] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1728.056516][T15090] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1728.171211][T15042] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1728.225832][T15042] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1728.299458][T15042] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1728.581084][T15090] hsr_slave_0: entered promiscuous mode
[ 1728.603763][T15090] hsr_slave_1: entered promiscuous mode
[ 1728.619862][T15090] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1728.627666][T15090] Cannot create hsr debugfs directory
[ 1729.160905][   T27] kauditd_printk_skb: 6 callbacks suppressed
[ 1729.160947][   T27] audit: type=1326 audit(6067098638.137:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15185 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1729.920541][T15042] hsr_slave_0: entered promiscuous mode
[ 1729.928810][   T27] audit: type=1326 audit(6067098638.137:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15185 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1729.977255][T15042] hsr_slave_1: entered promiscuous mode
[ 1730.071014][   T27] audit: type=1326 audit(6067098638.137:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15185 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1730.290994][T15042] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1730.316176][T15042] Cannot create hsr debugfs directory
[ 1730.330981][   T27] audit: type=1326 audit(6067098638.137:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15185 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1731.849750][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1732.860941][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1732.924082][   T27] audit: type=1326 audit(6067098638.137:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15185 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1733.024712][   T27] audit: type=1326 audit(6067098638.137:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15185 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1733.091231][   T27] audit: type=1326 audit(6067098638.137:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15185 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1733.402788][   T27] audit: type=1326 audit(6067098638.137:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15185 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1733.465127][   T27] audit: type=1326 audit(6067098638.147:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15185 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1734.832472][   T27] audit: type=1326 audit(6067098638.147:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15185 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1734.871537][   T27] audit: type=1326 audit(6067098638.147:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15185 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1734.981502][   T27] audit: type=1326 audit(6067098638.147:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15185 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1735.191520][   T27] audit: type=1326 audit(6067098638.147:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15185 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1735.215450][   T27] audit: type=1326 audit(6067098638.147:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15185 comm="syz.0.1547" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1746.313108][T15227] nbd: must specify at least one socket
[ 1749.094670][T15090] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1749.186429][T15090] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1749.298407][T15090] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1749.322453][T15090] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1749.789398][ T1131] hsr_slave_0: left promiscuous mode
[ 1749.800041][ T1131] hsr_slave_1: left promiscuous mode
[ 1749.807052][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1749.815682][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1749.834362][ T1131] bridge_slave_1: left allmulticast mode
[ 1749.860433][ T1131] bridge_slave_1: left promiscuous mode
[ 1750.823721][ T1131] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1751.841998][ T1131] bridge_slave_0: left allmulticast mode
[ 1751.847745][ T1131] bridge_slave_0: left promiscuous mode
[ 1752.866965][ T1131] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1752.920298][ T1131] hsr_slave_0: left promiscuous mode
[ 1752.936671][ T1131] hsr_slave_1: left promiscuous mode
[ 1752.960082][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1752.985155][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1753.005848][ T1131] bridge_slave_1: left allmulticast mode
[ 1753.017002][ T1131] bridge_slave_1: left promiscuous mode
[ 1753.035806][ T1131] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1753.045255][ T1131] bridge_slave_0: left allmulticast mode
[ 1753.051084][ T1131] bridge_slave_0: left promiscuous mode
[ 1753.056861][ T1131] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1753.067357][T15247] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[ 1753.140643][T15247] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1559'.
[ 1755.182845][ T1131] team0 (unregistering): Port device team_slave_1 removed
[ 1755.240177][ T1131] team0 (unregistering): Port device team_slave_0 removed
[ 1755.357754][ T1131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1755.482962][ T1131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1755.893491][   T27] audit: type=1326 audit(6067098664.897:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15258 comm="syz.0.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1756.065438][   T27] audit: type=1326 audit(6067098664.897:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15258 comm="syz.0.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1756.421010][   T27] audit: type=1326 audit(6067098664.897:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15258 comm="syz.0.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1756.478203][T13070] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1756.489901][T13070] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1756.500264][T13070] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1756.510413][T13070] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1756.518830][T13070] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1756.526768][T13070] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1756.588493][   T27] audit: type=1326 audit(6067098664.897:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15258 comm="syz.0.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1756.621367][   T27] audit: type=1326 audit(6067098664.897:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15258 comm="syz.0.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1756.645042][   T27] audit: type=1326 audit(6067098664.897:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15258 comm="syz.0.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1756.671857][   T27] audit: type=1326 audit(6067098664.897:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15258 comm="syz.0.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1756.696286][   T27] audit: type=1326 audit(6067098664.907:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15258 comm="syz.0.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1756.719218][   T27] audit: type=1326 audit(6067098664.907:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15258 comm="syz.0.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1758.465739][   T27] audit: type=1326 audit(6067098664.907:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15258 comm="syz.0.1565" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1758.687713][T14126] Bluetooth: hci4: command tx timeout
[ 1758.702670][ T1131] bond0 (unregistering): Released all slaves
[ 1760.834662][T14126] Bluetooth: hci4: command tx timeout
[ 1763.968222][T14126] Bluetooth: hci4: command tx timeout
[ 1764.381087][ T1131] team0 (unregistering): Port device team_slave_1 removed
[ 1764.507775][ T1131] team0 (unregistering): Port device team_slave_0 removed
[ 1764.614830][ T1131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1764.715342][ T1131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1766.817202][T14126] Bluetooth: hci4: command tx timeout
[ 1768.318423][ T1131] bond0 (unregistering): Released all slaves
[ 1772.820833][T14126] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1772.841141][T14126] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1772.861014][T14126] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1772.881193][T14126] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1772.891002][T14126] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1772.898485][T14126] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1773.112035][T15262] chnl_net:caif_netlink_parms(): no params data found
[ 1775.205405][T14126] Bluetooth: hci5: command tx timeout
[ 1775.443372][T15262] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1775.450602][T15262] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1775.468384][T15262] bridge_slave_0: entered allmulticast mode
[ 1775.483055][T15262] bridge_slave_0: entered promiscuous mode
[ 1775.503783][T15262] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1775.517379][T15262] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1775.527837][T15262] bridge_slave_1: entered allmulticast mode
[ 1775.549783][T15262] bridge_slave_1: entered promiscuous mode
[ 1777.234171][T14126] Bluetooth: hci5: command tx timeout
[ 1777.443275][T15262] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1778.491744][T15262] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1778.696194][T15262] team0: Port device team_slave_0 added
[ 1778.760518][T15262] team0: Port device team_slave_1 added
[ 1778.913259][T15262] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1778.920282][T15262] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1778.966628][T15262] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1779.009116][T15297] chnl_net:caif_netlink_parms(): no params data found
[ 1780.681653][T14126] Bluetooth: hci5: command tx timeout
[ 1780.739103][T15262] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1780.758631][T15262] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1780.830858][T15262] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1782.240043][T15262] hsr_slave_0: entered promiscuous mode
[ 1782.281237][T15262] hsr_slave_1: entered promiscuous mode
[ 1784.192323][T14126] Bluetooth: hci5: command tx timeout
[ 1784.264446][T15297] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1784.274082][T15297] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1784.292226][T15297] bridge_slave_0: entered allmulticast mode
[ 1784.312607][T15297] bridge_slave_0: entered promiscuous mode
[ 1784.337935][T15297] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1784.351206][T15297] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1784.358514][T15297] bridge_slave_1: entered allmulticast mode
[ 1784.382649][T15297] bridge_slave_1: entered promiscuous mode
[ 1784.577740][T15297] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1784.612609][T15297] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1784.709854][T15297] team0: Port device team_slave_0 added
[ 1784.752243][T15297] team0: Port device team_slave_1 added
[ 1786.634946][T15297] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1786.661055][T15297] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1786.697798][T15297] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1786.747837][T15297] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1786.761443][T15297] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1786.789737][T15297] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1787.265933][T15297] hsr_slave_0: entered promiscuous mode
[ 1787.282025][T15297] hsr_slave_1: entered promiscuous mode
[ 1787.291296][T15297] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1787.310844][T15297] Cannot create hsr debugfs directory
[ 1792.196014][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1792.203269][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1792.403050][T15262] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1793.681030][T15262] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1793.744091][T15262] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1793.763132][T15262] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1794.661242][T15262] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1796.049667][T15262] 8021q: adding VLAN 0 to HW filter on device team0
[ 1796.334909][ T1131] hsr_slave_0: left promiscuous mode
[ 1796.362325][ T1131] hsr_slave_1: left promiscuous mode
[ 1796.558170][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1796.566738][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1796.575441][ T1131] bridge_slave_1: left allmulticast mode
[ 1796.588116][ T1131] bridge_slave_1: left promiscuous mode
[ 1796.594489][ T1131] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1797.771992][ T1131] bridge_slave_0: left allmulticast mode
[ 1797.777722][ T1131] bridge_slave_0: left promiscuous mode
[ 1797.895828][ T1131] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1797.968643][ T1131] hsr_slave_0: left promiscuous mode
[ 1797.983572][ T1131] hsr_slave_1: left promiscuous mode
[ 1798.127994][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1798.198708][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1798.207067][ T1131] bridge_slave_1: left allmulticast mode
[ 1798.213083][ T1131] bridge_slave_1: left promiscuous mode
[ 1798.219444][ T1131] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1798.228615][ T1131] bridge_slave_0: left allmulticast mode
[ 1798.234478][ T1131] bridge_slave_0: left promiscuous mode
[ 1798.240257][ T1131] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1798.692724][   T27] kauditd_printk_skb: 6 callbacks suppressed
[ 1798.692912][   T27] audit: type=1326 audit(6067098707.607:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15393 comm="syz.0.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1798.942083][   T27] audit: type=1326 audit(6067098707.617:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15393 comm="syz.0.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x7ffc0000
