last executing test programs:

47.461067962s ago: executing program 1 (id=2):
socket(0x10, 0x3, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000019c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$kcm(0x29, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = open$dir(&(0x7f00000002c0)='./file0\x00', 0x3c1401, 0x80)
r5 = openat(r4, &(0x7f0000000340)='./file0\x00', 0x42, 0x4)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r5, 0x40383d0c, &(0x7f0000000040)={{0x1, 0x1}, {0x3, 0x1003ff}, 0x4, 0x6})
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net/protocols\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r6, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

46.447050194s ago: executing program 1 (id=6):
socket(0x10, 0x3, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000019c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$kcm(0x29, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000580)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff48700000020000005c0000000000000095000000000000002ba728041598d6fbd307ce99e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f071326bd9174842fa9ea4318123341cf9d90a0e168c1884d005d94f204e345c652fbc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc84e974a22a550d6f97181980400003e05df3ceb9f1feae5737ecaa81d666963c474c2a19eed87b277be335c75e04ad6ee1cbf9b0a4def23d410f6296b32ae343881dcc7b1b85f3c3d44aeaced3641110bec4e90a634196508000000000000f0f4ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d4dcecb0c005d2a1bcf9436e101040000f73902ebcf0200822775985b231f000000ccb0ecf31b715f5888b2a858ab3f11afc9bd08c676d2b89432fb465b3dad9d2aa7f1521bc9901de2eb879a15943b6dc8ea15aab9dd6968698e3095c4c5c7a156cec33a7bb727667d81ff2757ca1e6bfdd4c968dacf81e65998b9091957d1d11a5730baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba165d876defd3541772f26e27c44cfd7bb5097379cf1756869cebc7b0b2d85d6d29983e830a9cdd1d0a017c100344c52a6f387a1340a1c8889464f90c284a4db539621fbb70f01a2c02dec4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae610afd01409d9a337ac5d58bcb5e5fc231514952c5255f22bd8b325d9b76e57f041b665ab0249886c0a65cc99d5893521372c8d8b7bacac24000020a4a24d8dbd75062e1daef9dead619cc6e7baa72706287793c3d2a2661edcd3545236c204682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b993508000000e480cd9d4850a049ee19b67d17ef0477aeb12b1d2502000000d9051f22614d1f62734d678039a97d2b74f9e8e97f4e8e7025123e783df8b8a17e3aa9fe9c502f9acee4f1b56e1f23128d743792cead3c058a5b700d64d160abe33df726608510136ce8bf239414a1d98ea93e3d35dbb6c23b90cf36e83b8a4309b402d264b09f2779a0bcd7cd6dfc06b02e69d384146056d125cf4aadd80800000000000000e88d10acd06864eac44c42fbe334bdc3e9768fc360b130dc6111fe3293e8e02f819a2aa34dba1c25be27945507a3477b437525b81aef2f0b4c4f63483026b5e34d44705b76ef29f7f6e0a2be625eae975e02069f6f24e1e1bc976d965ddabb01085f16bff63a06578d6d184f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8eae87691fae365a70c3f15871565bba8dd8a8ca049f798abe646f738bebdfc9d8a5edd7a19ca6a42bc3f1db37c17f22a287c6d31a13db5dfef409eb1d3c91c6e6f80d215c9e16e0c4736c81936315418f26770cca4e2f89800d18c89d7f46f679df6c9e2005f209dda94302a30003b952ae1ebfd0ca88368ee6ce139e8b5822422cf4c9dde943d34c432e1001171792c65986146666a549092398af45ba38c41df7e0fffeac41824ca1fd0eb68aa243c9035c788d5480e5aee9c9e5f2e5a3628995b1531bd20360d33d8f9ffffff5f4bf6ea8a1850c4f83306dbca02ee3686da707b6d85db491ba0cc33f6be92c55969a2b52a25419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9bc31f0983ae94d81b524b4788be2a442aa81b259e9eb1bf5314844051f3a642aca9ff98c9036471ccff0522903e7bcf62e18f7796bbc280b95e190d6fd5644b0ebde3885b06548862de809d3dae3cccf109f7c78e8479a345e805e47dfa82cafc6b64b1f4659834aecbeded44b11a443c5ba92a326dd10921aa79c62800844c7a59f55ee205a11ab50fb402e7da6ada561ec1117cc186b01fd5c2061d22156b1b7d5f80c580dc31b0963ff953ce09148e8dfea9d03a61bbd2bb173518507a3cd0e37c4da0a71eee31071d5d642498181c69cee3b2e414ddd6a12ff4bdf6e96c247b6025d4376067e25357d3b521a5b927d3392a7503718aea24179528f6a0c6de0100b49cad1e4d6b000000000000005b2d16877299acefc0655bc1422c3d425d988eedebcf242b780a687e9acae2a5a71c2a16a32ceb377f5d54f9b2fa90b2905925e611be56e9ebe20cab20c290a1f6c09272dbc3b2c0ab2b5baa1b07b16e81f278e54a479f1a06bc06e3656cfa196d6c050000000000000000814955c62a7d72b317399e572a7f6a4657b741eb66c9179ffd097d61fcfd0fa1d46cfb110e3e8cff5579e83f2820f95eaa0c609f666950c24311740e36de8f65708cfffce788c99ef8f62fd2398e999b220125da8eb07947512365abbc5b84ef524bdf184727c67910051f204662264607d548dbdffe14b41dd0843cf3d85bb820656a88a9e52a4cd7b3eeadfe00007267f226019ef0a25bc15da71e893856a2182c3167d8ba73f709294b159a426ce44cd73f000000a66fc501eae0c3504c1400697ba69fd9b7eaf49aff6a6aea529610db8dfef86c3cc698e9fddf1b132876159972281a90c3a4cf415df25fbcdd35cf8368f068c4481844bdd0dda553e1cb0966d5686013d382956d50055dce0d1bc225c1d77612b1ec52e743dbc51f25cc07a202b704577316913cf067fa65e476f688de2d6c54ea192a569eed05d0d7536b3205c68d4ee0fe318ed3112c76dcf128a1d5595b773ef4c8a7ba4e10381de8808ff02dd0a7b996ecf1c65e6d9db90c87123d9cb3945330f7a270ee0cca35b1331ca8fec0b2f39f505140751b60f29a83e4bc0ef2ffea443e4aa221cc38a503add16a2c98cb589e1dac1912b4142a3be30f50b2d9479c5bde0beb38030d0c0ce0598700130000000000000000000000554361e1628ee0017ad19ca787f2c078aa260701ce0800000080623902000000000000000000003d118a04fa6a80c4928c01ccab57b5f4eb265ad15004f967543fe6e6ddc2a12165fe3a08bf9475ee0eee3539369b0e566fedbd215a6ddd4fe03dcc7a922e16410d820747b7e806c0f3b6f14c884d150a0ff07f2e0000bfb083c56d3bed0a61fab880f8885c612ebff8523d14cfb12aca274c000000005e5155611969f6e67dd83b20206207cb8b2cd2fab6fa6d7fdaed6a27a2e4db1d5adc80014ff11d9dbceba41d8dfce410333a054e82b1d050331ce0aeacb843b94d67f69f49eb4dd3b1b85b018359c32df01db8ebce0dbc36cade09c6b44f6bb956fac1ae4db5624d8a02f7be91bec65e4b3373059587dd6528bbc48e3379d477d482faff738c39c61cac1195043bd5b70cea5fc1083a169a8263e9aec56b9f7795fa27634a7f06359e3058d2dd69c4e5cc11b36d9ed9c4b2867f583de6fc582f789722bd1500e64c495abdb72de2c739d38c72f6f4fb1946081dcc825d5b5b747e9fa1b5226cd31e131263f1fcd7d45a630b46d04af906f0be464d829dd2dfcf7400002b7827f6d957e51bb1f1b44a50200c9dfadfaff2e32baa9c0edaac7144e174dba582a951d2b03c27219cec4fbc7b6e99c3f00188941e3fbf008cbace177ae250fd757a22e21ec05aa45c91e1345ca936184c3fc28153283e13654123cfaf4e661f4b6d430adad1e2116bc385f888405d48f0d386da0cc6747b33395772a68f2ea3fb7e7207000000b24088014c8e64f03d053c4e02ddd08b262e422eff1c9f124b892b0a9462b07d4f88c0693bd9c54ad2ab5227aa59ef2b53ac528c0800000000000000ebfde0c4a37c2d55c176680c42ecaf710f95e63007000000e4aa467f995c9bc99e60441d4dbebead3b436427762618810bac7308c6d3298ea932b66572825e62d18462d3b2342ba48c145ff4674a94fa078cc552d064da2bb69a0d269076f8955076578f44ffb8895f11bd5e06840f8848df72230a28e0304569bfa0350b6dde9e96273de1758505aa1ba89dfb12be7a7c6dd18f6148354df7e60a489dc543ccdee1fff9d8f8d78844de27a77ef1181d5055c2a193a5763ed7749a17296c76818b60426082c86619dacc8a884c4de8572a044faf0c8e4377776c8703ecf2e3f1c3d64100cc000000008369f062639e3ddcf725be54f626448fb7bfc74c183b26e31b71a390ccea4be07278dd12fa16848797397b76908fa03613cd961b98b26a0879ccba4a78c82958764bce07a7f70df1cef6d4db1ddbda1db18e4f41c390fd3cb862216ece39a9ec60bd3be5f9329dcaf33bf2c87cc510557460d14421e1d26322ab64388f2ceae70922989f66827fe9acd2ec3ece39f3b4ffdc4dfea3da6ddb002512e2313253801044e751168e32d7bd6800000000a21008b8d26dabe977c503c30ef7c489e5ea1fff041e54de54cfeb258f2387dad096b72a78d91134927492cfc773c731cca9b13b3f6e7760ab0929c46f51ea5643f3df4f4044f3ad0a6ba739e72d8b8b2935d81534bea8372bc590c111d573e04280659a096eaa495a4154daae7d1800c130d920964845c50c8ba4763b19b6008f6d7a5091895c7a4b7816ab706503be879b18b778b0f61ecfde2f8bbb32cfeb766ec4430ee0ad45a0a263ddc4b2f47680c8d53439f8d388dab87112c83997c83e178be287eb6e8c95badaf8ed85cd5b03a7352a0fb83398566d1bc133582ce2d9f601cd23eba4432180b2d5c3019879cd949a5be1b241b3d0d0d52a3529cc9e704a9d8d54f4f7b776a969a4505e18fe5284985ca7d112c397d776e3baba918b7df456bd970e761e00f3b0efa5ce4246d9f08ba60da3be556c518a1f19504c7cea1491a9eadd27d747ca9cc5f92e30b2ca3cf0b142a8554c87e8026d4e586cf5f7c9d412e6eb4f66a076c8bca6b294305969dabb6c932b57a5dd4234bf1ed3"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000000040)={r4, r5})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r6 = open$dir(&(0x7f00000002c0)='./file0\x00', 0x3c1401, 0x80)
r7 = openat(r6, &(0x7f0000000340)='./file0\x00', 0x42, 0x4)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r7, 0x40383d0c, &(0x7f0000000040)={{0x1, 0x1}, {0x3, 0x1003ff}, 0x4, 0x6})
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net/protocols\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r8, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

