last executing test programs:

54.289194765s ago: executing program 0 (id=112):
r0 = socket(0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESOCT=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="38003300c0000000e7ffffffffff080211000000"], 0x54}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
geteuid()
r7 = syz_open_dev$dri(&(0x7f0000000340), 0x5, 0x408041)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[0x0, 0x0], 0x4000000000000090})
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r7, 0xc01064c7, &(0x7f00000002c0)={0x1, 0x0, &(0x7f0000000280)=[0x0]})
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000540)={r2, 0xffffffa1, &(0x7f0000000480)={&(0x7f0000000400)=""/51, 0x33, <r8=>0x0, &(0x7f0000000740)=""/138, 0x8a}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r9 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r9, &(0x7f0000000f80)=""/4096, 0x300)

50.789314045s ago: executing program 0 (id=119):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
socket$key(0xf, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000180)={0x0, "eb428edff76dfb8a5421e90d9a0c27a2737bb4e15be1ac96fd5f67778dcd1136ea573155a1e92e47bf28841d0fe60cb5c38c0357e90438a34c92cba1be5695a1"}, 0x48, 0xfffffffffffffff8)
r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff)
pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r2, 0x0)
pipe2$watch_queue(&(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r3, 0x0)
pipe2$watch_queue(&(0x7f0000000100)={<r5=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r5, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r2, 0xfffffffdffffffff)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r4, 0x4020565a, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r6, 0x84, 0xc, &(0x7f00000001c0), 0x4)
r7 = open$dir(&(0x7f0000000080)='./file0\x00', 0x7e, 0x0)
writev(r7, &(0x7f0000000280)=[{&(0x7f0000000300)="e7", 0x1}], 0x1)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)

45.472911949s ago: executing program 0 (id=127):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet_sctp(0xffffffffffffffff, 0x0, 0xc000401)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setuid(0xee01)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
statx(0xffffffffffffffff, &(0x7f0000000440)='./file0\x00', 0x4000, 0x200, &(0x7f0000000480))
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000100)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha512\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
r4 = accept4(r3, 0x0, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/bus/input/devices\x00', 0x0, 0x0)
pread64(r5, &(0x7f0000001580)=""/4096, 0x1000, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r5, 0xc0184800, &(0x7f00000003c0)={0x94, r1, 0x1})
r6 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000180)={@dev, 0x800, 0x0, 0x3, 0x1}, 0x20)
setsockopt$inet6_int(r6, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r6, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f0000003540)=[{0x0, 0x0, &(0x7f0000000ec0)=[{&(0x7f0000000180)}, {&(0x7f0000000280)="4abb1d8fb9ec59d06d02cc053ce6ac1168d484bfc91789aaedda7f345881d8e3299cca7bf6eb1730423b84df251adc5a6a3df5fbcdaba7541a96a745211d458ecbd25f7adabff10c56381424f96521b18ab8e2a5f92b0fc2997ff7102298726aff76f6f46139d32dadd2bf29ffa86c4902dc74bb62d15481c333ccb19d37853c99140df835", 0x85}], 0x2}], 0x1, 0x0)
recvmmsg(r4, &(0x7f00000038c0)=[{{0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f0000000840)=""/245, 0xf5}], 0x1}}], 0x1, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000000)={<r7=>0xffffffffffffffff})
close_range(r7, 0xffffffffffffffff, 0x0)

43.918038977s ago: executing program 0 (id=132):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
getrusage(0x0, &(0x7f0000000100))
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = gettid()
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$key(0xf, 0x3, 0x2)
r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000001c80)={{{@in=@broadcast, @in6=@mcast1}}, {{@in=@loopback}, 0x0, @in=@remote}}, &(0x7f00000000c0)=0xe8)
sendmsg$nl_xfrm(r4, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x40)
ioctl$TIOCSBRK(r5, 0x5427)
ioctl$TCXONC(r5, 0x540a, 0x2)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)

42.931698169s ago: executing program 0 (id=135):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008e}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x2)
r0 = getpgid(0xffffffffffffffff)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
pipe2$9p(&(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b405000000000000611078000000000063012c000000000095000000000000008f6a138c9e4eb32e71d7754e127d8d87525e8d57dc3c002fa721249c4cdfd87788947190b59b5af99eaaecbf2ba57aa6ffd750ffd3bef751c89264a6a9ec3b188b69dc1b6a12211cbf01e697342cf987ca2161e2a58904"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bind$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
syz_open_procfs(r0, &(0x7f0000000040)='fdinfo/3\x00')
socket$packet(0x11, 0x3, 0x300)
write$binfmt_elf32(r3, &(0x7f00000015c0)=ANY=[@ANYBLOB="7f454c46820d090702000000000000000300030001000000a103000038000000e40000000300000007002000010000800800060000000000000000605c000000090000000900000002000000ff0f000033000000060000000200000002000000020000000400000004000000c2f0ffff0e000000030000009c47207e34cf4bac29d33ae33cae47d38aeb4a6870bbcf683031de44a04b49377cb527dc89ad2682fc6e45f221cd7f2a0e6adf4f84909b5d1c95eb8a0f9c4e2a8bd82d5b6fe1da4c37c1ee811cbcb37377a3f0f09b2b9c2663b9d09a9e1db93f5c6e1459d3dc4127bdf287ab84be6eb5c8d3d4fd91e164c40143608a781b3aaf439231560ec94b10b807c5935119ca125cb024e923b9ce29d4339d7811dcec3a59398a5b9187bad2a85fa81ba019ae18f15c88af90389899e7a2d6759fa9b38ea82a4076aae161f9cc089a385667d8bfe9ded7ef3f3973cf72b983046bc9e8aa7433f7a2e22c36f74f0ce52af3f642ffa52796c228ae3339679c96ba1e2504b28c99d9c1593a5f5cc49693120106081f1d5a89dc558433ea7583cd04c6cd51e611a8fe81ae7a37994988e727a9d55599743a525434b58c0ae2db905e0dbba315692ac37f804fa46282c99d470970060005271c209a25846066e2a876413dd8354a5d084842106e54353620f1c625f8494bdab4923b7021cf4041493e54166c4e75da8bec54a876e4e1069ed899e789d588f092b1726ef534912c7ee4826e49aa3997c05655f1c33d6954b220459ce22d39c2fffa440f0746c8b97bf99c88e8f3dd164cb520358cb0e81a1fe5dfe57229861c3ef4a4409630d365d06666c6c9eb632356332e5bef51fd6387a437031e1e854463508b4e59894ea46b966da69dfa3924a9b49cfe4572fdbe8ac0f0fcfd60be0ea7f0c5787c745dd4898a7037c91c91ad1b4c049182e0ae663afbda5c516aceec5f7d04f3b49954aa100037bec31078823f0b79c74d2f79102ac5e71da807579bad90d48591bf9d57c7c7cb26aba24726a651efe6d2ad34a0c6e5248910622095c5780412799e86147bc13d105c74fe72b63d3f62f31d3e86336b0bd4417ab9542a0f7cf0059279cd91ae7501924dbb2cf680ae9ba035e2c14d2a875c82f11826f639ee503dffdb3f9c4d1bd2d78537c438506500b70a3eb1c7b114de9685fa8ef448a598011a94b6bcb8734cbdf0514e3799f8227f30d9269b880d79edfd85c4859adc9881243d78570fa0f4d7462102e9f7c00baf1cbf8f57c1d439ed34982c14d433296aa48aa68bfe8551d22771497cf70de0f248f6b3fb689c5b867860f499316aa5c5c206c59dc68e42aa3aeb04a53ad504f67abe69370e4568b9ac00b5cb10ca49ebecd035a0305c07ca34e256563169c8ced345c9fcd102fbd522d1473001a58db37570220a1f1773f33babc3276d3b249792aad1af50c7eaf2cb6cd6f9cee44126afe9aaa57cd4ab5f2152885c16149a1f7be8183bcad6e62717ad210f9ef6f0d8796a2c1e5673ca6df0454d5d172bb5753648271950e05743f8547805828fba172359b38b529e69860d69db9592213f808aef1ca64e6ae5bbb224e37bb67d7a90c9da12bd5cdf626bb03aee1837ba22346451773a570ae404de8ceabc64f05c94970f9ca6a377f46f7ae5804734ba130edccd11c2c9f32992695745ae4c5d73a6bb345ad7519ccab776ca5e5821d6a2a9e3e18c0a00161a9104c43aa810d042ab9474f78de1c3e167ff1efe7356d0bb45e84d8e444821227f47a83f2adfbbdaff98f0d676181d078d580380ae6bfd7fe904df3f0e6a9c1b67a8d5006d386e73e35aa32354ee5b40b23ffbe5e62493cb5ecfb64145520ca930f1e1f0df23dde0c1ca1e2f3fe21cc5ccf9c4e2c2d6831b7ae9dc8bc2e3ce77dde78fcb62d9d869c6d2ab479ad08d20b9371692fe39ed9b8e589e1208b6621b598c9fe2a826409726929f9dd2f14ffd3276df1a6329521eb0728b283c45b8615483d630280687f82110a3eec55629e16a3ba3c53b2165a767d348d64ebb820e796908d9c9ecccbb2da39289ca3616b019e4b88fdfa66edda380e2cfe3e4cb89c83c3a4ff834b957c6e65c389caaf5ee60b206ad31691c805f6a24ccb9621bb116ff2b33d2a7803b5fcf8ed88dc999f34af190253738bfad23f64beb3f1274a480ed4d9db21811c242f0ca7d059dad475652ac7a3a423d65eda1c3db32995715edb2f4c7f5b16d7eb82f045771a259d6dd1247372149ecabb407941b0042def1e89d41f5e467643691ea0ce7aad956c2b389aab6399dfd70fc70a35a9762bb7fec250d1061e27a144b7702438edc61c23cab14fbf8bdc15f130fabdb68a8d77714e097efb85a192a981b9fa97eb010265199d1344753bcfc2e6a38bd3ea5ae6dd9bfb3a847cadb7ccbc187d429ec24081be2449e6beb2b4c461dc039d7341bd1623ec733465c21ffa77e92a02cc247363a022a5286b356eebb185e968fa68ff9cced9cc21221c6b1186e06cb7030568a2cfb7f72678cba8f172de151a280f32c5da1373e7195ab66695751233ddbdd2c1a4a4ca5be88babaa6237cd47e1cb73e4b1b8c558b0b85e8fa629951bcf67bbe140bb0671dc66cb26705bd489f93c5d91d86517116dc24ec43a4dd0a341e496b4aeb1eef60e1e74e3b70291a5247f4be6b888918efa711e1ca9f94f749f3a26dbfe70bf434f5aed9e301b848969a8591b31d9bf41fd69d822a313eeabd846ea470d8c25ac53c75931474a6618d4d27ed0de165330d20bd82ced9b1d38dccc667a4f052b1e234666ad569d38f8b8c077d95bac5edc5ac8252dfe5ba922a27314e4842582a5c987bd27233a6cfe6e5249bb9103352590dab78fe5f0623edb987fa3570b2d7e477c82d8461455586f23ed0f435d5495f3448e832aab6ab87b9310d10153116e5e0734fe64c2735070965a568549944da77e081a1025c187f740a17f152c8bdbea88be5521e2f52b3d7a791bd403f830f9e01cc82f5de4b1239870fcbaeab88aad68947e38f901d1ca8c2ca599788d00771a4293e05ee2fb7ff8e4b101703c45b2c0cff838e7ac691a0088f1fb4af01a5a1746708e8592aebf07163a4fa55bd3e0c82518abe4d3f2c9b765642b2cea7c12a72067d205b513ae410db76b8979fd10b90b9f3723448"], 0x1178)
socketpair(0x18, 0x20000000000001, 0x4, &(0x7f0000000100)={<r4=>0xffffffffffffffff})
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x59)
bind$packet(r4, &(0x7f0000000000)={0x11, 0x7, 0x0, 0x1, 0xff, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x27}}, 0x14)
sched_setscheduler(0x0, 0x0, 0x0)
r5 = getpid()
syz_pidfd_open(r5, 0x0)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r6, 0x0)

36.43692642s ago: executing program 0 (id=140):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=@gettaction={0x14}, 0x14}}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000540)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = open(&(0x7f0000000080)='.\x00', 0x0, 0x0)
getdents(r3, &(0x7f0000000280)=""/4096, 0x9005)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000200)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={<r6=>0x0}, &(0x7f0000001280)=0x8)
r7 = dup2(r5, r4)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r7, 0x84, 0x1f, &(0x7f00000003c0)={r6, @in={{0x2, 0x0, @private=0xa010101}}}, &(0x7f0000000340)=0x90)
pipe2(&(0x7f0000000040), 0x0)
vmsplice(r7, &(0x7f0000000240), 0x63, 0x1)

21.637300517s ago: executing program 4 (id=162):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x7)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
ioctl$SG_GET_REQUEST_TABLE(r0, 0x2286, 0x0)
futex(&(0x7f00000001c0), 0xb, 0x0, &(0x7f0000000200), &(0x7f0000000240), 0x1)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(0xffffffffffffffff, 0x8982, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xa, 0xa031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
mkdir(0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x5f, 0xffffffffffffffff, {0x2}}, './file0\x00'})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x4})
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x18)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}})
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)

20.542338792s ago: executing program 1 (id=164):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0}, 0x90)
r4 = add_key$user(0x0, 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={0x0, r4, r4}, 0x0, 0x0, 0x0)
fcntl$getown(r0, 0x9)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r5 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r5})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r5})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf}, 0x90)

14.753757521s ago: executing program 3 (id=166):
r0 = socket$kcm(0x2b, 0x1, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f00000001c0)=0x2, 0x4)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@mpol={'mpol', 0x3d, {'default', '=relative'}}}]})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0)
preadv(r2, &(0x7f0000000800)=[{&(0x7f0000000480)=""/218, 0xda}], 0x1, 0x10001, 0x0)
sendmsg$inet(r0, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x20000010)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'team_slave_0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000e70f000305000007001cd6f4fff01ed395ed5ae1bf68198cfce0f233cfa277482bb688b128f06f7ba4fb62ea4e239d2416947720161166b3205764b562c5854cddf1eb64ed2bba7d844896dd24bfc8d1a8906374b4dd34920db2e87757ef1d3049d775b11c531d7f43ac218081e979aa31d122c19f4bef21cf273ebb789d3379f37ac323ce13e779eb58ef980eb435e4ded2f9fb32a9d9f5fe1a1754255f50b2a1aa41f90bd9645e1a5c88c0cf88088fa8de62a295b0e93325c5cc6b0f00eba651ba43c2f65b6854cee5d3869f9182b675d5d6d8ed6b1a4553", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800c0001006d6163766c616e002400028008000100100000000400058008000300030000000a000400aaaaaaaaaabb000008000500", @ANYRES32=r7, @ANYBLOB], 0x5c}}, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYRES16, @ANYRES16=r8, @ANYRESOCT], 0x4c}}, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_FRAME(r10, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r11, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r12, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xffffffff}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x113, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001640)=[0x0], 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x890c, &(0x7f0000000100))

14.46691097s ago: executing program 1 (id=167):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000008000300", @ANYRES32=r2, @ANYBLOB="0600eb00000000000c007d80"], 0x30}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="0202f3021600000000000000000000000200090008000000e90000000000000003000600000000000200000000000000000000000000000002000100000000000000020200000020030005000000000002000000ac1414aa00000000000000000a00080008"], 0xb0}, 0x1, 0x7}, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
sendmsg$key(r3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x97}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x0, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40505330, &(0x7f00000000c0))
pipe(&(0x7f00000006c0))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)=ANY=[@ANYBLOB="38000000010101010000000000000000020000001800018014000180080001007f00000108000200000000000c0019800800010005"], 0x38}}, 0x0)
tkill(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x35}]}, &(0x7f0000000080)='GPL\x00', 0x5, 0x98, &(0x7f00000002c0)=""/152, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000}, 0x90)
epoll_create1(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x8, 0x6, 0x0, @ipv4={'\x00', '\xff\xff', @local}, @local, {[], @echo_request}}}}}, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r6, 0x541c, &(0x7f0000000000))

13.330982953s ago: executing program 2 (id=168):
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socket$netlink(0x10, 0x3, 0x10)
r0 = socket$netlink(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x28}}, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6}]}, 0x10)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
recvmmsg(r1, &(0x7f0000001f80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x101, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x10000}, 0x1c)
r2 = socket(0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, 0x0, 0x0)
getsockname$inet6(r4, 0x0, &(0x7f0000000280))
setsockopt$inet6_IPV6_ADDRFORM(r3, 0x3a, 0x1, 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x12, &(0x7f0000000040)=0xfffffc27, 0x4)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280"], 0x44}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_inet_SIOCGIFADDR(r2, 0x8915, &(0x7f00000002c0)={'wlan0\x00', {0x2, 0x0, @broadcast}})
openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r7=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x401, 0x400, 0x8, 0xc1, 0xffffffffffffffff, 0x3ff, '\x00', r7, 0xffffffffffffffff, 0x0, 0x1, 0x2, 0xe}, 0x48)
sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000040)=ANY=[@ANYBLOB="d8010000", @ANYRES16=r6, @ANYBLOB="010000000000fbdbdf25010000000800050001000000060006004e220000140002007767320000000000000000000000000024000400a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5427c0108800c01008006000500070000002400020086650b35f0b4c2dc04a95e352f55e8204db1e72262099a4daa6bd5d598d1ecdb24000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e24ac1e0001000000000000000008000300000000009c0009801c000080060001000200000008000200e0000002050003000300000028000080060001000a000000140002002001000000000000000000000000000105000300030000001c0000800600010002000000"], 0x1d8}}, 0x0)

12.901057194s ago: executing program 4 (id=169):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000000080))
ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000040))
ioctl$SNDCTL_DSP_CHANNELS(r5, 0xc0045006, &(0x7f00000000c0)=0x40)
ppoll(&(0x7f0000000340)=[{r5}], 0x1, &(0x7f00000003c0), 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x2c, r1, 0x462, 0x70bd2a, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x8001, 0x14}}}}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x2810}, @NL80211_ATTR_SCAN_FREQUENCIES={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008080}, 0x4000)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r7 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_IPV6_RTHDR(r7, 0x29, 0x39, &(0x7f0000000000)={0x0, 0x2, 0x2, 0x1, 0x0, [@dev]}, 0x18)
sendto$l2tp6(r7, 0x0, 0x2, 0x4048814, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1}, 0x20)