[ 1802.805502][ T1131] team0 (unregistering): Port device team_slave_1 removed
[ 1803.004195][ T1131] team0 (unregistering): Port device team_slave_0 removed
[ 1803.140337][ T1131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1803.302159][ T1131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1807.231319][ T1131] bond0 (unregistering): Released all slaves
[ 1808.123756][ T1131] team0 (unregistering): Port device team_slave_1 removed
[ 1808.237118][ T1131] team0 (unregistering): Port device team_slave_0 removed
[ 1810.075086][ T1131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1811.944284][ T1131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1812.415820][ T1131] bond0 (unregistering): Released all slaves
[ 1812.622814][T12552] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1812.630146][T12552] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1812.654074][T12552] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1812.661383][T12552] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1812.860275][T15297] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1812.907058][T15297] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1813.111734][T15297] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1814.129250][T15297] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1814.671173][T15297] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1814.825024][T15297] 8021q: adding VLAN 0 to HW filter on device team0
[ 1814.898047][ T1300] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1814.905272][ T1300] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1816.688365][  T142] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1816.695611][  T142] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1816.917466][T15297] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1817.666628][T15297] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1818.223905][T13070] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1818.243152][T13070] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1818.259120][T13070] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1818.268853][T13070] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1818.282199][T13070] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1818.289973][T13070] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1821.700897][T14126] Bluetooth: hci1: command tx timeout
[ 1822.763791][T15297] veth0_vlan: entered promiscuous mode
[ 1822.781355][T15297] veth1_vlan: entered promiscuous mode
[ 1822.930287][T15501] chnl_net:caif_netlink_parms(): no params data found
[ 1823.329580][T15297] veth0_macvtap: entered promiscuous mode
[ 1823.422515][T15297] veth1_macvtap: entered promiscuous mode
[ 1823.711117][T14126] Bluetooth: hci1: command tx timeout
[ 1823.850526][T15297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1823.864225][T15297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1823.875950][T15297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1823.896760][T15297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1823.957904][T15297] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1824.223503][T15501] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1824.244410][T15501] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1824.291360][T15501] bridge_slave_0: entered allmulticast mode
[ 1824.330211][T15501] bridge_slave_0: entered promiscuous mode
[ 1824.395496][T15297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1824.432264][T15297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1824.464487][T15297] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1824.503786][T15297] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1824.562726][T15297] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1824.638135][T15501] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1824.653609][T15501] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1824.671021][T15501] bridge_slave_1: entered allmulticast mode
[ 1824.683494][T15501] bridge_slave_1: entered promiscuous mode
[ 1824.757252][T15297] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1824.772752][T15297] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1824.788807][T15297] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1824.800240][T15297] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1825.452332][T15501] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1825.571524][T15501] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1825.740430][T15501] team0: Port device team_slave_0 added
[ 1825.802195][T14126] Bluetooth: hci1: command tx timeout
[ 1825.819514][T15501] team0: Port device team_slave_1 added
[ 1826.165013][T15501] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1826.193142][T15501] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1826.237351][T15501] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1826.274210][T15501] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1826.301875][T15501] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1826.388125][T15501] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1826.520965][ T1300] hsr_slave_0: left promiscuous mode
[ 1826.536798][ T1300] hsr_slave_1: left promiscuous mode
[ 1826.547133][ T1300] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1826.558148][ T1300] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1826.594460][ T1300] bridge_slave_1: left allmulticast mode
[ 1826.610769][ T1300] bridge_slave_1: left promiscuous mode
[ 1826.631161][ T1300] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1826.671831][ T1300] bridge_slave_0: left allmulticast mode
[ 1826.719587][ T1300] bridge_slave_0: left promiscuous mode
[ 1826.732366][ T1300] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1827.876906][T14126] Bluetooth: hci1: command tx timeout
[ 1828.434189][T15597] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1828.731738][ T1300] team0 (unregistering): Port device team_slave_1 removed
[ 1828.784493][T15608] blktrace: Concurrent blktraces are not allowed on loop4
[ 1828.823664][T15608] relay: one or more items not logged [item size (56) > sub-buffer size (3)]
[ 1828.928869][ T1300] team0 (unregistering): Port device team_slave_0 removed
[ 1829.112984][ T1300] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1829.242552][ T1300] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1829.269397][T15620] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1829.330868][ T9710] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[ 1829.485062][T15626] Failed to get privilege flags for destination (handle=0x2:0x0)
[ 1829.531804][ T9710] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1829.540900][ T9710] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1829.596905][ T9710] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1829.612954][ T9710] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1829.642960][ T9710] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1829.673349][ T9710] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1829.688425][ T9710] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1829.706792][ T9710] usb 2-1: Product: syz
[ 1829.711803][ T9710] usb 2-1: Manufacturer: syz
[ 1829.732383][ T9710] cdc_wdm 2-1:1.0: skipping garbage
[ 1829.740777][ T9710] cdc_wdm 2-1:1.0: skipping garbage
[ 1829.760032][ T9710] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[ 1829.785001][ T9710] cdc_wdm 2-1:1.0: Unknown control protocol
[ 1830.073914][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 1830.081031][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 1830.087454][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 1830.094192][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 1830.109243][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 1830.115935][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 1830.128918][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 1830.135637][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 1830.142210][ T9710] usb 2-1: USB disconnect, device number 3
[ 1830.148339][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 1830.148368][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 1830.148387][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[ 1830.178157][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1830.332806][ T1300] bond0 (unregistering): Released all slaves
[ 1830.341091][ T5838] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 1830.540824][ T5838] usb 1-1: Using ep0 maxpacket: 8
[ 1830.562744][ T5838] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1830.578961][T15501] hsr_slave_0: entered promiscuous mode
[ 1830.584045][ T5838] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1830.598138][T15501] hsr_slave_1: entered promiscuous mode
[ 1830.600955][ T5838] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1830.625282][ T5838] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1830.644074][ T5838] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1830.655362][ T5838] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1830.901604][ T5838] usb 1-1: usb_control_msg returned -32
[ 1830.907296][ T5838] usbtmc 1-1:16.0: can't read capabilities
[ 1831.820606][ T1300] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1831.873453][T15665] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1831.909712][T13070] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1831.926708][T13070] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1831.936912][T13070] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1831.950393][T13070] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1831.961250][T13070] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1831.968888][T13070] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1832.135410][ T1300] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1832.345614][ T1300] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1832.487981][ T1300] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1832.717977][T15501] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1832.739605][T15501] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1832.757803][T15501] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1832.834976][T15501] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1833.133624][ T5838] usb 1-1: USB disconnect, device number 4
[ 1833.415962][T15701] 9pnet_virtio: no channels available for device syz
[ 1833.639579][T13070] Bluetooth: Wrong link type (-22)
[ 1833.731490][T15664] chnl_net:caif_netlink_parms(): no params data found
[ 1833.756912][T15712] Bluetooth: MGMT ver 1.22
[ 1834.031074][T13070] Bluetooth: hci2: command tx timeout
[ 1834.278595][T15501] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1834.514141][T15664] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1834.532062][T15664] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1834.539555][T15664] bridge_slave_0: entered allmulticast mode
[ 1834.558180][T15664] bridge_slave_0: entered promiscuous mode
[ 1834.576739][T15664] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1834.587796][T15664] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1834.604450][T15664] bridge_slave_1: entered allmulticast mode
[ 1834.614656][T15664] bridge_slave_1: entered promiscuous mode
[ 1834.625522][T15722] syzkaller0: entered promiscuous mode
[ 1834.640893][T15722] syzkaller0: entered allmulticast mode
[ 1834.821227][T15664] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1834.872802][T15501] 8021q: adding VLAN 0 to HW filter on device team0
[ 1834.914243][T15664] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1835.062137][ T1131] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1835.069349][ T1131] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1835.145805][T15741] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1835.155744][T15741] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1835.180011][T15664] team0: Port device team_slave_0 added
[ 1835.193098][T15741] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1835.199348][T15741] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1835.212259][T15741] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1835.219873][T15741] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1835.253869][T15741] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1835.262318][T15664] team0: Port device team_slave_1 added
[ 1835.276999][T15741] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1835.290232][ T1131] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1835.292478][T15741] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1835.297719][ T1131] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1835.331708][T15741] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1835.495059][T13070] Bluetooth: hci0: ACL packet for unknown connection handle 201
[ 1835.675075][T15664] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1835.703223][T15664] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1835.730368][T15664] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1835.785148][T15664] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1835.807642][T15664] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1835.839173][T15664] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1836.241999][ T1300] hsr_slave_0: left promiscuous mode
[ 1836.277393][ T1300] hsr_slave_1: left promiscuous mode
[ 1836.292922][ T1300] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1836.313838][ T1300] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1836.328247][ T1300] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1836.352110][ T1300] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1836.368380][ T1300] bridge_slave_1: left allmulticast mode
[ 1836.379878][ T1300] bridge_slave_1: left promiscuous mode
[ 1836.406294][ T1300] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1836.446465][ T1300] bridge_slave_0: left allmulticast mode
[ 1836.458895][ T1300] bridge_slave_0: left promiscuous mode
[ 1836.477049][ T1300] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1836.602085][ T1300] veth1_macvtap: left promiscuous mode
[ 1836.607732][ T1300] veth0_macvtap: left promiscuous mode
[ 1836.631658][ T1300] veth1_vlan: left promiscuous mode
[ 1836.639366][ T1300] veth0_vlan: left promiscuous mode
[ 1836.729295][T13070] Bluetooth: hci0: ACL packet for unknown connection handle 201
[ 1837.076090][ T5817] IPVS: starting estimator thread 0...
