last executing test programs:

4m15.476950067s ago: executing program 1 (id=398):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000480)={0x0, 0x30, &(0x7f0000000440)=[@in={0x2, 0x0, @local}, @in={0x2, 0x0, @multicast2}, @in={0x2, 0x4e22, @private=0xa010102}]}, &(0x7f00000004c0)=0x10)
pipe(0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140))
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
socket$inet6(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0x80000000000008}, 0x18)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0x1c, 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
ioperm(0x0, 0xe4d, 0x2)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
ioperm(0x6, 0x4, 0x2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4m9.185513773s ago: executing program 1 (id=411):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socket$kcm(0x29, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000040)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r4, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$DEVLINK_CMD_GET(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
sendmsg$DEVLINK_CMD_PORT_SET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x81b0899d08014bea}, 0xc, &(0x7f0000000300)={&(0x7f0000000700)=ANY=[@ANYBLOB="c8000000", @ANYRES16, @ANYBLOB="00082cbd7000fedbdf2506000000080001007063690011000200303030303a30300331392e30000000000800030001000000060004000100000008000100ff63690011000200303030303a30303a31302e3000000000080003000300000006000400000000000e0001006e65b6ffe13436e98eb31fa732be9aae7464657673696d0000000f0002006e657464457673696d30000008000300020000000600040000000000080001007063690011000200303030303a30303a31302e300000000008000300010000000600040003000000b700f060ef78587248252143da75641376fa5bd0768297c8542f60f0535a28ecb8daf4714db5e9398867af5edf9501afb1c54305fe654bd7c4e172530ab6d9c24e1f49f8bd1de657"], 0xc8}, 0x1, 0x0, 0x0, 0x8}, 0x4080)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(0xffffffffffffffff, 0xc0385720, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
preadv(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/168, 0xa8}, {&(0x7f00000001c0)=""/219, 0xdb}], 0x2, 0x4, 0x80)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r5 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r5, 0x400448c8, &(0x7f0000000340)={r0, r0, 0x8, 0x1, &(0x7f0000000400)="e2", 0x8, 0x1, 0x458, 0x58, 0x8b, 0x0, 0x4, 'syz1\x00'})

4m8.281955203s ago: executing program 1 (id=414):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xb43, 0x86e, 0x0, 0x1, 0xd59f80, 0x19f2, 0x400, 0x19eb, 0x3, 0x3, 0x2804, 0x80000000, 0x43e, 0xd1, 0x5, 0x1, {0x8, 0xfffffffd}, 0xd0, 0x9}})
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000980)={0x2}, 0x10)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x84, &(0x7f0000000000)={0x0, @in={{0x2, 0x4e21, @broadcast}}, 0xfffd}, 0x90)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r6, 0x4048aecb, &(0x7f0000000080))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
setsockopt$TIPC_SRC_DROPPABLE(r3, 0x10f, 0x80, &(0x7f0000000080)=0x6, 0x4)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x12, r7, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(r8, 0x4068aea3, &(0x7f0000000440)={0x80, 0x0, 0x3})
ioctl$KVM_CAP_ARM_INJECT_SERROR_ESR(r2, 0x4068aea3, &(0x7f0000000340))
write(r3, &(0x7f0000000300)="240000001a005f0214f9f4070d0903001f000000fe050000000200000800040001000000", 0x24)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x4)
r12 = dup(r11)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r12, &(0x7f0000009000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)

4m3.71498589s ago: executing program 1 (id=423):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socket$kcm(0x29, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000040)=ANY=[], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_GET(r4, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, r5, 0x1, 0x0, 0x0, {0x54}}, 0x14}}, 0x0)
sendmsg$DEVLINK_CMD_PORT_SET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x81b0899d08014bea}, 0xc, &(0x7f0000000300)={&(0x7f0000000700)=ANY=[@ANYBLOB="c8000000", @ANYRES16=r5, @ANYBLOB="00082cbd7000fedbdf2506000000080001007063690011000200303030303a30300331392e30000000000800030001000000060004000100000008000100ff63690011000200303030303a30303a31302e3000000000080003000300000006000400000000000e0001006e65b6ffe13436e98eb31fa732be9aae7464657673696d0000000f0002006e657464457673696d30000008000300020000000600040000000000080001007063690011000200303030303a30303a31302e300000000008000300010000000600040003000000b700f060ef78587248252143da75641376fa5bd0768297c8542f60f0535a28ecb8daf4714db5e9398867af5edf9501afb1c54305fe654bd7c4e172530ab6d9c24e1f49f8bd1de657"], 0xc8}, 0x1, 0x0, 0x0, 0x8}, 0x4080)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(0xffffffffffffffff, 0xc0385720, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r6 = syz_open_procfs(0x0, 0x0)
preadv(r6, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/168, 0xa8}, {&(0x7f00000001c0)=""/219, 0xdb}], 0x2, 0x4, 0x80)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r7 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r7, 0x400448c8, &(0x7f0000000340)={r0, r0, 0x8, 0x1, &(0x7f0000000400)="e2", 0x8, 0x1, 0x458, 0x58, 0x8b, 0x0, 0x4, 'syz1\x00'})