12.501702036s ago: executing program 2 (id=170):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="05000000000000e000000600000008000300", @ANYRES32=r2, @ANYBLOB="080005000200"], 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002e00390008000300", @ANYRES32=r2, @ANYBLOB="0a00340002020202020200000a0006000802110000000000080026006c090000"], 0x3c}}, 0x0)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
socketpair(0x11, 0x2, 0x0, &(0x7f0000000a40))
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000040)=ANY=[@ANYBLOB="10000000080211000001080211000000080211000000200000000000000000206097956f504f283882848b960c121824"], 0x28)
r3 = socket$igmp(0x2, 0x3, 0x2)
sendto$inet(r3, &(0x7f0000000300)="e229fc04553d512e813124f99b80d5326782df004e2e54705982f0cb77cbbd52fceda2a7fedf3595e4ab7737f1e7fde3c3892bf4f107e2131e94fd9810ed68f7c9c22efc8c8cfa17fe00336361fee07d9d50c4c13b5e5bfba541a8d0ce278affdcd0625e649d17829a2d5a63131de996e92909871f6b01ec1b1a04375b96e2ce5b9100f6ff0000000000000000000000000087941817a3496c400d95b24a55f53551c1699ec7868f36f10fa2c68a03592e3c4a48f8a21715120bf6f4126e3747d1359e39cf6e095718ef36e2f61dbad20f8b3d4ee9cf4b55a1487835021d520ab85ef59b60580b4ed75e727bd76f47ab6bb2e631e1a1a45ab2d0db275cc3633f12aa7ce126c318616bb54f9bae2e2311daad7b254448e552bda71cdc3aa6fe18537822d6fc30114d83bfd5d6aa027f0a146206ceead6d5b347619419d5881ee325672b7476afcdfade51b9ae568b40c2fc91a52d29c7e5e596610cb36edc8116000dd8a93a9551f7d7d2d62a56939938a171c1ed960f59a6e013e557fad71b3b8986d14dbaf649f5340f75ffa296eec9d8b788623901aca301c07124efee955f1a7cde6c8931b13b3eb3ec", 0xffffff6d, 0x4048041, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="02c9e7030000000200"], 0x9)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$key(0xf, 0x3, 0x2)
getsockopt$IP_SET_OP_GET_BYINDEX(r4, 0x1, 0x53, &(0x7f0000000100)={0x7, 0x7, 0x2}, &(0x7f0000000140)=0x28)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r6, &(0x7f0000000140)='asymmetric\x00', &(0x7f0000000440)=@secondary)
r7 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0)
syz_usb_disconnect(r7)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000009c0)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}}}}}]}}, 0x0)
ioctl$EVIOCRMFF(r7, 0x5501, 0x0)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000040)={0x5, &(0x7f00000000c0)=[{0x6, 0x0, 0xfd, 0x67b}, {0x1, 0x25, 0x3, 0x8000}, {0x7, 0x3, 0x0, 0x53}, {0x8, 0xd0, 0x4, 0x3}, {0x20, 0x5b, 0x8, 0x71}]}, 0x8)
io_setup(0x9, &(0x7f0000000180))
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, &(0x7f0000000000)='\x00\x00\x00\x00\x00\x00\x00\x00', 0x8, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

12.132724347s ago: executing program 1 (id=171):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x8, 0x6}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffff1)
timer_create(0x0, &(0x7f0000000040), &(0x7f0000000200))
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r2, 0x8982, 0x0)
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002440)=ANY=[@ANYBLOB="3800000020000100000000000000000002000000000000"], 0x38}}, 0x0)
getpid()
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522)
ioctl$USBDEVFS_FORBID_SUSPEND(r4, 0x5521)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x500, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "810000cc2b000000000000fa25ffff00ffffff"})
r6 = syz_open_pts(r5, 0x2000)
fcntl$setstatus(r6, 0x4, 0x2000)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r7=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r7], &(0x7f0000000180), 0x0, 0x0, 0x0, 0x7})

11.643103144s ago: executing program 4 (id=172):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_open_dev$swradio(&(0x7f0000000300), 0x1, 0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000540)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r3, 0x0, 0x81, &(0x7f00000000c0)={'broute\x00', 0x0, 0x0, 0x0, [0x43, 0x1, 0x5, 0x1ff, 0x8001], 0x3, &(0x7f0000000000)=[{}, {}], 0x0, [{}, {}, {}]}, 0xa8)
getsockopt$inet_tcp_int(r3, 0x6, 0x25, 0x0, &(0x7f0000000080))
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_STATUS(r4, 0x84, 0xe, &(0x7f0000000340)={<r5=>0x0, 0xffffff20, 0x7, 0x5, 0x3a55, 0x1000, 0x4, 0x4, {0x0, @in={{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x25b, 0x2, 0x0, 0x2, 0xe}}, &(0x7f0000000480)=0xb0)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000444ff8)={r5, 0x4}, 0xfffffffffffffeff)
sendmmsg$inet6(r4, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="2c0000003a000b00000000000000000003000000c1fe0080130003000d34d8026a2c0000a22807e6489625d1b99f3fc875ed68ad5627e320c4bafcb56589847cbf3383e59b7e52361216145440fcc3fd378cc29c8ba37cd0d6fbb685ef49d68b5259971ca91555be6c54756804a388d5692e459dce06"], 0x2c}}, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r4, 0x84, 0x79, &(0x7f0000000100)={0x0, 0x0, 0x600}, 0x8)
r7 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
r8 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x1, 0x1)
socket(0x10, 0x80002, 0x0)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_mr_cache\x00')
preadv(r9, &(0x7f0000000000)=[{&(0x7f0000000480)=""/187, 0x10d}], 0x1, 0x4b5, 0x0)
renameat2(r7, &(0x7f0000000000)='./bus\x00', r8, &(0x7f0000000100)='./file0\x00', 0x2)

11.576229181s ago: executing program 3 (id=173):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448c9, 0x0)
getsockopt(0xffffffffffffffff, 0x200000000114, 0x2719, 0x0, &(0x7f0000000000))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="900000001000030500000000000000", @ANYBLOB="0000000000000000300012800800010067726500240002800600020006"], 0x90}}, 0x0)
r1 = socket(0x15, 0xa, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={<r2=>0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f0000000040)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @remote, @remote, 0x0, 0x0, 0xfff7})
setfsuid(r3)
r5 = fsopen(&(0x7f0000000000)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
utimensat(r6, &(0x7f0000000080)='./bus\x00', &(0x7f0000000200)={{}, {0x0, 0x2710}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket(0x10, 0x803, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x894a, &(0x7f0000000000)={'ip6gre0\x00', 0x0})
r8 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
close(r8)
rt_sigprocmask(0x0, &(0x7f0000000100), 0x0, 0x8)
gettid()
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x2, 0x4, @tid=r2}, 0x0)
getpeername$packet(r8, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14)
signalfd(0xffffffffffffffff, &(0x7f00000006c0)={[0xcf]}, 0x8)
mount$9p_fd(0x0, &(0x7f0000000280)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB])
clock_nanosleep(0x8, 0x2, &(0x7f0000000080)={0x77359400}, 0x0)

10.671538857s ago: executing program 4 (id=174):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet(0x2, 0x0, 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
r7 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e24, @multicast1}, 0x10)
madvise(&(0x7f00008d7000/0x1000)=nil, 0x1000, 0x4)
readv(r7, 0x0, 0x0)
close(r6)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xf}]}, @NFT_MSG_NEWSETELEM={0x68, 0xc, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x3c, 0x3, 0x0, 0x1, [{0x38, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_EXPRESSIONS={0x30, 0xb, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_QUOTA_CONSUMED={0xc}, @NFTA_QUOTA_BYTES={0xc}]}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xec}}, 0x0)

9.354718103s ago: executing program 4 (id=175):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r4}, 0x10)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'vcan0\x00'}}]}, 0x38}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2000000011140100000074e835d2000008000300"/32], 0x20}}, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b7020000"], 0x0}, 0x90)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x10ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c00)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000780)={0x0, 0x0, 0x0, &(0x7f0000000740), 0x0, 0x0, 0x0, 0x0, r7})

9.117776037s ago: executing program 3 (id=176):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = socket$inet6_sctp(0xa, 0x0, 0x84)
sendto$inet6(r1, &(0x7f0000000000), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r2 = socket$netlink(0x10, 0x3, 0x15)
r3 = socket$inet6(0xa, 0x6, 0x0)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
dup2(r3, r4)
setsockopt(r4, 0x10d, 0xf, &(0x7f00001c9fff)="03", 0x1)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r5, &(0x7f0000000340)={0x2, 0x4e23, @empty=0x1700000000000000}, 0x10)
writev(r2, 0x0, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x18, 0x0, &(0x7f0000000300)=[@acquire, @request_death], 0x0, 0x0, 0x0})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x4, 0x0, 0x0)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
lseek(r7, 0x10000000005, 0x0)
dup3(r6, r0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x24, 0x3b, 0x107, 0x0, 0x0, {0x2, 0x7c}, [@typed={0x4}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x805'}]}]}, 0x24}}, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000480)={0x10, 0x0, &(0x7f0000000000)=[@clear_death], 0x0, 0x0, 0x0})
ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, 0x0)
lseek(0xffffffffffffffff, 0x851, 0x0)
keyctl$instantiate(0xc, 0x0, 0x0, 0x1a, 0x0)

8.199919637s ago: executing program 2 (id=177):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008e}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x2)
r0 = getpgid(0xffffffffffffffff)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
pipe2$9p(&(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b405000000000000611078000000000063012c000000000095000000000000008f6a138c9e4eb32e71d7754e127d8d87525e8d57dc3c002fa721249c4cdfd87788947190b59b5af99eaaecbf2ba57aa6ffd750ffd3bef751c89264a6a9ec3b188b69dc1b6a12211cbf01e697342cf987ca2161e2a58904"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bind$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
syz_open_procfs(r0, &(0x7f0000000040)='fdinfo/3\x00')
socket$packet(0x11, 0x3, 0x300)
write$binfmt_elf32(r3, &(0x7f00000015c0)=ANY=[@ANYBLOB="7f454c46820d090702000000000000000300030001000000a103000038000000e40000000300000007002000010000800800060000000000000000605c000000090000000900000002000000ff0f000033000000060000000200000002000000020000000400000004000000c2f0ffff0e000000030000009c47207e34cf4bac29d33ae33cae47d38aeb4a6870bbcf683031de44a04b49377cb527dc89ad2682fc6e45f221cd7f2a0e6adf4f84909b5d1c95eb8a0f9c4e2a8bd82d5b6fe1da4c37c1ee811cbcb37377a3f0f09b2b9c2663b9d09a9e1db93f5c6e1459d3dc4127bdf287ab84be6eb5c8d3d4fd91e164c40143608a781b3aaf439231560ec94b10b807c5935119ca125cb024e923b9ce29d4339d7811dcec3a59398a5b9187bad2a85fa81ba019ae18f15c88af90389899e7a2d6759fa9b38ea82a4076aae161f9cc089a385667d8bfe9ded7ef3f3973cf72b983046bc9e8aa7433f7a2e22c36f74f0ce52af3f642ffa52796c228ae3339679c96ba1e2504b28c99d9c1593a5f5cc49693120106081f1d5a89dc558433ea7583cd04c6cd51e611a8fe81ae7a37994988e727a9d55599743a525434b58c0ae2db905e0dbba315692ac37f804fa46282c99d470970060005271c209a25846066e2a876413dd8354a5d084842106e54353620f1c625f8494bdab4923b7021cf4041493e54166c4e75da8bec54a876e4e1069ed899e789d588f092b1726ef534912c7ee4826e49aa3997c05655f1c33d6954b220459ce22d39c2fffa440f0746c8b97bf99c88e8f3dd164cb520358cb0e81a1fe5dfe57229861c3ef4a4409630d365d06666c6c9eb632356332e5bef51fd6387a437031e1e854463508b4e59894ea46b966da69dfa3924a9b49cfe4572fdbe8ac0f0fcfd60be0ea7f0c5787c745dd4898a7037c91c91ad1b4c049182e0ae663afbda5c516aceec5f7d04f3b49954aa100037bec31078823f0b79c74d2f79102ac5e71da807579bad90d48591bf9d57c7c7cb26aba24726a651efe6d2ad34a0c6e5248910622095c5780412799e86147bc13d105c74fe72b63d3f62f31d3e86336b0bd4417ab9542a0f7cf0059279cd91ae7501924dbb2cf680ae9ba035e2c14d2a875c82f11826f639ee503dffdb3f9c4d1bd2d78537c438506500b70a3eb1c7b114de9685fa8ef448a598011a94b6bcb8734cbdf0514e3799f8227f30d9269b880d79edfd85c4859adc9881243d78570fa0f4d7462102e9f7c00baf1cbf8f57c1d439ed34982c14d433296aa48aa68bfe8551d22771497cf70de0f248f6b3fb689c5b867860f499316aa5c5c206c59dc68e42aa3aeb04a53ad504f67abe69370e4568b9ac00b5cb10ca49ebecd035a0305c07ca34e256563169c8ced345c9fcd102fbd522d1473001a58db37570220a1f1773f33babc3276d3b249792aad1af50c7eaf2cb6cd6f9cee44126afe9aaa57cd4ab5f2152885c16149a1f7be8183bcad6e62717ad210f9ef6f0d8796a2c1e5673ca6df0454d5d172bb5753648271950e05743f8547805828fba172359b38b529e69860d69db9592213f808aef1ca64e6ae5bbb224e37bb67d7a90c9da12bd5cdf626bb03aee1837ba22346451773a570ae404de8ceabc64f05c94970f9ca6a377f46f7ae5804734ba130edccd11c2c9f32992695745ae4c5d73a6bb345ad7519ccab776ca5e5821d6a2a9e3e18c0a00161a9104c43aa810d042ab9474f78de1c3e167ff1efe7356d0bb45e84d8e444821227f47a83f2adfbbdaff98f0d676181d078d580380ae6bfd7fe904df3f0e6a9c1b67a8d5006d386e73e35aa32354ee5b40b23ffbe5e62493cb5ecfb64145520ca930f1e1f0df23dde0c1ca1e2f3fe21cc5ccf9c4e2c2d6831b7ae9dc8bc2e3ce77dde78fcb62d9d869c6d2ab479ad08d20b9371692fe39ed9b8e589e1208b6621b598c9fe2a826409726929f9dd2f14ffd3276df1a6329521eb0728b283c45b8615483d630280687f82110a3eec55629e16a3ba3c53b2165a767d348d64ebb820e796908d9c9ecccbb2da39289ca3616b019e4b88fdfa66edda380e2cfe3e4cb89c83c3a4ff834b957c6e65c389caaf5ee60b206ad31691c805f6a24ccb9621bb116ff2b33d2a7803b5fcf8ed88dc999f34af190253738bfad23f64beb3f1274a480ed4d9db21811c242f0ca7d059dad475652ac7a3a423d65eda1c3db32995715edb2f4c7f5b16d7eb82f045771a259d6dd1247372149ecabb407941b0042def1e89d41f5e467643691ea0ce7aad956c2b389aab6399dfd70fc70a35a9762bb7fec250d1061e27a144b7702438edc61c23cab14fbf8bdc15f130fabdb68a8d77714e097efb85a192a981b9fa97eb010265199d1344753bcfc2e6a38bd3ea5ae6dd9bfb3a847cadb7ccbc187d429ec24081be2449e6beb2b4c461dc039d7341bd1623ec733465c21ffa77e92a02cc247363a022a5286b356eebb185e968fa68ff9cced9cc21221c6b1186e06cb7030568a2cfb7f72678cba8f172de151a280f32c5da1373e7195ab66695751233ddbdd2c1a4a4ca5be88babaa6237cd47e1cb73e4b1b8c558b0b85e8fa629951bcf67bbe140bb0671dc66cb26705bd489f93c5d91d86517116dc24ec43a4dd0a341e496b4aeb1eef60e1e74e3b70291a5247f4be6b888918efa711e1ca9f94f749f3a26dbfe70bf434f5aed9e301b848969a8591b31d9bf41fd69d822a313eeabd846ea470d8c25ac53c75931474a6618d4d27ed0de165330d20bd82ced9b1d38dccc667a4f052b1e234666ad569d38f8b8c077d95bac5edc5ac8252dfe5ba922a27314e4842582a5c987bd27233a6cfe6e5249bb9103352590dab78fe5f0623edb987fa3570b2d7e477c82d8461455586f23ed0f435d5495f3448e832aab6ab87b9310d10153116e5e0734fe64c2735070965a568549944da77e081a1025c187f740a17f152c8bdbea88be5521e2f52b3d7a791bd403f830f9e01cc82f5de4b1239870fcbaeab88aad68947e38f901d1ca8c2ca599788d00771a4293e05ee2fb7ff8e4b101703c45b2c0cff838e7ac691a0088f1fb4af01a5a1746708e8592aebf07163a4fa55bd3e0c82518abe4d3f2c9b765642b2cea7c12a72067d205b513ae410db76b8979fd10b90b9f3723448"], 0x1178)
socketpair(0x18, 0x20000000000001, 0x4, &(0x7f0000000100)={<r4=>0xffffffffffffffff})
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x59)
bind$packet(r4, &(0x7f0000000000)={0x11, 0x7, 0x0, 0x1, 0xff, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x27}}, 0x14)
sched_setscheduler(0x0, 0x0, 0x0)
r5 = getpid()
syz_pidfd_open(r5, 0x0)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r6, 0x0)

8.19229463s ago: executing program 1 (id=178):
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007f, 0x20802)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bd2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="2400000020000200000000000000000002000000000000051000010008001000feffffff31a222eef199211a1f99f2738c4642ae78325d5d27728c112507b0ddf176500fc59d2e763ced350602942d054d0a5e843b1e89d9c785c07fc791fc7e5de7ce395df509974cb8589927a6d05d60d85988d0d107ff85750e86d15cce28"], 0x24}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0))
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
accept4$llc(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x2a, 0x0, 0x0)
r4 = socket(0x0, 0x40000000002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, 0x0}, 0x3c0)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
readlinkat(r5, &(0x7f0000000180)='./cgroup\x00', &(0x7f0000002780)=""/4112, 0x1010)
r6 = dup3(r0, r1, 0x0)
ioctl$MON_IOCG_STATS(r6, 0xc0109207, 0x0)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
getpeername$packet(r7, 0x0, 0x0)
fcntl$setsig(r6, 0xa, 0x15)

7.184478364s ago: executing program 3 (id=179):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00'}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x33, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
pipe2$9p(0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x40046207, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff84, &(0x7f00000006c0)=""/156, 0x0, 0x2}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0}, 0x90)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a81, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
pwritev(r4, &(0x7f0000000880)=[{&(0x7f00000010c0)="aabf", 0x7ffff}], 0x1, 0x0, 0x0)
ioctl$TCFLSH(r3, 0x540b, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_procfs(0x0, &(0x7f0000000340)='net/unix\x00')
pread64(r5, &(0x7f0000000200)=""/171, 0xab, 0x73)
ioctl$IOC_PR_CLEAR(r5, 0x401070cd, &(0x7f00000002c0)={0xa4})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r6, 0x0)