[ 1837.094907][T15789] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1837.126715][    C1] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1837.162629][T13070] Bluetooth: hci0: command 0x0406 tx timeout
[ 1837.200880][T15793] IPVS: using max 16 ests per chain, 38400 per kthread
[ 1837.231051][T13070] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1837.237839][T13070] Bluetooth: hci3: command 0x0406 tx timeout
[ 1837.315139][T13070] Bluetooth: hci2: command 0x040f tx timeout
[ 1838.258914][T15818] block nbd1: NBD_DISCONNECT
[ 1838.448000][T13070] Bluetooth: hci0: ACL packet for unknown connection handle 201
[ 1838.518268][ T1300] team0 (unregistering): Port device team_slave_1 removed
[ 1838.672330][ T1300] team0 (unregistering): Port device team_slave_0 removed
[ 1838.805473][ T1300] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1838.880581][ T1300] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1839.236568][T13070] Bluetooth: hci0: command 0x0406 tx timeout
[ 1839.331097][T14126] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1839.337473][T13070] Bluetooth: hci3: command 0x0406 tx timeout
[ 1839.401017][T13070] Bluetooth: hci2: command 0x040f tx timeout
[ 1839.528403][ T1300] bond0 (unregistering): Released all slaves
[ 1839.666041][T15664] hsr_slave_0: entered promiscuous mode
[ 1839.673414][T15664] hsr_slave_1: entered promiscuous mode
[ 1839.679806][T15664] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1839.687974][T15664] Cannot create hsr debugfs directory
[ 1839.798568][T15830] netlink: 'syz.1.1660': attribute type 30 has an invalid length.
[ 1839.815956][T15830] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1839.824949][T15830] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1839.834325][T15830] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1839.843591][T15830] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1839.862960][T15830] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1839.872211][T15830] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1839.881451][T15830] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1839.890520][T15830] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1839.964760][T15831] netlink: 'syz.1.1660': attribute type 30 has an invalid length.
[ 1839.985647][T15831] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1839.994550][T15831] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1840.004759][T15831] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1840.014024][T15831] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1840.039301][T15831] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1840.048588][T15831] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1840.057804][T15831] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1840.066856][T15831] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1840.456721][T13070] Bluetooth: hci3: ACL packet for unknown connection handle 201
[ 1841.163673][T15501] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1841.391327][T13070] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1841.430474][T15501] veth0_vlan: entered promiscuous mode
[ 1841.450080][T15501] veth1_vlan: entered promiscuous mode
[ 1841.471327][T13070] Bluetooth: hci2: command 0x040f tx timeout
[ 1841.630630][T15501] veth0_macvtap: entered promiscuous mode
[ 1841.849673][T15501] veth1_macvtap: entered promiscuous mode
[ 1841.869202][T15664] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1841.906868][T15890] kvm: emulating exchange as write
[ 1841.914203][T15501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1841.935681][T15501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1841.967673][T15501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1842.010933][T15501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1842.036686][T15501] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1842.060189][T15664] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1842.085842][T15501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1842.099339][T15501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1842.120266][T15501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1842.135492][T15501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1842.148361][T15501] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1842.163047][T15664] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1842.197629][T15501] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1842.215306][T15501] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1842.229374][T15501] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1842.241895][T15501] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1842.257839][T15664] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1842.563298][  T162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1842.596097][  T162] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1842.691350][ T3440] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1842.699340][ T3440] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1842.804259][T15664] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1842.844845][T15913] netlink: 'syz.1.1682': attribute type 10 has an invalid length.
[ 1842.946768][T15913] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1843.162928][T15664] 8021q: adding VLAN 0 to HW filter on device team0
[ 1843.273871][T12393] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1843.281150][T12393] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1843.564562][T13070] Bluetooth: hci2: command 0x040f tx timeout
[ 1844.217283][ T3440] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1844.224576][ T3440] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1844.318195][ T9710] IPVS: starting estimator thread 0...
[ 1844.352362][T15930] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1844.373930][    C1] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1844.460796][T15931] IPVS: using max 26 ests per chain, 62400 per kthread
[ 1844.662641][   T27] audit: type=1326 audit(6067098753.687:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15939 comm="syz.0.1690" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x0
[ 1844.684547][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1844.701963][ T5817] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[ 1844.902617][T15664] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1844.923056][ T5817] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1844.950914][ T5817] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1844.981800][ T5817] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1845.001613][ T5817] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1845.034871][T15934] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1845.074356][ T5817] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[ 1845.442958][T15963] team0: Port device vlan2 added
[ 1845.455522][ T5817] usb 2-1: USB disconnect, device number 4
[ 1845.632531][T13070] Bluetooth: hci2: command 0x040f tx timeout
[ 1845.874830][T15664] veth0_vlan: entered promiscuous mode
[ 1845.897590][T15664] veth1_vlan: entered promiscuous mode
[ 1846.018634][T15664] veth0_macvtap: entered promiscuous mode
[ 1846.079281][T15664] veth1_macvtap: entered promiscuous mode
[ 1846.110366][T15664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1846.126111][T15664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1846.146413][T15664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1846.168671][T15664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1846.188750][T15664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1846.210661][T15664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1846.215994][T15988] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1846.228035][ T5817] IPVS: starting estimator thread 0...
[ 1846.238702][T15664] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1846.254410][    C1] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1846.312742][T15664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1846.323684][T15989] IPVS: using max 20 ests per chain, 48000 per kthread
[ 1846.364197][T15664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1846.404827][T15664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1846.460067][T15664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1846.481224][T15664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1846.523927][T15664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1846.540487][T15664] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1846.573447][T15664] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1846.605744][T15664] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1846.637058][T15664] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1846.659874][T15664] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1846.754179][T15994] syzkaller0: entered promiscuous mode
[ 1846.780357][T15994] syzkaller0: entered allmulticast mode
[ 1847.190840][T12552] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1847.225446][T12552] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1847.382412][T13242] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1847.390469][T13070] Bluetooth: hci0: ACL packet for unknown connection handle 201
[ 1847.458017][T13242] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1848.784747][T16031] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1708'.
[ 1850.027450][T13070] Bluetooth: hci2: ACL packet for unknown connection handle 201
[ 1850.427373][T16058] xt_hashlimit: size too large, truncated to 1048576
[ 1850.791133][ T5817] IPVS: starting estimator thread 0...
[ 1850.911121][T16064] IPVS: using max 17 ests per chain, 40800 per kthread
[ 1851.209775][T12552] Bluetooth: (null): Invalid header checksum
[ 1851.227346][T12552] Bluetooth: (null): Invalid header checksum
[ 1851.331357][ T1300] Bluetooth: (null): Invalid header checksum
[ 1851.433843][T12393] Bluetooth: (null): Invalid header checksum
[ 1851.532852][  T142] Bluetooth: (null): Invalid header checksum
[ 1851.642693][  T142] Bluetooth: (null): Invalid header checksum
[ 1851.765871][T12552] Bluetooth: (null): Invalid header checksum
[ 1851.881270][T13242] Bluetooth: (null): Invalid header checksum
[ 1851.962045][T16069] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1851.979182][T16069] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1851.998716][T16069] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1852.018479][T16069] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1852.278041][T13070] Bluetooth: hci1: ACL packet for unknown connection handle 201
[ 1852.602722][T16103] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[ 1852.602722][T16103] The task syz.5.1724 (16103) triggered the difference, watch for misbehavior.
[ 1853.151201][T13070] Bluetooth: hci0: command 0x0406 tx timeout
[ 1853.641357][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.651394][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1853.698742][T16123] nbd1: detected capacity change from 0 to 112
[ 1853.763976][T16126] block nbd1: shutting down sockets
[ 1853.807615][   T10] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1853.819693][   T10] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1853.834424][ T9006] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1853.844060][ T9006] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1853.867619][   T10] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1853.877384][   T10] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1853.885873][   T10] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1853.895340][   T10] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1853.908680][   T10] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1853.918184][   T10] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1853.931005][   T10] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1853.940168][   T10] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1853.949247][   T10] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1853.958495][   T10] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1853.967135][   T10] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1853.976306][   T10] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1854.000098][T15505] ldm_validate_partition_table(): Disk read failed.