45.825368327s ago: executing program 1 (id=7):
socket(0x10, 0x3, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000019c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$kcm(0x29, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r5 = open$dir(0x0, 0x3c1401, 0x80)
r6 = openat(r5, &(0x7f0000000340)='./file0\x00', 0x42, 0x4)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r6, 0x40383d0c, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net/protocols\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

44.856407437s ago: executing program 32 (id=7):
socket(0x10, 0x3, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000019c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$kcm(0x29, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r5 = open$dir(0x0, 0x3c1401, 0x80)
r6 = openat(r5, &(0x7f0000000340)='./file0\x00', 0x42, 0x4)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r6, 0x40383d0c, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net/protocols\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

42.896505933s ago: executing program 2 (id=3):
socket$nl_route(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
ioctl$int_in(0xffffffffffffffff, 0x5421, 0x0)
r0 = shmget$private(0x0, 0x3000, 0x54000000, &(0x7f0000ff8000/0x3000)=nil)
shmat(r0, &(0x7f0000ffd000/0x2000)=nil, 0x4000)
mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x2, 0x1)
mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0xfffffffffffffffd, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITE={0x17, 0x4, 0x6000, @fd=r5, 0x1, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000f00)={0x35, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x200000a, 0x5d031, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_ZEROPAGE(r6, 0xc020aa04, &(0x7f0000000100)={{&(0x7f0000fff000/0x1000)=nil, 0x1000}, 0x1})
socket(0x1e, 0x4, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)

40.857787719s ago: executing program 2 (id=16):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000480)=<r1=>0x0)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r0, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="000829bd7000fbdbdf251c00000008000100", @ANYRES32=r1, @ANYBLOB="4e984089387a5fa620d54a9f81166bf2978f57cb1909ea73c2d9bced5df789473d0bad997324da230823779f0f3d9b40661f67d9889c61f88069e698860640bf9e4e7998981b8fe1e6a2ec306b9413396c65c996895f7a7d11094b68e261faa81104d150eac240a3b03a20c1bed28bde4fb884695dba2e1526f3965245bb49d9aed4ca0bf890a3bae6e745b61214369d042c1331fbf81608eaa496b0ad8acf564fa5ae2bfed33af3ea6b283d01688a1a4514a9484928dc6318b954e70786301a54e0529f73862559e5af27f5d7329ffb95"], 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x20000001)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r2)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000220000000a0001007770616e3000000005002000000004000500200000000000050020000000000009001f"], 0x44}}, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$IEEE802154_SCAN_REQ(r0, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, r3, 0x4, 0x70bd25, 0x25dfdbff, {}, [@IEEE802154_ATTR_PAGE={0x5, 0x1d, 0xa}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0xc}, @IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000084}, 0x24000094)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000100e2f16ab200000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000440)='\x00\x00\x00\x00\x00', &(0x7f0000000900), 0x5, r8}, 0x38)
bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r9 = socket$inet(0x2, 0x1, 0x100)
bind$inet(r9, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r9, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r9, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

40.033329059s ago: executing program 2 (id=18):
socket(0x10, 0x3, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000019c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$kcm(0x29, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r5 = open$dir(0x0, 0x3c1401, 0x80)
r6 = openat(r5, &(0x7f0000000340)='./file0\x00', 0x42, 0x4)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r6, 0x40383d0c, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net/protocols\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r7, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

38.854206379s ago: executing program 2 (id=20):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f00000002c0)=0x81)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000340)={0xa9, 0x0, 0x3015, 0x3, 0x9, 0x21, 0x8000})
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0)
capset(0x0, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
preadv(r3, &(0x7f0000000040)=[{&(0x7f0000000080)=""/4097, 0x1001}], 0x1, 0x300, 0x0)

37.917314773s ago: executing program 2 (id=26):
r0 = syz_usb_connect(0x2, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000544fb2f00090582eb1000000001020009050276"], 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f0000000080)=ANY=[])
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000001, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
io_pgetevents(0x0, 0xe9, 0x0, 0x0, 0x0, 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x1, 0x1, 0x1, 0x1000, &(0x7f0000fff000/0x1000)=nil})

36.359812975s ago: executing program 33 (id=26):
r0 = syz_usb_connect(0x2, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000544fb2f00090582eb1000000001020009050276"], 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f0000000080)=ANY=[])
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000001, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
io_pgetevents(0x0, 0xe9, 0x0, 0x0, 0x0, 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x1, 0x1, 0x1, 0x1000, &(0x7f0000fff000/0x1000)=nil})

11.311666983s ago: executing program 0 (id=82):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x284300, 0x0)
openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
ioprio_set$uid(0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)

10.013070825s ago: executing program 0 (id=85):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f00000002c0)=0x81)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000340)={0xa9, 0x0, 0x3015, 0x3, 0x9, 0x21, 0x8000})
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0)
capset(0x0, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
preadv(r3, &(0x7f0000000040)=[{&(0x7f0000000080)=""/4097, 0x1001}], 0x1, 0x300, 0x0)

8.977166701s ago: executing program 0 (id=88):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000240), 0x8)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_lsm={0xd, 0x3, &(0x7f0000000280)=@framed={{0x26, 0xa, 0x0, 0x0, 0x1, 0x61, 0x11, 0xac}, [@call={0x85, 0x0, 0x0, 0x33}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x1}, @generic={0x4, 0x1, 0x6, 0x85, 0xffffff2e}]}, &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fsopen(&(0x7f00000001c0)='f2fs\x00', 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
ptrace(0x10, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
setgroups(0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1d4e, 0x103)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x800}, &(0x7f0000000040), &(0x7f0000000080))
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)}, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000ac0)=ANY=[@ANYRES32], 0x8)
write$qrtrtun(r0, &(0x7f0000000300)="ca0e808bb35bda", 0x7)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x20000080ffff, 0x1}}, 0x40)

7.104297343s ago: executing program 0 (id=89):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, 0x0, 0x0)
sendmsg$NL802154_CMD_SET_LBT_MODE(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f00000001c0)={0x0, 0x0, 0x3012})
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/net\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r6, 0x4138ae84, &(0x7f0000000100)={{0x8080000, 0xdddd1000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x8, 0x9, 0x10}, {0xffff1000, 0xf000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, 0xfd}, {0x2000, 0x5000, 0x9, 0x0, 0x3, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x3000, 0xd000, 0x0, 0x4, 0xff, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4}, {0x2000, 0x3000, 0xd, 0x0, 0xff, 0x4, 0x0, 0xe, 0x0, 0x7}, {0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80, 0xfc}, {0xdddd1000, 0xeeef0000, 0xf, 0x6, 0x0, 0x0, 0x3, 0x20, 0x4}, {0x4cbe9c0859d42495, 0x3000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x26}, {0x80a0000}, {0xdddd1000}, 0xddf8ffdb, 0x0, 0x3000, 0x70, 0xb, 0xf801, 0xdddd0000, [0x0, 0x0, 0x1]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000cc0), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_VERSION(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000001340)={0x0}, 0x1, 0x0, 0x0, 0x2400c800}, 0x0)
sendmsg$NLBL_MGMT_C_VERSION(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000800)=ANY=[@ANYRES16], 0x78}, 0x1, 0x0, 0x0, 0x4805}, 0xc0)
accept(r3, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

6.390512769s ago: executing program 4 (id=90):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000001780)=[{{&(0x7f0000000280)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000400)=[{&(0x7f0000000300)="dba99a61b97a2082ad1d343180489287281c208534a2e787d08d20532fa9f13bacd4a92b70e9723043e1401e2448d3276bb6ab4b82e2ddfaed13d1a579a98e7146b4a4365706d3036dcd01ed66eb60bcc17eb4511cbb8bd6279db87c06d8c7ef655b8cd71e5a3c97a47acc04a21514adfb644dd3ab343736aa8efa7a9f093ca1ff27c604a283e086b314e93b5cf78e9f497f702d8c0e12f0cdcc1c0e3bd0a14124269e3ac5957fdc4bd16d8f6a0fdbe6422107ad08b60a252a60a80028be3a3a968718", 0xc3}, {&(0x7f0000000740)="912aa0ed028a74b43502cf96612ae418552fe0abdbb70a5cc8b48ea0619e915bc6f789bbcceac085241a43c14389bb14b2d2652fb3c26f6ecd7b4a762d3acd2504222f8b098f6442c4ee5e7a60f0e093368f593b363fe877f6d7ff755e4a4ca919f9e07fa222b0b64816794d75e4dba2693225b0f496f26f0a7ea56968353b3a34fb8eb2bdb3b22af9cfcc3df7448318ead61afc9786eb811af7a7bd8a4f304a430b808dc62ef4933ed9e6dadeecb06fe6f68e87109f", 0xb6}], 0x2, 0x0, 0x0, 0x4000040}}, {{&(0x7f0000000580)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000800)=[{&(0x7f0000000500)="82e1dbcc50fbcf79529750ecb51e692f324ff83f379fea5f1cfcfe88ac1b2632fd832d111817cc40a02fa12415810658245694897f1451d7af17ba", 0x3b}], 0x1, 0x0, 0x0, 0x20000000}}, {{&(0x7f0000000840)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f00000008c0), 0x0, &(0x7f0000000cc0)=[@rights={{0x30, 0x1, 0x1, [r2, r2, r2, r3, r2, r2, r2, r3]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @rights={{0x18, 0x1, 0x1, [r2, r3]}}, @rights={{0x20, 0x1, 0x1, [r2, 0xffffffffffffffff, r3, r3]}}, @cred={{0x1c, 0x1, 0x2, {r1}}}], 0xc8, 0x4000}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000dc0)="b0c71290eb03f2a715cbe8ec4a0660f62155538e2ea06d837f14423bd1017ae5c4eccdf9346772ca8860af80c75f1139af6be04ec3b74354b51c63aa6bae40ad11", 0x41}], 0x1, &(0x7f0000000e80)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40, 0x804}}, {{&(0x7f0000000ec0)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000011c0)=[{&(0x7f0000000f40)="264d175b1190a885ff0cdf14297cf8bf63633c97b0aa86fcb2eab5a0bf2aa664a2967e18fab6b1ba6cbb8c5ea5a38f48efce1101689978b443aa0503b61d493d84ece7d1f253d79c1065ae224785fd494b40e5da5001cf0239727069cbff1e6215f2aa5b2b1bb37b95a08d2b26b2d0ea0ef5c51df7dcfc157a1d09027ac5fb3f48a5428fe63f6280ff676a53e94f559ad6df1826e409eafe9f14017b6bb51baf476e65cff646449eac99e05bd2c167d3f4041a331c4553289493f7c7bf87", 0xbe}, {&(0x7f0000001000)="c0817536b0fee5d6f9f10823a24eadcd101703ab38973b04173c29513cd1011f5aeba403ff0dad1e65923ecca4ea07464c2b08790820c9e038d25883a3d3d0a3ca5b0d2d84c9078dc6ba2f266d3aca140890707ea15145c3128617dba4862a1643b28c1081f8b06facb7769493127ec8b36759a7a0354461aedf9af09f54f953d1ed2b23c15c2912b25c466173a467a0532c47046fdf52cf5d35467cb20cfb976c845d08013db17850f1fb3c738c3ecba579228b2ff4f3dec2a1c27ac02bc4ba50ca2bfecfc5f887d5e59db0dd", 0xcd}, {&(0x7f0000001100)="1fa303cbfaac4909b56b88b06cc6531fc930ef20c77a69de82a5e37b79087b9b05ed680eb06822daa5bf85e7a603179a079405360eec68f37d8041cd1f7e5d16204eb016a4347dfa1934c3099d8812999b0a4b6a1e031f9bb49804886375806c00a8ae5c4654c2c98110fded0c51fce1ebf83429d9f2496ea61f9ee58516a2e31a541d81e6cac4c816ea656cc26886821de3bf57c76c32c03af725f946acfcc5f1d4c7631cc0ce", 0xa7}], 0x3, &(0x7f00000013c0)=[@rights={{0x2c, 0x1, 0x1, [r3, r2, r2, 0xffffffffffffffff, r3, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xc8, 0x20000001}}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f00000014c0)="f636412668ac6f5e4b9fbb8c401bf9e3784e9fa9b5d9685d316b837f0b8d62615ca3c2d7b54db6677897aa5168f931e30509eaf47e615a79d553c34acaed73f5e52af386ca5c17eeee954ce17282b71c5858fd7303a1441dc4524e7c3896c3c1d889210269f45147b976", 0x6a}], 0x1, &(0x7f0000001600)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [r3, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r2, 0xffffffffffffffff, 0xffffffffffffffff, r3, 0xffffffffffffffff, r0, 0xffffffffffffffff, r2]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [r2, r0, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r1}}}], 0x148, 0x40000}}], 0x6, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
r6 = fsopen(&(0x7f0000000240)='bfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
shmget$private(0x0, 0x1000, 0x4, &(0x7f0000cac000/0x1000)=nil)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r7, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
poll(&(0x7f0000000100)=[{r0, 0x14}], 0x1, 0x2)
r8 = gettid()
fsmount(r6, 0x0, 0x0)
tkill(r8, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x79, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
umount2(&(0x7f00000001c0)='./file0\x00', 0x4)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)
r9 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r9, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