6.081308935s ago: executing program 4 (id=180):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x40, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x31}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}]]}, 0x40}}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000240)={&(0x7f0000000980)={0x68, r4, 0x0, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0xfb, 0x21}}}}, [@NL80211_ATTR_BSSID={0x4c, 0xf5, @random="0bb9909c2131"}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0xfa}, @NL80211_ATTR_BSSID={0xa, 0xf5, @random="6e9adb512ef4"}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac=@broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x3}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}]}, 0x68}, 0x1, 0x0, 0x0, 0x24000404}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r6, &(0x7f0000000000)={0x24, @short={0x2, 0x0, 0xfffe}}, 0x14)
syz_80211_inject_frame(&(0x7f0000002c40), &(0x7f0000002c80)=ANY=[@ANYBLOB="88013f00ffffffffffff08"], 0xee)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x1c, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_FLAGS={0x8}]}], {0x14}}, 0x44}}, 0x0)
setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000040)=@int=0x1, 0x4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000080)=0x2, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x6000005, 0x32, 0xffffffffffffffff, 0x0)
r8 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_PIM(r8, 0x29, 0xcf, &(0x7f0000000480), 0x4)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r7, 0x84009422, &(0x7f0000000580)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {}, {0x0, @usage, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
bind$packet(r9, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c0000005e000100"/20, @ANYRES32=r11, @ANYRESHEX, @ANYRES8=r10, @ANYBLOB="f2d5270d2c6d2c6cd37fd88d1d14f1ad20e0615057147307781a43feee9c5a610fa3e60483c17b22282559d27d1acb1a54b9ab47702d64492c3f409ee01c8b7d4ee722ac5a27589fc9cc6b69027f8f7310810e5401001ec1f40e9163188532136065b50a12c7cfdfce7bdd003ee878e1dedb023d95fddd018da976e640177ae577e011cdc74ad4640f150b38b99bf0d2b286d79a4916a149c5d8694a5986f092342e5380b7b6a66a36facddf5729c40d2e458d2f0ded1787e1655e79be0b6290edb38963819b"], 0x1c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}]}], {0x14}}, 0x68}}, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000002c0)={'team0\x00'})

5.869445455s ago: executing program 2 (id=181):
socket$key(0xf, 0x3, 0x2)
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000017c0)=ANY=[@ANYBLOB="b702000009000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065060400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebfc75b5b0f4e4309ebcdac5f7a860c008cbdd3b4c3b7f28754860c9c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81078545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc272cd3d7e8d974927676468ff2d86e0ffac94792ed9cf6b40b3cf252a47c05ae8a70d57cc3e067d1867b54d24e20000000000000020009ebf84d3b042d6e432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3cf96f9483ff19a6471bf5abc742d9cbcfb964b11b31034694a6aad86cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed32da90864987f30926c9013eec3b86836ae50447aa5a79f40c235000000453302712c3d8fc4e2b61adb0695e800000000d4f4e91f0000002c33df424d1bafe5725c8a404724f8a4f1cda7997b65954f74097579b91da309b887af2485c2d9ab09b506000000000000000bf7b2ff4602aec1eea200000064881c5630521a08e051374cf05c921a06fb7818000000009dc8d95e0e5b365d10e1004dae58b3b5b89709b0ff47b200000000004000cbef88811dc8c1b27ac7d9a6bb70f60eb9c01dd2fc79b85e4d961498f3a80131d21d856177a2189f45d011ef1da5c6d57bb8fd387ccea9c3899a914e47e82f040000009d81003f927355408f87264797d3fa970949793b94329d580500d1f91c0d22587e05a61e3d8576ca168e88d7a9af95b04a37c27bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e75fa39643adac1322c87ca253ff2fb1882760d6feab16bacdf83c11816dbe959ebc5ec479c8319f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2df636a65eb1d672bf2000000cda8462cc9b16624998be65683321e970000000009b8e20762c1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49e61a4de808a38ba3512d64dc71867df4eee3f1ff791cf7c9862f98b45852e4b2f78721b978a2df2f2a29a387c6f0576b36038f819286eca99a6a434811cf2a117d775fe986a49fb82cf5f15972d5ab18f1045384501adabb20f7b0e15ff47f1744e2341b59034959a1289ba6e243668e6735305707e3de7652bfc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc0f3d1d503d7a54b49e1ae6c5aa620d27e91aa0aa0ed6fcacfc91fbb4c256409e54daefbb107c381fa729ff5f3907d93430da178d685d7730f5e129438a5214f722096d29863301b0b811f69145d3fbd78a9059e454474f92e65828b018174a9f4738b8c71fbdeac26ab95e02f9a847182766964976b1fccdb9f35721e43e33883cf16ed1343fb7429eb395123b0a4262b7023c22039b9002589a378ed4c6267965af78b861bd025312538cec97966b8973d4e299d9802264d06e40ae118e1d242d1128dcedeb44030df12ef68f78215d65f96eb55db8cbcb060008000d988374f85451a694ffe38a1d03916ff1eec72b31c98d42e1a1bda1290de1a499a5a385b31112a48ba3e6d6849914c1788a7aca37177cc341fff44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553e4ece78d4c1501c70f5d81e0725d5b273755c0000000000000000aa4234ff82182952a76233d18e7d49638aeb04e7a9e9e7eafb7c255372795d2d192a0a33cab0f5bf2e93e0544fcdf2df2bc6ce96e5a11993d54f97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a923655800a2c88cce004505ab45d8f5f88aa887bbce5c18970428516f6099bdbb2cd7a2356397f1a0a23e662e2a6c4834400cbaa41c3c574e6e6aefb7a68da5ec1ae49f968bbe0e0bf9878516f553639f5b4828e92019b61f5874be1c7cdd9482df50bc24a8a1fa10d291390eb84e26a2e8dbeaa45604b05a116c1210a7540bf81005044273f5a8ffc538db289350eb248e483bd8920efcf30a798c2b636243e0a37262ca47dfeefa753ba528f7ba77e825051ce69b4475d7d714ba0c636e6ae9f710411d30ef424aeaabe057c7df6ff8f767bcd9012e1047c686f5ccb76ab3a5df53cbc22ba7ea8f6a8e220bb4d83de1e4dc19d6c1be841503850803bc2c2d5e0e34270a7f1cca0c6c53a8e5f891f7a793a70da62d6d88fbb90d220acc687931b42d6be83ab870da3c0a567f5e65ec0457f4ad2a4ec0b671b36388afd5520a8483a4b11f7d02a41b315f0f9e59f47668d68a74838d6976e12fd45200014041dffacbf60892ec8bd7560686f137a806d3dfaba900b47cac62f828342fff009adb5b2251461a1b9d6ba625b8fe04e69a1a4be2696f0000000086e172932e03000000000000005942e1b9d6dc28ab8e19e1111dd893e801015642faf21eef40d6e7de3ef62c4bc5ff17e7aeb2841098f845d1cc9ec4eee79c298fb0ba939b13707044e2e9cc0d350438c1c8c6bb9a38c6ac5ca0d9cf1f3d6915f25cb26edfc28b3079b97df32601240e454db103fb0c4a14c16837394d2b3673a3f160d3a7b83ecd0509ce9eba0c7bf7843799b1b56a234f9eaab8a3f14f1472bb6aaeb8ac9ee4054605558ab31f339f6a4caf2ee2fd01f34dca3300000000000000000000000000000000f59f8e6e00000000c44130098d833a24000000000095e6f945ba9a941cef5e70b8c152321e24b5b29bcf374dcf5a29a35d76e6e2bf8df95462690a4fc9ec8129e92b6ebb4b40a992a75d3c5954d0bfc87db24d856359079b29b3c374d081c300b2cfaa596d24e800ef8e2201f2fb7a9946f89f9f31f7cbd603fd7f8898c70b5c65f2e28f22e1a79a6af3a54861b07f124642e98389557affbdede09b5566a4a1ee73b20846810030a754acddcdafe3ceeeebc0b5f2fedfe7d198e3067f3dbac9441a9ab8409cbbb7e15b9ae3944097de34de2001c8533a3766e6e4c4c4702ccb932a27a3962814cd6aa8fc684beeaa3932efae3a9052be8eec1e95f6ad8d41dd34829503ba4b66e27154cb6e34aa13450522df1723130b6fb9bec59ae347c93f00e40e293c98d849a33f773c743728992f40faccd5c23130a1c6bfd6fc661bca1598137ddd1090ded672f5a48a40cab3f640c8241a364cbde0f188eec7da7bccafbd5bf28a46f0eecc6b550471b0b0770c6a5a411c0e0b19e15a461e7c6833ba936e214b013f2819ec6572a43b5cd32b11d7e4f8dcf8f7820a17b7b2ee6178a03351dd25091e46bfd82a3979b9cad109fd6217cd52aa81bdabd50826a674bd16b8f7e6aed12a305366599f5f029a7b24558c02750500002f1c19d16a6f391906000000cc0bbbfb8c698ecc137d96711100e0108d3bd2afed0b279ebf0527552a9331e646c424b14ffbb815622bfd2f635855bed1b164d0a56bd104be069854111c5b26ec3c652b5f0a6b9676dae987ec23456ba05a4dfb15321ef6b76e7e547a688c67ab531cfc784c9f940d9fb0464a6cce635e14b80dc5c1c64e75e6bd5355d84f8df272f18f58c570e7afd83ee77f157c146aa747b728969aeb4aba1d8f9de14275bf4a53e95235ae13768ab3fb8ab6ea50e884c2ea98e6400bf0c5ae2887cd1da0e57ccfdf5eca2b455247efcc13102846c0a85f20c80007c0ce6efce627b95b8ad3003385de97101678fb2163ecea6e70a77a6fbc089e31a5ccece932229b8f79faa6863d6857c3d9a9710f9f8ad16eeb8342278f311cbc226498028234d21466892983378fe64acbb44f694cd78e43c74aa75505cb1c91b189f8f89f233a05f5cd4e173a373178557843dd705268f74a9e5429945503195aefd6706b584d8408c9652b3fe68500747f7ee8375fa559c3ad195d3795df1a8364cd13acc3256ee4634c73eeb6954d0fcf09ab84df0b8900e0c6fea2ccb600ae7a4b128cae19df160e7c207b89132d1d5bdc9ffc79f0549b82df521817651d5fead5128205b92ccdccc69407ab556217af277af911dbd456dfc43dd061b6c91485dcc208cf0b3d0bf851de413f5de5ec015e296914afab6411109355e027ce04990d9aae251b9deb11b7db45b9f15b7b55d8fdbedd9e6cf891205694f02be8b9ea8ecd41308a0e1b93ae3435bfa88b440b1f701b4d0fc49c82193f27f8023b630ea97edbf3bf421a0a1a2b4ac7bb30bcd1cdd172c0df37408fd6827bb03e8742fc1c7a2befd1299928c5f79e846a8dc7ca648d960a759e6711b69776896a9656d59af6d44bc5348229fa84ae78af8421a22c4b4c17a3d24a4a0104000000000000d77cc4eef51c2b417c8c7458ddd7dd9d1a863bf0a9e1a30a19020490038017a5c7e474c83302a2c2b5c976dacf3dda7191c757f208000000000000005f7ed983f65723fbb36b9b51abb0dbcd33570000000000000000251aa4f139d0485ffcf89f01639fd1579a3802f720a0215c720a97071f5065a23642a58275dbca444b00e2e5835185d5d5b2796eb0fe32cf3b0633f58ecc7648c3c6efe82f93a3008052416512eea30ea9472e0b456a652883c0907323cf03be193ad0438cdef7a98a1671a1918df310dc4bfd61c3db4819ab1c57b348a8ff1ed36364a20fe846f11d045de81f069bac8425b31c5d08b433562ffb318c1285011f9b78b2401989384311101e452f54661ecdb2514a6ae50dbdd422de0f0f8c670000000000390be79688f80c4c314cb1b14afcaa5d23f9032e0ec51f45f447d6a7c798fcf7e60e2180e289410801e4f03a0e140f388f25b92da1025d8409e171a2336ed71cca86eb4658fe06df286e0e20276b0618eeffd05774f15686cd9d3182ca2fec863875f305fed6baf48a594db12582a38cfdffffffffffffff0cf8d920517835fe7d09cfcb624f6931f1cc6f6b71f58de9ddc38e0c43992f6bc57a718d0cfd197b5324b4e05ef1caa96db3ae1f2f2e5791faba2ebbe1a6faf21f2748fb1fb6743c3ca8af4e6b02518c9b7fdc1b5721eb1c3ed98db25536f74ac7861afc94544e52dcb5c60460a05802e3b437ac977bfa26b887a2443e8d559c58187f004eb82b07937df6e96f77ed551926bec4e0188fae10a35d1c5f1768ac6be829be1827f9df303160df18597efba46f1babc3d74adc31ca71bdab9079e4288881b434484eadde9da6b81802842abd462d546c59d87acc014f81d3414759bda12d2a2c6bc1bfa807bd3101eb227184a61107b6d0618e2a3b842671e084ac3f0ff94dc48b51601247318ab4d1c5106458000000000008000000000000cfee0107e6c2fe8639d926829fdbbd86bf591a8c3c235d8939af9d923f648165881a6c29997234406200b3b1c321cc158dbe17123eace3000000000000000000000000000000000000796de6ae4ae40bdf9a6e8c5dc29562262af9cd54e8e3ecc7e3c8cba0ecc791683496c4e5c1a5729714d9f9031f49b400cd2667b4ea6df54809615a4f973f93e6ccec72f16ff998e29ed99df733680a9d5cea57f99cc139b6ea9014f3000000000000000000000000000000000000feeab45a4046a622b0dceb413e4e39b7317e92cbed46b41ab5115bfb542c933783d750852dfdc6656aaf15e10615a88821f2f1bc53969b52d6852755e7681ad5beda80b38ccd34116b99f50b4fdd967b3f20f260455412b675639a26c76840cce40e323bde9d673fceda0ad6981565c8a183d928903b4f4472dde41b6dcd75314c31e704dfcb222c8359fe88944f852242270c932abfaeece0843d708f5cd25b2a63ae1e79723c1c3c013836b47da0a35d0f34c0705caae54024cf8ade6396ff44482284f415e5769d9ae8688a8d5516690aae9ce1c785262734723519b042a161e6efabf263a46ba92254a51ff6502470f3038cf6d8d991931cfd82ea97e1b596133e7754908d912d1054d174f5a731c019f152a5ca2e48599b6d563bfcd8c0950f4292769217a6e309452b14e64ae64ad58ced33582a1b3d2e0c300059fb1ee78cdddb827293de267d64bf47c3c8c419683c948e46de8cea0b232da00ff39ebef3b73b3d6fbeecd3f9ff06b7e08ed8ce2b9b9cf2e08975f5959fa7028f68c525ab173c0c553d21bd1e9176abdf799e7a08d2f3c14e1ca99d525bc3af0ca0f48f145c65b10dfc67803aab67f6b631d3d7e237fec4bc6eacc364b7cdd925973705d40c5a614e354d9b92357845d15ea41ad3e3a98396131f835e17f0cbfbdc59453991e689f9ce19bd4a3b4121e5a8b5dbb519b5556cb70603ceac0b7ca02cb05a01afa3164ca428add947673cdba49a0e6e8aeeddf52c0f0ef224c69a3c96c2fddf56d74c4ae7"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x20e, 0xe40, 0xfd000004, &(0x7f00000004c0)="b9180bb76003070c009e40f086dd1fff290000003c0020010010ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d7472ce0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x31, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28)
writev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a001700000000040037000900030001632564b758b9a64411f6bb744d", 0x36}, {0x0}], 0x2)
socket$inet(0x2, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000300)={[0xffffffffffffffff]}, 0x8, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000001a00)={0x2020}, 0x2020)
setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
process_vm_readv(r3, &(0x7f0000008400)=[{0x0}, {0x0}], 0x2, &(0x7f0000008640), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000502000/0x1000)=nil, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
syz_emit_vhci(0x0, 0x4)

4.718997361s ago: executing program 3 (id=182):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000340)=""/69, 0x623c41ea}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socket$inet6(0xa, 0x0, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x8})
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x2, 0x0, 0x0, 'syz0\x00', 0x7}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8, 0x0, 0x6, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0xe99a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]})
syz_open_dev$usbfs(0x0, 0x0, 0x0)
fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r4, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r5 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r5, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000000)="d2", 0x1}], 0x1)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x23, &(0x7f0000000080)=0x6, 0x26)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r6, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x303}, "0400", "0d07080d004fcf0000e8ffff1a8600", "cf0d00", "865703b7e43b34e4"}, 0x28)
write$binfmt_script(r6, &(0x7f0000001300), 0x8f)
writev(r6, &(0x7f00000030c0)=[{&(0x7f0000000a40)="fb", 0xfd88}], 0x1)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)

4.619158556s ago: executing program 1 (id=183):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000140)={0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x7fc00101}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000003c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000d80)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be2566cd072f5b89c3043c47c896ce0bce66a245ad98a6f77ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b90007cfa6fa26fa7a34700de60beac671e8e8fdecb03588aa623fa71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b8003"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@cgroup=r1, r3, 0x26}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r4 = getpid()
process_vm_readv(r4, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000580)=""/198, 0xc6}], 0x1, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000680), &(0x7f0000000040)=@udp6=r2}, 0x20)
r6 = fsopen(&(0x7f0000000100)='tmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
fsmount(r6, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r6, 0x7, 0x0, 0x0, 0x0)
sendmmsg$inet6(r2, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e25, 0x2, @local, 0x4}, 0x5c, 0x0}}], 0x1, 0x0)
unshare(0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/fscaps', 0x0, 0x0)

1.236207038s ago: executing program 2 (id=184):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00'}, 0x10)
pipe2$watch_queue(0x0, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000006380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r3 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
r4 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0)
lsetxattr$security_ima(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000180), &(0x7f0000000280)=@md5={0x1, "bf5110b0dbe094319d585e800e0e621c"}, 0x11, 0x0)
dup3(r4, r3, 0x0)
finit_module(r4, 0x0, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x2)