[ 1854.029815][ T9006] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1854.039465][T13070] Bluetooth: hci2: command 0x040f tx timeout
[ 1854.039808][T14126] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1854.050966][T13070] Bluetooth: hci3: command 0x0406 tx timeout
[ 1854.058112][ T9006] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1854.066438][   T10] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1854.075886][   T10] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 1854.084830][T15505] Dev nbd1: unable to read RDB block 0
[ 1854.107532][T15505]  nbd1: unable to read partition table
[ 1854.169559][T15505] ldm_validate_partition_table(): Disk read failed.
[ 1854.191275][T16131] Bluetooth: hci1: ACL packet for unknown connection handle 201
[ 1854.221677][T15505] Dev nbd1: unable to read RDB block 0
[ 1854.281194][T15505]  nbd1: unable to read partition table
[ 1854.958170][T16157] netlink: 'syz.5.1742': attribute type 10 has an invalid length.
[ 1854.990662][T16159] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1855.008307][T16157] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1742'.
[ 1855.058252][T16157] team0: entered promiscuous mode
[ 1855.070891][T16157] team_slave_0: entered promiscuous mode
[ 1855.097261][T16157] team_slave_1: entered promiscuous mode
[ 1855.111051][T16157] team0: entered allmulticast mode
[ 1855.116303][T16157] team_slave_0: entered allmulticast mode
[ 1855.151893][T16157] team_slave_1: entered allmulticast mode
[ 1855.181898][T16157] bridge0: port 3(team0) entered blocking state
[ 1855.188373][T16157] bridge0: port 3(team0) entered disabled state
[ 1855.215524][T16131] Bluetooth: hci0: ACL packet for unknown connection handle 201
[ 1855.243030][T16157] bridge0: port 3(team0) entered blocking state
[ 1855.249553][T16157] bridge0: port 3(team0) entered forwarding state
[ 1855.524589][T16173] input: syz0 as /devices/virtual/input/input6
[ 1856.377745][T16198] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1856.756215][T16212] syzkaller0: entered promiscuous mode
[ 1856.775417][T16212] syzkaller0: entered allmulticast mode
[ 1857.675055][T16232] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1857.683438][T16232] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1857.689928][T16232] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1857.696933][T16232] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1858.414134][T16131] block nbd3: Receive control failed (result -32)
[ 1858.430903][T16237] block nbd3: shutting down sockets
[ 1859.631089][T11829] Bluetooth: hci0: command 0x0406 tx timeout
[ 1859.714775][T11829] Bluetooth: hci2: command 0x040f tx timeout
[ 1859.714796][T13070] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1859.714927][T13070] Bluetooth: hci3: command 0x0406 tx timeout
[ 1859.755203][T13070] Bluetooth: hci1: unexpected event for opcode 0x0405
[ 1860.244850][T16320] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1860.272162][T16131] block nbd5: Receive control failed (result -32)
[ 1860.272842][T16295] block nbd5: shutting down sockets
[ 1860.285416][    C1] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1860.690876][T16337] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1861.214242][T16357] nbd3: detected capacity change from 0 to 112
[ 1861.661410][T16374] block nbd5: shutting down sockets
[ 1861.991276][T16131] block nbd3: Receive control failed (result -104)
[ 1862.952749][T16416] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1821'.
[ 1864.016888][T16450] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1864.025404][    C1] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1864.630953][T16473] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1865.453825][T16512] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1867.229634][T16590] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1874'.
[ 1868.081509][T16622] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1868.091454][    C1] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1868.459341][T16640] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1868.489865][T16640] capability: warning: `syz.0.1892' uses 32-bit capabilities (legacy support in use)
[ 1868.914097][T16656] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1868.927307][    C1] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1869.066392][T16659] xt_hashlimit: size too large, truncated to 1048576
[ 1869.932728][T16690] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1869.939882][    C0] IPVS: sh: FWM 3 0x00000003 - no destination available
[ 1870.357261][T16703] syzkaller0: entered promiscuous mode
[ 1870.371096][T16703] syzkaller0: entered allmulticast mode
[ 1871.168503][T16731] fuse: Bad value for 'fd'
[ 1871.410867][   T23] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1871.525273][T16741] syzkaller0: entered promiscuous mode
[ 1871.545722][T16741] syzkaller0: entered allmulticast mode
[ 1871.628293][   T23] usb 6-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[ 1871.647766][   T23] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[ 1871.666976][   T23] usb 6-1: Product: syz
[ 1871.671864][   T23] usb 6-1: Manufacturer: syz
[ 1871.676521][   T23] usb 6-1: SerialNumber: syz
[ 1871.690194][   T23] usb 6-1: config 0 descriptor??
[ 1871.699967][   T23] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state.
[ 1871.732098][   T23] dvb-usb: bulk message failed: -22 (2/0)
[ 1871.770640][   T23] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1871.792884][   T23] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB)
[ 1871.810821][   T23] usb 6-1: media controller created
[ 1871.870162][   T23] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1871.943866][   T23] cxusb: set interface failed
[ 1871.958311][T16749] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1921'.
[ 1871.968100][   T23] dvb-usb: bulk message failed: -22 (1/0)
[ 1872.085436][   T23] DVB: Unable to find symbol mt352_attach()
[ 1872.103523][   T23] dvb-usb: bulk message failed: -22 (5/0)
[ 1872.118176][   T23] zl10353_read_register: readreg error (reg=127, ret==-121)
[ 1872.138071][   T23] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB'
[ 1872.305066][   T23] rc_core: IR keymap rc-dvico-mce not found
[ 1872.319707][   T23] Registered IR keymap rc-empty
[ 1872.335305][   T23] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0
[ 1872.366232][   T23] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0/input9
[ 1872.420444][   T23] dvb-usb: schedule remote query interval to 100 msecs.
[ 1872.430966][   T23] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected.
[ 1872.491110][   T23] usb 6-1: USB disconnect, device number 2
[ 1872.730398][   T23] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected.
[ 1872.898561][T16775] fuse: Bad value for 'fd'
[ 1873.130900][   T27] audit: type=1326 audit(6067098782.147:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16778 comm="syz.0.1928" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x0
[ 1873.607916][T16796] vlan2: entered promiscuous mode
[ 1873.620797][T16796] dummy0: entered promiscuous mode
[ 1873.626536][T16796] vlan2: entered allmulticast mode
[ 1873.634581][T16796] dummy0: entered allmulticast mode
[ 1873.659885][T16796] team0: Port device vlan2 added
[ 1874.838307][T16832] netlink: 'syz.5.1939': attribute type 30 has an invalid length.
[ 1874.866589][T16832] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1874.875760][T16832] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1874.884696][T16832] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1874.893513][T16832] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1874.947202][T16832] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1874.956291][T16832] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1874.965326][T16832] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1874.974326][T16832] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1875.055466][T16834] netlink: 'syz.5.1939': attribute type 30 has an invalid length.
[ 1875.080247][T16834] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1875.089344][T16834] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1875.098252][T16834] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1875.107525][T16834] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1875.132455][T16834] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1875.141753][T16834] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1875.150974][T16834] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1875.159901][T16834] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1875.307875][T16838] team0: Port device vlan2 added
[ 1875.585603][   T27] audit: type=1326 audit(6067098784.607:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16845 comm="syz.5.1942" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f995e39c799 code=0x0
[ 1876.372269][T16872] team0: Port device vlan2 added
[ 1877.021842][T13070] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1877.034744][T13070] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1877.050884][T13070] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1877.068213][T13070] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1877.076719][T13070] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1877.088154][T13070] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1877.275069][   T27] audit: type=1326 audit(6067098786.297:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.5.1957" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f995e39c799 code=0x0
[ 1877.297281][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1877.829349][T16890] chnl_net:caif_netlink_parms(): no params data found
[ 1878.200215][T16890] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1878.225531][T16890] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1878.239474][T16890] bridge_slave_0: entered allmulticast mode
[ 1878.254595][T16890] bridge_slave_0: entered promiscuous mode
[ 1878.264740][T16890] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1878.278065][T16890] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1878.286331][T16890] bridge_slave_1: entered allmulticast mode
[ 1878.295056][T16890] bridge_slave_1: entered promiscuous mode
[ 1878.410000][T16890] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1878.429715][T16890] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1878.636031][T16890] team0: Port device team_slave_0 added
[ 1878.654274][T16890] team0: Port device team_slave_1 added
[ 1878.767965][T16890] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1878.796103][T16890] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1878.844859][T16890] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1878.882061][T16890] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1878.897768][T16890] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1878.950893][   T27] audit: type=1326 audit(6067098787.967:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16960 comm="syz.1.1972" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f794039c799 code=0x0
[ 1878.973639][T16890] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1879.103019][T16890] hsr_slave_0: entered promiscuous mode
[ 1879.125493][T16890] hsr_slave_1: entered promiscuous mode
[ 1879.144297][T16890] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1879.152594][T13070] Bluetooth: hci4: command tx timeout
[ 1879.178973][T16890] Cannot create hsr debugfs directory
[ 1879.187490][T16972] overlayfs: overlapping lowerdir path
[ 1879.224943][T16972] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1879.274884][T16972] overlayfs: overlapping lowerdir path
[ 1880.001362][T16994] overlayfs: overlapping lowerdir path
[ 1880.009858][T16994] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1880.018989][T16994] overlayfs: overlapping lowerdir path
[ 1880.413927][T17011] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1988'.