5.428556495s ago: executing program 3 (id=93):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x284300, 0x0)
openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
ioprio_set$uid(0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)

5.069005325s ago: executing program 4 (id=94):
r0 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x84, 0x0, 0x0)

4.551235951s ago: executing program 3 (id=95):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = syz_open_dev$hiddev(&(0x7f0000000040), 0x16e, 0x1)
ioctl$HIDIOCGPHYS(r2, 0x80404812, &(0x7f0000000180))
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) (async)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e20, 0x1, @loopback, 0x2}]}, &(0x7f00000002c0)=0x10) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000300)={<r3=>0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e20, 0x1, @loopback, 0x2}]}, &(0x7f00000002c0)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, &(0x7f00000000c0)={r3, @in6={{0xa, 0x4e20, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}}, 0x3, 0x7}, 0x90)
syz_open_dev$video(&(0x7f00000001c0), 0x1, 0x402)
getpid()
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x80, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2f}, @NFTA_SET_EXPRESSIONS={0x3c, 0x12, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x4}}}, {0x14, 0x1, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}, {0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x110}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc8}}, 0x20050800) (async)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x80, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2f}, @NFTA_SET_EXPRESSIONS={0x3c, 0x12, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x4}}}, {0x14, 0x1, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}, {0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x110}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc8}}, 0x20050800)

4.493439058s ago: executing program 4 (id=96):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x15, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f00000004c0)=0x27)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000380)={0x1c, r2, 0xf21, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000015}, 0x4000)

3.613075347s ago: executing program 4 (id=98):
socket$kcm(0x10, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0x88, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x7}]}}}]}, 0x3c}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bond0\x00', <r5=>0x0})
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r7=>0x0})
ioctl$sock_inet_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
ftruncate(0xffffffffffffffff, 0x2000009)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mlock2(&(0x7f0000247000/0x1000)=nil, 0x1000, 0x0)
munlockall()
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x4c}, 0x1, 0xba01}, 0x0)

3.221407498s ago: executing program 3 (id=99):
r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000200)={0x1, @sliced})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000300)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r3, @ANYBLOB="010025bd7000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="8a00330080800300ffffffffffff0802110093bb000050505050505000001e000d0100000000ffff00006400080500060202020225a9d5f48cec0301ab06020200050308da022a01013c04050557022d1a004012fd07000000000000070000000b0000000600000400000772065fc103030303710701ff01faff8d6076060e3903000200dd0600000071ce267f4e93a5a0b5548e3800"], 0xa8}, 0x1, 0x0, 0x0, 0x8090}, 0x20040000)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10)
bind$tipc(r5, &(0x7f0000000580)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x0, 0x4}}, 0x10)
r6 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r6, &(0x7f00000006c0)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20044094}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)

2.9389508s ago: executing program 5 (id=100):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001e80)={&(0x7f0000001cc0)=ANY=[@ANYBLOB="09000000000000002cbc7000fedb673745d17626"], 0x14}, 0x1, 0x0, 0x0, 0x8054}, 0x0)

2.766776514s ago: executing program 5 (id=101):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/mcfilter\x00')
preadv(r1, &(0x7f0000000500)=[{&(0x7f0000000280)=""/86, 0x56}, {&(0x7f0000000000)=""/58, 0x3a}, {&(0x7f00000000c0)=""/60, 0x3c}], 0x3, 0x5, 0xfff7fffd)

2.507420392s ago: executing program 6 (id=27):
r0 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xaed\x1a\xa9\xfd\xfa\xad\xd1Ud\xc8\x85HX\xa9%\f\x1aO\xe0\b\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\x00\x00z\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xff^\xff\xf0\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYRES16=r1], 0x100}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000300), 0x180, 0x0)
unlinkat(r2, &(0x7f0000000340)='./file0\x00', 0x0)
mknodat(r2, &(0x7f0000000740)='./file0\x00', 0x80, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
fchown(r3, 0x0, 0x0)
r4 = syz_io_uring_setup(0x553, &(0x7f0000000480)={0x0, 0x1b5d, 0x2, 0x3fffe, 0xd1}, &(0x7f0000000280)=<r5=>0x0, &(0x7f0000000040))
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f00000008c0)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r6, 0x3ba0, &(0x7f0000000140)={0x48, 0x1, r7, 0x0, 0x5, 0xffffffffffffffff})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, &(0x7f0000000340)={0x48, 0x1, r7})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r4, 0x8aa, 0x1302, 0x83, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f0000000780)=0x80000001)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x3c1, 0x3, 0x328, 0x0, 0x168, 0x9, 0x150, 0xb, 0x258, 0x250, 0x250, 0x258, 0x250, 0x3, 0x0, {[{{@uncond, 0x6000000, 0x108, 0x150, 0x0, {0x0, 0x28e}, [@common=@inet=@esp={{0x30}, {[0x4d4, 0x4d5], 0x1}}, @common=@inet=@ipcomp={{0x30}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@private=0xa010102, 'syzkaller0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x108, 0x0, {}, [@common=@mh={{0x28}, {'Mv'}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x4, 0x6, 0x5}, {0x2, 0x1, 0x9}, {0x3, 0x2, 0x1}, 0x0, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x388)
pipe2$9p(&(0x7f0000000800), 0x880)
syz_io_uring_setup(0x7062, &(0x7f0000000180)={0x0, 0x7545, 0x8, 0xfffffffe, 0x2010c}, &(0x7f0000000200), &(0x7f0000000240)=<r8=>0x0)
syz_io_uring_submit(r5, r8, &(0x7f00000002c0)=@IORING_OP_FADVISE={0x18, 0x40, 0x0, @fd_index=0xa, 0x2, 0x0, 0x9, 0x2})
syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo\x00')
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r9 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r9, 0xc018aa3f, &(0x7f00000003c0)={0xaa, 0x8})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$UFFDIO_COPY(r9, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})

2.407249305s ago: executing program 3 (id=102):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000500)=ANY=[@ANYRES32=r1], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f00000000c0)={0x30, 0x5, 0x0, {0x0, 0x10004}}, 0x30)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}})
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xa2000, 0xa3)

2.369360156s ago: executing program 5 (id=103):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='veth1_virt_wifi\x00', 0x10)
setsockopt$inet_int(r2, 0x0, 0x17, &(0x7f0000000080)=0x80000000, 0x4)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f0000000140)={0xa8, 0x0, 0x1})
r3 = dup(r2)
sendmsg$inet(r3, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000000)="be39", 0xffeb}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}], 0xf}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r4, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f00000004c0)=0x27)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r4, 0x84, 0x5, &(0x7f0000000240)={r6, @in={{0x2, 0x4e23, @local}}}, 0x84)
connect$inet6(r4, &(0x7f0000000240)={0xa, 0x4e20, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}, 0x4}, 0x1c)
read$FUSE(r3, &(0x7f0000003e80)={0x2020}, 0x2020)
ioctl$LOOP_SET_FD(r3, 0x4c00, r1)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0xf8}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@ipv6_newroute={0x28, 0x18, 0x309, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, [@RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @SEG6_LOCAL_ACTION={0x8, 0x1, 0xa}}]}, 0x28}}, 0x1000c840)
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000093000040"])
ioctl$KVM_RUN(r9, 0xae80, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10)
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f00000000c0)={0x1, 0x0, [{0x9, 0x1, 0x0, 0x0, @sint={0x9, 0x9}}]})

2.077302382s ago: executing program 3 (id=104):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x284300, 0x0)
openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
ioprio_set$uid(0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)

1.990554231s ago: executing program 6 (id=105):
r0 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r0, 0x84, 0x84, 0x0, 0x0)

1.298238649s ago: executing program 6 (id=106):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, 0x0, 0x24044884)

1.297619776s ago: executing program 3 (id=107):
socket$nl_route(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
r0 = shmget$private(0x0, 0x3000, 0x54000000, &(0x7f0000ff8000/0x3000)=nil)
shmat(r0, &(0x7f0000ffd000/0x2000)=nil, 0x4000)
mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x2, 0x1)
mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0xfffffffffffffffd, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITE={0x17, 0x4, 0x6000, @fd=r5, 0x1, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000f00)={0x35, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x200000a, 0x5d031, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_ZEROPAGE(r6, 0xc020aa04, &(0x7f0000000100)={{&(0x7f0000fff000/0x1000)=nil, 0x1000}, 0x1})
socket(0x1e, 0x4, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)

1.022566151s ago: executing program 5 (id=108):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x2a)
bind$isdn(r0, &(0x7f00000002c0)={0x22, 0x3, 0x3, 0x2, 0x3}, 0x6)
r1 = fsopen(&(0x7f0000000140)='efivarfs\x00', 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x7, 0x4, 0x300, 0x5, 0x0, 0xffffffffffffffff, 0xb, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d", 0x12}], 0x1}, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000000002000040"])
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000004c0)={r2, &(0x7f0000000280), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000007152bb000000000095", @ANYRES8=0x0], &(0x7f0000000100)='syzkaller\x00', 0x2000, 0x0, 0x0, 0x40f00, 0x2a, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)

1.021873816s ago: executing program 6 (id=109):
r0 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYRESDEC=0x0, @ANYRES16=r0], 0x204}, 0x1, 0x0, 0x0, 0x10}, 0x4044850)
r1 = socket$inet6(0xa, 0x40000080806, 0x7)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x80, 0x0, @mcast1, 0x8}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x5)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00007985000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
r6 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = dup(r6)
syz_kvm_setup_cpu$x86(r7, r7, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x26, 0x0, 0x0)
r8 = socket(0x2b, 0x80801, 0x1)
setsockopt$inet6_group_source_req(r8, 0x29, 0x2c, 0x0, 0x0)
connect$inet6(r8, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x22}}, 0x1c)
r9 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = dup(r10)
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f03fe7f03", 0x5, 0x0, 0x0, 0x0)
getsockname$packet(r11, &(0x7f00000000c0)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001540)=0x14)
sendmsg$nl_route_sched(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=@newtaction={0x68, 0x30, 0x41, 0x0, 0x20000, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1001, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x1, 0x0, 0x2}, 0x1, r12}}]}, {0x23}, {0xc}, {0xc}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
close(r1)