1.102032519s ago: executing program 1 (id=185):
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000000300))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c003d0000000000291dec98850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x8, &(0x7f0000000540)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffff4, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
landlock_create_ruleset(&(0x7f00000000c0), 0x10, 0x0)
fsopen(0x0, 0x0)
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB="02c82041003d0001000e01030000001f02090400090009001001040000000c000642040004008eff071104007500ffb00e3f03000000000e090300feffa30f08040000021f00"], 0x46)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
getsockopt$inet_dccp_int(0xffffffffffffffff, 0x21, 0x4, &(0x7f0000000440), 0x0)
r4 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
r5 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r5, 0x0, 0x27, 0x0, 0x0)

1.049820643s ago: executing program 3 (id=186):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000740)={0x0, 0x0}, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r2, 0x0, 0x0)
r3 = socket(0xa, 0x5, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0xa)
setresuid(0x0, r4, 0x0)
statx(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x2000, 0x84, &(0x7f0000000340))
lstat(0x0, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb), 0x0)
r6 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r7 = add_key$fscrypt_v1(&(0x7f0000000040), 0x0, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x4, r6, r7, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
read$FUSE(0xffffffffffffffff, &(0x7f00000081c0)={0x2020}, 0x2020)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
mount$fuse(0x0, 0x0, 0x0, 0x82, &(0x7f0000000540)=ANY=[])
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

0s ago: executing program 2 (id=187):
r0 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
syz_emit_vhci(&(0x7f0000001980)=ANY=[], 0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo\x00')
getdents64(r4, &(0x7f0000002f40)=""/4098, 0x1002)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x8}, 0x90)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000009c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r6, 0x404c534a, &(0x7f0000000e40)={0x0, 0x0, 0xeac7})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0x404c534a, &(0x7f00000000c0)={0x0, 0x0, {0x2}})

kernel console output (not intermixed with test programs):

. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.286010][ T5225] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.305181][ T5225] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.312146][ T5225] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.338368][ T5225] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.369838][ T5226] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.466817][ T5226] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.502760][ T5217] team0: Port device team_slave_0 added
[   79.514969][ T5217] team0: Port device team_slave_1 added
[   79.601776][ T5226] team0: Port device team_slave_0 added
[   79.646668][ T5217] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.653855][ T5217] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.681388][   T55] Bluetooth: hci0: command tx timeout
[   79.682103][ T5217] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.687356][   T55] Bluetooth: hci2: command tx timeout
[   79.687551][   T55] Bluetooth: hci1: command tx timeout
[   79.706695][ T5217] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.716992][ T5217] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.743069][ T5217] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.754033][   T55] Bluetooth: hci4: command tx timeout
[   79.760048][ T5221] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.767609][ T5221] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.767862][   T55] Bluetooth: hci3: command tx timeout
[   79.780513][ T5221] bridge_slave_0: entered allmulticast mode
[   79.787602][ T5221] bridge_slave_0: entered promiscuous mode
[   79.798762][ T5226] team0: Port device team_slave_1 added
[   79.840173][ T5221] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.847402][ T5221] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.855345][ T5221] bridge_slave_1: entered allmulticast mode
[   79.862357][ T5221] bridge_slave_1: entered promiscuous mode
[   79.883880][ T5231] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.891055][ T5231] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.899112][ T5231] bridge_slave_0: entered allmulticast mode
[   79.906406][ T5231] bridge_slave_0: entered promiscuous mode
[   79.915738][ T5231] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.922912][ T5231] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.930317][ T5231] bridge_slave_1: entered allmulticast mode
[   79.938223][ T5231] bridge_slave_1: entered promiscuous mode
[   79.949635][ T5225] hsr_slave_0: entered promiscuous mode
[   79.957754][ T5225] hsr_slave_1: entered promiscuous mode
[   80.076856][ T5221] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.090814][ T5221] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.101064][ T5226] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.111169][ T5226] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.137470][ T5226] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.152204][ T5226] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.160102][ T5226] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.186378][ T5226] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.231948][ T5217] hsr_slave_0: entered promiscuous mode
[   80.239241][ T5217] hsr_slave_1: entered promiscuous mode
[   80.245938][ T5217] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   80.254112][ T5217] Cannot create hsr debugfs directory
[   80.281191][ T5231] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.296033][ T5231] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.342505][ T5221] team0: Port device team_slave_0 added
[   80.408898][ T5221] team0: Port device team_slave_1 added
[   80.472887][ T5226] hsr_slave_0: entered promiscuous mode
[   80.485992][ T5226] hsr_slave_1: entered promiscuous mode
[   80.492193][ T5226] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   80.499909][ T5226] Cannot create hsr debugfs directory
[   80.522289][ T5231] team0: Port device team_slave_0 added
[   80.573030][ T5231] team0: Port device team_slave_1 added
[   80.624578][ T5221] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.631765][ T5221] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.658464][ T5221] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.732956][ T5221] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.740943][ T5221] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.766933][ T5221] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.788114][ T5231] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.795312][ T5231] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.821766][ T5231] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.836505][ T5231] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.843464][ T5231] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   80.869472][ T5231] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.067683][ T5231] hsr_slave_0: entered promiscuous mode
[   81.074925][ T5231] hsr_slave_1: entered promiscuous mode
[   81.081589][ T5231] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   81.090166][ T5231] Cannot create hsr debugfs directory
[   81.121604][ T5221] hsr_slave_0: entered promiscuous mode
[   81.128657][ T5221] hsr_slave_1: entered promiscuous mode
[   81.135145][ T5221] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   81.142692][ T5221] Cannot create hsr debugfs directory
[   81.386732][ T5225] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   81.428750][ T5225] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   81.467309][ T5225] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   81.479947][ T5225] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   81.601703][ T5217] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   81.640582][ T5217] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   81.655140][ T5217] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   81.685541][ T5217] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   81.753916][   T55] Bluetooth: hci2: command tx timeout
[   81.753956][ T5220] Bluetooth: hci0: command tx timeout
[   81.764021][   T55] Bluetooth: hci1: command tx timeout
[   81.795027][ T5226] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   81.809069][ T5226] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   81.832090][ T5226] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   81.839756][   T55] Bluetooth: hci3: command tx timeout
[   81.839803][ T5220] Bluetooth: hci4: command tx timeout
[   81.855495][ T5226] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   81.988106][ T5225] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.018837][ T5221] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   82.033354][ T5221] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   82.061648][ T5221] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   82.076791][ T5221] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   82.193272][ T5225] 8021q: adding VLAN 0 to HW filter on device team0
[   82.241188][ T5231] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   82.281830][ T5231] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   82.299290][  T726] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.306715][  T726] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.342356][ T5231] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   82.352930][ T5231] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   82.389356][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.396580][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.521931][ T5217] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.607407][ T5226] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.642543][ T5217] 8021q: adding VLAN 0 to HW filter on device team0
[   82.747460][ T2952] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.754696][ T2952] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.830908][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.838177][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.881047][ T5226] 8021q: adding VLAN 0 to HW filter on device team0
[   82.979180][ T5221] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.026705][  T726] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.033963][  T726] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.059217][   T30] audit: type=1400 audit(1724604659.280:113): avc:  denied  { sys_module } for  pid=5225 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   83.062392][  T726] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.087710][  T726] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.310409][ T5231] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.338431][ T5221] 8021q: adding VLAN 0 to HW filter on device team0
[   83.403166][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.410448][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.439708][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.446951][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.487041][ T5231] 8021q: adding VLAN 0 to HW filter on device team0
[   83.542376][ T5225] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.583122][   T29] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.590399][   T29] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.603374][   T29] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.610626][   T29] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.835983][ T5220] Bluetooth: hci1: command tx timeout
[   83.836271][   T55] Bluetooth: hci2: command tx timeout
[   83.841439][ T5220] Bluetooth: hci0: command tx timeout
[   83.914576][ T5229] Bluetooth: hci4: command tx timeout
[   83.920118][ T5220] Bluetooth: hci3: command tx timeout
[   83.935598][ T5217] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.029691][ T5225] veth0_vlan: entered promiscuous mode
[   84.186919][ T5225] veth1_vlan: entered promiscuous mode
[   84.206880][ T5226] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.280014][ T5217] veth0_vlan: entered promiscuous mode
[   84.341399][ T5217] veth1_vlan: entered promiscuous mode
[   84.381646][ T5221] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.437890][ T5231] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.549505][ T5217] veth0_macvtap: entered promiscuous mode
[   84.600167][ T5217] veth1_macvtap: entered promiscuous mode
[   84.623331][ T5225] veth0_macvtap: entered promiscuous mode
[   84.641749][ T5225] veth1_macvtap: entered promiscuous mode
[   84.725915][ T5221] veth0_vlan: entered promiscuous mode
[   84.748997][ T5225] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.770922][ T5217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.784365][ T5217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.802713][ T5217] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.821592][ T5221] veth1_vlan: entered promiscuous mode
[   84.842102][ T5217] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.852366][ T5225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.868474][ T5225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.883094][ T5225] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.918706][ T5217] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.927972][ T5217] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.937214][ T5217] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.947050][ T5217] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.961899][ T5225] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.972876][ T5225] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.984669][ T5225] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.993386][ T5225] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.037190][ T5231] veth0_vlan: entered promiscuous mode
[   85.121272][ T5226] veth0_vlan: entered promiscuous mode
[   85.152398][ T5221] veth0_macvtap: entered promiscuous mode
[   85.166668][ T5231] veth1_vlan: entered promiscuous mode
[   85.210949][ T5221] veth1_macvtap: entered promiscuous mode
[   85.229723][ T5226] veth1_vlan: entered promiscuous mode
[   85.273038][ T5221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.287126][ T5221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.297604][ T5221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.309188][ T5221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.322367][ T5221] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.382635][ T5221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.394101][ T5221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.406831][ T5221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.419888][ T5221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.432496][ T5221] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.446870][ T5221] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.457552][ T5221] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.466589][ T5221] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.476115][ T5221] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.515141][   T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.523227][   T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.612111][   T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.622464][   T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.690659][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.698907][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.714271][ T5231] veth0_macvtap: entered promiscuous mode
[   85.753289][ T5226] veth0_macvtap: entered promiscuous mode
[   85.767785][ T5231] veth1_macvtap: entered promiscuous mode
[   85.788108][   T30] audit: type=1400 audit(1724604662.010:114): avc:  denied  { mounton } for  pid=5217 comm="syz-executor" path="/root/syzkaller.mpx1FQ/syz-tmp" dev="sda1" ino=1944 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   85.815822][   T30] audit: type=1400 audit(1724604662.010:115): avc:  denied  { mount } for  pid=5217 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   85.863103][   T30] audit: type=1400 audit(1724604662.010:116): avc:  denied  { mounton } for  pid=5217 comm="syz-executor" path="/root/syzkaller.mpx1FQ/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   85.875848][ T5226] veth1_macvtap: entered promiscuous mode
[   85.906369][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.911146][   T30] audit: type=1400 audit(1724604662.020:117): avc:  denied  { mount } for  pid=5217 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   85.915237][ T5220] Bluetooth: hci2: command tx timeout
[   85.942905][ T5229] Bluetooth: hci1: command tx timeout
[   85.949034][   T55] Bluetooth: hci0: command tx timeout
[   85.954070][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.964840][   T30] audit: type=1400 audit(1724604662.030:118): avc:  denied  { unmount } for  pid=5217 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   85.984578][   T30] audit: type=1400 audit(1724604662.040:119): avc:  denied  { mounton } for  pid=5217 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=2325 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   86.010750][   T55] Bluetooth: hci3: command tx timeout
[   86.011838][ T5220] Bluetooth: hci4: command tx timeout
[   86.021735][   T30] audit: type=1400 audit(1724604662.040:120): avc:  denied  { mount } for  pid=5217 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   86.050444][   T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.058492][   T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.111426][ T5231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.131876][ T5231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.150640][ T5231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.170705][ T5231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.181450][   T30] audit: type=1400 audit(1724604662.390:121): avc:  denied  { read write } for  pid=5217 comm="syz-executor" name="loop0" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   86.205876][ T5231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.234754][ T5231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.243090][   T30] audit: type=1400 audit(1724604662.390:122): avc:  denied  { open } for  pid=5217 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   86.256192][ T5231] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.353472][  T726] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.574486][  T726] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.751168][ T5231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.915282][ T5231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.028252][ T5231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.054098][ T5231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.077918][ T5231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.102046][ T5231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.114984][ T5231] batman_adv: batadv0: Interface activated: batadv_slave_1
[   87.132982][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.171963][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.196598][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.209557][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.220214][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.230875][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.245671][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.261475][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.413788][   T30] kauditd_printk_skb: 11 callbacks suppressed
[   89.413810][   T30] audit: type=1400 audit(1724604663.760:134): avc:  denied  { write } for  pid=5309 comm="syz.0.6" path="socket:[6719]" dev="sockfs" ino=6719 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   89.457783][  T941] cfg80211: failed to load regulatory.db
[   89.478035][ T5226] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.897853][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.930145][   T30] audit: type=1400 audit(1724604664.090:135): avc:  denied  { write } for  pid=5307 comm="syz.2.3" name="001" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   89.937059][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.963320][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.974302][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.984704][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.000864][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.011205][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.022256][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.035995][ T5226] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.048634][   T30] audit: type=1400 audit(1724604666.270:136): avc:  denied  { mounton } for  pid=5221 comm="syz-executor" path="/root/syzkaller.zIyYD6/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   90.058647][ T5226] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.091747][ T5226] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.101292][ T5226] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.115467][ T5226] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.272010][ T5231] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.297028][ T5231] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.341241][ T5231] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.360619][ T5231] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.380005][   T30] audit: type=1400 audit(1724604666.600:137): avc:  denied  { create } for  pid=5321 comm="syz.2.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   90.921392][   T30] audit: type=1400 audit(1724604666.600:138): avc:  denied  { map_create } for  pid=5320 comm="syz.0.7" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   91.069243][   T30] audit: type=1400 audit(1724604666.600:139): avc:  denied  { map_read map_write } for  pid=5320 comm="syz.0.7" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   91.089382][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   91.111962][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   91.283879][   T30] audit: type=1400 audit(1724604666.630:140): avc:  denied  { read } for  pid=5322 comm="syz.1.2" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   91.389516][ T5324] hfs: can't find a HFS filesystem on dev nullb0
[   91.417585][   T30] audit: type=1400 audit(1724604666.630:141): avc:  denied  { open } for  pid=5322 comm="syz.1.2" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   91.443762][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   91.465612][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   91.482591][   T30] audit: type=1400 audit(1724604666.630:142): avc:  denied  { create } for  pid=5320 comm="syz.0.7" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   91.514616][   T30] audit: type=1400 audit(1724604666.700:143): avc:  denied  { create } for  pid=5322 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   91.583864][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.602735][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.614146][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   91.622729][ T5326] warning: `syz.0.7' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   91.869516][ T1110] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.925695][ T1110] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.063728][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   92.119065][ T2952] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.150640][ T2952] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.169718][ T2490] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.181997][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   92.243730][ T2490] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.283776][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[   92.664536][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   92.898102][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   98.317586][   T30] kauditd_printk_skb: 29 callbacks suppressed
[   98.317599][   T30] audit: type=1326 audit(1724604674.540:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5377 comm="syz.1.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1998179e79 code=0x7fc00000
[   98.388240][   T30] audit: type=1400 audit(1724604674.610:174): avc:  denied  { write } for  pid=5376 comm="syz.4.16" path="socket:[8196]" dev="sockfs" ino=8196 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   98.412558][ T5384] ALSA: seq fatal error: cannot create timer (-22)
[   98.483530][   T30] audit: type=1400 audit(1724604674.610:175): avc:  denied  { nlmsg_read } for  pid=5376 comm="syz.4.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   98.585918][   T30] audit: type=1326 audit(1724604674.680:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5377 comm="syz.1.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1998170e27 code=0x7fc00000
[   98.833679][   T30] audit: type=1326 audit(1724604674.680:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5377 comm="syz.1.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f19981157e9 code=0x7fc00000
[   98.913153][ T5388] netlink: 'syz.3.17': attribute type 11 has an invalid length.
[   98.936999][   T30] audit: type=1326 audit(1724604674.680:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5377 comm="syz.1.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f19981158af code=0x7fc00000
[   99.031436][   T30] audit: type=1326 audit(1724604674.680:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5377 comm="syz.1.14" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f1998179e79 code=0x7fc00000
[   99.293248][   T30] audit: type=1400 audit(1724604674.700:180): avc:  denied  { read write } for  pid=5380 comm="syz.2.15" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   99.403108][   T30] audit: type=1400 audit(1724604674.700:181): avc:  denied  { open } for  pid=5380 comm="syz.2.15" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   99.685266][   T30] audit: type=1400 audit(1724604675.710:182): avc:  denied  { setopt } for  pid=5390 comm="syz.4.19" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   99.712461][ T5397] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   99.855183][ T5400] Bluetooth: MGMT ver 1.23
[  101.924689][ T5220] Bluetooth: hci0: command tx timeout
[  102.520106][ T5399] sched: RT throttling activated
[  106.884260][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  106.884278][   T30] audit: type=1400 audit(1724604683.100:191): avc:  denied  { read } for  pid=5410 comm="syz.2.23" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  107.955637][   T30] audit: type=1400 audit(1724604683.100:192): avc:  denied  { open } for  pid=5410 comm="syz.2.23" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  109.020941][   T30] audit: type=1400 audit(1724604683.590:193): avc:  denied  { ioctl } for  pid=5410 comm="syz.2.23" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae88 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  109.047520][   T30] audit: type=1400 audit(1724604684.320:194): avc:  denied  { map } for  pid=5418 comm="syz.0.24" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=7272 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  109.156741][   T30] audit: type=1400 audit(1724604684.320:195): avc:  denied  { read write } for  pid=5418 comm="syz.0.24" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=7272 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  109.300637][   T30] audit: type=1400 audit(1724604685.500:196): avc:  denied  { read } for  pid=5418 comm="syz.0.24" name="card1" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  110.052608][   T30] audit: type=1400 audit(1724604685.510:197): avc:  denied  { open } for  pid=5418 comm="syz.0.24" path="/dev/dri/card1" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  110.089115][ T5408] Process accounting resumed
[  110.263813][   T30] audit: type=1400 audit(1724604685.840:198): avc:  denied  { ioctl } for  pid=5418 comm="syz.0.24" path="/dev/dri/card1" dev="devtmpfs" ino=630 ioctlcmd=0x64c6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  110.388859][   T30] audit: type=1400 audit(1724604686.320:199): avc:  denied  { create } for  pid=5423 comm="syz.2.27" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  110.466573][   T30] audit: type=1400 audit(1724604686.340:200): avc:  denied  { setopt } for  pid=5423 comm="syz.2.27" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  110.705650][ T5433]  nullb0: AHDI p1
[  110.801263][ T5428] syz.2.27 uses obsolete (PF_INET,SOCK_PACKET)
[  111.333329][   T55] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  111.365264][   T55] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  111.445454][   T55] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  111.454179][   T55] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  111.461931][   T55] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  111.469267][   T55] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  111.910774][ T5220] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  111.922268][ T5220] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  111.933843][ T5220] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  111.948085][ T5220] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  111.964019][ T5220] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  111.975619][ T5220] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  112.382708][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  113.019631][   T30] audit: type=1400 audit(1724604688.550:209): avc:  denied  { mount } for  pid=5442 comm="syz.0.32" name="/" dev="ramfs" ino=7382 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  113.055090][   T30] audit: type=1400 audit(1724604688.570:210): avc:  denied  { create } for  pid=5442 comm="syz.0.32" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  113.121252][   T30] audit: type=1400 audit(1724604689.210:211): avc:  denied  { unmount } for  pid=5217 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  113.465032][   T30] audit: type=1400 audit(1724604689.690:212): avc:  denied  { read } for  pid=5457 comm="syz.1.35" name="sg0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  113.527492][ T5220] Bluetooth: hci5: command tx timeout
[  113.575998][   T30] audit: type=1400 audit(1724604689.690:213): avc:  denied  { open } for  pid=5457 comm="syz.1.35" path="/dev/sg0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  113.713861][ T5462] sg_read: process 34 (syz.1.35) changed security contexts after opening file descriptor, this is not allowed.
[  113.994190][ T5220] Bluetooth: hci6: command tx timeout
[  114.417527][   T30] audit: type=1400 audit(1724604689.740:214): avc:  denied  { create } for  pid=5453 comm="syz.0.34" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  114.436935][    C1] vkms_vblank_simulate: vblank timer overrun