4m2.646200704s ago: executing program 1 (id=424):
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x5)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f00000001c0)={0x2, {0x2, 0x4, 0x40}})
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
socket(0x0, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r4 = accept$alg(r3, 0x0, 0x0)
r5 = dup(r4)
r6 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0)
ftruncate(r6, 0x200004)
ioctl$int_in(r5, 0x5452, &(0x7f0000000080)=0x5327)
sendfile(r5, r6, 0x0, 0x80001d00c0d1)
r7 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSPTLCK(r7, 0x5423, &(0x7f0000000040)=0x1)
ioctl$TCGETS(r7, 0x5401, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x402, 0x0, 0x2}, 0x0, 0x0)
setsockopt$SO_J1939_FILTER(r5, 0x6b, 0x1, &(0x7f0000000000)=[{0x1, 0x3, {0x2, 0xff, 0x2}, {0x2, 0xff}, 0xfe}], 0x20)
setsockopt(r5, 0x1, 0x20, &(0x7f0000000040)="c04bfa0a", 0x4)

3m57.483774755s ago: executing program 1 (id=430):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000480)={0x0, 0x30, &(0x7f0000000440)=[@in={0x2, 0x0, @local}, @in={0x2, 0x0, @multicast2}, @in={0x2, 0x4e22, @private=0xa010102}]}, &(0x7f00000004c0)=0x10)
pipe(0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140))
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
socket$inet6(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
close(0xffffffffffffffff)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0x1c, 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
ioperm(0x0, 0xe4d, 0x2)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
ioperm(0x6, 0x4, 0x2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m56.523291897s ago: executing program 2 (id=432):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(0x0, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={0x0, &(0x7f0000001f80)=""/226, 0x1a, 0xe2, 0x2, 0x0, 0x0, @void, @value}, 0x20)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r4, 0x3ba0, &(0x7f00000000c0)={0x48, 0x2, r5, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, 0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
ioctl$IOMMU_DESTROY$stdev(r4, 0x3b80, &(0x7f0000000040)={0x8, r6})
io_setup(0x2, &(0x7f0000000180)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000240)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r8 = syz_io_uring_setup(0x5289, &(0x7f0000000080)={0x0, 0x7c95, 0x8, 0xfffffffc}, &(0x7f0000000000)=<r9=>0x0, &(0x7f00000001c0)=<r10=>0x0)
syz_io_uring_submit(r9, r10, 0x0)
io_uring_enter(r8, 0x3e5d, 0x0, 0x0, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000040)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)

3m54.624881374s ago: executing program 2 (id=437):
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x1, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1d, 0xc, &(0x7f0000000540)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r3}, 0x18)
r4 = userfaultfd(0x1)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x18})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r5, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe)
connect$vsock_stream(r5, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
shutdown(r5, 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x6, 0xbaa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r7)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="4d7e00000000000000002000000008002f000000000005003600000000000c0005000000000000000000050037000000000008000200", @ANYRES32, @ANYBLOB="06000600000000000600040000"], 0x50}, 0x4, 0x700000000000000}, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)="654a90ab7f0293ea790671ce6af97b06979b42577a5fac069397cc791d43600e746a806cdb85265767b604368b286522c4b604bd87ac3716ce1f45fd35fc0180", &(0x7f0000000180), 0xa7c, r6}, 0x38)

3m53.092187907s ago: executing program 2 (id=439):
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
close(r4)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000400)=ANY=[@ANYBLOB="300000002000010400000000000000000a0000000000000000000000140003006c6f000000000000000000000000000095b2d59cca589563ad0b567b329a6c1ac4c948af475a09927425a853109a96e9aa4272e9b37ae24c7dfad04f75aaaae72682542ce31efc08cb1d03c3f71e3f26bfdc3ae1242e8d53bc0664045a248b913265ef3ecfd5312f28a21346b587069dda87733848bb61199d423494c0de4cf724e9c813938aee8a44454daa42d267bdba87287dc57190b296f0693cee7c724d60"], 0x30}}, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x409, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x31}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x8}]}}}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xa4}}, 0x0)

3m51.130405142s ago: executing program 2 (id=443):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(&(0x7f00000000c0)='proc\x00', 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={0x0, &(0x7f0000001f80)=""/226, 0x1a, 0xe2, 0x2, 0x0, 0x0, @void, @value}, 0x20)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r4, 0x3ba0, &(0x7f00000000c0)={0x48, 0x2, r5, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, 0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
ioctl$IOMMU_DESTROY$stdev(r4, 0x3b80, &(0x7f0000000040)={0x8, r6})
io_setup(0x2, &(0x7f0000000180)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000240)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r8 = syz_io_uring_setup(0x5289, &(0x7f0000000080)={0x0, 0x7c95, 0x8, 0xfffffffc}, &(0x7f0000000000)=<r9=>0x0, &(0x7f00000001c0)=<r10=>0x0)
syz_io_uring_submit(r9, r10, 0x0)
io_uring_enter(r8, 0x3e5d, 0x0, 0x0, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000040)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)