[ 1880.438759][   T27] audit: type=1326 audit(6067098789.457:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17005 comm="syz.1.1986" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f794039c799 code=0x0
[ 1880.782112][T17025] overlayfs: overlapping lowerdir path
[ 1880.839840][T17025] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1880.859069][T17025] overlayfs: overlapping lowerdir path
[ 1881.231080][T13070] Bluetooth: hci4: command tx timeout
[ 1881.315082][T17039] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1996'.
[ 1881.615799][T16890] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1881.649398][T16890] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1881.680320][T16890] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1881.728667][T17056] overlayfs: overlapping lowerdir path
[ 1881.744593][T16890] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1881.764210][T17056] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1881.792054][T17056] overlayfs: overlapping lowerdir path
[ 1882.050542][T17066] netlink: 'syz.1.2004': attribute type 14 has an invalid length.
[ 1882.059406][T17066] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2004'.
[ 1882.076758][T17066] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1882.086606][T17066] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1882.096016][T17066] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1882.105266][T17066] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1882.131492][T16890] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1882.162850][T17066] netlink: 'syz.1.2004': attribute type 14 has an invalid length.
[ 1882.185360][T17066] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2004'.
[ 1882.243558][T16890] 8021q: adding VLAN 0 to HW filter on device team0
[ 1882.273860][   T27] audit: type=1326 audit(6067098791.297:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17068 comm="syz.0.2005" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x0
[ 1882.296507][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1882.316941][ T3440] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1882.324192][ T3440] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1882.397719][T17075] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2007'.
[ 1882.418234][ T3440] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1882.425539][ T3440] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1882.962311][T17096] 9pnet_virtio: no channels available for device syz
[ 1883.198153][T16890] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1883.311105][T13070] Bluetooth: hci4: command tx timeout
[ 1883.540062][T17114] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1884.140949][T16890] veth0_vlan: entered promiscuous mode
[ 1884.216042][T16890] veth1_vlan: entered promiscuous mode
[ 1884.342187][T16890] veth0_macvtap: entered promiscuous mode
[ 1884.452147][T16890] veth1_macvtap: entered promiscuous mode
[ 1884.550027][T16890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1884.606709][T16890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1884.647489][T16890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1884.690972][T16890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1884.713605][T16890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1884.724746][T16890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1884.740458][T16890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1884.760421][T16890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1884.796764][T16890] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1884.815472][T16890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1884.850817][T16890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1884.909530][T16890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1884.930912][T16890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1884.968059][T16890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1885.006153][T16890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1885.043572][T16890] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1885.062192][T16890] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1885.089780][T16890] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1885.126845][T16890] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1885.168083][T16890] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1885.184832][T16890] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1885.194191][T16890] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1885.391640][T13070] Bluetooth: hci4: command tx timeout
[ 1885.488762][T12552] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1885.525660][T12552] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1885.628259][  T162] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1885.644221][  T162] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1885.730911][ T5814] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 1885.844713][T17193] tipc: Started in network mode
[ 1885.849821][T17193] tipc: Node identity ea3d417d4dc4, cluster identity 4711
[ 1885.858511][T17193] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1885.868529][T17193] tipc: Resetting bearer <eth:syzkaller0>
[ 1885.912867][T17192] tipc: Disabling bearer <eth:syzkaller0>
[ 1885.932864][ T5814] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1885.951233][ T5814] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1885.975308][ T5814] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1886.015431][ T5814] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1886.049979][T17182] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1886.102863][ T5814] usb 6-1: Quirk or no altest; falling back to MIDI 1.0
[ 1886.432949][T13948] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1886.691213][T13948] usb 2-1: Using ep0 maxpacket: 8
[ 1886.712671][T13948] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1886.746619][ T5817] usb 6-1: USB disconnect, device number 3
[ 1886.776034][T13948] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1886.827696][T13948] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1886.891866][T13948] usb 2-1: config 0 descriptor??
[ 1886.943216][T17219] binder_alloc: 17215: binder_alloc_buf, no vma
[ 1887.126062][T13948] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1887.294768][T17231] binder: BINDER_SET_CONTEXT_MGR bad uid 60929 != 0
[ 1887.311607][T17231] binder: 17230:17231 ioctl 4018620d 200000000040 returned -1
[ 1887.369018][ T5817] usb 2-1: USB disconnect, device number 5
[ 1887.477534][T17237] syz.0.2052 (17237): /proc/17236/oom_adj is deprecated, please use /proc/17236/oom_score_adj instead.
[ 1888.106971][T17261] fuse: Bad value for 'fd'
[ 1888.699957][T17286] binder_alloc: 17278: binder_alloc_buf, no vma
[ 1889.059669][T17299] fuse: Bad value for 'fd'
[ 1890.296028][T17346] fuse: Bad value for 'fd'
[ 1891.099945][T17372] team0: Port device vlan2 added
[ 1891.411033][T16132] block nbd3: Possible stuck request ffff888021de0000: control (read@0,4096B). Runtime 30 seconds
[ 1892.942123][T17431] netlink: 'syz.5.2110': attribute type 10 has an invalid length.
[ 1893.046725][T17431] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1893.090881][T10764] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[ 1893.302372][T10764] usb 5-1: Using ep0 maxpacket: 8
[ 1893.322379][T10764] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1893.341831][T10764] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1893.372580][T10764] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1893.402335][T10764] usb 5-1: config 0 descriptor??
[ 1893.639220][T10764] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1893.858145][ T5817] usb 5-1: USB disconnect, device number 8
[ 1894.810412][T17493] syzkaller0: entered promiscuous mode
[ 1894.829076][T17493] syzkaller0: entered allmulticast mode
[ 1897.692690][T17586] binder: BINDER_SET_CONTEXT_MGR already set
[ 1897.698789][T17586] binder: 17585:17586 ioctl 4018620d 200000004a80 returned -16
[ 1898.472813][T17613] 9pnet_virtio: no channels available for device syz
[ 1906.197414][T17743] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2181'.
[ 1906.217240][T17743] netlink: 'syz.1.2181': attribute type 30 has an invalid length.
[ 1906.268402][T17746] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2181'.
[ 1906.286092][T17746] netlink: 'syz.1.2181': attribute type 30 has an invalid length.
[ 1906.352963][T17749] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2184'.
[ 1906.383726][T17749] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2184'.
[ 1906.958402][T17771] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2191'.
[ 1906.986421][T17771] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2191'.
[ 1907.046120][T17771] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1907.055310][T17771] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1907.064328][T17771] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1907.074168][T17771] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1907.157537][T17771] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2191'.
[ 1907.184904][T17771] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2191'.
[ 1907.427747][T17773] syzkaller0: entered promiscuous mode
[ 1907.454041][T17773] syzkaller0: entered allmulticast mode
[ 1907.506469][T17790] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2194'.
[ 1909.267316][T17825] binder: 17823:17825 ioctl c0306201 0 returned -14
[ 1909.607769][T13785] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[ 1909.656058][T13785] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1912.238728][T17796] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2195'.
[ 1912.260863][T17796] netlink: 'syz.4.2195': attribute type 30 has an invalid length.
[ 1912.312842][T17800] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2195'.
[ 1912.340768][T17800] netlink: 'syz.4.2195': attribute type 30 has an invalid length.
[ 1913.098672][T17867] overlayfs: failed to resolve './file0': -2
[ 1913.348441][T17878] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2217'.
[ 1913.377318][T17878] netlink: 'syz.5.2217': attribute type 30 has an invalid length.
[ 1913.411921][T17878] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1913.422114][T17878] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1913.431167][T17878] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1913.440025][T17878] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1913.472940][T17882] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2217'.
[ 1913.501833][T17882] netlink: 'syz.5.2217': attribute type 30 has an invalid length.
[ 1914.053228][T17902] binder: 17900:17902 ioctl 4018620d 0 returned -22
[ 1914.171429][T17908] overlayfs: failed to resolve './file0': -2
[ 1914.241257][T17911] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2227'.
[ 1914.247360][T17906] sd 0:0:1:0: PR command failed: 1026
[ 1914.260828][T17911] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2227'.
[ 1914.308008][T17906] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1914.315901][T17906] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1914.392988][T17911] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2227'.
[ 1914.417196][T17911] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2227'.
[ 1914.554421][T17915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2228'.
[ 1914.580201][T17915] netlink: 'syz.0.2228': attribute type 30 has an invalid length.
[ 1914.592828][T17918] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2229'.
[ 1914.607997][T17915] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1914.616904][T17915] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1914.625950][T17915] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1914.634837][T17915] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1914.712672][T17916] netlink: 'syz.0.2228': attribute type 30 has an invalid length.