[  114.497032][   T30] audit: type=1400 audit(1724604689.760:215): avc:  denied  { ioctl } for  pid=5457 comm="syz.1.35" path="/dev/sg0" dev="devtmpfs" ino=696 ioctlcmd=0x227b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  114.522163][    C1] vkms_vblank_simulate: vblank timer overrun
[  114.551112][   T30] audit: type=1400 audit(1724604689.900:216): avc:  denied  { compute_member } for  pid=5457 comm="syz.1.35" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  114.580796][   T30] audit: type=1400 audit(1724604689.910:217): avc:  denied  { read } for  pid=5457 comm="syz.1.35" name="binder1" dev="binder" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  114.603240][    C1] vkms_vblank_simulate: vblank timer overrun
[  114.642246][   T30] audit: type=1400 audit(1724604689.920:218): avc:  denied  { open } for  pid=5457 comm="syz.1.35" path="/dev/binderfs/binder1" dev="binder" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  114.753130][   T29] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.883459][ T5436] chnl_net:caif_netlink_parms(): no params data found
[  114.969234][   T29] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.643693][ T5220] Bluetooth: hci5: command tx timeout
[  115.898923][ T5470] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  116.009678][ T5478] iou-wrk-5471 (5478): drop_caches: 0
[  116.074947][ T5220] Bluetooth: hci6: command tx timeout
[  117.000025][   T29] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.674167][ T5220] Bluetooth: hci5: command tx timeout
[  117.862271][   T29] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.976339][ T5436] bridge0: port 1(bridge_slave_0) entered blocking state
[  118.009730][ T5436] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.023879][ T5436] bridge_slave_0: entered allmulticast mode
[  118.048988][ T5436] bridge_slave_0: entered promiscuous mode
[  118.153669][ T5220] Bluetooth: hci6: command tx timeout
[  118.223660][   T30] kauditd_printk_skb: 13 callbacks suppressed
[  118.223675][   T30] audit: type=1400 audit(1724604694.430:232): avc:  denied  { create } for  pid=5499 comm="syz.0.41" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  118.297557][ T5436] bridge0: port 2(bridge_slave_1) entered blocking state
[  118.312553][ T5436] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.323889][   T30] audit: type=1400 audit(1724604694.440:233): avc:  denied  { connect } for  pid=5499 comm="syz.0.41" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  118.388613][ T5436] bridge_slave_1: entered allmulticast mode
[  118.409310][   T30] audit: type=1400 audit(1724604694.580:234): avc:  denied  { read } for  pid=5499 comm="syz.0.41" name="ppp" dev="devtmpfs" ino=695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  118.464933][ T5436] bridge_slave_1: entered promiscuous mode
[  118.558732][   T30] audit: type=1400 audit(1724604694.580:235): avc:  denied  { open } for  pid=5499 comm="syz.0.41" path="/dev/ppp" dev="devtmpfs" ino=695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  118.559341][ T5507] =======================================================
[  118.559341][ T5507] WARNING: The mand mount option has been deprecated and
[  118.559341][ T5507]          and is ignored by this kernel. Remove the mand
[  118.559341][ T5507]          option from the mount to silence this warning.
[  118.559341][ T5507] =======================================================
[  118.653071][ T5507] hugetlbfs: Bad value 'A' for mount option 'nr_inodes'
[  118.653071][ T5507] 
[  118.687853][   T30] audit: type=1400 audit(1724604694.630:236): avc:  denied  { ioctl } for  pid=5499 comm="syz.0.41" path="/dev/ppp" dev="devtmpfs" ino=695 ioctlcmd=0x7438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  118.739858][   T30] audit: type=1400 audit(1724604694.750:237): avc:  denied  { mount } for  pid=5505 comm="syz.1.42" name="/" dev="hugetlbfs" ino=8364 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  118.998441][ T5436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  119.063223][   T30] audit: type=1400 audit(1724604694.780:238): avc:  denied  { remount } for  pid=5505 comm="syz.1.42" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  119.169581][ T5436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  119.193629][   T30] audit: type=1400 audit(1724604694.900:239): avc:  denied  { write } for  pid=5505 comm="syz.1.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  119.283228][ T5441] chnl_net:caif_netlink_parms(): no params data found
[  119.343405][   T30] audit: type=1400 audit(1724604694.900:240): avc:  denied  { nlmsg_write } for  pid=5505 comm="syz.1.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  119.623653][   T30] audit: type=1400 audit(1724604695.370:241): avc:  denied  { setopt } for  pid=5508 comm="syz.2.43" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  119.794453][ T5517] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  120.118347][ T5220] Bluetooth: hci5: command tx timeout
[  120.454116][ T5220] Bluetooth: hci6: command tx timeout
[  120.552204][ T5436] team0: Port device team_slave_0 added
[  120.640119][ T5436] team0: Port device team_slave_1 added
[  120.683312][ T5519] capability: warning: `syz.0.45' uses deprecated v2 capabilities in a way that may be insecure
[  120.867886][ T5436] batman_adv: batadv0: Adding interface: batadv_slave_0
[  120.905833][ T5436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.001633][ T5436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.265442][ T5436] batman_adv: batadv0: Adding interface: batadv_slave_1
[  121.272429][ T5436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.338885][ T5436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  121.383329][   T29] bridge_slave_1: left allmulticast mode
[  121.659387][   T29] bridge_slave_1: left promiscuous mode
[  121.856396][   T29] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.162589][   T29] bridge_slave_0: left allmulticast mode
[  122.210474][   T29] bridge_slave_0: left promiscuous mode
[  122.221096][   T29] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.671110][   T30] kauditd_printk_skb: 17 callbacks suppressed
[  123.671123][   T30] audit: type=1400 audit(1724604699.890:259): avc:  denied  { name_bind } for  pid=5538 comm="syz.2.48" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  124.003080][   T30] audit: type=1400 audit(1724604700.000:260): avc:  denied  { ioctl } for  pid=5542 comm="syz.0.49" path="socket:[8424]" dev="sockfs" ino=8424 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  128.987213][   T30] audit: type=1400 audit(1724604700.010:261): avc:  denied  { write } for  pid=5542 comm="syz.0.49" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  129.314245][   T30] audit: type=1400 audit(1724604705.520:262): avc:  denied  { write } for  pid=5521 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1410 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  129.561478][   T30] audit: type=1400 audit(1724604705.520:263): avc:  denied  { add_name } for  pid=5521 comm="dhcpcd-run-hook" name="resolv.conf.sl0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  129.596952][   T30] audit: type=1400 audit(1724604705.520:264): avc:  denied  { create } for  pid=5521 comm="dhcpcd-run-hook" name="resolv.conf.sl0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  129.677001][   T30] audit: type=1400 audit(1724604705.530:265): avc:  denied  { write } for  pid=5521 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.sl0.link" dev="tmpfs" ino=1692 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  129.703728][   T30] audit: type=1400 audit(1724604705.530:266): avc:  denied  { append } for  pid=5521 comm="dhcpcd-run-hook" name="resolv.conf.sl0.link" dev="tmpfs" ino=1692 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  130.457611][   T30] audit: type=1400 audit(1724604705.870:267): avc:  denied  { create } for  pid=5547 comm="syz.2.50" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  130.494026][   T30] audit: type=1400 audit(1724604705.870:268): avc:  denied  { bind } for  pid=5547 comm="syz.2.50" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  130.542767][   T30] audit: type=1400 audit(1724604706.660:269): avc:  denied  { remove_name } for  pid=5553 comm="rm" name="resolv.conf.sl0.link" dev="tmpfs" ino=1692 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  130.633981][   T30] audit: type=1400 audit(1724604706.660:270): avc:  denied  { unlink } for  pid=5553 comm="rm" name="resolv.conf.sl0.link" dev="tmpfs" ino=1692 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  130.769981][ T5563] ubi0: attaching mtd0
[  130.774589][ T5563] ubi0 error: ubi_attach_mtd_dev: bad VID header (7) or data offsets (71)
[  131.922475][ T5220] Bluetooth: hci0: SCO packet for unknown connection handle 0
[  132.008067][   T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  132.064725][   T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  132.082926][   T29] bond0 (unregistering): Released all slaves
[  132.230655][   T55] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  132.240881][   T55] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  132.257758][   T55] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  132.268461][   T55] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  132.280448][   T55] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  132.288737][ T5569] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  132.298083][   T55] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  132.574426][ T5564] IPVS: stopping backup sync thread 5574 ...
[  132.581449][ T5574] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_macvtap, syncid = 0, id = 0
[  132.667036][ T5436] hsr_slave_0: entered promiscuous mode
[  132.682277][ T5436] hsr_slave_1: entered promiscuous mode
[  132.696325][ T5436] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  132.707325][ T5436] Cannot create hsr debugfs directory
[  132.835609][ T5441] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.855522][ T5441] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.863149][ T5441] bridge_slave_0: entered allmulticast mode
[  132.881366][ T5441] bridge_slave_0: entered promiscuous mode
[  133.010647][ T5441] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.031243][ T5441] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.054649][ T5441] bridge_slave_1: entered allmulticast mode
[  133.062695][ T5441] bridge_slave_1: entered promiscuous mode
[  133.407609][ T5441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  133.453014][ T5441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  133.604288][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  133.610866][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  134.559615][   T55] Bluetooth: hci3: command tx timeout
[  134.620419][ T5441] team0: Port device team_slave_0 added
[  134.667693][ T5441] team0: Port device team_slave_1 added
[  134.747908][   T29] hsr_slave_0: left promiscuous mode
[  134.928087][   T29] hsr_slave_1: left promiscuous mode
[  134.946145][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  134.946164][   T30] audit: type=1400 audit(1724604711.170:277): avc:  denied  { setopt } for  pid=5582 comm="syz.0.55" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  135.901126][   T30] audit: type=1400 audit(1724604711.250:278): avc:  denied  { bind } for  pid=5589 comm="syz.2.57" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  135.932135][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  135.966455][   T29] batman_adv: batadv0: Removing interface: batadv_slave_0
[  136.124783][   T30] audit: type=1400 audit(1724604711.250:279): avc:  denied  { name_bind } for  pid=5589 comm="syz.2.57" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  136.165484][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  136.172949][   T29] batman_adv: batadv0: Removing interface: batadv_slave_1
[  136.194619][   T30] audit: type=1400 audit(1724604711.250:280): avc:  denied  { node_bind } for  pid=5589 comm="syz.2.57" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  136.989916][   T55] Bluetooth: hci3: command tx timeout
[  137.007899][   T30] audit: type=1400 audit(1724604711.260:281): avc:  denied  { write } for  pid=5589 comm="syz.2.57" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  137.029330][   T30] audit: type=1400 audit(1724604713.230:282): avc:  denied  { read write } for  pid=5582 comm="syz.0.55" name="uhid" dev="devtmpfs" ino=1084 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  137.059057][   T30] audit: type=1400 audit(1724604713.230:283): avc:  denied  { open } for  pid=5582 comm="syz.0.55" path="/dev/uhid" dev="devtmpfs" ino=1084 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  137.108870][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.173054][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.178637][   T29] veth1_macvtap: left promiscuous mode
[  137.193018][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.193624][   T30] audit: type=1400 audit(1724604713.380:284): avc:  denied  { read write } for  pid=5582 comm="syz.0.55" name="raw-gadget" dev="devtmpfs" ino=734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  137.220140][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.253193][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.260593][   T29] veth0_macvtap: left promiscuous mode
[  137.260871][   T29] veth1_vlan: left promiscuous mode
[  137.261212][   T29] veth0_vlan: left promiscuous mode
[  137.288576][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.288859][   T30] audit: type=1400 audit(1724604713.380:285): avc:  denied  { open } for  pid=5582 comm="syz.0.55" path="/dev/raw-gadget" dev="devtmpfs" ino=734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  137.302220][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.356789][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.370546][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.380575][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.401121][   T30] audit: type=1400 audit(1724604713.390:286): avc:  denied  { ioctl } for  pid=5582 comm="syz.0.55" path="/dev/raw-gadget" dev="devtmpfs" ino=734 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  137.426370][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.438885][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.463038][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.474332][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.481775][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.494016][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.501568][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.509238][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.521689][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.529687][ T5274] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  137.548199][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.555874][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.563407][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.570986][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.580834][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.588429][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.596605][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.612143][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.619932][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.637619][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.652282][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.662645][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.677359][ T5272] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  137.718844][ T5272] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  137.744095][ T5274] usb 1-1: config 0 has no interfaces?
[  137.763133][ T5274] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  137.784983][ T5274] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.825399][ T5274] usb 1-1: config 0 descriptor??
[  138.539602][   T29] team0 (unregistering): Port device team_slave_1 removed
[  138.590007][   T29] team0 (unregistering): Port device team_slave_0 removed
[  139.013819][ T5596] netlink: 'syz.0.55': attribute type 4 has an invalid length.
[  139.035859][   T55] Bluetooth: hci3: command tx timeout
[  139.223141][ T5253] usb 1-1: USB disconnect, device number 2
[  139.340878][ T5441] batman_adv: batadv0: Adding interface: batadv_slave_0
[  139.364141][ T5441] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  139.390068][    C0] vkms_vblank_simulate: vblank timer overrun
[  139.459713][ T5441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  139.629740][ T5441] batman_adv: batadv0: Adding interface: batadv_slave_1
[  139.647637][ T5441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  139.690838][ T5620] SELinux:  Context system_u:object_r:var_lib_t:s0 is not valid (left unmapped).
[  139.815628][ T5441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  140.211946][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  140.211963][   T30] audit: type=1400 audit(1724604716.430:292): avc:  denied  { create } for  pid=5613 comm="syz.2.59" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  140.238026][    C0] vkms_vblank_simulate: vblank timer overrun
[  140.327375][ T5441] hsr_slave_0: entered promiscuous mode
[  140.364781][ T5441] hsr_slave_1: entered promiscuous mode
[  140.371039][ T5441] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  140.389554][ T5441] Cannot create hsr debugfs directory
[  141.052672][ T5638] netlink: 168 bytes leftover after parsing attributes in process `syz.0.61'.
[  141.115012][   T55] Bluetooth: hci3: command tx timeout
[  141.309486][   T30] audit: type=1400 audit(1724604717.530:293): avc:  denied  { unmount } for  pid=5225 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  141.471137][ T5571] chnl_net:caif_netlink_parms(): no params data found
[  142.617548][   T29] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.709165][   T30] audit: type=1400 audit(1724604718.930:294): avc:  denied  { write } for  pid=5648 comm="syz.0.64" name="sg0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  143.081119][   T30] audit: type=1400 audit(1724604719.280:295): avc:  denied  { create } for  pid=5648 comm="syz.0.64" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  144.253724][   T30] audit: type=1400 audit(1724604719.290:296): avc:  denied  { getopt } for  pid=5648 comm="syz.0.64" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  144.340845][   T30] audit: type=1400 audit(1724604720.430:297): avc:  denied  { search } for  pid=4653 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  144.628407][   T29] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.655524][   T30] audit: type=1400 audit(1724604720.880:298): avc:  denied  { create } for  pid=5661 comm="syz.0.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  144.749714][   T30] audit: type=1400 audit(1724604720.900:299): avc:  denied  { setopt } for  pid=5661 comm="syz.0.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  144.843737][   T30] audit: type=1400 audit(1724604721.000:300): avc:  denied  { write } for  pid=5661 comm="syz.0.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  145.063702][   T30] audit: type=1400 audit(1724604721.250:301): avc:  denied  { ioctl } for  pid=5667 comm="syz.2.66" path="socket:[7933]" dev="sockfs" ino=7933 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  145.108778][   T29] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.127069][ T5672] netlink: 8 bytes leftover after parsing attributes in process `syz.2.66'.
[  145.183965][ T5672] netlink: 8 bytes leftover after parsing attributes in process `syz.2.66'.
[  145.314111][ T5672] netlink: 28 bytes leftover after parsing attributes in process `syz.2.66'.
[  145.374752][ T5436] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  145.405245][ T5436] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  145.546031][ T5441] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.687069][   T29] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.751147][ T5681] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_team, syncid = 0, id = 0
[  145.768509][ T5571] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.823379][ T5571] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.915334][ T5571] bridge_slave_0: entered allmulticast mode
[  145.931883][ T5571] bridge_slave_0: entered promiscuous mode
[  145.952582][ T5571] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.962479][ T5571] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.002515][ T5571] bridge_slave_1: entered allmulticast mode
[  146.039979][ T5571] bridge_slave_1: entered promiscuous mode
[  146.072365][ T5436] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  146.483165][ T5436] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  146.912189][   T30] audit: type=1400 audit(1724604723.130:302): avc:  denied  { execute } for  pid=5677 comm="syz.0.67" path=2F6D656D66643A01FDAE2E2BA68CB63F32193994532C7C783F55655BBDE1210333BC2723FF179B25F35B64202097F5479741C2D8F05571E62BA56C940BB607175CFB0421E4C4B1A21CFF433B94510DB67D9CEC430BCFEBE49A52E52C8203202864656C6574656429 dev="hugetlbfs" ino=7953 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  147.012640][ T5441] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.109655][   T30] audit: type=1400 audit(1724604723.330:303): avc:  denied  { create } for  pid=5692 comm="syz.2.69" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  147.336078][ T5441] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.429794][ T5571] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  147.568902][ T5441] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.671022][ T5571] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  147.743848][   T30] audit: type=1400 audit(1724604723.910:304): avc:  denied  { write } for  pid=5692 comm="syz.2.69" path="socket:[7969]" dev="sockfs" ino=7969 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  147.941459][   T29] bridge_slave_1: left allmulticast mode
[  147.956340][   T29] bridge_slave_1: left promiscuous mode
[  147.962324][   T29] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.168690][   T29] bridge_slave_0: left allmulticast mode
[  148.211157][   T29] bridge_slave_0: left promiscuous mode
[  148.229563][   T29] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.247220][   T29] bridge_slave_1: left allmulticast mode
[  148.309320][   T29] bridge_slave_1: left promiscuous mode
[  148.338898][   T29] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.394855][   T29] bridge_slave_0: left allmulticast mode
[  148.409498][   T29] bridge_slave_0: left promiscuous mode
[  148.450527][   T29] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.813614][   T30] audit: type=1400 audit(1724604725.030:305): avc:  denied  { create } for  pid=5706 comm="syz.0.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  148.898472][   T30] audit: type=1400 audit(1724604725.080:306): avc:  denied  { connect } for  pid=5706 comm="syz.0.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  149.119791][   T30] audit: type=1400 audit(1724604725.110:307): avc:  denied  { read } for  pid=5706 comm="syz.0.70" name="usbmon0" dev="devtmpfs" ino=706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  150.070683][   T30] audit: type=1400 audit(1724604725.110:308): avc:  denied  { open } for  pid=5706 comm="syz.0.70" path="/dev/usbmon0" dev="devtmpfs" ino=706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  150.107430][   T30] audit: type=1400 audit(1724604725.610:309): avc:  denied  { bind } for  pid=5714 comm="syz.2.71" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  150.131102][ T5707] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  151.641724][   T30] audit: type=1400 audit(1724604727.850:310): avc:  denied  { name_bind } for  pid=5732 comm="syz.2.74" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  151.693792][   T30] audit: type=1400 audit(1724604727.910:311): avc:  denied  { map } for  pid=5732 comm="syz.2.74" path="socket:[8035]" dev="sockfs" ino=8035 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  151.788862][   T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  151.811955][   T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  151.829888][   T29] bond0 (unregistering): Released all slaves
[  151.928088][   T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  151.939805][   T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  151.952840][   T29] bond0 (unregistering): Released all slaves
[  151.977578][ T5571] team0: Port device team_slave_0 added
[  152.105391][ T5571] team0: Port device team_slave_1 added
[  152.251397][ T5571] batman_adv: batadv0: Adding interface: batadv_slave_0
[  152.261017][ T5571] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  152.287781][ T5571] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  153.187703][ T5571] batman_adv: batadv0: Adding interface: batadv_slave_1
[  153.217586][ T5571] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  153.243655][    C1] vkms_vblank_simulate: vblank timer overrun
[  153.270826][ T5571] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  153.274871][   T30] audit: type=1400 audit(1724604729.490:312): avc:  denied  { create } for  pid=5738 comm="syz.0.82" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  154.205359][   T30] audit: type=1400 audit(1724604729.490:313): avc:  denied  { ioctl } for  pid=5738 comm="syz.0.82" path="socket:[8123]" dev="sockfs" ino=8123 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  154.519620][   T30] audit: type=1400 audit(1724604730.740:314): avc:  denied  { setopt } for  pid=5750 comm="syz.2.77" lport=135 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  155.300152][ T5571] hsr_slave_0: entered promiscuous mode
[  155.345760][ T5571] hsr_slave_1: entered promiscuous mode
[  155.407567][ T5571] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  155.459327][ T5571] Cannot create hsr debugfs directory
[  155.650849][ T5766] netlink: 'syz.0.78': attribute type 6 has an invalid length.
[  155.672108][ T5766] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.78'.
[  155.730877][ T5441] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  155.757843][ T5441] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  155.950773][ T5441] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  156.011106][   T30] audit: type=1400 audit(1724604732.230:315): avc:  denied  { read } for  pid=5767 comm="syz.2.79" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  156.012513][ T5441] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  156.136050][ T5766] netlink: 64 bytes leftover after parsing attributes in process `syz.0.78'.
[  156.353355][   T30] audit: type=1400 audit(1724604732.570:316): avc:  denied  { getopt } for  pid=5767 comm="syz.2.79" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  156.582021][ T5436] 8021q: adding VLAN 0 to HW filter on device bond0
[  156.767170][   T29] hsr_slave_0: left promiscuous mode
[  156.807805][   T29] hsr_slave_1: left promiscuous mode
[  156.826866][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  156.841398][   T29] batman_adv: batadv0: Removing interface: batadv_slave_0
[  156.860573][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  156.874714][   T29] batman_adv: batadv0: Removing interface: batadv_slave_1
[  156.912210][   T29] hsr_slave_0: left promiscuous mode
[  156.932351][   T29] hsr_slave_1: left promiscuous mode
[  156.948905][ T5779] netlink: 24 bytes leftover after parsing attributes in process `syz.0.80'.
[  157.113945][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  157.126608][   T29] batman_adv: batadv0: Removing interface: batadv_slave_0
[  157.137603][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  157.146801][   T29] batman_adv: batadv0: Removing interface: batadv_slave_1
[  157.348273][   T29] veth1_macvtap: left promiscuous mode
[  157.366386][   T29] veth0_macvtap: left promiscuous mode
[  157.379837][   T29] veth1_vlan: left promiscuous mode
[  157.401367][   T29] veth0_vlan: left promiscuous mode
[  157.482604][   T29] veth1_macvtap: left promiscuous mode
[  157.504486][   T29] veth0_macvtap: left promiscuous mode
[  157.525735][   T29] veth1_vlan: left promiscuous mode
[  157.542464][   T29] veth0_vlan: left promiscuous mode
[  158.236131][   T55] Bluetooth: hci0: command 0x0406 tx timeout
[  159.165611][ T5786] netlink: 12 bytes leftover after parsing attributes in process `syz.2.81'.