3m47.883867115s ago: executing program 2 (id=446):
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
close(r4)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000400)=ANY=[@ANYBLOB="300000002000010400000000000000000a0000000000000000000000140003006c6f000000000000000000000000000095b2d59cca589563ad0b567b329a6c1ac4c948af475a09927425a853109a96e9aa4272e9b37ae24c7dfad04f75aaaae72682542ce31efc08cb1d03c3f71e3f26bfdc3ae1242e8d53bc0664045a248b913265ef3ecfd5312f28a21346b587069dda87733848bb61199d423494c0de4cf724e9c813938aee8a44454daa42d267bdba87287dc57190b296f0693cee7c724d60"], 0x30}}, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x409, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x31}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x8}]}}}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xa4}}, 0x0)
getpid()
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={{'fd', 0x3d, r7}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r7, &(0x7f0000006300)={0x2020}, 0x2020)

3m44.633096953s ago: executing program 2 (id=453):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000480)={0x0, 0x30, &(0x7f0000000440)=[@in={0x2, 0x0, @local}, @in={0x2, 0x0, @multicast2}, @in={0x2, 0x4e22, @private=0xa010102}]}, &(0x7f00000004c0)=0x10)
pipe(0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140))
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
socket$inet6(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
close(0xffffffffffffffff)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0x1c, 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
ioperm(0x0, 0xe4d, 0x2)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
ioperm(0x6, 0x4, 0x2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m42.286407465s ago: executing program 32 (id=430):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000480)={0x0, 0x30, &(0x7f0000000440)=[@in={0x2, 0x0, @local}, @in={0x2, 0x0, @multicast2}, @in={0x2, 0x4e22, @private=0xa010102}]}, &(0x7f00000004c0)=0x10)
pipe(0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140))
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
socket$inet6(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
close(0xffffffffffffffff)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0x1c, 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
ioperm(0x0, 0xe4d, 0x2)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
ioperm(0x6, 0x4, 0x2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m28.22128121s ago: executing program 33 (id=453):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000480)={0x0, 0x30, &(0x7f0000000440)=[@in={0x2, 0x0, @local}, @in={0x2, 0x0, @multicast2}, @in={0x2, 0x4e22, @private=0xa010102}]}, &(0x7f00000004c0)=0x10)
pipe(0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140))
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
socket$inet6(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
close(0xffffffffffffffff)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0x1c, 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000)
ioperm(0x0, 0xe4d, 0x2)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
ioperm(0x6, 0x4, 0x2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

11.881319666s ago: executing program 5 (id=845):
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x51)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')

11.021319652s ago: executing program 3 (id=846):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
getpid()
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x9, 0x6, 0x4, 0x7fc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000600), 0x0, 0x401, r2, 0x0, 0x100000000000000}, 0x38)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000003a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000052c00000900010073797a300000000078000000030a01030000000000000000050000000900010073797a30000000001c0008800c00024000000000000000000c00014000000000000000000900030073797a320000000008000a40000000032800048008000240000000000800014000000000140003"], 0xc0}}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
ptrace$getregset(0x4204, 0x0, 0x6, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000480)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f00000000c0), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

10.880092073s ago: executing program 5 (id=847):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x4008040, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000280)='./bus\x00', 0x1612c2, 0x8e)
r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(r3, r4, 0x0, 0x200)
sendmsg$kcm(r1, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000340)={'vxcan1\x00'})
syz_clone(0xa0320080, 0x0, 0x0, 0x0, 0x0, 0x0)

10.835341345s ago: executing program 4 (id=848):
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x51)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="02c9201ef8001a00050017a6160008000002cf000f00022983d6e91c716454001a4a08"], 0x23)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x169802, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
r5 = dup(r4)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='stack\x00')
pread64(r6, &(0x7f00000001c0)=""/204, 0xcc, 0x0)
ioctl$BLKRRPART(r5, 0x125f, 0x0)

10.045796699s ago: executing program 0 (id=849):
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x51)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="02c9201ef8001a00050017a6160008000002cf000f00022983d6e91c716454001a4a08"], 0x23)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x169802, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
dup(r4)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='stack\x00')
pread64(r5, &(0x7f00000001c0)=""/204, 0xcc, 0x0)

9.935600018s ago: executing program 4 (id=850):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$unix(0x1, 0x5, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000002280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000002240)={&(0x7f00000001c0)={0x24, 0x0, 0x400, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x19}, @val={0x8}, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40041}, 0x8050)
syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r4, &(0x7f0000001100)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x8000000}, 0x1c, &(0x7f0000000640)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x4040001)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, 0x0, 0x0)

9.8821978s ago: executing program 6 (id=851):
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x51)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="02c9201ef8001a00050017a6160008000002cf000f00022983d6e91c716454001a4a08"], 0x23)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x169802, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
r5 = dup(r4)
pread64(0xffffffffffffffff, &(0x7f00000001c0)=""/204, 0xcc, 0x0)
ioctl$BLKRRPART(r5, 0x125f, 0x0)

8.985949648s ago: executing program 0 (id=852):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x4008040, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
open(&(0x7f0000000280)='./bus\x00', 0x1612c2, 0x8e)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendmsg$kcm(r1, 0x0, 0x0)
sendmsg$kcm(r1, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000340)={'vxcan1\x00'})
syz_clone(0xa0320080, 0x0, 0x0, 0x0, 0x0, 0x0)