[ 1915.085966][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1915.100522][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1915.237767][T17936] binder: 17935:17936 ioctl 4018620d 0 returned -22
[ 1915.487916][T17944] overlayfs: failed to resolve './file0': -2
[ 1916.155034][T17957] netlink: 'syz.1.2241': attribute type 30 has an invalid length.
[ 1916.322649][T17958] netlink: 'syz.1.2241': attribute type 30 has an invalid length.
[ 1916.966964][T17971] overlayfs: failed to resolve './file0': -2
[ 1917.130525][T17974] binder: 17972:17974 ioctl 4018620d 0 returned -22
[ 1917.711365][T17981] fuse: Bad value for 'user_id'
[ 1918.037600][T17989] __nla_validate_parse: 3 callbacks suppressed
[ 1918.037621][T17989] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2252'.
[ 1918.122983][T17989] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2252'.
[ 1918.292217][T17989] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2252'.
[ 1918.332532][T17989] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2252'.
[ 1918.496488][T18002] overlayfs: failed to resolve './file0': -2
[ 1918.898691][T18018] fuse: Bad value for 'fd'
[ 1919.777956][T18052] fuse: Bad value for 'fd'
[ 1920.559088][T18076] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1920.846895][T18086] fuse: Bad value for 'fd'
[ 1921.475586][T16132] block nbd3: Possible stuck request ffff888021de0000: control (read@0,4096B). Runtime 60 seconds
[ 1921.740899][T18107] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1921.965936][T18114] netlink: 'syz.1.2291': attribute type 10 has an invalid length.
[ 1922.265216][T18123] fuse: Bad value for 'fd'
[ 1922.361250][T18129] binder_alloc: 18124: binder_alloc_buf, no vma
[ 1922.438901][T18133] overlayfs: failed to resolve './file1': -2
[ 1922.667153][T18143] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1922.883138][   T27] audit: type=1326 audit(6067098831.907:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18148 comm="syz.0.2301" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a14f9c799 code=0x0
[ 1924.142085][T18194] binder_alloc: 18189: binder_alloc_buf, no vma
[ 1925.332121][T18226] fuse: Unknown parameter 'grou00000000000000000000'
[ 1926.308120][T18257] binder_alloc: 18249: binder_alloc_buf, no vma
[ 1926.418518][T18261] fuse: Unknown parameter 'grou00000000000000000000'
[ 1927.620542][T18303] fuse: Bad value for 'group_id'
[ 1928.116920][ T5817] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[ 1928.210913][ T5817] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1928.858959][T18342] fuse: Bad value for 'group_id'
[ 1930.278910][T18379] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2354'.
[ 1930.310603][T18379] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2354'.
[ 1930.341496][T18379] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2354'.
[ 1930.365773][T18379] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2354'.
[ 1930.783066][T18400] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1931.482897][T18418] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2365'.
[ 1931.508056][T18418] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2365'.
[ 1931.742084][T18425] block nbd0: server does not support multiple connections per device.
[ 1931.786450][T18425] block nbd0: shutting down sockets
[ 1932.432438][T18452] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2375'.
[ 1932.451705][T18452] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2375'.
[ 1933.304067][T18472] syzkaller0: entered promiscuous mode
[ 1933.316605][T18472] syzkaller0: entered allmulticast mode
[ 1934.183986][T18497] binder: BINDER_SET_CONTEXT_MGR already set
[ 1934.196798][T18497] binder: 18496:18497 ioctl 4018620d 2000000002c0 returned -16
[ 1936.660596][T18521] fuse: Bad value for 'fd'
[ 1938.464447][T18504] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2386'.
[ 1938.474549][T18504] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2386'.
[ 1938.978993][T18552] fuse: Bad value for 'fd'
[ 1939.559826][T18570] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2405'.
[ 1939.620983][T18570] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2405'.
[ 1939.865967][T18573] syzkaller0: entered promiscuous mode
[ 1939.876313][T18573] syzkaller0: entered allmulticast mode
[ 1940.077620][T18584] fuse: Bad value for 'fd'
[ 1941.108906][T18620] fuse: Unknown parameter 'grou00000000000000000000'
[ 1941.412266][T18629] fuse: Invalid rootmode
[ 1942.212013][T18651] fuse: Unknown parameter 'grou00000000000000000000'
[ 1943.422863][T18657] fuse: Invalid rootmode
[ 1944.798029][T18641] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1945.302832][T18674] fuse: Bad value for 'fd'
[ 1945.538236][T18684] fuse: Invalid rootmode
[ 1946.359206][T18706] syzkaller0: entered promiscuous mode
[ 1946.378393][T18706] syzkaller0: entered allmulticast mode
[ 1946.443843][T18713] binder_alloc: 18712: pid 18712 spamming oneway? 1 buffers allocated for a total size of 4096
[ 1950.989835][T18746] netlink: 'syz.4.2455': attribute type 30 has an invalid length.
[ 1951.021081][T18748] netlink: 'syz.4.2455': attribute type 30 has an invalid length.
[ 1951.551345][T16132] block nbd3: Possible stuck request ffff888021de0000: control (read@0,4096B). Runtime 90 seconds
[ 1952.014503][T18788] syzkaller0: entered promiscuous mode
[ 1952.027385][T18788] syzkaller0: entered allmulticast mode
[ 1952.119084][T18790] syzkaller0: entered promiscuous mode
[ 1952.140879][T18790] syzkaller0: entered allmulticast mode
[ 1952.610439][T18810] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2472'.
[ 1954.817691][T18840] overlayfs: missing 'lowerdir'
[ 1957.936512][T18800] netlink: 'syz.1.2469': attribute type 30 has an invalid length.
[ 1957.971880][T18801] netlink: 'syz.1.2469': attribute type 30 has an invalid length.
[ 1958.288617][T18868] binder: 18864:18868 ioctl c0306201 0 returned -14
[ 1958.436507][T18876] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1959.173818][T18891] syzkaller0: entered promiscuous mode
[ 1959.203114][T18891] syzkaller0: entered allmulticast mode
[ 1959.608890][T18912] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1960.131582][T18918] binder_alloc: 18917: binder_alloc_buf, no vma
[ 1960.395669][T18924] binder: 18923:18924 ioctl c0306201 0 returned -14
[ 1961.810555][T18932] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1963.294711][T18907] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2503'.
[ 1963.304490][T18910] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2503'.
[ 1963.568763][T18942] binder_alloc: 18941: binder_alloc_buf, no vma
[ 1963.787003][T18951] Cannot find del_set index 0 as target
[ 1964.167980][T18962] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2527'.
[ 1964.184941][T18962] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2527'.
[ 1964.447284][T18968] binder_alloc: 18967: binder_alloc_buf, no vma
[ 1964.920880][T10764] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[ 1964.978940][T18983] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2537'.
[ 1964.998941][T18984] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2537'.
[ 1965.036364][T18986] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2538'.
[ 1965.129896][T10764] usb 1-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06
[ 1965.159557][T10764] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1965.206009][T10764] usb 1-1: config 0 descriptor??
[ 1965.465706][T13070] Bluetooth: hci3: adv larger than maximum supported
[ 1965.466008][T13070] Bluetooth: hci3: Malformed LE Event: 0x0d
[ 1965.482799][T10764] usb 1-1: string descriptor 0 read error: -71
[ 1965.498503][T10764] usb-storage 1-1:0.0: USB Mass Storage device detected
[ 1965.548127][T10764] usb-storage 1-1:0.0: Quirks match for vid 05ab pid 0060: 2
[ 1965.660438][T10764] usb 1-1: USB disconnect, device number 5
[ 1966.132103][T19024] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2547'.
[ 1966.171310][T19024] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2547'.
[ 1970.304236][ T5139] udevd[5139]: worker [15505] /devices/virtual/block/nbd3 is taking a long time
[ 1976.517602][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[ 1976.524158][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[ 1981.634546][T16132] block nbd3: Possible stuck request ffff888021de0000: control (read@0,4096B). Runtime 120 seconds
[ 2004.195701][T13070] Bluetooth: hci4: command 0x0406 tx timeout
[ 2009.801228][   T29] INFO: task syz.3.1804:16355 blocked for more than 143 seconds.