1.019660976s ago: executing program 0 (id=110):
pipe2(&(0x7f00000005c0), 0x84800)
r0 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r0, 0xc1004110, &(0x7f0000000000)={0x3, [0x6, 0xffff1337, 0x3], [{0x0, 0xa, 0x0, 0x1}, {0x35, 0x6, 0x0, 0x0, 0x0, 0x1}, {0x9, 0x131}, {0x102, 0x3}, {}, {0x0, 0x8}, {0x0, 0xfffffffd}, {0x0, 0x2}, {0xf}, {0x1}, {0x0, 0x2}, {0x2, 0xfffffffd}], 0xc})
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x5)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x2, 0x80001, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x1, 0x8010000000000084)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
socket$kcm(0x10, 0x2, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/unix\x00')
syz_80211_inject_frame(0x0, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000140), 0x401, 0x2)
socket$inet(0xa, 0x801, 0x84)
socket$inet6(0xa, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x280, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r2, @ANYRES64=r1, @ANYBLOB="ed"], 0x20)

456.757459ms ago: executing program 5 (id=111):
r0 = io_uring_setup(0x4822, &(0x7f0000000180)={0x0, 0x0, 0x40})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r4, 0x40045402, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f0000000280)={{0x1}})
readv(r4, &(0x7f0000000080)=[{&(0x7f0000000140)=""/144, 0x90}], 0x1)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, &(0x7f00000000c0)={0x0, 0x9, 0x0, 0x0, 0xf})
read(r4, &(0x7f00000002c0)=""/200, 0x39)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r4, 0x54a2)
r5 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv(r5, &(0x7f0000000440)=[{&(0x7f0000000640)=""/44, 0x2c}, {0xfffffffffffffffe}, {&(0x7f0000000340)=""/14, 0xe}, {0xfffffffffffffffd}, {&(0x7f0000000380)=""/152, 0x98}, {&(0x7f0000000700)=""/189, 0xbd}], 0x6, 0x2, 0x6)
write$sndseq(r5, &(0x7f0000000440)=[{0x1, 0x5, 0x0, 0x0, @tick, {0xf8}, {0xa, 0x9}, @raw8={"d8caae35ba2b17d0df9654e6"}}, {0x29, 0x7f, 0x1, 0x7, @tick=0x3, {0x5, 0x81}, {0x5, 0x1}, @quote={{0x5, 0x4}, 0x8, &(0x7f0000000200)={0xd, 0xd, 0x1, 0x81, @tick, {0x8, 0x80}, {0x5, 0x1}, @ext={0x6c, &(0x7f00000003c0)="184f5142c442c4795f66daa83cd9c51b69649a9c79fe0c0aac5b9b6462c2d2b7dbdee340580e0cbbdb62b5ba4d15a241d1e090c129448ff014d88390855b9b79e899be48a1018db03ed3cd8fa49c538f80472016224378ebbf3b3bfb0b38e84c9689340096cf4f0c04f2e34b"}}}}], 0x38)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newlink={0x44, 0x10, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x3000}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_PRIORITY={0x6, 0x2, 0x2ba}]}}}]}, 0x44}}, 0x0)
fsopen(&(0x7f0000000000)='hfs\x00', 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

277.635507ms ago: executing program 4 (id=112):
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000000)=<r0=>0x0, &(0x7f0000000040)=0x4)
bind$xdp(0xffffffffffffffff, &(0x7f0000000080)={0x2c, 0x2, r0}, 0x10)
r1 = accept4$phonet_pipe(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(r1, 0x891c, &(0x7f0000000140)={'veth1_to_bridge\x00', {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}})
shutdown(r1, 0x0)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180), 0x264840, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r2, 0x4610, &(0x7f00000001c0)={0x31, 0x2})
ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000200))
r3 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000240), 0x10a00, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_STATION(r3, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x28, r4, 0x300, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xe0, 0x4}}}}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000003c0)={<r6=>0xffffffffffffffff}, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000440)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x6, @remote, 0xffffffff}, {0xa, 0x4e23, 0x5c, @local, 0x8}, r6, 0x1}}, 0x48)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f00000004c0)=0x8, 0x4)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000005c0)={'virt_wifi0\x00', &(0x7f0000000500)=@ethtool_flash={0x33, 0x8, './file0\x00'}})
clock_gettime(0x5, &(0x7f0000000600))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000640)='./cgroup.cpu/syz1\x00', 0x1ff)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000680)={0x101ff, 0x1, 0xffff1000, 0x1000, &(0x7f0000ffe000/0x1000)=nil})
read$msr(r3, &(0x7f00000006c0)=""/150, 0x96)
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000780)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x1000, 0x2})
read$usbmon(r3, &(0x7f00000007c0)=""/54, 0x36)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_BT_POWER(r7, 0x112, 0x9, &(0x7f0000000800)=0xe, &(0x7f0000000840)=0x1)
read$FUSE(r3, &(0x7f0000000880)={0x2020}, 0x2020)
write$cgroup_devices(r3, &(0x7f00000028c0)={'a', ' *:* ', 'rw\x00'}, 0x9)
mknodat(r3, &(0x7f0000002900)='./file0\x00', 0x1, 0x1)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r3, &(0x7f0000002940)={0x4, 0x8, 0xfa00, {r6, 0x39}}, 0x10)
ioctl$PPPIOCCONNECT(r3, 0x4004743a, &(0x7f0000002980)=0x1)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(0xffffffffffffffff, &(0x7f0000002a00)={0x15, 0x110, 0xfa00, {r6, 0x58ce88bb, 0x0, 0x0, 0x0, @in6={0xa, 0xdca, 0x9e, @private2, 0x7}, @in6={0xa, 0x4e23, 0x0, @local, 0x80000001}}}, 0x118)

73.87009ms ago: executing program 4 (id=113):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_LOOPBACK(r0, 0x65, 0x3, 0x0, &(0x7f0000000300))
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}]}, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
landlock_create_ruleset(&(0x7f0000000940)={0x2014, 0x3, 0x2}, 0x15, 0x0)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0)
ioprio_set$pid(0x2, 0x0, 0x6003)
sendfile(r3, r3, 0x0, 0x8)
mkdirat(r3, 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r4, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x6, 0x7fffffff})
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000380)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000440)='./cgroup\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000200)='./file1\x00', 0x110)
mount$overlay(0x0, &(0x7f00000001c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
socket$unix(0x1, 0x1, 0x0)
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x80)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000180)='ufs\x00', 0x8000, 0x0) (fail_nth: 1)

54.137199ms ago: executing program 5 (id=114):
r0 = socket$inet(0x2, 0x2, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)={0x1c, r3, 0x303, 0x70bd28, 0x0, {0xa}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x0) (async, rerun: 64)
r4 = socket(0x10, 0x80003, 0x0) (rerun: 64)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000000000000000000100000e00"}}}]}, 0x48}}, 0x0) (async, rerun: 64)
sendmsg$BATADV_CMD_SET_HARDIF(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x3c, r3, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r6}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x81}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x10000) (rerun: 64)
r7 = memfd_create(&(0x7f0000000280)='\x00\x00\x00\x00\x00\x00z\x9b\xb6\xe8t;\xfc\x02\x00\x00\x009\xa0\x8b\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x89\xe5\x8f\xe2\xb6\xd6\x9cF\xbd\xff\x14\x05\x00\x00\x00\x00\x00\x00\x00\xf3\xdc\x91\'\x06\\8\r\xfc\xeeG\xbe\x90C\x1c)5\x98\xa3\xfa\a\xf9\x98\xbb}\xeb\x86P=\xe51\x9d,\xb7\xe6_M\xbe\x19\xea#\xff[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabW\xac\rP\xf42\xb7\xc8\xaajn\xd7\n\r\x802\xd7\x1b$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xda\x8a#t>r\xae\xe8\xc9)', 0x0)
execveat(r7, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) (async)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000000), 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x16}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000240)=[@ip_tos_u8={{0x11, 0x0, 0x7}}, @ip_pktinfo={{0x19, 0x0, 0x8, {0x0, @rand_addr, @multicast2}}}], 0x38}, 0x0) (async)
write$binfmt_register(0xffffffffffffffff, &(0x7f0000000480)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x1, 0x3a, ']', 0x3a, '\x00\x00\x00\x00\x00\x00z\x9b\xb6\xe8t;\xfc\x02\x00\x00\x009\xa0\x8b\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x89\xe5\x8f\xe2\xb6\xd6\x9cF\xbd\xff\x14\x05\x00\x00\x00\x00\x00\x00\x00\xf3\xdc\x91\'\x06\\8\r\xfc\xeeG\xbe\x90C\x1c)5\x98\xa3\xfa\a\xf9\x98\xbb}\xeb\x86P=\xe51\x9d,\xb7\xe6_M\xbe\x19\xea#\xff[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabW\xac\rP\xf42\xb7\xc8\xaajn\xd7\n\r\x802\xd7\x1b$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xda\x8a#t>r\xae\xe8\xc9)', 0x3a, './file0', 0x3a, [0x4f, 0x4f, 0x50, 0x4f]}, 0xe7)