8.489176264s ago: executing program 4 (id=853):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x4008040, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000280)='./bus\x00', 0x1612c2, 0x8e)
r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(r3, r4, 0x0, 0x200)
sendmsg$kcm(r1, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000340)={'vxcan1\x00'})
syz_clone(0xa0320080, 0x0, 0x0, 0x0, 0x0, 0x0)

8.287842683s ago: executing program 6 (id=854):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x4008040, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000280)='./bus\x00', 0x1612c2, 0x8e)
r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(r3, r4, 0x0, 0x200)
sendmsg$kcm(r1, 0x0, 0x0)
sendmsg$kcm(r1, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000340)={'vxcan1\x00'})
syz_clone(0xa0320080, 0x0, 0x0, 0x0, 0x0, 0x0)

8.109977879s ago: executing program 5 (id=855):
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x51)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="02c9201ef8001a00050017a6160008000002cf000f00022983d6e91c716454001a4a08"], 0x23)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x169802, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
dup(r4)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='stack\x00')
pread64(r5, &(0x7f00000001c0)=""/204, 0xcc, 0x0)

7.213180303s ago: executing program 5 (id=856):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x4008040, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x200)
sendmsg$kcm(r1, 0x0, 0x0)
sendmsg$kcm(r1, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000340)={'vxcan1\x00'})
syz_clone(0xa0320080, 0x0, 0x0, 0x0, 0x0, 0x0)

7.133273456s ago: executing program 0 (id=857):
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x51)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="02c9201ef8001a00050017a6160008000002cf000f00022983d6e91c716454001a4a08"], 0x23)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x169802, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
r5 = dup(r4)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='stack\x00')
ioctl$BLKRRPART(r5, 0x125f, 0x0)

7.124956815s ago: executing program 4 (id=858):
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x51)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="02c9201ef8001a00050017a6160008000002cf000f00022983d6e91c716454001a4a08"], 0x23)
socket$nl_route(0x10, 0x3, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
r4 = dup(0xffffffffffffffff)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='stack\x00')
pread64(r5, &(0x7f00000001c0)=""/204, 0xcc, 0x0)
ioctl$BLKRRPART(r4, 0x125f, 0x0)

7.010051997s ago: executing program 6 (id=859):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'})
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe05000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r6, 0x0, 0x5)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@typedef={0x2, 0x0, 0x0, 0x8, 0x1}, @typedef={0xd, 0x0, 0x0, 0x8, 0x3}]}, {0x0, [0x61, 0x30]}}, 0x0, 0x34, 0x0, 0x1, 0x0, 0x10000, @value}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='\n\x00\x00', @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB], 0x50)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000003c0)={r1, r5, 0x0, 0x1, &(0x7f00000001c0)='\x00'}, 0x30)
ioctl$VIDIOC_CREATE_BUFS(r7, 0xc100565c, &(0x7f00000013c0)={0x3, 0x2, 0x2, {0x5, @vbi={0xb5, 0x0, 0x80003, 0x0, [0xfffffffc, 0x8000000], [0x8200, 0x1]}}})
ioctl$VIDIOC_QBUF(r7, 0xc058565d, &(0x7f0000000080)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0xc, 0x0, 0x0, 0x0, 0x0, "8000"}, 0x0, 0x2, {}, 0x18603})
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000001a00), 0x2, 0x0)
process_vm_readv(0x0, &(0x7f0000008400), 0x0, &(0x7f0000008640), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000791200000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

6.503437354s ago: executing program 3 (id=860):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)

6.251625801s ago: executing program 3 (id=861):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010700000000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)={0xa8, r4, 0x5, 0x42, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_HE_OBSS_PD={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @beacon=[@NL80211_ATTR_BEACON_HEAD={0x70, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x4}, @device_a, @device_b, @from_mac, {0x6, 0x1}}, 0x1, @default, 0x1400, @void, @void, @void, @void, @void, @val={0x5, 0x3, {0x40, 0x60, 0xaf}}, @val={0x25, 0x3, {0x1, 0xb2, 0x2}}, @val={0x2a, 0x1}, @val={0x3c, 0x4, {0x1, 0x76, 0xb7, 0x65}}, @val={0x2d, 0x1a, {0xd7a9c66bf4d601a9, 0x2, 0x4, 0x0, {0x888c, 0x6, 0x0, 0x3, 0x0, 0x1, 0x0, 0x2, 0x1}, 0x800, 0x3a5, 0x9}}, @val={0x72, 0x6}, @val={0x71, 0x7, {0x1, 0x1, 0x0, 0x1, 0x2, 0x5, 0x69}}, @val={0x76, 0x6, {0xe, 0x5, 0x1f, 0x81e}}}}]]}, 0xa8}}, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000002280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000002240)={&(0x7f00000001c0)={0x24, r3, 0x400, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x19}, @val={0x8, 0x3, r6}, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40041}, 0x8050)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
r7 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r8, &(0x7f0000001100)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x8000000}, 0x1c, &(0x7f0000000640)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x4040001)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r8, 0x84, 0x6, &(0x7f0000000100)={0x0, @in6={{0xa, 0x4e23, 0x2, @loopback}}}, 0x84)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x2200c0c0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020}, 0x2020)