[ 2009.809292][   T29]       Not tainted syzkaller #0
[ 2009.830803][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2009.839603][   T29] task:syz.3.1804      state:D stack:27016 pid:16355 ppid:15501  flags:0x00004004
[ 2009.871147][   T29] Call Trace:
[ 2009.874582][   T29]  <TASK>
[ 2009.878430][   T29]  __schedule+0x1553/0x45a0
[ 2009.890700][   T29]  ? asan.module_dtor+0x20/0x20
[ 2009.896817][   T29]  ? __mutex_lock+0x6a4/0xcc0
[ 2009.920897][   T29]  ? __mutex_trylock_common+0x8a/0x260
[ 2009.926623][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 2009.940798][   T29]  schedule+0xbd/0x170
[ 2009.945073][   T29]  schedule_preempt_disabled+0x13/0x20
[ 2009.950600][   T29]  __mutex_lock+0x6a9/0xcc0
[ 2009.965883][   T29]  ? __mutex_lock+0x4f9/0xcc0
[ 2009.980849][   T29]  ? blkdev_put+0xff/0x760
[ 2009.985511][   T29]  ? mutex_lock_nested+0x20/0x20
[ 2009.990570][   T29]  ? __fsnotify_parent+0x670/0x7c0
[ 2010.006472][   T29]  blkdev_put+0xff/0x760
[ 2010.031343][   T29]  ? __fput+0x61c/0x970
[ 2010.035660][   T29]  ? blkdev_open+0x360/0x360
[ 2010.040401][   T29]  blkdev_release+0x84/0x90
[ 2010.050742][   T29]  __fput+0x234/0x970
[ 2010.054896][   T29]  task_work_run+0x1d4/0x260
[ 2010.059622][   T29]  ? task_work_cancel+0x220/0x220
[ 2010.080838][   T29]  ? exit_to_user_mode_loop+0x3b/0x110
[ 2010.087323][   T29]  exit_to_user_mode_loop+0xe6/0x110
[ 2010.110873][   T29]  exit_to_user_mode_prepare+0xee/0x180
[ 2010.116635][   T29]  syscall_exit_to_user_mode+0x1a/0x50
[ 2010.131620][   T29]  do_syscall_64+0x61/0xa0
[ 2010.136325][   T29]  ? clear_bhb_loop+0x40/0x90
[ 2010.150718][   T29]  ? clear_bhb_loop+0x40/0x90
[ 2010.155641][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2010.171096][   T29] RIP: 0033:0x7f48ab59c799
[ 2010.175785][   T29] RSP: 002b:00007fff01910098 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 2010.201112][   T29] RAX: 0000000000000000 RBX: 00007f48ab817da0 RCX: 00007f48ab59c799
[ 2010.209235][   T29] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 2010.231777][   T29] RBP: 00007f48ab817da0 R08: 0000000000000006 R09: 0000000000000000
[ 2010.239933][   T29] R10: 00007f48ab817cb0 R11: 0000000000000246 R12: 00000000001c6927
[ 2010.270752][   T29] R13: 00007f48ab815fac R14: 00000000001c6652 R15: 00007fff019101a0
[ 2010.278875][   T29]  </TASK>
[ 2010.290757][   T29] INFO: task syz.3.1804:16357 blocked for more than 143 seconds.
[ 2010.298569][   T29]       Not tainted syzkaller #0
[ 2010.319949][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2010.341498][   T29] task:syz.3.1804      state:D stack:27880 pid:16357 ppid:15501  flags:0x00004004
[ 2010.361010][   T29] Call Trace:
[ 2010.364466][   T29]  <TASK>
[ 2010.367452][   T29]  __schedule+0x1553/0x45a0
[ 2010.380731][   T29]  ? asan.module_dtor+0x20/0x20
[ 2010.385764][   T29]  ? __mutex_lock+0x6a4/0xcc0
[ 2010.410668][   T29]  ? __mutex_trylock_common+0x8a/0x260
[ 2010.416243][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 2010.430754][   T29]  schedule+0xbd/0x170
[ 2010.434953][   T29]  schedule_preempt_disabled+0x13/0x20
[ 2010.440546][   T29]  __mutex_lock+0x6a9/0xcc0
[ 2010.460741][   T29]  ? __mutex_lock+0x4f9/0xcc0
[ 2010.465551][   T29]  ? blkdev_put+0xff/0x760
[ 2010.470044][   T29]  ? mutex_lock_nested+0x20/0x20
[ 2010.490795][   T29]  ? __fsnotify_parent+0x670/0x7c0
[ 2010.496957][   T29]  blkdev_put+0xff/0x760
[ 2010.510993][   T29]  ? blkdev_open+0x360/0x360
[ 2010.515689][   T29]  blkdev_release+0x84/0x90
[ 2010.520254][   T29]  __fput+0x234/0x970
[ 2010.540739][   T29]  task_work_run+0x1d4/0x260
[ 2010.545449][   T29]  ? task_work_cancel+0x220/0x220
[ 2010.550534][   T29]  ? blkdev_compat_ptr_ioctl+0xd0/0xd0
[ 2010.566297][   T29]  ? exit_to_user_mode_loop+0x3b/0x110
[ 2010.580990][   T29]  exit_to_user_mode_loop+0xe6/0x110
[ 2010.586400][   T29]  exit_to_user_mode_prepare+0xee/0x180
[ 2010.610672][   T29]  syscall_exit_to_user_mode+0x1a/0x50
[ 2010.616236][   T29]  do_syscall_64+0x61/0xa0
[ 2010.630701][   T29]  ? clear_bhb_loop+0x40/0x90
[ 2010.635524][   T29]  ? clear_bhb_loop+0x40/0x90
[ 2010.640393][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2010.660685][   T29] RIP: 0033:0x7f48ab59c799
[ 2010.665193][   T29] RSP: 002b:00007f48ac489028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2010.690660][   T29] RAX: 0000000000000000 RBX: 00007f48ab815fa0 RCX: 00007f48ab59c799
[ 2010.710901][   T29] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000004
[ 2010.718964][   T29] RBP: 00007f48ab632bd9 R08: 0000000000000000 R09: 0000000000000000
[ 2010.740676][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2010.748755][   T29] R13: 00007f48ab816038 R14: 00007f48ab815fa0 R15: 00007fff0190ff38
[ 2010.770713][   T29]  </TASK>
[ 2010.773895][   T29] 
[ 2010.773895][   T29] Showing all locks held in the system:
[ 2010.800662][   T29] 1 lock held by khungtaskd/29:
[ 2010.805661][   T29]  #0: ffffffff8d131fa0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290
[ 2010.830725][   T29] 4 locks held by dhcpcd/5434:
[ 2010.835581][   T29] 2 locks held by getty/5530:
[ 2010.840370][   T29]  #0: ffff88814cd2f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 2010.870673][   T29]  #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x433/0x1390
[ 2010.890675][   T29] 1 lock held by udevd/15505:
[ 2010.895442][   T29]  #0: ffff888021cab4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x121/0x600
[ 2010.921058][   T29] 1 lock held by syz.3.1804/16355:
[ 2010.926301][   T29]  #0: ffff888021cab4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xff/0x760
[ 2010.951047][   T29] 1 lock held by syz.3.1804/16357:
[ 2010.956277][   T29]  #0: ffff888021cab4c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put+0xff/0x760
[ 2010.980722][   T29] 
[ 2010.983131][   T29] =============================================
[ 2010.983131][   T29] 
[ 2011.001188][   T29] NMI backtrace for cpu 1
[ 2011.005622][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[ 2011.012869][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2011.022981][   T29] Call Trace:
[ 2011.026321][   T29]  <TASK>
[ 2011.029294][   T29]  dump_stack_lvl+0x18c/0x250
[ 2011.034047][   T29]  ? show_regs_print_info+0x20/0x20
[ 2011.039299][   T29]  ? load_image+0x400/0x400
[ 2011.043847][   T29]  nmi_cpu_backtrace+0x3a6/0x3e0
[ 2011.048917][   T29]  ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0
[ 2011.055117][   T29]  ? _printk+0xde/0x130
[ 2011.059428][   T29]  ? load_image+0x400/0x400
[ 2011.064009][   T29]  ? load_image+0x400/0x400
[ 2011.068647][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[ 2011.074793][   T29]  nmi_trigger_cpumask_backtrace+0x17a/0x2f0
[ 2011.081258][   T29]  watchdog+0xf3d/0xf80
[ 2011.085566][   T29]  ? watchdog+0x1e1/0xf80
[ 2011.089946][   T29]  kthread+0x2fa/0x390
[ 2011.094047][   T29]  ? hungtask_pm_notify+0x90/0x90
[ 2011.099108][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 2011.103724][   T29]  ret_from_fork+0x48/0x80
[ 2011.108176][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 2011.112807][   T29]  ret_from_fork_asm+0x11/0x20
[ 2011.117655][   T29]  </TASK>
[ 2011.120728][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2011.128165][   T29] Sending NMI from CPU 1 to CPUs 0:
[ 2011.133655][    C0] NMI backtrace for cpu 0
[ 2011.133667][    C0] CPU: 0 PID: 5433 Comm: dhcpcd Not tainted syzkaller #0