0s ago: executing program 0 (id=115):
r0 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xaed\x1a\xa9\xfd\xfa\xad\xd1Ud\xc8\x85HX\xa9%\f\x1aO\xe0\b\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\x00\x00z\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xff^\xff\xf0\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYRES16=r1], 0x100}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000300), 0x180, 0x0)
unlinkat(r2, &(0x7f0000000340)='./file0\x00', 0x0)
mknodat(r2, &(0x7f0000000740)='./file0\x00', 0x80, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
fchown(r3, 0x0, 0x0)
r4 = syz_io_uring_setup(0x553, &(0x7f0000000480)={0x0, 0x1b5d, 0x2, 0x3fffe, 0xd1}, &(0x7f0000000280)=<r5=>0x0, &(0x7f0000000040))
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f00000008c0)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r6, 0x3ba0, &(0x7f0000000140)={0x48, 0x1, r7, 0x0, 0x5, 0xffffffffffffffff})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, &(0x7f0000000340)={0x48, 0x1, r7})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r4, 0x8aa, 0x1302, 0x83, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f0000000780)=0x80000001)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x3c1, 0x3, 0x328, 0x0, 0x168, 0x9, 0x150, 0xb, 0x258, 0x250, 0x250, 0x258, 0x250, 0x3, 0x0, {[{{@uncond, 0x6000000, 0x108, 0x150, 0x0, {0x0, 0x28e}, [@common=@inet=@esp={{0x30}, {[0x4d4, 0x4d5], 0x1}}, @common=@inet=@ipcomp={{0x30}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@private=0xa010102, 'syzkaller0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x108, 0x0, {}, [@common=@mh={{0x28}, {'Mv'}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x4, 0x6, 0x5}, {0x2, 0x1, 0x9}, {0x3, 0x2, 0x1}, 0x0, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x388)
pipe2$9p(&(0x7f0000000800), 0x880)
syz_io_uring_setup(0x7062, &(0x7f0000000180)={0x0, 0x7545, 0x8, 0xfffffffe, 0x2010c}, &(0x7f0000000200), &(0x7f0000000240)=<r8=>0x0)
syz_io_uring_submit(r5, r8, &(0x7f00000002c0)=@IORING_OP_FADVISE={0x18, 0x40, 0x0, @fd_index=0xa, 0x2, 0x0, 0x9, 0x2})
syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo\x00')
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r9 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r9, 0xc018aa3f, &(0x7f00000003c0)={0xaa, 0x8})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$UFFDIO_COPY(r9, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.141' (ED25519) to the list of known hosts.
[   85.790746][ T5815] cgroup: Unknown subsys name 'net'
[   85.925150][ T5815] cgroup: Unknown subsys name 'cpuset'
[   85.934850][ T5815] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   87.694111][ T5815] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   90.368283][ T5828] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   90.376899][ T5828] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   90.392189][ T5828] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   90.421937][   T55] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   90.431095][   T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   90.445473][   T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   90.453436][   T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   90.463670][   T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   90.475083][ T5139] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   90.486723][ T5139] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   90.524072][ T5139] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   90.578595][ T5834] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   90.587077][ T5834] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   90.595201][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   90.606143][ T5139] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   90.606285][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   90.615388][ T5139] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   90.628724][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   90.630073][ T5139] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   90.644507][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   90.663720][ T5139] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   90.682592][ T5139] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   90.690714][ T5139] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   90.699396][ T5139] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   90.707166][ T5139] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   91.315861][ T5826] chnl_net:caif_netlink_parms(): no params data found
[   91.437749][ T5835] chnl_net:caif_netlink_parms(): no params data found
[   91.521495][ T5830] chnl_net:caif_netlink_parms(): no params data found
[   91.550224][ T5836] chnl_net:caif_netlink_parms(): no params data found
[   91.616268][ T5841] chnl_net:caif_netlink_parms(): no params data found
[   91.726288][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.734436][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.742879][ T5826] bridge_slave_0: entered allmulticast mode
[   91.751687][ T5826] bridge_slave_0: entered promiscuous mode
[   91.793491][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.800828][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.808117][ T5826] bridge_slave_1: entered allmulticast mode
[   91.816571][ T5826] bridge_slave_1: entered promiscuous mode
[   91.935770][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.949244][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.967126][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.974989][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.982679][ T5835] bridge_slave_0: entered allmulticast mode
[   91.989962][ T5835] bridge_slave_0: entered promiscuous mode
[   91.998155][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.006229][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.013644][ T5835] bridge_slave_1: entered allmulticast mode
[   92.021391][ T5835] bridge_slave_1: entered promiscuous mode
[   92.096174][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.104366][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.112152][ T5830] bridge_slave_0: entered allmulticast mode
[   92.120115][ T5830] bridge_slave_0: entered promiscuous mode
[   92.201009][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.209833][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.217801][ T5830] bridge_slave_1: entered allmulticast mode
[   92.226226][ T5830] bridge_slave_1: entered promiscuous mode
[   92.237852][ T5826] team0: Port device team_slave_0 added
[   92.247610][ T5826] team0: Port device team_slave_1 added
[   92.254411][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.261997][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.269321][ T5836] bridge_slave_0: entered allmulticast mode
[   92.277127][ T5836] bridge_slave_0: entered promiscuous mode
[   92.286784][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.294253][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.301760][ T5836] bridge_slave_1: entered allmulticast mode
[   92.309162][ T5836] bridge_slave_1: entered promiscuous mode
[   92.319287][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.329218][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.336675][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.344768][ T5841] bridge_slave_0: entered allmulticast mode
[   92.352881][ T5841] bridge_slave_0: entered promiscuous mode
[   92.437767][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.463381][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.473240][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.480535][ T5841] bridge_slave_1: entered allmulticast mode
[   92.487948][ T5841] bridge_slave_1: entered promiscuous mode
[   92.514130][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.532438][ T5139] Bluetooth: hci1: command tx timeout
[   92.538503][ T5834] Bluetooth: hci0: command tx timeout
[   92.553271][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.560269][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.586433][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.604694][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.617362][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.658696][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.668680][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.675889][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.691230][ T5834] Bluetooth: hci2: command tx timeout
[   92.702949][ T5139] Bluetooth: hci3: command tx timeout
[   92.711790][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.767555][ T5835] team0: Port device team_slave_0 added
[   92.773596][ T5139] Bluetooth: hci4: command tx timeout
[   92.777360][ T5835] team0: Port device team_slave_1 added
[   92.788194][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.831238][ T5836] team0: Port device team_slave_0 added
[   92.854148][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.897647][ T5830] team0: Port device team_slave_0 added
[   92.906364][ T5836] team0: Port device team_slave_1 added
[   92.958471][ T5841] team0: Port device team_slave_0 added
[   92.967151][ T5841] team0: Port device team_slave_1 added
[   92.975927][ T5830] team0: Port device team_slave_1 added
[   93.010241][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.017693][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.044647][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.116517][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.124809][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.151664][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.164303][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.174756][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.201520][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.219024][ T5826] hsr_slave_0: entered promiscuous mode
[   93.228668][ T5826] hsr_slave_1: entered promiscuous mode
[   93.236977][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.244381][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.271299][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.284650][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.291896][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.319840][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.333540][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.340963][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.367506][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.379568][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.386815][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.413590][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.446261][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.454188][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.480567][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.636409][ T5836] hsr_slave_0: entered promiscuous mode
[   93.643175][ T5836] hsr_slave_1: entered promiscuous mode
[   93.649384][ T5836] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   93.657532][ T5836] Cannot create hsr debugfs directory
[   93.684722][ T5835] hsr_slave_0: entered promiscuous mode
[   93.694118][ T5835] hsr_slave_1: entered promiscuous mode
[   93.700310][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   93.708237][ T5835] Cannot create hsr debugfs directory
[   93.734756][ T5841] hsr_slave_0: entered promiscuous mode
[   93.741418][ T5841] hsr_slave_1: entered promiscuous mode
[   93.747817][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   93.755578][ T5841] Cannot create hsr debugfs directory
[   93.805040][ T5830] hsr_slave_0: entered promiscuous mode
[   93.811732][ T5830] hsr_slave_1: entered promiscuous mode
[   93.818010][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   93.825921][ T5830] Cannot create hsr debugfs directory
[   94.444032][ T5836] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   94.464472][ T5836] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   94.477342][ T5836] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   94.498319][ T5836] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   94.555984][ T5826] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   94.581164][ T5826] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   94.608865][ T5826] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   94.615853][ T5139] Bluetooth: hci0: command tx timeout
[   94.615915][ T5139] Bluetooth: hci1: command tx timeout
[   94.651483][ T5826] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   94.735605][ T5841] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   94.749733][ T5841] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   94.772075][ T5834] Bluetooth: hci3: command tx timeout
[   94.777534][ T5834] Bluetooth: hci2: command tx timeout
[   94.790198][ T5841] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   94.803871][ T5841] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   94.853127][ T5834] Bluetooth: hci4: command tx timeout
[   94.908703][ T5835] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   94.925157][ T5835] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   94.937240][ T5835] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   94.947745][ T5835] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   95.077750][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.092597][ T5830] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   95.104825][ T5830] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   95.128473][ T5830] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   95.143015][ T5830] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   95.198429][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.216271][ T5836] 8021q: adding VLAN 0 to HW filter on device team0
[   95.253784][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.261414][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.279851][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.287097][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.357354][ T5826] 8021q: adding VLAN 0 to HW filter on device team0
[   95.388177][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.424698][ T1159] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.432014][ T1159] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.459992][ T5835] 8021q: adding VLAN 0 to HW filter on device team0
[   95.478837][ T1159] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.486284][ T1159] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.517279][ T1159] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.524535][ T1159] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.562821][  T130] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.570079][  T130] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.672200][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.780374][ T5841] 8021q: adding VLAN 0 to HW filter on device team0