6.126127015s ago: executing program 4 (id=862):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x4008040, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000280)='./bus\x00', 0x1612c2, 0x8e)
r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x200)
sendmsg$kcm(r1, 0x0, 0x0)
sendmsg$kcm(r1, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000340)={'vxcan1\x00'})
syz_clone(0xa0320080, 0x0, 0x0, 0x0, 0x0, 0x0)

6.123729843s ago: executing program 0 (id=863):
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x51)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="02c9201ef8001a00050017a6160008000002cf000f00022983d6e91c716454001a4a08"], 0x23)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x169802, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
r5 = dup(r4)
pread64(0xffffffffffffffff, &(0x7f00000001c0)=""/204, 0xcc, 0x0)
ioctl$BLKRRPART(r5, 0x125f, 0x0)

4.106466103s ago: executing program 6 (id=864):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x9, 0x6, 0x4, 0x7fc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000600), 0x0, 0x401, r3, 0x0, 0x100000000000000}, 0x38)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000003a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000052c00000900010073797a300000000078000000030a01030000000000000000050000000900010073797a30000000001c0008800c00024000000000000000000c00014000000000000000000900030073797a320000000008000a40000000032800048008000240000000000800014000000000140003"], 0xc0}}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
ptrace$getregset(0x4204, 0x0, 0x6, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_procs(r6, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
sendfile(r7, r7, 0x0, 0x1)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

4.102955123s ago: executing program 3 (id=865):
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x51)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="02c9201ef8001a00050017a6160008000002cf000f00022983d6e91c716454001a4a08"], 0x23)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x169802, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
r5 = dup(r4)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='stack\x00')
ioctl$BLKRRPART(r5, 0x125f, 0x0)

4.100274676s ago: executing program 0 (id=866):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x4008040, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000280)='./bus\x00', 0x1612c2, 0x8e)
r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(r3, r4, 0x0, 0x200)
sendmsg$kcm(r1, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000340)={'vxcan1\x00'})
syz_clone(0xa0320080, 0x0, 0x0, 0x0, 0x0, 0x0)

3.173556624s ago: executing program 5 (id=867):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="010700000000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)={0xa8, r4, 0x5, 0x42, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_HE_OBSS_PD={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @beacon=[@NL80211_ATTR_BEACON_HEAD={0x70, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x4}, @device_a, @device_b, @from_mac, {0x6, 0x1}}, 0x1, @default, 0x1400, @void, @void, @void, @void, @void, @val={0x5, 0x3, {0x40, 0x60, 0xaf}}, @val={0x25, 0x3, {0x1, 0xb2, 0x2}}, @val={0x2a, 0x1}, @val={0x3c, 0x4, {0x1, 0x76, 0xb7, 0x65}}, @val={0x2d, 0x1a, {0xd7a9c66bf4d601a9, 0x2, 0x4, 0x0, {0x888c, 0x6, 0x0, 0x3, 0x0, 0x1, 0x0, 0x2, 0x1}, 0x800, 0x3a5, 0x9}}, @val={0x72, 0x6}, @val={0x71, 0x7, {0x1, 0x1, 0x0, 0x1, 0x2, 0x5, 0x69}}, @val={0x76, 0x6, {0xe, 0x5, 0x1f, 0x81e}}}}]]}, 0xa8}}, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000002280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000002240)={&(0x7f00000001c0)={0x24, 0x0, 0x400, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x19}, @val={0x8, 0x3, r6}, @void}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40041}, 0x8050)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r7 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r8, &(0x7f0000001100)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x8000000}, 0x1c, &(0x7f0000000640)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x4040001)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r8, 0x84, 0x6, &(0x7f0000000100)={0x0, @in6={{0xa, 0x4e23, 0x2, @loopback}}}, 0x84)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x2200c0c0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020}, 0x2020)

3.140280603s ago: executing program 6 (id=868):
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x51)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="02c9201ef8001a00050017a6160008000002cf000f00022983d6e91c716454001a4a08"], 0x23)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x169802, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
dup(r4)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='stack\x00')
pread64(r5, &(0x7f00000001c0)=""/204, 0xcc, 0x0)

2.995646008s ago: executing program 3 (id=869):
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x51)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="02c9201ef8001a00050017a6160008000002cf000f00022983d6e91c716454001a4a08"], 0x23)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x169802, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
r5 = dup(r4)
pread64(0xffffffffffffffff, &(0x7f00000001c0)=""/204, 0xcc, 0x0)
ioctl$BLKRRPART(r5, 0x125f, 0x0)

2.007715107s ago: executing program 5 (id=870):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x5c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x4008040, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
r3 = open(&(0x7f0000000280)='./bus\x00', 0x1612c2, 0x8e)
r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
creat(0x0, 0x0)
sendfile(r3, r4, 0x0, 0x200)
sendmsg$kcm(r1, 0x0, 0x0)
sendmsg$kcm(r1, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000340)={'vxcan1\x00'})
syz_clone(0xa0320080, 0x0, 0x0, 0x0, 0x0, 0x0)