[  159.753452][   T29] team0 (unregistering): Port device team_slave_1 removed
[  159.969089][   T29] team0 (unregistering): Port device team_slave_0 removed
[  166.192618][ T5796] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  166.246666][ T5796] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  167.277459][   T30] audit: type=1400 audit(1724604743.460:317): avc:  denied  { mounton } for  pid=5798 comm="syz.2.86" path="/proc/158/task" dev="proc" ino=9183 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  168.292559][ T5802] netlink: 16 bytes leftover after parsing attributes in process `syz.2.87'.
[  168.371840][ T5803] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  168.452804][ T5803] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  168.526489][   T55] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  168.552605][   T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  168.563844][   T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  168.582804][   T55] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  168.591198][   T55] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  168.591377][   T29] team0 (unregistering): Port device team_slave_1 removed
[  168.607811][   T55] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  168.667497][   T29] team0 (unregistering): Port device team_slave_0 removed
[  168.783608][ T5271] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  168.973617][ T5271] usb 3-1: Using ep0 maxpacket: 16
[  168.992424][ T5271] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  169.015351][ T5271] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  169.039009][ T5271] usb 3-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=b4.5b
[  169.048187][ T5271] usb 3-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[  169.056520][ T5271] usb 3-1: Product: syz
[  169.060713][ T5271] usb 3-1: Manufacturer: syz
[  169.065422][ T5271] usb 3-1: SerialNumber: syz
[  169.078910][ T5271] usb 3-1: config 0 descriptor??
[  169.120177][ T5271] usb 3-1: NFC: intf ffff88802b3e2000 id ffffffff8ec3d100
[  169.221282][ T5436] 8021q: adding VLAN 0 to HW filter on device team0
[  169.367800][ T2945] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.375163][ T2945] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.486060][ T2945] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.493298][ T2945] bridge0: port 2(bridge_slave_1) entered forwarding state
[  169.866003][ T5271] usb 3-1: USB disconnect, device number 2
[  170.149239][   T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  170.174054][   T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  170.200734][   T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  170.219186][   T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  170.253758][   T55] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  170.264009][   T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  170.633890][ T5220] Bluetooth: hci1: command tx timeout
[  171.347100][   T55] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  171.360203][   T55] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  171.373770][   T55] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  171.385394][   T55] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  171.395633][   T55] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  171.404128][   T55] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  172.636745][   T55] Bluetooth: hci0: command tx timeout
[  172.716014][   T55] Bluetooth: hci1: command tx timeout
[  172.969872][ T5571] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  173.009302][ T5571] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  173.051182][ T5571] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  173.063070][ T5571] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  173.115362][ T5804] chnl_net:caif_netlink_parms(): no params data found
[  173.414700][ T5816] chnl_net:caif_netlink_parms(): no params data found
[  173.434546][   T55] Bluetooth: hci4: command tx timeout
[  173.544755][ T5848] netlink: 76 bytes leftover after parsing attributes in process `syz.2.90'.
[  173.782472][ T5848] Κό: entered promiscuous mode
[  174.170266][ T5804] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.180601][ T5804] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.190061][ T5804] bridge_slave_0: entered allmulticast mode
[  174.199262][ T5804] bridge_slave_0: entered promiscuous mode
[  174.215536][ T5804] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.223055][ T5804] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.230731][ T5804] bridge_slave_1: entered allmulticast mode
[  174.244756][ T5804] bridge_slave_1: entered promiscuous mode
[  174.570435][ T5804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  174.621564][   T30] audit: type=1326 audit(1724604750.840:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5872 comm="syz.2.91" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efea1f79e79 code=0x0
[  174.695536][   T30] audit: type=1400 audit(1724604750.910:319): avc:  granted  { setsecparam } for  pid=5872 comm="syz.2.91" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  174.721461][ T5816] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.723636][   T55] Bluetooth: hci0: command tx timeout
[  174.753301][ T5816] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.761950][ T5816] bridge_slave_0: entered allmulticast mode
[  174.771627][ T5816] bridge_slave_0: entered promiscuous mode
[  174.792589][ T5804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  174.793691][   T55] Bluetooth: hci1: command tx timeout
[  174.948765][ T5816] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.973763][ T5816] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.988776][ T5816] bridge_slave_1: entered allmulticast mode
[  175.005710][ T5816] bridge_slave_1: entered promiscuous mode
[  175.087453][ T5834] chnl_net:caif_netlink_parms(): no params data found
[  175.205758][ T5804] team0: Port device team_slave_0 added
[  175.273625][ T5816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  175.335210][ T5816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  175.365702][ T5804] team0: Port device team_slave_1 added
[  175.513923][   T55] Bluetooth: hci4: command tx timeout
[  175.630429][ T5571] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.658978][   T30] audit: type=1400 audit(1724604751.880:320): avc:  denied  { create } for  pid=5892 comm="syz.2.92" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  175.700121][   T30] audit: type=1400 audit(1724604751.920:321): avc:  denied  { link } for  pid=5892 comm="syz.2.92" name="file1" dev="tmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  175.799335][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_0
[  175.807155][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.868937][ T5804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  176.051138][ T5816] team0: Port device team_slave_0 added
[  176.083151][ T5816] team0: Port device team_slave_1 added
[  176.100596][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_1
[  176.120725][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.148486][ T5804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  176.366517][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.394712][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.410631][ T5834] bridge_slave_0: entered allmulticast mode
[  176.439133][ T5834] bridge_slave_0: entered promiscuous mode
[  176.466992][ T5571] 8021q: adding VLAN 0 to HW filter on device team0
[  176.611709][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.627684][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.640734][ T5834] bridge_slave_1: entered allmulticast mode
[  176.655786][ T5834] bridge_slave_1: entered promiscuous mode
[  176.730349][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_0
[  176.748526][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.787015][ T5816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  176.795084][   T55] Bluetooth: hci0: command tx timeout
[  176.874409][   T55] Bluetooth: hci1: command tx timeout
[  177.139518][ T5804] hsr_slave_0: entered promiscuous mode
[  177.158437][ T5804] hsr_slave_1: entered promiscuous mode
[  177.174995][ T5804] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  177.184288][ T5804] Cannot create hsr debugfs directory
[  177.190793][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_1
[  177.199945][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.270016][ T5816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.587073][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.594324][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.602654][   T55] Bluetooth: hci4: command tx timeout
[  178.015182][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  178.081488][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  178.369809][ T5816] hsr_slave_0: entered promiscuous mode
[  178.392175][ T5816] hsr_slave_1: entered promiscuous mode
[  178.412916][ T5816] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  178.430050][ T5816] Cannot create hsr debugfs directory
[  178.873806][   T55] Bluetooth: hci0: command tx timeout
[  179.673852][   T55] Bluetooth: hci4: command tx timeout
[  180.297772][ T2501] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.305007][ T2501] bridge0: port 2(bridge_slave_1) entered forwarding state
[  180.323437][ T5834] team0: Port device team_slave_0 added
[  180.387689][ T5834] team0: Port device team_slave_1 added
[  180.443033][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0
[  180.454197][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.481726][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  180.498889][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1
[  180.506026][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.532081][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  180.914640][   T29] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.063267][   T29] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.107288][ T5834] hsr_slave_0: entered promiscuous mode
[  181.128013][ T5834] hsr_slave_1: entered promiscuous mode
[  181.144780][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  181.152392][ T5834] Cannot create hsr debugfs directory
[  181.248848][   T29] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.370010][   T29] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.935923][   T29] bridge_slave_1: left allmulticast mode
[  181.941630][   T29] bridge_slave_1: left promiscuous mode
[  181.958968][   T29] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.984852][   T29] bridge_slave_0: left allmulticast mode
[  181.991688][   T29] bridge_slave_0: left promiscuous mode
[  182.004539][   T29] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.019206][   T29] bridge_slave_1: left allmulticast mode
[  182.025107][   T29] bridge_slave_1: left promiscuous mode
[  182.030905][   T29] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.045392][   T29] bridge_slave_0: left allmulticast mode
[  182.051097][   T29] bridge_slave_0: left promiscuous mode
[  182.060480][   T29] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.072972][   T29] bridge_slave_1: left allmulticast mode
[  182.080393][   T29] bridge_slave_1: left promiscuous mode
[  182.086972][   T29] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.108387][   T29] bridge_slave_0: left allmulticast mode
[  182.114589][   T29] bridge_slave_0: left promiscuous mode
[  182.120385][   T29] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.981356][   T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  182.992452][   T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  183.003242][   T29] bond0 (unregistering): Released all slaves
[  183.101645][   T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  183.121949][   T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  183.132437][   T29] bond0 (unregistering): Released all slaves
[  183.241854][   T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  183.253253][   T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  183.271586][   T29] bond0 (unregistering): Released all slaves
[  183.447901][ T5816] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  183.487688][ T5816] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  183.565453][ T5816] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  183.583346][ T5816] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  183.611278][ T5571] 8021q: adding VLAN 0 to HW filter on device batadv0
[  183.993442][ T5571] veth0_vlan: entered promiscuous mode
[  184.139397][ T5571] veth1_vlan: entered promiscuous mode
[  184.178326][   T29] hsr_slave_0: left promiscuous mode
[  184.202876][   T29] hsr_slave_1: left promiscuous mode
[  184.210507][   T29] batman_adv: batadv0: Removing interface: batadv_slave_0
[  184.222458][   T29] batman_adv: batadv0: Removing interface: batadv_slave_1
[  184.243600][   T29] hsr_slave_0: left promiscuous mode
[  184.249876][   T29] hsr_slave_1: left promiscuous mode
[  184.269910][   T29] batman_adv: batadv0: Removing interface: batadv_slave_0
[  184.293753][   T29] batman_adv: batadv0: Removing interface: batadv_slave_1
[  184.330348][   T29] hsr_slave_0: left promiscuous mode
[  184.338653][   T29] hsr_slave_1: left promiscuous mode
[  184.347378][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  184.355718][   T29] batman_adv: batadv0: Removing interface: batadv_slave_0
[  184.364944][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  184.372351][   T29] batman_adv: batadv0: Removing interface: batadv_slave_1
[  184.406022][   T29] veth1_macvtap: left promiscuous mode
[  184.411634][   T29] veth0_macvtap: left promiscuous mode
[  184.418195][   T29] veth1_vlan: left promiscuous mode
[  184.423682][   T29] veth0_vlan: left promiscuous mode
[  184.759203][   T29] team0 (unregistering): Port device team_slave_1 removed
[  184.798902][   T29] team0 (unregistering): Port device team_slave_0 removed
[  185.204809][   T29] team0 (unregistering): Port device team_slave_1 removed
[  185.239696][   T29] team0 (unregistering): Port device team_slave_0 removed
[  185.978083][   T29] team0 (unregistering): Port device team_slave_1 removed
[  186.027103][   T29] team0 (unregistering): Port device team_slave_0 removed
[  186.640704][ T5816] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.675377][ T5571] veth0_macvtap: entered promiscuous mode
[  186.770132][ T5816] 8021q: adding VLAN 0 to HW filter on device team0
[  186.781635][ T5571] veth1_macvtap: entered promiscuous mode
[  186.829768][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.836988][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.878998][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.886267][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.908064][ T5571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  186.932875][ T5571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  186.950074][ T5571] batman_adv: batadv0: Interface activated: batadv_slave_0
[  187.040409][ T5571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.052038][ T5571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.064419][ T5571] batman_adv: batadv0: Interface activated: batadv_slave_1
[  187.139740][ T5571] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.162174][ T5571] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.173020][ T5571] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.181821][ T5571] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  187.223354][ T5834] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  187.241471][ T5834] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  187.262451][ T5834] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  187.296328][ T5834] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  187.572129][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  187.610497][ T5804] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  187.617718][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  187.647430][ T5804] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  187.720796][ T5804] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  187.742326][ T5804] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  187.893423][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  187.902002][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  187.993146][ T5816] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.131674][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.329424][ T5834] 8021q: adding VLAN 0 to HW filter on device team0
[  189.475665][   T29] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.482845][   T29] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.567020][  T726] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.574250][  T726] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.681928][ T5816] veth0_vlan: entered promiscuous mode
[  189.727295][ T5804] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.829032][ T5816] veth1_vlan: entered promiscuous mode
[  189.892258][ T5804] 8021q: adding VLAN 0 to HW filter on device team0
[  189.950665][ T5995] netlink: 40 bytes leftover after parsing attributes in process `syz.1.53'.
[  190.001940][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.009105][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  190.032370][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.039616][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  190.189630][ T5804] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  190.388991][ T5816] veth0_macvtap: entered promiscuous mode
[  190.470437][ T5816] veth1_macvtap: entered promiscuous mode
[  190.583018][ T5816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.603251][ T5816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.615152][ T5816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.641546][ T5816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.664904][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.759030][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0
[  190.771442][ T5816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.795365][ T5816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.822763][ T5816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.853066][ T5816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.893116][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_1
[  190.939126][ T5816] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.982243][ T5816] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  191.013776][ T5816] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  191.027973][ T5816] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  191.218226][ T5804] 8021q: adding VLAN 0 to HW filter on device batadv0
[  191.499148][   T29] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  191.516145][   T29] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.542395][ T5804] veth0_vlan: entered promiscuous mode
[  191.573360][ T5804] veth1_vlan: entered promiscuous mode
[  191.648218][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  191.662692][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.772572][ T5804] veth0_macvtap: entered promiscuous mode
[  191.791861][ T5804] veth1_macvtap: entered promiscuous mode
[  191.874021][ T5834] veth0_vlan: entered promiscuous mode
[  191.905490][ T5834] veth1_vlan: entered promiscuous mode
[  192.277763][   T30] audit: type=1400 audit(1724604768.180:322): avc:  denied  { setopt } for  pid=6036 comm="syz.3.26" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  194.012647][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.150121][   T30] audit: type=1400 audit(1724604769.710:323): avc:  denied  { mount } for  pid=6038 comm="syz.2.104" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  194.191386][ T6049] dccp_v6_rcv: dropped packet with invalid checksum
[  194.203636][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.241274][   T30] audit: type=1400 audit(1724604770.340:324): avc:  denied  { unmount } for  pid=5225 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  194.265717][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.317436][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.340213][   T30] audit: type=1400 audit(1724604770.560:325): avc:  denied  { write } for  pid=4653 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  194.342361][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.373028][   T30] audit: type=1400 audit(1724604770.560:326): avc:  denied  { remove_name } for  pid=4653 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  195.164580][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  195.170946][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  195.183194][   T30] audit: type=1400 audit(1724604770.560:327): avc:  denied  { rename } for  pid=4653 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  195.219317][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.226057][   T30] audit: type=1400 audit(1724604770.560:328): avc:  denied  { add_name } for  pid=4653 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  195.283470][   T30] audit: type=1400 audit(1724604770.560:329): avc:  denied  { unlink } for  pid=4653 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  195.288351][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_0
[  195.524211][   T30] audit: type=1400 audit(1724604770.560:330): avc:  denied  { create } for  pid=4653 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  195.618523][ T6062] 9pnet_fd: Insufficient options for proto=fd
[  196.009093][   T30] audit: type=1400 audit(1724604772.220:331): avc:  denied  { read } for  pid=6061 comm="syz.2.96" name="uinput" dev="devtmpfs" ino=837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  196.466061][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.502795][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.524138][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.549783][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.580233][ T5804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.608025][ T5804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.626431][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_1
[  196.667463][ T5804] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.676770][ T5804] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.744372][ T5804] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.758693][ T5804] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.467994][ T5834] veth0_macvtap: entered promiscuous mode
[  197.490832][   T47] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  197.624583][ T5834] veth1_macvtap: entered promiscuous mode
[  197.696072][   T47] usb 3-1: Using ep0 maxpacket: 8
[  197.705679][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.727047][   T47] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  197.805110][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  197.805179][   T30] audit: type=1400 audit(1724604774.020:333): avc:  denied  { view } for  pid=6079 comm="syz.3.100" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  197.847081][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.894310][   T47] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  197.934442][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.953558][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.969256][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.981824][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.995467][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  198.006037][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.029527][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0
[  198.370775][   T47] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  198.380807][   T47] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  198.416522][   T47] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  198.440941][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.443412][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.505011][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.571593][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.663608][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.683771][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.737021][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.773866][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.784212][   T47] usb 3-1: usb_control_msg returned -71
[  198.806975][   T47] usbtmc 3-1:16.0: can't read capabilities
[  198.821340][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.879318][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1
[  198.897444][   T47] usb 3-1: USB disconnect, device number 4
[  198.943741][ T5834] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  198.952485][ T5834] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  199.007805][ T5834] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  199.017556][ T5834] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  199.309809][ T6093] loop7: detected capacity change from 0 to 16384
[  200.536541][ T6100] netlink: 28 bytes leftover after parsing attributes in process `syz.2.106'.
[  200.561545][ T2945] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.565955][ T5274] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  200.612507][ T2945] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.882888][   T30] audit: type=1400 audit(1724604776.960:334): avc:  denied  { wake_alarm } for  pid=6102 comm="syz.1.107" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  201.574063][ T5274] usb 4-1: Using ep0 maxpacket: 8
[  201.620914][ T5274] usb 4-1: unable to get BOS descriptor or descriptor too short
[  201.697094][ T5274] usb 4-1: config 0 has no interfaces?
[  202.255732][ T5220] Bluetooth: hci2: command 0x0406 tx timeout
[  202.434181][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  202.564813][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  202.595925][ T5274] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  202.611644][   T30] audit: type=1400 audit(1724604778.820:335): avc:  denied  { watch watch_reads } for  pid=6106 comm="syz.2.108" path="/49" dev="tmpfs" ino=277 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  202.634247][    C1] vkms_vblank_simulate: vblank timer overrun
[  202.653244][ T5274] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.692335][ T5274] usb 4-1: Product: syz
[  202.713803][ T2501] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  202.741281][ T2501] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  202.804510][ T5274] usb 4-1: Manufacturer: syz
[  202.925024][ T5274] usb 4-1: config 0 descriptor??
[  202.932333][ T5274] usb 4-1: can't set config #0, error -71
[  202.938891][ T2501] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  202.980547][ T2501] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  203.005240][ T5274] usb 4-1: USB disconnect, device number 2
[  204.273407][   T30] audit: type=1400 audit(1724604780.470:336): avc:  denied  { unmount } for  pid=5804 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  206.414005][   T30] audit: type=1400 audit(1724604782.630:337): avc:  denied  { connect } for  pid=6140 comm="syz.2.114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  206.722730][   T55] Bluetooth: hci4: ACL packet for unknown connection handle 0
[  206.833668][   T30] audit: type=1400 audit(1724604783.050:338): avc:  denied  { mount } for  pid=6130 comm="syz.0.112" name="/" dev="configfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  206.853823][ T6139] netlink: 56 bytes leftover after parsing attributes in process `syz.3.113'.
[  206.856102][    C1] vkms_vblank_simulate: vblank timer overrun
[  206.994737][ T6133] overlayfs: failed to resolve './file1': -2
[  207.026113][  T726] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5
[  207.054835][ T6147] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  207.274615][   T30] audit: type=1400 audit(1724604783.470:339): avc:  denied  { mount } for  pid=6141 comm="syz.4.115" name="/" dev="rpc_pipefs" ino=13273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  207.424665][ T6156] program syz.1.116 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  207.812852][   T30] audit: type=1400 audit(1724604784.020:340): avc:  denied  { unmount } for  pid=5804 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  208.115018][   T30] audit: type=1400 audit(1724604784.110:341): avc:  denied  { unmount } for  pid=5834 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  208.228283][ T6166] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  209.533087][ T6174] evm: overlay not supported