[ 2011.133682][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2011.133692][    C0] RIP: 0010:in_gate_area_no_mm+0x14/0x50
[ 2011.133723][    C0] Code: c6 44 89 f0 5b 41 5e 41 5f 5d c3 66 2e 0f 1f 84 00 00 00 00 00 90 66 0f 1f 00 55 53 48 89 fb e8 f2 78 86 00 8b 2d dc 73 a6 0b <bf> 02 00 00 00 89 ee e8 90 7c 86 00 83 fd 02 40 0f 95 c5 48 81 e3
[ 2011.133736][    C0] RSP: 0018:ffffc900037b7098 EFLAGS: 00000293
[ 2011.133750][    C0] RAX: ffffffff81009c1e RBX: 00007fd54191f407 RCX: ffff888026d9bc00
[ 2011.133762][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00007fd54191f407
[ 2011.133772][    C0] RBP: 0000000000000001 R08: ffff888026d9bc00 R09: 0000000000000003
[ 2011.133782][    C0] R10: 0000000000000004 R11: 0000000000000000 R12: ffffffff8aa000d0
[ 2011.133792][    C0] R13: ffffc900037b7528 R14: dffffc0000000000 R15: 1ffff920006f6e2a
[ 2011.133804][    C0] FS:  00007fd541895740(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 2011.133818][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2011.133828][    C0] CR2: 0000560c203b5000 CR3: 0000000077e3c000 CR4: 00000000003506f0
[ 2011.133843][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2011.133851][    C0] DR3: 00000000ffffdb67 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 2011.133861][    C0] Call Trace:
[ 2011.133867][    C0]  <TASK>
[ 2011.133873][    C0]  kernel_text_address+0x2d/0xd0
[ 2011.133898][    C0]  __kernel_text_address+0xd/0x30
[ 2011.133921][    C0]  unwind_get_return_address+0x5d/0xc0
[ 2011.133937][    C0]  ? stack_trace_save+0x100/0x100
[ 2011.133964][    C0]  arch_stack_walk+0x11d/0x190
[ 2011.133988][    C0]  stack_trace_save+0xaa/0x100
[ 2011.134007][    C0]  ? stack_trace_snprint+0xf0/0xf0
[ 2011.134033][    C0]  kasan_set_track+0x4e/0x70
[ 2011.134050][    C0]  ? kasan_set_track+0x4e/0x70
[ 2011.134066][    C0]  ? kasan_save_free_info+0x2e/0x50
[ 2011.134087][    C0]  ? ____kasan_slab_free+0x126/0x1e0
[ 2011.134104][    C0]  ? slab_free_freelist_hook+0x130/0x1a0
[ 2011.134120][    C0]  ? __kmem_cache_free+0xba/0x1e0
[ 2011.134142][    C0]  ? __free_slab+0xbe/0x260
[ 2011.134154][    C0]  ? __slab_free+0x35a/0x400
[ 2011.134168][    C0]  ? qlist_free_all+0x75/0xd0
[ 2011.134189][    C0]  ? kasan_quarantine_reduce+0x143/0x160
[ 2011.134212][    C0]  ? __kasan_slab_alloc+0x22/0x80
[ 2011.134230][    C0]  ? slab_post_alloc_hook+0x6e/0x4b0
[ 2011.134252][    C0]  ? kmem_cache_alloc_node+0x14c/0x320
[ 2011.134275][    C0]  ? __alloc_skb+0x103/0x2c0
[ 2011.134421][    C0]  ? alloc_skb_with_frags+0xca/0x7b0
[ 2011.134444][    C0]  ? sock_alloc_send_pskb+0x883/0x9a0
[ 2011.134465][    C0]  ? unix_dgram_sendmsg+0x5a2/0x16d0
[ 2011.134539][    C0]  ? sock_write_iter+0x2df/0x420
[ 2011.134555][    C0]  ? vfs_write+0x46c/0x990
[ 2011.134576][    C0]  ? ksys_write+0x150/0x260
[ 2011.134596][    C0]  ? do_syscall_64+0x55/0xa0
[ 2011.134620][    C0]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2011.134658][    C0]  ? __kmem_cache_free+0xba/0x1e0
[ 2011.134681][    C0]  kasan_save_free_info+0x2e/0x50
[ 2011.134702][    C0]  ____kasan_slab_free+0x126/0x1e0
[ 2011.134722][    C0]  slab_free_freelist_hook+0x130/0x1a0
[ 2011.134738][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[ 2011.134756][    C0]  ? __free_slab+0xbe/0x260
[ 2011.134769][    C0]  __kmem_cache_free+0xba/0x1e0
[ 2011.134796][    C0]  __free_slab+0xbe/0x260
[ 2011.134811][    C0]  __slab_free+0x35a/0x400
[ 2011.134828][    C0]  ? _raw_spin_unlock+0x40/0x40
[ 2011.134844][    C0]  ? __phys_addr+0xba/0x170
[ 2011.134865][    C0]  qlist_free_all+0x75/0xd0
[ 2011.134889][    C0]  kasan_quarantine_reduce+0x143/0x160
[ 2011.134914][    C0]  __kasan_slab_alloc+0x22/0x80
[ 2011.134934][    C0]  slab_post_alloc_hook+0x6e/0x4b0
[ 2011.134968][    C0]  kmem_cache_alloc_node+0x14c/0x320
[ 2011.134991][    C0]  ? mark_lock+0x94/0x320
[ 2011.135008][    C0]  ? __alloc_skb+0x103/0x2c0
[ 2011.135035][    C0]  __alloc_skb+0x103/0x2c0
[ 2011.135061][    C0]  alloc_skb_with_frags+0xca/0x7b0
[ 2011.135088][    C0]  sock_alloc_send_pskb+0x883/0x9a0
[ 2011.135119][    C0]  ? sock_kzfree_s+0x50/0x50
[ 2011.135139][    C0]  ? do_raw_spin_lock+0x11f/0x2c0
[ 2011.135161][    C0]  ? __rwlock_init+0x150/0x150
[ 2011.135184][    C0]  ? do_raw_spin_unlock+0x121/0x230
[ 2011.135208][    C0]  unix_dgram_sendmsg+0x5a2/0x16d0
[ 2011.135239][    C0]  ? aa_sk_perm+0x83c/0x970
[ 2011.135269][    C0]  ? unix_dgram_poll+0x680/0x680
[ 2011.135292][    C0]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[ 2011.135319][    C0]  ? aa_sock_msg_perm+0x94/0x150
[ 2011.135340][    C0]  ? unix_seqpacket_sendmsg+0x10c/0x1e0
[ 2011.135368][    C0]  sock_write_iter+0x2df/0x420
[ 2011.135386][    C0]  ? sock_read_iter+0x3e0/0x3e0
[ 2011.135408][    C0]  ? common_file_perm+0x198/0x1f0
[ 2011.135432][    C0]  vfs_write+0x46c/0x990
[ 2011.135456][    C0]  ? file_end_write+0x250/0x250
[ 2011.135487][    C0]  ? __fdget_pos+0x1d8/0x330
[ 2011.135511][    C0]  ksys_write+0x150/0x260
[ 2011.135534][    C0]  ? __ia32_sys_read+0x90/0x90
[ 2011.135561][    C0]  do_syscall_64+0x55/0xa0
[ 2011.135583][    C0]  ? clear_bhb_loop+0x40/0x90
[ 2011.135600][    C0]  ? clear_bhb_loop+0x40/0x90
[ 2011.135619][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2011.135636][    C0] RIP: 0033:0x7fd54191f407
[ 2011.135650][    C0] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 2011.135663][    C0] RSP: 002b:00007ffe3f6b0eb0 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 2011.135679][    C0] RAX: ffffffffffffffda RBX: 00007fd541895740 RCX: 00007fd54191f407
[ 2011.135690][    C0] RDX: 000000000000003b RSI: 00007ffe3f6b0f10 RDI: 0000000000000005
[ 2011.135700][    C0] RBP: 0000560c1af4e168 R08: 0000000000000000 R09: 0000000000000000
[ 2011.135709][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffe3f6b1340
[ 2011.135719][    C0] R13: 0000560c20518190 R14: 0000560c205115a0 R15: 0000560c2067b0e0
[ 2011.135738][    C0]  </TASK>
[ 2011.712983][T16132] block nbd3: Possible stuck request ffff888021de0000: control (read@0,4096B). Runtime 150 seconds
[ 2011.716270][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2011.740126][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[ 2011.747074][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[ 2011.754322][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 2011.764427][   T29] Call Trace:
[ 2011.767799][   T29]  <TASK>
[ 2011.770871][   T29]  dump_stack_lvl+0x18c/0x250
[ 2011.775617][   T29]  ? show_regs_print_info+0x20/0x20
[ 2011.780882][   T29]  ? load_image+0x400/0x400
[ 2011.785444][   T29]  panic+0x2dc/0x730
[ 2011.789472][   T29]  ? schedule_preempt_disabled+0x20/0x20
[ 2011.795172][   T29]  ? bpf_jit_dump+0xd0/0xd0
[ 2011.799739][   T29]  ? __irq_work_queue_local+0x13a/0x3b0
[ 2011.805397][   T29]  ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0
[ 2011.811632][   T29]  watchdog+0xf7c/0xf80
[ 2011.815859][   T29]  ? watchdog+0x1e1/0xf80
[ 2011.820343][   T29]  kthread+0x2fa/0x390
[ 2011.824466][   T29]  ? hungtask_pm_notify+0x90/0x90
[ 2011.829556][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 2011.834304][   T29]  ret_from_fork+0x48/0x80
[ 2011.838816][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 2011.843552][   T29]  ret_from_fork_asm+0x11/0x20
[ 2011.848393][   T29]  </TASK>
[ 2011.852018][   T29] Kernel Offset: disabled
[ 2011.856363][   T29] Rebooting in 86400 seconds..