2.005293107s ago: executing program 6 (id=871):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
socket(0x10, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r5 = openat$cgroup_devices(r4, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0)
syz_io_uring_setup(0x24fa, &(0x7f0000000400)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r8, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
write$cgroup_devices(r5, 0x0, 0x8)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, 0x0, 0x0)

1.94633829s ago: executing program 0 (id=872):
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x51)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="02c9201ef8001a00050017a6160008000002cf000f00022983d6e91c716454001a4a08"], 0x23)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x169802, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
dup(r4)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='stack\x00')
pread64(r5, &(0x7f00000001c0)=""/204, 0xcc, 0x0)

731.160799ms ago: executing program 3 (id=873):
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x51)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="02c9201ef8001a00050017a6160008000002cf000f00022983d6e91c716454001a4a08"], 0x23)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x169802, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
r5 = dup(r4)
pread64(0xffffffffffffffff, &(0x7f00000001c0)=""/204, 0xcc, 0x0)
ioctl$BLKRRPART(r5, 0x125f, 0x0)

0s ago: executing program 4 (id=874):
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
socket$inet_mptcp(0x2, 0x1, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x51)
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="02c9201ef8001a00050017a6160008000002cf000f00022983d6e91c716454001a4a08"], 0x23)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x169802, 0x0)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
r5 = dup(r4)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='stack\x00')
ioctl$BLKRRPART(r5, 0x125f, 0x0)

kernel console output (not intermixed with test programs):