[   95.795576][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.839512][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.846717][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.904490][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.911804][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.949751][ T5830] 8021q: adding VLAN 0 to HW filter on device team0
[   96.003998][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.011263][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.048332][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.055847][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.135860][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.295309][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.387900][ T5836] veth0_vlan: entered promiscuous mode
[   96.446490][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.524655][ T5836] veth1_vlan: entered promiscuous mode
[   96.684571][ T5826] veth0_vlan: entered promiscuous mode
[   96.694044][ T5834] Bluetooth: hci1: command tx timeout
[   96.699782][ T5834] Bluetooth: hci0: command tx timeout
[   96.759506][ T5836] veth0_macvtap: entered promiscuous mode
[   96.780621][ T5836] veth1_macvtap: entered promiscuous mode
[   96.808815][ T5826] veth1_vlan: entered promiscuous mode
[   96.832417][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.850726][ T5139] Bluetooth: hci3: command tx timeout
[   96.856265][ T5834] Bluetooth: hci2: command tx timeout
[   96.874079][ T5826] veth0_macvtap: entered promiscuous mode
[   96.886520][ T5826] veth1_macvtap: entered promiscuous mode
[   96.899221][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.931143][ T5834] Bluetooth: hci4: command tx timeout
[   96.954022][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.966426][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.992120][ T5836] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.004080][ T5836] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.015239][ T5836] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.024400][ T5836] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.066653][ T5835] veth0_vlan: entered promiscuous mode
[   97.082519][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   97.093495][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.106788][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.134547][ T5835] veth1_vlan: entered promiscuous mode
[   97.177016][   T24] cfg80211: failed to load regulatory.db
[   97.184779][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   97.197701][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.209902][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.258003][ T5826] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.267830][ T5826] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.278427][ T5826] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.287406][ T5826] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.323900][ T5841] veth0_vlan: entered promiscuous mode
[   97.367503][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.375640][ T5830] veth0_vlan: entered promiscuous mode
[   97.387037][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.436435][ T5835] veth0_macvtap: entered promiscuous mode
[   97.449682][ T5830] veth1_vlan: entered promiscuous mode
[   97.467057][ T5841] veth1_vlan: entered promiscuous mode
[   97.476242][ T5835] veth1_macvtap: entered promiscuous mode
[   97.507829][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   97.523346][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.534509][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   97.545333][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.557513][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.572485][ T5893] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.580362][ T5893] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.632788][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   97.647701][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.660927][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   97.672287][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.684681][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.755663][ T5835] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.761029][ T5836] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   97.773515][ T5835] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.789535][ T5835] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.799127][ T5835] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.819790][ T5841] veth0_macvtap: entered promiscuous mode
[   97.843566][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.855329][ T5830] veth0_macvtap: entered promiscuous mode
[   97.881243][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.895524][ T5830] veth1_macvtap: entered promiscuous mode
[   97.908412][ T5841] veth1_macvtap: entered promiscuous mode
[   97.978352][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   97.989153][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.759998][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   98.776001][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.786220][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   98.796971][ T5834] Bluetooth: hci0: command tx timeout
[   98.802591][ T5834] Bluetooth: hci1: command tx timeout
[   98.808793][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.822016][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.922863][ T5893] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.931063][ T5139] Bluetooth: hci2: command tx timeout
[   98.933214][ T5834] Bluetooth: hci3: command tx timeout
[   98.945447][ T5893] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.961662][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   98.978431][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.988856][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   98.999918][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.010016][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.011542][ T5834] Bluetooth: hci4: command tx timeout
[   99.026587][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.038661][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.047852][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.059065][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.069173][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.079844][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.090191][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.101725][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.112230][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.123726][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.135521][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.173608][ T5830] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.185830][ T5830] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.195438][ T5830] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.204850][ T5830] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.273918][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.288255][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.300146][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.311432][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.321752][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.333167][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.343072][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   99.354024][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.365994][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.393697][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.408926][ T5841] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.428961][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.450602][ T5841] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.471376][ T5841] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.480124][ T5841] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.741035][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.741073][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.019265][ T1159] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.439044][ T1159] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.579356][ T5924] process 'syz.0.9' launched '/dev/fd/3' with NULL argv: empty string added
[  100.600232][ T1159] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.678185][ T5921] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.440287][ T5921] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.507519][ T1159] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.637340][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.684062][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.821527][ T5939] capability: warning: `syz.4.12' uses deprecated v2 capabilities in a way that may be insecure
[  101.892550][ T5935] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.127036][ T5935] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.252435][ T5139] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  102.262428][ T5139] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  102.271647][ T5139] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  102.283307][ T5139] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  102.293929][ T5139] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  102.430266][ T1159] bridge_slave_1: left allmulticast mode
[  102.475998][ T1159] bridge_slave_1: left promiscuous mode
[  102.519203][ T1159] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.587859][ T1159] bridge_slave_0: left allmulticast mode
[  102.603884][ T1159] bridge_slave_0: left promiscuous mode
[  102.617350][ T1159] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.199787][ T5950] Zero length message leads to an empty skb
[  103.537118][   T30] audit: type=1326 audit(1744621795.222:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5960 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc482b8d169 code=0x7ffc0000
[  103.569929][   T30] audit: type=1326 audit(1744621795.222:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5960 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc482b8d169 code=0x7ffc0000
[  103.592791][   T30] audit: type=1326 audit(1744621795.222:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5960 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fc482b8d169 code=0x7ffc0000
[  103.614859][   T30] audit: type=1326 audit(1744621795.222:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5960 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc482b8d169 code=0x7ffc0000
[  103.743192][ T1159] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  103.765346][   T30] audit: type=1326 audit(1744621795.222:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5960 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc482b8d169 code=0x7ffc0000
[  103.813376][ T1159] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  103.920104][ T1159] bond0 (unregistering): Released all slaves
[  104.370723][ T5834] Bluetooth: hci3: command tx timeout
[  104.407744][   T30] audit: type=1326 audit(1744621795.222:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5960 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fc482b8d169 code=0x7ffc0000
[  104.429084][   T30] audit: type=1326 audit(1744621795.222:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5960 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc482b8d169 code=0x7ffc0000
[  104.466236][ T5878] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  104.501533][   T30] audit: type=1326 audit(1744621795.222:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5960 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc482b8d169 code=0x7ffc0000
[  104.554351][   T30] audit: type=1326 audit(1744621795.222:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5960 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc482b8d169 code=0x7ffc0000
[  104.570761][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.578271][   T30] audit: type=1326 audit(1744621795.222:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5960 comm="syz.0.15" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc482b8d169 code=0x7ffc0000
[  104.617508][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.690569][ T5878] usb 5-1: Using ep0 maxpacket: 8
[  104.735293][ T5878] usb 5-1: config 0 has no interfaces?
[  105.071759][ T5878] usb 5-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=a9.dc
[  105.093724][ T5878] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.114024][ T5878] usb 5-1: Product: syz
[  105.119114][ T5878] usb 5-1: Manufacturer: syz
[  105.140661][ T5878] usb 5-1: SerialNumber: syz
[  105.200947][ T5878] r8152-cfgselector 5-1: Unknown version 0x0000
[  105.207493][ T5878] r8152-cfgselector 5-1: config 0 descriptor??
[  105.961138][ T5957] netlink: 52 bytes leftover after parsing attributes in process `syz.4.14'.
[  106.058252][ T5957] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  106.204610][ T6001] trusted_key: syz.3.4 sent an empty control message without MSG_MORE.
[  106.450837][ T5834] Bluetooth: hci3: command tx timeout
[  107.080066][ T1207] r8152-cfgselector 5-1: USB disconnect, device number 2
[  107.310889][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  107.322888][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  107.628278][ T6016] FAULT_INJECTION: forcing a failure.
[  107.628278][ T6016] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  107.770846][ T6016] CPU: 0 UID: 0 PID: 6016 Comm: syz.3.24 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(full) 
[  107.770876][ T6016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  107.770892][ T6016] Call Trace:
[  107.770900][ T6016]  <TASK>
[  107.770909][ T6016]  dump_stack_lvl+0x241/0x360
[  107.770957][ T6016]  ? __pfx_dump_stack_lvl+0x10/0x10
[  107.771005][ T6016]  should_fail_ex+0x424/0x570
[  107.771031][ T6016]  _copy_from_user+0x2d/0xb0
[  107.771071][ T6016]  copy_msghdr_from_user+0xb3/0x580
[  107.771106][ T6016]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  107.771132][ T6016]  ? __fget_files+0x2a/0x420
[  107.771160][ T6016]  ? __fget_files+0x2a/0x420
[  107.771191][ T6016]  __sys_sendmsg+0x20a/0x360
[  107.771219][ T6016]  ? __pfx___sys_sendmsg+0x10/0x10
[  107.771238][ T6016]  ? trace_sched_exit_tp+0x3c/0x120
[  107.771300][ T6016]  ? __pfx___schedule+0x10/0x10
[  107.771343][ T6016]  ? do_syscall_64+0xb6/0x230
[  107.771373][ T6016]  do_syscall_64+0xf3/0x230
[  107.771399][ T6016]  ? clear_bhb_loop+0x45/0xa0
[  107.771423][ T6016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.771448][ T6016] RIP: 0033:0x7f8d3218d169
[  107.771470][ T6016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.771485][ T6016] RSP: 002b:00007f8d32f9f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  107.771507][ T6016] RAX: ffffffffffffffda RBX: 00007f8d323a6080 RCX: 00007f8d3218d169
[  107.771522][ T6016] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000006
[  107.771534][ T6016] RBP: 00007f8d32f9f090 R08: 0000000000000000 R09: 0000000000000000