[  209.557858][ T6174] Invalid ELF header magic: != ELF
[  209.683765][   T30] audit: type=1804 audit(1724604785.720:342): pid=6174 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.120" name="/newroot/2/bus/bus" dev="overlay" ino=37 res=1 errno=0
[  209.706076][    C1] vkms_vblank_simulate: vblank timer overrun
[  210.623570][   T30] audit: type=1400 audit(1724604785.770:343): avc:  denied  { module_load } for  pid=6169 comm="syz.4.120" path="/2/bus/bus" dev="overlay" ino=37 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1
[  210.653926][    C1] vkms_vblank_simulate: vblank timer overrun
[  213.028941][ T6179] Driver unsupported XDP return value 0 on prog  (id 48) dev N/A, expect packet loss!
[  213.334498][ T5279] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  213.527740][ T5279] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  213.570158][ T5279] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  213.613944][   T30] audit: type=1400 audit(1724604789.820:344): avc:  denied  { set_context_mgr } for  pid=6193 comm="syz.4.128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  213.655944][ T5279] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  213.689300][ T5279] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  213.727443][ T5279] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.764572][ T5279] usb 4-1: config 0 descriptor??
[  213.800839][ T6186] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  214.044185][   T30] audit: type=1400 audit(1724604790.270:345): avc:  denied  { setopt } for  pid=6192 comm="syz.0.127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  214.100350][   T30] audit: type=1400 audit(1724604790.290:346): avc:  denied  { connect } for  pid=6192 comm="syz.0.127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  214.343648][ T5279] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  214.418818][ T5279] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  214.552186][ T5279] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  214.616997][   T30] audit: type=1400 audit(1724604790.830:347): avc:  denied  { write } for  pid=6206 comm="syz.2.130" name="event3" dev="devtmpfs" ino=841 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  214.688774][ T5279] usb 4-1: USB disconnect, device number 3
[  214.746527][   T30] audit: type=1400 audit(1724604790.840:348): avc:  denied  { read } for  pid=6206 comm="syz.2.130" name="mouse0" dev="devtmpfs" ino=840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  214.805594][ T6214] netlink: 24 bytes leftover after parsing attributes in process `syz.1.131'.
[  214.903703][   T30] audit: type=1400 audit(1724604790.840:349): avc:  denied  { open } for  pid=6206 comm="syz.2.130" path="/dev/input/mouse0" dev="devtmpfs" ino=840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  215.124082][   T30] audit: type=1400 audit(1724604790.970:350): avc:  denied  { append } for  pid=6206 comm="syz.2.130" name="001" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  215.183960][   T30] audit: type=1400 audit(1724604791.120:351): avc:  denied  { getopt } for  pid=6215 comm="syz.4.133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  215.561877][   T30] audit: type=1400 audit(1724604791.770:352): avc:  denied  { bind } for  pid=6208 comm="syz.1.131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  215.613030][ T6216] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  215.619967][ T6216] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  215.645053][ T6216] vhci_hcd vhci_hcd.0: Device attached
[  215.694505][ T6222] vhci_hcd: connection closed
[  215.698219][ T2490] vhci_hcd: stop threads
[  215.727555][ T2490] vhci_hcd: release socket
[  215.790249][ T6227] netlink: 'syz.2.134': attribute type 1 has an invalid length.
[  215.799484][ T6227] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.134'.
[  215.800437][ T2490] vhci_hcd: disconnect device
[  221.086333][ T6209] Zero length message leads to an empty skb
[  222.155656][   T30] audit: type=1400 audit(1724604798.380:353): avc:  denied  { ioctl } for  pid=6239 comm="syz.1.138" path="socket:[13457]" dev="sockfs" ino=13457 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  222.163764][ T5274] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  222.233621][   T30] audit: type=1804 audit(1724604798.450:354): pid=6238 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.137" name="/newroot/11/bus/file0" dev="overlay" ino=84 res=1 errno=0
[  222.838215][ T5274] usb 5-1: Using ep0 maxpacket: 16
[  223.501641][ T5274] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  223.522250][   T30] audit: type=1400 audit(1724604798.690:355): avc:  denied  { ioctl } for  pid=6239 comm="syz.1.138" path="socket:[13459]" dev="sockfs" ino=13459 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  223.599030][ T5274] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  223.736166][ T5274] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  223.804863][ T5274] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  223.990982][ T5274] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  224.006072][ T5274] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  224.015337][ T5274] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  224.029317][ T5274] usb 5-1: Manufacturer: syz
[  224.060221][ T5274] usb 5-1: config 0 descriptor??
[  224.915010][ T5274] usb 5-1: can't set config #0, error -71
[  225.124255][ T5274] usb 5-1: USB disconnect, device number 2
[  225.188289][ T5279] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  225.350774][ T6260] netlink: 24 bytes leftover after parsing attributes in process `syz.1.142'.
[  225.366978][ T6260] netlink: 24 bytes leftover after parsing attributes in process `syz.1.142'.
[  225.935914][ T5279] usb 3-1: Using ep0 maxpacket: 8
[  225.961300][ T5279] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  225.980301][ T5279] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  226.000597][ T5279] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  226.031365][ T5279] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  226.078506][ T5279] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  226.115982][ T5279] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  226.174039][ T5279] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.517767][   T30] audit: type=1400 audit(1724604802.740:356): avc:  denied  { write } for  pid=6266 comm="syz.3.145" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  226.710124][ T6272] can0: slcan on ttyS3.
[  226.748578][   T30] audit: type=1400 audit(1724604802.970:357): avc:  denied  { getopt } for  pid=6268 comm="syz.1.146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  226.857207][   T30] audit: type=1400 audit(1724604803.080:358): avc:  denied  { ioctl } for  pid=6268 comm="syz.1.146" path="socket:[13509]" dev="sockfs" ino=13509 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  227.402614][ T6280] sctp: [Deprecated]: syz.3.148 (pid 6280) Use of int in maxseg socket option.
[  227.402614][ T6280] Use struct sctp_assoc_value instead
[  227.500195][ T5279] usb 3-1: usb_control_msg returned -71
[  227.505896][ T5279] usbtmc 3-1:16.0: can't read capabilities
[  227.518881][ T5279] usb 3-1: USB disconnect, device number 5
[  228.173877][   T30] audit: type=1400 audit(1724604804.160:359): avc:  denied  { mounton } for  pid=6281 comm="syz.4.147" path="/9/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  228.974262][ T6268] can0 (unregistered): slcan off ttyS3.
[  233.763058][   T30] audit: type=1400 audit(1724604809.950:360): avc:  denied  { open } for  pid=6330 comm="syz.3.156" path="/dev/ptyqa" dev="devtmpfs" ino=131 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  234.648120][ T6331]  nullb0: AHDI p1
[  234.720527][   T30] audit: type=1400 audit(1724604809.980:361): avc:  denied  { ioctl } for  pid=6330 comm="syz.3.156" path="/dev/ptyqa" dev="devtmpfs" ino=131 ioctlcmd=0x5412 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  234.745402][    C0] vkms_vblank_simulate: vblank timer overrun
[  234.909882][ T6337] No such timeout policy "syz1"
[  235.323512][    C0] vkms_vblank_simulate: vblank timer overrun
[  235.510289][    C0] vkms_vblank_simulate: vblank timer overrun
[  235.913803][   T55] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  235.953650][   T30] audit: type=1400 audit(1724604812.170:362): avc:  denied  { watch } for  pid=6348 comm="syz.3.159" path="/15/file0" dev="rpc_pipefs" ino=13607 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=dir permissive=1
[  235.976702][    C0] vkms_vblank_simulate: vblank timer overrun
[  238.394060][ T5220] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  243.663566][   T55] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  243.665140][ T5220] Bluetooth: hci5: command 0x1003 tx timeout
[  243.677499][ T5220] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  243.776412][   T55] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  243.785049][   T55] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  243.803282][   T55] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  243.901583][   T55] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  243.915988][   T55] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  243.923448][   T55] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  243.933834][ T6376] sp0: Synchronizing with TNC
[  244.256351][ T6389] tmpfs: Bad value for 'mpol'
[  244.272678][ T6389] netlink: 20 bytes leftover after parsing attributes in process `syz.3.166'.
[  244.342637][   T30] audit: type=1400 audit(1724604820.560:363): avc:  denied  { write } for  pid=6386 comm="syz.3.166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  244.515188][   T30] audit: type=1400 audit(1724604820.650:364): avc:  denied  { ioctl } for  pid=6386 comm="syz.3.166" path="socket:[13647]" dev="sockfs" ino=13647 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  245.543147][   T30] audit: type=1400 audit(1724604821.760:365): avc:  denied  { read } for  pid=6405 comm="syz.2.168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  245.606667][   T30] audit: type=1400 audit(1724604821.830:366): avc:  denied  { setopt } for  pid=6405 comm="syz.2.168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  245.716697][ T6389] netlink: 4 bytes leftover after parsing attributes in process `syz.3.166'.
[  246.036758][ T2945] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.173642][ T5220] Bluetooth: hci5: command tx timeout
[  247.519382][   T30] audit: type=1400 audit(1724604823.520:367): avc:  denied  { getopt } for  pid=6432 comm="syz.4.172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  247.678167][ T6433] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  247.723270][ T2945] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.995342][ T5220] Bluetooth: hci2: ACL packet for unknown connection handle 1993
[  248.003310][   T30] audit: type=1400 audit(1724604824.220:368): avc:  denied  { create } for  pid=6450 comm="syz.3.173" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  248.058325][   T30] audit: type=1400 audit(1724604824.260:369): avc:  denied  { getopt } for  pid=6426 comm="syz.2.170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  248.192908][ T2945] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.234253][ T5220] Bluetooth: hci5: command tx timeout
[  248.291324][ T6458] 9pnet_fd: Insufficient options for proto=fd
[  248.372327][ T6437] netlink: 28 bytes leftover after parsing attributes in process `syz.1.171'.
[  249.944423][   T30] audit: type=1400 audit(1724604825.810:370): avc:  denied  { write } for  pid=6467 comm="syz.4.175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  250.343586][ T5220] Bluetooth: hci5: command tx timeout
[  250.453030][   T30] audit: type=1400 audit(1724604826.670:371): avc:  denied  { create } for  pid=6472 comm="syz.3.176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  250.497407][ T2945] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.537129][   T30] audit: type=1400 audit(1724604826.760:372): avc:  denied  { bind } for  pid=6472 comm="syz.3.176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  250.580677][ T6470] vcan0 speed is unknown, defaulting to 1000
[  250.597921][ T6470] vcan0 speed is unknown, defaulting to 1000
[  250.607945][ T6470] vcan0 speed is unknown, defaulting to 1000
[  250.662358][ T6474] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  250.761710][ T6470] infiniband syz1: set active
[  250.766739][ T6470] infiniband syz1: added vcan0
[  250.775051][ T6470] syz1: rxe_create_cq: returned err = -12
[  250.781252][ T6470] infiniband syz1: Couldn't create ib_mad CQ
[  250.787506][ T6470] infiniband syz1: Couldn't open port 1
[  250.915208][   T30] audit: type=1400 audit(1724604826.760:373): avc:  denied  { name_bind } for  pid=6472 comm="syz.3.176" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  250.935817][    C1] vkms_vblank_simulate: vblank timer overrun
[  251.340265][ T6470] RDS/IB: syz1: added
[  251.344909][ T6470] smc: adding ib device syz1 with port count 1
[  251.351231][ T6470] smc:    ib device syz1 port 1 has pnetid 
[  251.393890][   T30] audit: type=1400 audit(1724604826.760:374): avc:  denied  { node_bind } for  pid=6472 comm="syz.3.176" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[  251.457718][   T30] audit: type=1400 audit(1724604826.790:375): avc:  denied  { name_connect } for  pid=6472 comm="syz.3.176" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  251.561298][ T5253] vcan0 speed is unknown, defaulting to 1000
[  251.615741][ T6470] vcan0 speed is unknown, defaulting to 1000
[  251.758116][ T6470] vcan0 speed is unknown, defaulting to 1000
[  251.883438][ T6470] vcan0 speed is unknown, defaulting to 1000
[  252.013990][ T6470] vcan0 speed is unknown, defaulting to 1000
[  252.140661][ T6470] vcan0 speed is unknown, defaulting to 1000
[  252.266582][ T6470] vcan0 speed is unknown, defaulting to 1000
[  252.484383][ T5272] vcan0 speed is unknown, defaulting to 1000
[  252.493749][ T5220] Bluetooth: hci5: command tx timeout
[  252.530997][ T6374] chnl_net:caif_netlink_parms(): no params data found
[  252.713902][   T30] audit: type=1400 audit(1724604828.900:376): avc:  denied  { ioctl } for  pid=6475 comm="syz.1.178" path="/dev/usbmon0" dev="devtmpfs" ino=706 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  252.739003][    C1] vkms_vblank_simulate: vblank timer overrun
[  252.826341][   T30] audit: type=1400 audit(1724604829.050:377): avc:  denied  { write } for  pid=6485 comm="syz.3.179" name="ppp" dev="devtmpfs" ino=695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  252.923936][ T6495] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  253.024645][   T30] audit: type=1400 audit(1724604829.250:378): avc:  denied  { setopt } for  pid=6490 comm="syz.4.180" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  253.159437][   T30] audit: type=1400 audit(1724604829.290:379): avc:  denied  { ioctl } for  pid=6490 comm="syz.4.180" path="socket:[14363]" dev="sockfs" ino=14363 ioctlcmd=0x9422 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  253.549179][ T6374] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.574049][ T6374] bridge0: port 1(bridge_slave_0) entered disabled state
[  253.703073][ T6374] bridge_slave_0: entered allmulticast mode
[  253.756029][ T6374] bridge_slave_0: entered promiscuous mode
[  253.801751][ T2945] bridge_slave_1: left allmulticast mode
[  253.827519][ T2945] bridge_slave_1: left promiscuous mode
[  253.850840][ T2945] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.951761][ T2945] bridge_slave_0: left allmulticast mode
[  253.983838][ T2945] bridge_slave_0: left promiscuous mode
[  253.992919][ T2945] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.650636][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  256.657114][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  258.284291][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  258.284311][   T30] audit: type=1804 audit(1724604834.330:381): pid=6534 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.184" name="/newroot/66/bus/bus" dev="overlay" ino=383 res=1 errno=0
[  259.079544][   T55] Bluetooth: Unknown BR/EDR signaling command 0x0e
[  259.086298][   T55] Bluetooth: Wrong link type (-22)
[  259.094593][   T55] Bluetooth: Unknown BR/EDR signaling command 0x10
[  259.102147][   T55] Bluetooth: Wrong link type (-22)
[  259.107723][   T55] Bluetooth: Unknown BR/EDR signaling command 0x0e
[  259.120493][   T55] Bluetooth: Wrong link type (-22)
[  259.128282][   T55] Bluetooth: Unknown BR/EDR signaling command 0x0e
[  259.307944][   T55] Bluetooth: Wrong link type (-22)
[  259.313733][   T55] ==================================================================
[  259.321819][   T55] BUG: KASAN: slab-use-after-free in l2cap_send_cmd+0x788/0x920
[  259.329552][   T55] Read of size 4 at addr ffff888065aa3010 by task kworker/u9:0/55
[  259.337352][   T55] 
[  259.339683][   T55] CPU: 0 UID: 0 PID: 55 Comm: kworker/u9:0 Not tainted 6.11.0-rc5-syzkaller #0
[  259.348618][   T55] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  259.358762][   T55] Workqueue: hci3 hci_rx_work
[  259.363448][   T55] Call Trace:
[  259.366728][   T55]  <TASK>
[  259.369656][   T55]  dump_stack_lvl+0x116/0x1f0
[  259.374350][   T55]  print_report+0xc3/0x620
[  259.378774][   T55]  ? __virt_addr_valid+0x5e/0x590
[  259.383798][   T55]  ? __phys_addr+0xc6/0x150
[  259.388299][   T55]  kasan_report+0xd9/0x110
[  259.392718][   T55]  ? l2cap_send_cmd+0x788/0x920
[  259.397572][   T55]  ? l2cap_send_cmd+0x788/0x920
[  259.402429][   T55]  l2cap_send_cmd+0x788/0x920
[  259.407114][   T55]  l2cap_recv_frame+0x2360/0x8eb0
[  259.412151][   T55]  ? hci_rx_work+0xa87/0x1610
[  259.416826][   T55]  ? __pfx_lock_release+0x10/0x10
[  259.421851][   T55]  ? __pfx___lock_acquire+0x10/0x10
[  259.427052][   T55]  ? __pfx_l2cap_recv_frame+0x10/0x10
[  259.432430][   T55]  ? trace_contention_end+0xea/0x140
[  259.437720][   T55]  ? __mutex_unlock_slowpath+0x164/0x650
[  259.443368][   T55]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  259.449353][   T55]  ? hci_rx_work+0xa73/0x1610
[  259.454027][   T55]  ? hci_conn_enter_active_mode+0x219/0x360
[  259.459917][   T55]  ? __pfx_lock_release+0x10/0x10
[  259.464948][   T55]  ? __pfx_hci_conn_enter_active_mode+0x10/0x10
[  259.471191][   T55]  l2cap_recv_acldata+0x9b4/0xb70
[  259.476225][   T55]  hci_rx_work+0xaab/0x1610
[  259.480728][   T55]  process_one_work+0x9c5/0x1b40
[  259.485676][   T55]  ? __pfx_lock_acquire+0x10/0x10
[  259.490700][   T55]  ? __pfx_process_one_work+0x10/0x10
[  259.496091][   T55]  ? assign_work+0x1a0/0x250
[  259.500683][   T55]  worker_thread+0x6c8/0xed0
[  259.505281][   T55]  ? __pfx_worker_thread+0x10/0x10
[  259.510397][   T55]  kthread+0x2c1/0x3a0
[  259.514460][   T55]  ? _raw_spin_unlock_irq+0x23/0x50
[  259.519664][   T55]  ? __pfx_kthread+0x10/0x10
[  259.524248][   T55]  ret_from_fork+0x45/0x80
[  259.528679][   T55]  ? __pfx_kthread+0x10/0x10
[  259.533262][   T55]  ret_from_fork_asm+0x1a/0x30
[  259.538037][   T55]  </TASK>
[  259.541048][   T55] 
[  259.543359][   T55] Allocated by task 55:
[  259.547503][   T55]  kasan_save_stack+0x33/0x60
[  259.552180][   T55]  kasan_save_track+0x14/0x30
[  259.556852][   T55]  __kasan_kmalloc+0xaa/0xb0
[  259.561436][   T55]  l2cap_conn_add.part.0+0x60/0xa60
[  259.566634][   T55]  l2cap_connect_cfm+0x428/0xf80
[  259.571577][   T55]  hci_remote_features_evt+0x548/0x9e0
[  259.577039][   T55]  hci_event_packet+0x9eb/0x1180
[  259.581980][   T55]  hci_rx_work+0x2c6/0x1610
[  259.586477][   T55]  process_one_work+0x9c5/0x1b40
[  259.591418][   T55]  worker_thread+0x6c8/0xed0
[  259.596011][   T55]  kthread+0x2c1/0x3a0
[  259.600073][   T55]  ret_from_fork+0x45/0x80
[  259.604499][   T55]  ret_from_fork_asm+0x1a/0x30
[  259.609269][   T55] 
[  259.611583][   T55] Freed by task 5220:
[  259.615552][   T55]  kasan_save_stack+0x33/0x60
[  259.620229][   T55]  kasan_save_track+0x14/0x30
[  259.624907][   T55]  kasan_save_free_info+0x3b/0x60
[  259.629938][   T55]  poison_slab_object+0xf7/0x160
[  259.634875][   T55]  __kasan_slab_free+0x32/0x50
[  259.639637][   T55]  kfree+0x12a/0x3b0
[  259.643527][   T55]  l2cap_conn_del+0x59d/0x730
[  259.648205][   T55]  l2cap_connect_cfm+0x9e6/0xf80
[  259.653142][   T55]  hci_conn_failed+0x1c3/0x370
[  259.657899][   T55]  hci_abort_conn_sync+0x75a/0xb50
[  259.663003][   T55]  abort_conn_sync+0x197/0x360
[  259.667770][   T55]  hci_cmd_sync_work+0x1a4/0x410
[  259.672704][   T55]  process_one_work+0x9c5/0x1b40
[  259.677650][   T55]  worker_thread+0x6c8/0xed0
[  259.682248][   T55]  kthread+0x2c1/0x3a0
[  259.686399][   T55]  ret_from_fork+0x45/0x80
[  259.690827][   T55]  ret_from_fork_asm+0x1a/0x30
[  259.695611][   T55] 
[  259.697927][   T55] Last potentially related work creation:
[  259.703630][   T55]  kasan_save_stack+0x33/0x60
[  259.708321][   T55]  __kasan_record_aux_stack+0xba/0xd0
[  259.713706][   T55]  insert_work+0x36/0x230
[  259.718044][   T55]  __queue_work+0x97e/0x1070
[  259.722635][   T55]  call_timer_fn+0x1a0/0x610
[  259.727226][   T55]  __run_timers+0x567/0xaf0
[  259.731727][   T55]  run_timer_base+0x111/0x190
[  259.736410][   T55]  run_timer_softirq+0x1a/0x40
[  259.741193][   T55]  handle_softirqs+0x216/0x8f0
[  259.745968][   T55]  irq_exit_rcu+0xbb/0x120
[  259.750390][   T55]  sysvec_apic_timer_interrupt+0x95/0xb0
[  259.756030][   T55]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  259.762010][   T55] 
[  259.764323][   T55] Second to last potentially related work creation:
[  259.770891][   T55]  kasan_save_stack+0x33/0x60
[  259.775578][   T55]  __kasan_record_aux_stack+0xba/0xd0
[  259.780968][   T55]  insert_work+0x36/0x230
[  259.785305][   T55]  __queue_work+0x3f8/0x1070
[  259.789898][   T55]  queue_work_on+0x11a/0x140
[  259.794485][   T55]  l2cap_connect_cfm+0x9c9/0xf80
[  259.799425][   T55]  hci_remote_features_evt+0x548/0x9e0
[  259.804886][   T55]  hci_event_packet+0x9eb/0x1180
[  259.809831][   T55]  hci_rx_work+0x2c6/0x1610
[  259.814340][   T55]  process_one_work+0x9c5/0x1b40
[  259.819280][   T55]  worker_thread+0x6c8/0xed0
[  259.823879][   T55]  kthread+0x2c1/0x3a0
[  259.827949][   T55]  ret_from_fork+0x45/0x80
[  259.832377][   T55]  ret_from_fork_asm+0x1a/0x30
[  259.837146][   T55] 
[  259.839458][   T55] The buggy address belongs to the object at ffff888065aa3000
[  259.839458][   T55]  which belongs to the cache kmalloc-1k of size 1024
[  259.853511][   T55] The buggy address is located 16 bytes inside of
[  259.853511][   T55]  freed 1024-byte region [ffff888065aa3000, ffff888065aa3400)
[  259.867299][   T55] 
[  259.869612][   T55] The buggy address belongs to the physical page:
[  259.876008][   T55] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x65aa0
[  259.884760][   T55] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  259.893248][   T55] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  259.900794][   T55] page_type: 0xfdffffff(slab)
[  259.905471][   T55] raw: 00fff00000000040 ffff888015841dc0 ffffea0001edcc00 dead000000000002
[  259.914056][   T55] raw: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000
[  259.922649][   T55] head: 00fff00000000040 ffff888015841dc0 ffffea0001edcc00 dead000000000002
[  259.931314][   T55] head: 0000000000000000 0000000000100010 00000001fdffffff 0000000000000000
[  259.939979][   T55] head: 00fff00000000003 ffffea000196a801 ffffffffffffffff 0000000000000000
[  259.948643][   T55] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  259.957301][   T55] page dumped because: kasan: bad access detected
[  259.963710][   T55] page_owner tracks the page as allocated
[  259.969411][   T55] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5441, tgid 5441 (syz-executor), ts 132445637981, free_ts 111884372470
[  259.990252][   T55]  post_alloc_hook+0x2d1/0x350
[  259.995015][   T55]  get_page_from_freelist+0x1351/0x2e50
[  260.000561][   T55]  __alloc_pages_noprof+0x22b/0x2460
[  260.005845][   T55]  alloc_slab_page+0x4e/0xf0
[  260.010435][   T55]  new_slab+0x84/0x260
[  260.014507][   T55]  ___slab_alloc+0xdac/0x1870
[  260.019190][   T55]  __slab_alloc.constprop.0+0x56/0xb0
[  260.024561][   T55]  __kmalloc_cache_noprof+0x2b4/0x300
[  260.029928][   T55]  batadv_hard_if_event+0xb94/0x1640
[  260.035212][   T55]  notifier_call_chain+0xb9/0x410
[  260.040241][   T55]  call_netdevice_notifiers_info+0xbe/0x140
[  260.046134][   T55]  register_netdevice+0x17a0/0x1e90
[  260.051326][   T55]  veth_newlink+0x366/0x9e0
[  260.055826][   T55]  __rtnl_newlink+0x1197/0x1920
[  260.060671][   T55]  rtnl_newlink+0x67/0xa0
[  260.064993][   T55]  rtnetlink_rcv_msg+0x3c7/0xea0
[  260.069923][   T55] page last free pid 5391 tgid 5390 stack trace:
[  260.076239][   T55]  free_unref_page+0x64a/0xe40
[  260.081000][   T55]  vfree+0x181/0x7a0
[  260.084893][   T55]  kcov_put+0x2a/0x40
[  260.088872][   T55]  kcov_close+0x10/0x20
[  260.093028][   T55]  __fput+0x408/0xbb0
[  260.097004][   T55]  task_work_run+0x14e/0x250
[  260.101597][   T55]  do_exit+0xaa3/0x2bb0
[  260.105744][   T55]  do_group_exit+0xd3/0x2a0
[  260.110242][   T55]  get_signal+0x25fd/0x2770
[  260.114747][   T55]  arch_do_signal_or_restart+0x90/0x7e0
[  260.120294][   T55]  syscall_exit_to_user_mode+0x150/0x2a0
[  260.125930][   T55]  do_syscall_64+0xda/0x250
[  260.130438][   T55]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.136335][   T55] 
[  260.138653][   T55] Memory state around the buggy address:
[  260.144270][   T55]  ffff888065aa2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  260.152322][   T55]  ffff888065aa2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  260.160375][   T55] >ffff888065aa3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  260.168425][   T55]                          ^
[  260.173002][   T55]  ffff888065aa3080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  260.181052][   T55]  ffff888065aa3100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  260.189100][   T55] ==================================================================
[  260.321113][   T55] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  260.328354][   T55] CPU: 1 UID: 0 PID: 55 Comm: kworker/u9:0 Not tainted 6.11.0-rc5-syzkaller #0
[  260.337307][   T55] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  260.347375][   T55] Workqueue: hci3 hci_rx_work
[  260.352074][   T55] Call Trace:
[  260.355361][   T55]  <TASK>
[  260.358296][   T55]  dump_stack_lvl+0x3d/0x1f0
[  260.362903][   T55]  panic+0x6dc/0x7c0
[  260.366815][   T55]  ? __pfx_panic+0x10/0x10
[  260.371247][   T55]  ? preempt_schedule_thunk+0x1a/0x30
[  260.376634][   T55]  ? preempt_schedule_common+0x44/0xc0
[  260.382123][   T55]  check_panic_on_warn+0xab/0xb0
[  260.387081][   T55]  end_report+0x117/0x180
[  260.391430][   T55]  kasan_report+0xe9/0x110
[  260.395869][   T55]  ? l2cap_send_cmd+0x788/0x920
[  260.400737][   T55]  ? l2cap_send_cmd+0x788/0x920
[  260.405604][   T55]  l2cap_send_cmd+0x788/0x920
[  260.410300][   T55]  l2cap_recv_frame+0x2360/0x8eb0
[  260.415354][   T55]  ? hci_rx_work+0xa87/0x1610
[  260.420043][   T55]  ? __pfx_lock_release+0x10/0x10
[  260.425085][   T55]  ? __pfx___lock_acquire+0x10/0x10
[  260.430306][   T55]  ? __pfx_l2cap_recv_frame+0x10/0x10
[  260.435710][   T55]  ? trace_contention_end+0xea/0x140
[  260.441016][   T55]  ? __mutex_unlock_slowpath+0x164/0x650
[  260.446678][   T55]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  260.452686][   T55]  ? hci_rx_work+0xa73/0x1610
[  260.457378][   T55]  ? hci_conn_enter_active_mode+0x219/0x360
[  260.463289][   T55]  ? __pfx_lock_release+0x10/0x10
[  260.468337][   T55]  ? __pfx_hci_conn_enter_active_mode+0x10/0x10
[  260.474602][   T55]  l2cap_recv_acldata+0x9b4/0xb70
[  260.479668][   T55]  hci_rx_work+0xaab/0x1610
[  260.484191][   T55]  process_one_work+0x9c5/0x1b40
[  260.489155][   T55]  ? __pfx_lock_acquire+0x10/0x10
[  260.494200][   T55]  ? __pfx_process_one_work+0x10/0x10
[  260.499595][   T55]  ? assign_work+0x1a0/0x250
[  260.504203][   T55]  worker_thread+0x6c8/0xed0
[  260.508816][   T55]  ? __pfx_worker_thread+0x10/0x10
[  260.513952][   T55]  kthread+0x2c1/0x3a0
[  260.518034][   T55]  ? _raw_spin_unlock_irq+0x23/0x50
[  260.523255][   T55]  ? __pfx_kthread+0x10/0x10
[  260.527860][   T55]  ret_from_fork+0x45/0x80
[  260.532302][   T55]  ? __pfx_kthread+0x10/0x10
[  260.536903][   T55]  ret_from_fork_asm+0x1a/0x30
[  260.541698][   T55]  </TASK>
[  260.544954][   T55] Kernel Offset: disabled
[  260.549287][   T55] Rebooting in 86400 seconds..