.611154][ T5837] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   54.619230][ T5836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   54.625686][ T5837] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   54.634360][ T5836] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   54.641690][ T5837] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   54.646423][ T5836] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   54.659760][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   54.667125][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   54.672473][ T5837] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   54.684600][ T5837] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   54.684713][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   54.693477][ T5839] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   54.705870][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   54.713911][ T5839] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   54.718169][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   54.723282][ T5837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   54.728768][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   54.743212][   T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   54.745798][ T5837] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   54.750734][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   54.757718][ T5837] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   54.782740][ T5837] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   54.801242][ T5832] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   54.808633][ T5832] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   55.074432][ T5823] chnl_net:caif_netlink_parms(): no params data found
[   55.102276][ T5822] chnl_net:caif_netlink_parms(): no params data found
[   55.275065][ T5831] chnl_net:caif_netlink_parms(): no params data found
[   55.287512][ T5834] chnl_net:caif_netlink_parms(): no params data found
[   55.313265][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.320927][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.328294][ T5823] bridge_slave_0: entered allmulticast mode
[   55.336246][ T5823] bridge_slave_0: entered promiscuous mode
[   55.346243][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.353446][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.360587][ T5823] bridge_slave_1: entered allmulticast mode
[   55.367399][ T5823] bridge_slave_1: entered promiscuous mode
[   55.377675][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.385605][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.393881][ T5822] bridge_slave_0: entered allmulticast mode
[   55.400326][ T5822] bridge_slave_0: entered promiscuous mode
[   55.421168][ T5827] chnl_net:caif_netlink_parms(): no params data found
[   55.448043][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.455186][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.462433][ T5822] bridge_slave_1: entered allmulticast mode
[   55.468840][ T5822] bridge_slave_1: entered promiscuous mode
[   55.493091][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.518825][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   55.532321][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.543786][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   55.613539][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.620677][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.627929][ T5831] bridge_slave_0: entered allmulticast mode
[   55.634601][ T5831] bridge_slave_0: entered promiscuous mode
[   55.651766][ T5823] team0: Port device team_slave_0 added
[   55.657760][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.664929][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.672165][ T5834] bridge_slave_0: entered allmulticast mode
[   55.678949][ T5834] bridge_slave_0: entered promiscuous mode
[   55.688147][ T5822] team0: Port device team_slave_0 added
[   55.709550][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.716760][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.724024][ T5831] bridge_slave_1: entered allmulticast mode
[   55.730525][ T5831] bridge_slave_1: entered promiscuous mode
[   55.738671][ T5823] team0: Port device team_slave_1 added
[   55.745237][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.753017][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.760142][ T5834] bridge_slave_1: entered allmulticast mode
[   55.766718][ T5834] bridge_slave_1: entered promiscuous mode
[   55.781824][ T5822] team0: Port device team_slave_1 added
[   55.794818][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.802606][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.809715][ T5827] bridge_slave_0: entered allmulticast mode
[   55.817054][ T5827] bridge_slave_0: entered promiscuous mode
[   55.847339][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.856673][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.864365][ T5827] bridge_slave_1: entered allmulticast mode
[   55.870856][ T5827] bridge_slave_1: entered promiscuous mode
[   55.892068][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.903381][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   55.914377][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0
[   55.921960][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.948290][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   55.968274][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.979479][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   55.989191][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[   55.996475][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.022682][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.039939][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.046952][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.073008][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.093345][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.108948][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.116836][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.143093][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.173682][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.198767][ T5831] team0: Port device team_slave_0 added
[   56.209717][ T5834] team0: Port device team_slave_0 added
[   56.222996][ T5834] team0: Port device team_slave_1 added
[   56.235532][ T5827] team0: Port device team_slave_0 added
[   56.242706][ T5831] team0: Port device team_slave_1 added
[   56.276683][ T5827] team0: Port device team_slave_1 added
[   56.295073][ T5823] hsr_slave_0: entered promiscuous mode
[   56.301697][ T5823] hsr_slave_1: entered promiscuous mode
[   56.337207][ T5822] hsr_slave_0: entered promiscuous mode
[   56.343733][ T5822] hsr_slave_1: entered promiscuous mode
[   56.350314][ T5822] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   56.358422][ T5822] Cannot create hsr debugfs directory
[   56.365717][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.372799][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.398929][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.410390][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.417624][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.444058][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.468093][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.475465][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.501934][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.513649][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.520599][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.546844][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.558385][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.565670][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.592007][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.630257][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.637399][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.663463][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.742762][ T5834] hsr_slave_0: entered promiscuous mode
[   56.748822][ T5834] hsr_slave_1: entered promiscuous mode
[   56.755318][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   56.763079][ T5834] Cannot create hsr debugfs directory
[   56.771683][ T5832] Bluetooth: hci0: command tx timeout
[   56.771880][ T5829] Bluetooth: hci1: command tx timeout
[   56.789347][ T5831] hsr_slave_0: entered promiscuous mode
[   56.795548][ T5831] hsr_slave_1: entered promiscuous mode
[   56.801851][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   56.809433][ T5831] Cannot create hsr debugfs directory
[   56.851204][ T5829] Bluetooth: hci3: command tx timeout
[   56.861596][ T5829] Bluetooth: hci4: command tx timeout
[   56.861602][ T5832] Bluetooth: hci2: command tx timeout
[   56.865892][ T5827] hsr_slave_0: entered promiscuous mode
[   56.880369][ T5827] hsr_slave_1: entered promiscuous mode
[   56.886476][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   56.894102][ T5827] Cannot create hsr debugfs directory
[   57.090464][ T5823] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   57.108703][ T5823] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   57.118591][ T5823] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   57.127609][ T5823] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   57.172824][ T5822] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   57.184555][ T5822] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   57.193802][ T5822] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   57.213917][ T5822] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   57.260516][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   57.271978][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   57.296506][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   57.319632][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   57.374425][ T5827] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   57.399115][ T5827] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   57.410469][ T5827] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   57.434336][ T5827] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   57.446527][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.499266][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[   57.510018][ T5834] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   57.523790][ T5834] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   57.544516][ T5834] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   57.553367][ T5834] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   57.565330][   T80] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.572646][   T80] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.606694][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.613870][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.644658][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.707918][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.720414][ T5822] 8021q: adding VLAN 0 to HW filter on device team0
[   57.764181][  T763] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.771897][  T763] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.797289][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   57.808811][   T80] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.816070][   T80] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.847290][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.857355][   T80] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.864522][   T80] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.879180][   T29] kauditd_printk_skb: 13 callbacks suppressed