[  107.771547][ T6016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.771558][ T6016] R13: 0000000000000000 R14: 00007f8d323a6080 R15: 00007ffcc3068498
[  107.771588][ T6016]  </TASK>
[  108.032165][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  108.201275][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  108.615630][ T5834] Bluetooth: hci3: command tx timeout
[  108.870615][ T1159] hsr_slave_0: left promiscuous mode
[  108.910863][ T1159] hsr_slave_1: left promiscuous mode
[  108.935339][ T1159] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  109.011809][ T1159] batman_adv: batadv0: Removing interface: batadv_slave_0
[  109.051619][ T1159] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  109.088699][ T1159] batman_adv: batadv0: Removing interface: batadv_slave_1
[  109.139339][ T1159] veth1_macvtap: left promiscuous mode
[  109.149760][ T1159] veth0_macvtap: left promiscuous mode
[  109.181621][ T1159] veth1_vlan: left promiscuous mode
[  109.188573][ T1159] veth0_vlan: left promiscuous mode
[  109.466458][ T6033] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  110.465775][ T5139] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  110.487601][ T5139] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  110.499646][ T5139] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  110.532396][ T5139] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  110.540876][ T5139] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  110.690975][ T5834] Bluetooth: hci3: command tx timeout
[  110.740681][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  110.810984][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  110.821002][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  111.104159][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  111.718562][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  111.923401][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  112.067745][ T1159] team0 (unregistering): Port device team_slave_1 removed
[  112.107860][ T1159] team0 (unregistering): Port device team_slave_0 removed
[  112.611726][ T5834] Bluetooth: hci1: command tx timeout
[  112.678329][ T6058] vlan0: entered promiscuous mode
[  112.958604][ T6064] netlink: 8 bytes leftover after parsing attributes in process `syz.3.38'.
[  113.090612][ T5943] chnl_net:caif_netlink_parms(): no params data found
[  113.373482][ T6081] syz.0.41 uses obsolete (PF_INET,SOCK_PACKET)
[  113.630563][ T5878] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  113.710923][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.724685][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.735086][ T5943] bridge_slave_0: entered allmulticast mode
[  113.749376][ T5943] bridge_slave_0: entered promiscuous mode
[  113.801052][ T5878] usb 1-1: device descriptor read/64, error -71
[  113.807462][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.831765][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.839067][ T5943] bridge_slave_1: entered allmulticast mode
[  113.872553][ T5943] bridge_slave_1: entered promiscuous mode
[  114.041233][ T5878] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  114.136782][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  114.596688][ T5878] usb 1-1: device descriptor read/64, error -71
[  114.612330][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  114.690553][ T5834] Bluetooth: hci1: command tx timeout
[  114.741811][ T5878] usb usb1-port1: attempt power cycle
[  115.006986][ T5943] team0: Port device team_slave_0 added
[  115.067839][ T6042] chnl_net:caif_netlink_parms(): no params data found
[  115.128403][ T5943] team0: Port device team_slave_1 added
[  115.134952][ T5878] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  115.162259][ T5878] usb 1-1: device descriptor read/8, error -71
[  115.880615][   T24] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  115.890960][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0
[  115.898276][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  115.927443][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  115.943301][ T5878] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  115.983306][ T5878] usb 1-1: device descriptor read/8, error -71
[  116.005755][ T6115] syzkaller0: tun_chr_ioctl cmd 1074025677
[  116.011893][ T6115] syzkaller0: linktype set to 270
[  116.027389][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1
[  116.034561][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  116.067954][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  116.080712][   T24] usb 4-1: Using ep0 maxpacket: 16
[  116.091586][   T24] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  116.101083][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.109427][   T24] usb 4-1: Product: syz
[  116.111351][ T5878] usb usb1-port1: unable to enumerate USB device
[  116.119597][   T24] usb 4-1: Manufacturer: syz
[  116.127289][   T24] usb 4-1: SerialNumber: syz
[  116.160038][   T24] r8152-cfgselector 4-1: Unknown version 0x0000
[  116.166640][   T24] r8152-cfgselector 4-1: config 0 descriptor??
[  116.179250][   T24] hub 4-1:0.0: bad descriptor, ignoring hub
[  116.185645][   T24] hub 4-1:0.0: probe with driver hub failed with error -5
[  116.448252][ T6126] Bluetooth: MGMT ver 1.23
[  116.468114][ T6042] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.492159][ T6042] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.528918][ T6042] bridge_slave_0: entered allmulticast mode
[  116.558580][ T6042] bridge_slave_0: entered promiscuous mode
[  116.582566][ T6042] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.596654][ T6042] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.604310][ T6042] bridge_slave_1: entered allmulticast mode
[  116.613512][ T6042] bridge_slave_1: entered promiscuous mode
[  116.678749][ T5943] hsr_slave_0: entered promiscuous mode
[  116.712711][ T5943] hsr_slave_1: entered promiscuous mode
[  116.755834][ T5943] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  116.770966][ T5834] Bluetooth: hci1: command tx timeout
[  116.785093][ T5943] Cannot create hsr debugfs directory
[  117.088493][ T6042] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  117.812745][ T6042] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  117.970930][   T24] r8152-cfgselector 4-1: Unknown version 0x0000
[  117.977435][   T24] r8152-cfgselector 4-1: bad CDC descriptors
[  118.032944][   T24] r8152-cfgselector 4-1: USB disconnect, device number 2
[  118.534873][ T6042] team0: Port device team_slave_0 added
[  118.600201][ T6042] team0: Port device team_slave_1 added
[  119.617473][ T5834] Bluetooth: hci1: command tx timeout
[  120.042094][ T6166] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  120.464882][ T6171] Malformed UNC in devname
[  120.464882][ T6171] 
[  120.472007][ T6171] CIFS: VFS: Malformed UNC in devname
[  120.567673][ T1207] IPVS: starting estimator thread 0...
[  120.749867][ T6172] IPVS: using max 25 ests per chain, 60000 per kthread
[  121.075116][ T6042] batman_adv: batadv0: Adding interface: batadv_slave_0
[  121.109016][ T6042] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.144956][ T6042] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.257721][ T6042] batman_adv: batadv0: Adding interface: batadv_slave_1
[  121.290495][ T6042] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.418804][ T6042] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  122.301319][ T6042] hsr_slave_0: entered promiscuous mode
[  122.385461][ T6042] hsr_slave_1: entered promiscuous mode
[  122.473161][ T6042] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  122.773606][ T6042] Cannot create hsr debugfs directory
[  123.744793][ T6208] overlayfs: overlapping lowerdir path
[  125.043306][ T6220] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  125.578352][ T5943] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  125.920718][ T5876] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  126.288900][ T5943] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  126.391156][ T5876] usb 1-1: config 0 has an invalid interface number: 131 but max is 0
[  126.408756][ T5876] usb 1-1: config 0 has no interface number 0
[  126.409906][ T5943] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  126.421508][ T5876] usb 1-1: config 0 interface 131 has no altsetting 0
[  126.464778][ T5876] usb 1-1: New USB device found, idVendor=0421, idProduct=0302, bcdDevice=6c.e1
[  126.480447][ T5876] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.524465][ T5876] usb 1-1: Product: syz
[  126.528709][ T5876] usb 1-1: Manufacturer: syz
[  126.560236][ T6237] mmap: syz.3.69 (6237) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  126.613977][ T5876] usb 1-1: SerialNumber: syz
[  126.642407][ T5876] usb 1-1: config 0 descriptor??
[  126.667173][ T5943] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  126.687672][ T6233] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[  126.701448][ T6233] netdevsim netdevsim3: Falling back to sysfs fallback for: ./file0
[  126.889728][ T6226] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.923450][ T6226] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  126.948529][ T6226] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.978932][ T6243] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.987808][ T5879] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  127.011875][ T6226] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  127.051407][ T6243] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  127.201504][ T5879] usb 4-1: Using ep0 maxpacket: 8
[  127.222995][ T5879] usb 4-1: config 0 has an invalid descriptor of length 34, skipping remainder of the config
[  127.280724][ T5879] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  127.293412][ T5876] usb 1-1: bad CDC descriptors
[  127.330593][ T5879] usb 4-1: New USB device found, idVendor=045c, idProduct=c20e, bcdDevice= 0.00
[  127.350216][ T5876] usb 1-1: USB disconnect, device number 6
[  127.374492][ T5879] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.406743][ T6042] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  127.411345][ T5879] usb 4-1: config 0 descriptor??
[  127.497881][ T6042] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  127.697595][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0
[  127.770037][ T6042] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  127.886581][ T6256] netlink: 165 bytes leftover after parsing attributes in process `syz.0.72'.
[  128.488215][ T6259] netlink: 4 bytes leftover after parsing attributes in process `syz.3.69'.
[  128.602543][ T6042] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  128.688079][ T5943] 8021q: adding VLAN 0 to HW filter on device team0
[  129.291213][  T130] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.299028][  T130] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.753591][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.760795][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  130.110813][   T30] kauditd_printk_skb: 28 callbacks suppressed
[  130.110835][   T30] audit: type=1800 audit(1744621821.792:40): pid=6274 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.74" name="/" dev="9p" ino=2 res=0 errno=0
[  131.187675][ T3081] usb 4-1: USB disconnect, device number 3
[  132.077719][ T5834] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  132.096565][ T5834] Bluetooth: hci0: Injecting HCI hardware error event
[  132.109483][ T5139] Bluetooth: hci0: hardware error 0x00
[  132.559844][ T6042] 8021q: adding VLAN 0 to HW filter on device bond0
[  132.658701][ T6042] 8021q: adding VLAN 0 to HW filter on device team0
[  132.762677][ T5921] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.769923][ T5921] bridge0: port 1(bridge_slave_0) entered forwarding state
[  132.816286][ T5921] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.823715][ T5921] bridge0: port 2(bridge_slave_1) entered forwarding state
[  132.944072][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[  133.033820][ T6300] netlink: 4 bytes leftover after parsing attributes in process `syz.4.80'.
[  134.218671][ T6042] 8021q: adding VLAN 0 to HW filter on device batadv0
[  134.300096][ T5834] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  134.310722][ T5834] CPU: 1 UID: 0 PID: 5834 Comm: kworker/u9:4 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(full) 
[  134.310752][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  134.310766][ T5834] Workqueue: hci4 hci_rx_work
[  134.310792][ T5834] Call Trace:
[  134.310869][ T5834]  <TASK>
[  134.310879][ T5834]  dump_stack_lvl+0x241/0x360
[  134.310918][ T5834]  ? __pfx_dump_stack_lvl+0x10/0x10
[  134.310940][ T5834]  ? __pfx__printk+0x10/0x10
[  134.310961][ T5834]  ? __rcu_read_unlock+0xa1/0x110
[  134.310988][ T5834]  ? kernfs_path_from_node+0x217/0x250
[  134.311011][ T5834]  sysfs_create_dir_ns+0x2fd/0x3f0
[  134.311032][ T5834]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  134.311054][ T5834]  ? kobject_add_internal+0x3fe/0x8d0
[  134.311080][ T5834]  kobject_add_internal+0x435/0x8d0
[  134.311107][ T5834]  kobject_add+0x15b/0x230
[  134.311127][ T5834]  ? preempt_schedule_thunk+0x16/0x30
[  134.311142][ T5834]  ? device_add+0x3e7/0xbf0
[  134.311160][ T5834]  ? __pfx_kobject_add+0x10/0x10
[  134.311180][ T5834]  ? _raw_spin_unlock+0x3e/0x50
[  134.311200][ T5834]  ? get_device_parent+0x165/0x410
[  134.311221][ T5834]  device_add+0x4e5/0xbf0
[  134.311244][ T5834]  hci_conn_add_sysfs+0xe8/0x200
[  134.311269][ T5834]  le_conn_complete_evt+0xc6e/0x12a0
[  134.311297][ T5834]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  134.311320][ T5834]  ? irqentry_exit+0x63/0x90
[  134.311336][ T5834]  ? lockdep_hardirqs_on+0x9d/0x150
[  134.311361][ T5834]  hci_le_enh_conn_complete_evt+0x185/0x420
[  134.311385][ T5834]  hci_event_packet+0xa5c/0x1550
[  134.311414][ T5834]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  134.311435][ T5834]  ? __pfx_hci_event_packet+0x10/0x10
[  134.311464][ T5834]  ? kcov_remote_start+0x2e/0x7d0
[  134.311490][ T5834]  ? hci_send_to_monitor+0xdc/0x530
[  134.311510][ T5834]  hci_rx_work+0x3f3/0xdb0
[  134.311532][ T5834]  ? process_scheduled_works+0x9cb/0x18e0
[  134.311547][ T5834]  process_scheduled_works+0xac3/0x18e0
[  134.311585][ T5834]  ? __pfx_process_scheduled_works+0x10/0x10
[  134.311609][ T5834]  ? assign_work+0x367/0x3d0
[  134.311628][ T5834]  worker_thread+0x870/0xd50
[  134.311657][ T5834]  ? __kthread_parkme+0x1a8/0x200
[  134.311677][ T5834]  ? __pfx_worker_thread+0x10/0x10
[  134.311694][ T5834]  kthread+0x7b7/0x940
[  134.311715][ T5834]  ? __pfx_worker_thread+0x10/0x10
[  134.311732][ T5834]  ? __pfx_kthread+0x10/0x10
[  134.311757][ T5834]  ? __pfx_kthread+0x10/0x10
[  134.311778][ T5834]  ? __pfx_kthread+0x10/0x10
[  134.311803][ T5834]  ? __pfx_kthread+0x10/0x10
[  134.311822][ T5834]  ? _raw_spin_unlock_irq+0x23/0x50
[  134.311837][ T5834]  ? lockdep_hardirqs_on+0x9d/0x150
[  134.311854][ T5834]  ? __pfx_kthread+0x10/0x10
[  134.311875][ T5834]  ret_from_fork+0x4b/0x80
[  134.311890][ T5834]  ? __pfx_kthread+0x10/0x10
[  134.311909][ T5834]  ret_from_fork_asm+0x1a/0x30
[  134.311955][ T5834]  </TASK>
[  134.312300][ T5834] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  134.620483][ T5834] Bluetooth: hci4: failed to register connection device
[  134.806602][ T5139] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  135.629057][ T5943] veth0_vlan: entered promiscuous mode
[  135.669107][ T5943] veth1_vlan: entered promiscuous mode
[  135.769268][ T5943] veth0_macvtap: entered promiscuous mode
[  135.807398][ T5943] veth1_macvtap: entered promiscuous mode
[  135.850774][ T1207] usb 5-1: new low-speed USB device number 3 using dummy_hcd
[  135.921110][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.937551][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.948495][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.966471][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  135.976644][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  135.996162][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.009462][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  136.023291][ T1207] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  136.026360][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.031812][ T1207] usb 5-1: config 0 has no interface number 0
[  136.050013][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[  136.068234][ T1207] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  136.080343][ T6042] veth0_vlan: entered promiscuous mode
[  136.095054][ T1207] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  136.099659][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.107061][ T1207] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  136.151006][ T1207] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.169086][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.181963][ T1207] usb 5-1: config 0 descriptor??
[  136.187357][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.199777][ T6349] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  136.208500][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.226437][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.239667][ T1207] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  136.267457][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.303949][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  136.314552][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  136.326365][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[  136.350372][ T6042] veth1_vlan: entered promiscuous mode
[  136.389966][ T5943] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  137.440491][ T5943] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  137.460456][ T5943] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.114148][ T5943] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.138735][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  138.145525][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  138.287979][   T47] usb 5-1: USB disconnect, device number 3
[  138.294662][    C1] iowarrior 5-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  138.671806][ T6042] veth0_macvtap: entered promiscuous mode
[  138.722544][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.724400][ T6042] veth1_macvtap: entered promiscuous mode
[  138.766676][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  138.938606][ T6042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  138.984257][ T6042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.020609][ T6042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.040585][ T6042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.071761][ T6042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.102112][ T6042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.131411][ T6042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.285978][ T6042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.297978][ T6042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  139.316074][ T6042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.328769][ T6042] batman_adv: batadv0: Interface activated: batadv_slave_0
[  139.347946][ T5921] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.358476][ T5921] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.472196][ T6042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.528416][ T6042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.540486][ T6042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.554723][ T6042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.578991][ T6042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.590219][ T6042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.613390][ T6378] capability: warning: `syz.3.91' uses 32-bit capabilities (legacy support in use)
[  139.624234][ T6042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.641091][ T6042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.670579][ T6042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  139.700468][ T6042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  139.722171][ T6042] batman_adv: batadv0: Interface activated: batadv_slave_1
[  139.783859][ T6042] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  139.834199][ T6042] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  139.879965][ T6042] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  139.914635][ T6042] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.739764][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  140.790746][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  140.964048][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  141.001850][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  141.672247][ T6409] devtmpfs: Too few inodes for current use
[  141.709806][ T6409] netlink: 'syz.5.97': attribute type 2 has an invalid length.
[  141.828919][ T6413] bridge_slave_0: left allmulticast mode
[  141.847404][ T6413] bridge_slave_0: left promiscuous mode
[  141.870107][ T6413] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.945221][ T6413] bridge_slave_1: left allmulticast mode
[  142.010610][ T6413] bridge_slave_1: left promiscuous mode
[  142.030754][ T6413] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.120022][ T6421] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  142.207606][ T6413] bond0: (slave bond_slave_0): Releasing backup interface
[  142.306320][ T6413] bond0: (slave bond_slave_1): Releasing backup interface
[  142.391102][ T6413] team0: Port device team_slave_0 removed
[  142.470641][ T6413] team0: Port device team_slave_1 removed
[  142.501782][ T6413] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.535986][ T6413] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.628507][ T6413] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.649102][ T6413] batman_adv: batadv0: Removing interface: batadv_slave_1
[  144.568616][ T6476] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  144.631456][ T6413] vlan2: entered allmulticast mode
[  144.648830][ T6413] bond0: entered allmulticast mode
[  144.674050][ T6413] bridge0: port 1(vlan2) entered blocking state
[  144.706051][ T6413] bridge0: port 1(vlan2) entered disabled state
[  145.365532][ T6495] QAT: Invalid ioctl 1075883590
[  145.370972][ T6495] QAT: Invalid ioctl 1075883590
[  145.376155][ T6495] QAT: Invalid ioctl 1075883590
[  145.381400][ T6495] QAT: Invalid ioctl 1075883590
[  145.386349][ T6495] QAT: Invalid ioctl 1075883590
[  145.391588][ T6495] QAT: Invalid ioctl 1075883590
[  145.396498][ T6495] QAT: Invalid ioctl 1075883590
[  145.401586][ T6495] QAT: Invalid ioctl 1075883590
[  145.406538][ T6495] QAT: Invalid ioctl 1075883590
[  145.413326][ T6495] QAT: Invalid ioctl 1075883590
[  145.424322][ T6495] 
[  145.426678][ T6495] ======================================================
[  145.433787][ T6495] WARNING: possible circular locking dependency detected
[  145.440898][ T6495] 6.15.0-rc2-syzkaller #0 Not tainted
[  145.446279][ T6495] ------------------------------------------------------
[  145.453295][ T6495] syz.6.109/6495 is trying to acquire lock:
[  145.459192][ T6495] ffffffff900eb1c8 (rtnl_mutex){+.+.}-{4:4}, at: do_ipv6_setsockopt+0xa9a/0x3680
[  145.468462][ T6495] 
[  145.468462][ T6495] but task is already holding lock:
[  145.475841][ T6495] ffff888030af8aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x1b2/0xd50
[  145.485950][ T6495] 
[  145.485950][ T6495] which lock already depends on the new lock.
[  145.485950][ T6495] 
[  145.496388][ T6495] 
[  145.496388][ T6495] the existing dependency chain (in reverse order) is:
[  145.505400][ T6495] 
[  145.505400][ T6495] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[  145.514012][ T6495]        lock_acquire+0x116/0x2f0
[  145.519051][ T6495]        __mutex_lock+0x1a5/0x10c0
[  145.524183][ T6495]        smc_switch_to_fallback+0x35/0xda0
[  145.530014][ T6495]        smc_sendmsg+0x11f/0x530
[  145.535008][ T6495]        __sock_sendmsg+0x221/0x270
[  145.540229][ T6495]        __sys_sendto+0x365/0x4c0
[  145.545265][ T6495]        __x64_sys_sendto+0xde/0x100
[  145.550563][ T6495]        do_syscall_64+0xf3/0x230
[  145.555701][ T6495]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.562121][ T6495] 
[  145.562121][ T6495] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[  145.569790][ T6495]        lock_acquire+0x116/0x2f0
[  145.574820][ T6495]        lock_sock_nested+0x48/0x100
[  145.580123][ T6495]        do_ip_setsockopt+0x17e9/0x39c0
[  145.585681][ T6495]        ip_setsockopt+0x63/0x100
[  145.590753][ T6495]        do_sock_setsockopt+0x3b1/0x710
[  145.596330][ T6495]        __x64_sys_setsockopt+0x1ee/0x280
[  145.602347][ T6495]        do_syscall_64+0xf3/0x230
[  145.607480][ T6495]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.613936][ T6495] 
[  145.613936][ T6495] -> #0 (rtnl_mutex){+.+.}-{4:4}:
[  145.621279][ T6495]        validate_chain+0xa69/0x24e0
[  145.626687][ T6495]        __lock_acquire+0xad5/0xd80
[  145.631891][ T6495]        lock_acquire+0x116/0x2f0
[  145.636942][ T6495]        __mutex_lock+0x1a5/0x10c0
[  145.642181][ T6495]        do_ipv6_setsockopt+0xa9a/0x3680
[  145.647820][ T6495]        ipv6_setsockopt+0x5d/0x170
[  145.653023][ T6495]        smc_setsockopt+0x25c/0xd50
[  145.658220][ T6495]        do_sock_setsockopt+0x3b1/0x710
[  145.663764][ T6495]        __x64_sys_setsockopt+0x1ee/0x280
[  145.669497][ T6495]        do_syscall_64+0xf3/0x230
[  145.674543][ T6495]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.680965][ T6495] 
[  145.680965][ T6495] other info that might help us debug this:
[  145.680965][ T6495] 
[  145.691190][ T6495] Chain exists of:
[  145.691190][ T6495]   rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock
[  145.691190][ T6495] 
[  145.704757][ T6495]  Possible unsafe locking scenario:
[  145.704757][ T6495] 
[  145.712201][ T6495]        CPU0                    CPU1
[  145.717595][ T6495]        ----                    ----
[  145.722956][ T6495]   lock(&smc->clcsock_release_lock);
[  145.728417][ T6495]                                lock(sk_lock-AF_INET);
[  145.735352][ T6495]                                lock(&smc->clcsock_release_lock);
[  145.743253][ T6495]   lock(rtnl_mutex);
[  145.747254][ T6495] 
[  145.747254][ T6495]  *** DEADLOCK ***
[  145.747254][ T6495] 
[  145.755392][ T6495] 1 lock held by syz.6.109/6495:
[  145.760336][ T6495]  #0: ffff888030af8aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x1b2/0xd50
[  145.771009][ T6495] 
[  145.771009][ T6495] stack backtrace:
[  145.776999][ T6495] CPU: 0 UID: 0 PID: 6495 Comm: syz.6.109 Not tainted 6.15.0-rc2-syzkaller #0 PREEMPT(full) 
[  145.777018][ T6495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  145.777027][ T6495] Call Trace:
[  145.777035][ T6495]  <TASK>
[  145.777042][ T6495]  dump_stack_lvl+0x241/0x360
[  145.777066][ T6495]  ? __pfx_dump_stack_lvl+0x10/0x10
[  145.777086][ T6495]  ? __pfx__printk+0x10/0x10
[  145.777105][ T6495]  ? print_lock+0x171/0x1a0
[  145.777122][ T6495]  print_circular_bug+0x2e1/0x300
[  145.777141][ T6495]  check_noncircular+0x142/0x160
[  145.777162][ T6495]  validate_chain+0xa69/0x24e0
[  145.777182][ T6495]  ? __pfx___switch_to+0x10/0x10
[  145.777209][ T6495]  __lock_acquire+0xad5/0xd80
[  145.777227][ T6495]  lock_acquire+0x116/0x2f0
[  145.777240][ T6495]  ? do_ipv6_setsockopt+0xa9a/0x3680
[  145.777267][ T6495]  __mutex_lock+0x1a5/0x10c0
[  145.777286][ T6495]  ? do_ipv6_setsockopt+0xa9a/0x3680
[  145.777308][ T6495]  ? __schedule+0x1b51/0x51f0
[  145.777326][ T6495]  ? do_ipv6_setsockopt+0xa9a/0x3680
[  145.777347][ T6495]  ? stack_trace_save+0xe1/0x1d0
[  145.777367][ T6495]  ? __pfx___mutex_lock+0x10/0x10
[  145.777389][ T6495]  ? __pfx___schedule+0x10/0x10
[  145.777406][ T6495]  do_ipv6_setsockopt+0xa9a/0x3680
[  145.777430][ T6495]  ? register_lock_class+0x54/0x330
[  145.777444][ T6495]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  145.777466][ T6495]  ? __lock_acquire+0xad5/0xd80
[  145.777481][ T6495]  ? __mutex_trylock_common+0x184/0x2e0
[  145.777502][ T6495]  ? __pfx___mutex_trylock_common+0x10/0x10
[  145.777522][ T6495]  ? rcu_is_watching+0x15/0xb0
[  145.777539][ T6495]  ? trace_contention_end+0x3c/0x120
[  145.777557][ T6495]  ? __mutex_lock+0x380/0x10c0
[  145.777584][ T6495]  ? __pfx_futex_wake_mark+0x10/0x10
[  145.777602][ T6495]  ? smc_setsockopt+0x1b2/0xd50
[  145.777619][ T6495]  ? __pfx___mutex_lock+0x10/0x10
[  145.777641][ T6495]  ipv6_setsockopt+0x5d/0x170
[  145.777664][ T6495]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  145.777686][ T6495]  smc_setsockopt+0x25c/0xd50
[  145.777706][ T6495]  ? __pfx_smc_setsockopt+0x10/0x10
[  145.777722][ T6495]  ? __lock_acquire+0xad5/0xd80
[  145.777738][ T6495]  ? __pfx_smc_setsockopt+0x10/0x10
[  145.777754][ T6495]  do_sock_setsockopt+0x3b1/0x710
[  145.777772][ T6495]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  145.777785][ T6495]  ? __fget_files+0x2a/0x420
[  145.777804][ T6495]  ? __fget_files+0x39d/0x420
[  145.777820][ T6495]  ? __fget_files+0x2a/0x420
[  145.777839][ T6495]  __x64_sys_setsockopt+0x1ee/0x280
[  145.777856][ T6495]  do_syscall_64+0xf3/0x230
[  145.777875][ T6495]  ? clear_bhb_loop+0x45/0xa0
[  145.777892][ T6495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.777907][ T6495] RIP: 0033:0x7f0130f8d169
[  145.777922][ T6495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.777934][ T6495] RSP: 002b:00007f0131e32038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  145.777950][ T6495] RAX: ffffffffffffffda RBX: 00007f01311a6160 RCX: 00007f0130f8d169
[  145.777961][ T6495] RDX: 000000000000002c RSI: 0000000000000029 RDI: 0000000000000007
[  145.777969][ T6495] RBP: 00007f013100e990 R08: 0000000000000000 R09: 0000000000000000
[  145.777979][ T6495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  145.777987][ T6495] R13: 0000000000000000 R14: 00007f01311a6160 R15: 00007ffe83ca6098
[  145.778003][ T6495]  </TASK>