[   57.879195][   T29] audit: type=1400 audit(1731165104.448:111): avc:  denied  { sys_module } for  pid=5823 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   57.895054][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.944892][   T80] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.952106][   T80] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.968426][ T5827] 8021q: adding VLAN 0 to HW filter on device team0
[   58.004943][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.012165][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.024449][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.031579][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.056090][ T5834] 8021q: adding VLAN 0 to HW filter on device team0
[   58.087524][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.094715][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[   58.128966][ T5827] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   58.145276][ T5827] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   58.177252][   T80] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.184424][   T80] bridge0: port 2(bridge_slave_1) entered forwarding state
[   58.225663][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.376665][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.457594][ T5823] veth0_vlan: entered promiscuous mode
[   58.482952][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.495171][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.508631][ T5822] veth0_vlan: entered promiscuous mode
[   58.530247][ T5823] veth1_vlan: entered promiscuous mode
[   58.563168][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.601944][ T5822] veth1_vlan: entered promiscuous mode
[   58.632174][ T5823] veth0_macvtap: entered promiscuous mode
[   58.662915][ T5831] veth0_vlan: entered promiscuous mode
[   58.675626][ T5823] veth1_macvtap: entered promiscuous mode
[   58.703393][ T5834] veth0_vlan: entered promiscuous mode
[   58.730182][ T5831] veth1_vlan: entered promiscuous mode
[   58.749004][ T5834] veth1_vlan: entered promiscuous mode
[   58.780627][ T5822] veth0_macvtap: entered promiscuous mode
[   58.790698][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.806438][ T5831] veth0_macvtap: entered promiscuous mode
[   58.819615][ T5822] veth1_macvtap: entered promiscuous mode
[   58.829301][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.850123][ T5823] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.859255][ T5829] Bluetooth: hci0: command tx timeout
[   58.862465][ T5829] Bluetooth: hci1: command tx timeout
[   58.869380][ T5823] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.880390][ T5823] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.892557][ T5823] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.904125][ T5831] veth1_macvtap: entered promiscuous mode
[   58.924377][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.936338][ T5829] Bluetooth: hci2: command tx timeout
[   58.936353][ T5832] Bluetooth: hci4: command tx timeout
[   58.942002][ T5829] Bluetooth: hci3: command tx timeout
[   58.954650][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.966110][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.993266][ T5822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   59.004142][ T5822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.015828][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1
[   59.028048][ T5822] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.036881][ T5822] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.045863][ T5822] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.054915][ T5822] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   59.083269][ T5834] veth0_macvtap: entered promiscuous mode
[   59.105637][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.117126][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.127380][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.137912][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.149144][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   59.163045][ T5834] veth1_macvtap: entered promiscuous mode
[   59.181843][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   59.194419][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.204639][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   59.215948][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.226654][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   59.238625][ T5831] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.247789][ T5831] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.257329][ T5831] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.266455][ T5831] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   59.305682][ T5827] veth0_vlan: entered promiscuous mode
[   59.315989][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.327058][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.341657][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.352208][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.362114][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.372654][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.383462][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0
[   59.409915][ T5827] veth1_vlan: entered promiscuous mode
[   59.429492][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   59.440144][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.450164][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   59.460650][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.470772][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   59.482394][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.493950][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1
[   59.529100][ T5834] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.538063][ T5834] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.547078][ T5834] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.556114][ T5834] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   59.589323][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.597435][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.638581][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.647992][ T5827] veth0_macvtap: entered promiscuous mode
[   59.659879][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.682260][ T5827] veth1_macvtap: entered promiscuous mode
[   59.690503][   T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.705186][   T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.727876][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.739622][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.749876][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.760705][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.770636][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.781283][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.791142][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.801897][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.813230][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0
[   59.835812][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   59.846461][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.857113][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   59.868312][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.878255][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   59.888815][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.898842][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   59.909384][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.920323][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1
[   59.939021][ T3020] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.949345][ T3020] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.959681][ T5827] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.968743][ T5827] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.978821][ T5827] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.987675][ T5827] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   59.998693][   T80] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   60.012542][   T80] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   60.039762][   T29] audit: type=1400 audit(1731165106.608:112): avc:  denied  { mounton } for  pid=5823 comm="syz-executor" path="/root/syzkaller.wJUB2Q/syz-tmp" dev="sda1" ino=1944 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   60.076829][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   60.091548][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   60.121455][   T29] audit: type=1400 audit(1731165106.608:113): avc:  denied  { mount } for  pid=5823 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   60.144967][   T29] audit: type=1400 audit(1731165106.608:114): avc:  denied  { mounton } for  pid=5823 comm="syz-executor" path="/root/syzkaller.wJUB2Q/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   60.170618][   T29] audit: type=1400 audit(1731165106.608:115): avc:  denied  { mount } for  pid=5823 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   60.198738][   T29] audit: type=1400 audit(1731165106.608:116): avc:  denied  { mounton } for  pid=5823 comm="syz-executor" path="/root/syzkaller.wJUB2Q/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   60.238858][ T3020] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   60.250513][ T3020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   60.270385][ T5822] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   60.317185][   T29] audit: type=1400 audit(1731165106.608:117): avc:  denied  { mounton } for  pid=5823 comm="syz-executor" path="/root/syzkaller.wJUB2Q/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=7035 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   60.381371][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   60.389233][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   60.390647][ T5908] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1'.
[   60.428775][   T29] audit: type=1400 audit(1731165106.608:118): avc:  denied  { unmount } for  pid=5823 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   60.500839][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   60.521280][   T29] audit: type=1400 audit(1731165106.638:119): avc:  denied  { mounton } for  pid=5823 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=2724 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   60.535926][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   60.547579][  T763] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   60.691728][   T29] audit: type=1400 audit(1731165106.648:120): avc:  denied  { mount } for  pid=5823 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   60.715735][  T763] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.161825][ T5829] Bluetooth: hci1: command tx timeout
[   61.167379][ T5829] Bluetooth: hci0: command tx timeout
[   61.173825][ T5829] Bluetooth: hci4: command tx timeout
[   61.179257][ T5829] Bluetooth: hci2: command tx timeout
[   61.184722][ T5829] Bluetooth: hci3: command tx timeout
[   61.198379][   T54] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[   61.211040][   T54] CPU: 0 UID: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.12.0-rc6-syzkaller-00272-gda4373fbcf00 #0
[   61.221754][   T54] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   61.231831][   T54] Workqueue: hci1 hci_rx_work
[   61.236578][   T54] Call Trace:
[   61.239867][   T54]  <TASK>
[   61.242805][   T54]  dump_stack_lvl+0x16c/0x1f0
[   61.247528][   T54]  sysfs_warn_dup+0x7f/0xa0
[   61.252138][   T54]  sysfs_create_dir_ns+0x24d/0x2b0
[   61.257277][   T54]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   61.262940][   T54]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   61.268333][   T54]  ? kobject_add_internal+0x12d/0x990
[   61.273715][   T54]  ? do_raw_spin_unlock+0x172/0x230
[   61.278916][   T54]  kobject_add_internal+0x2c8/0x990
[   61.284113][   T54]  kobject_add+0x16f/0x240
[   61.288524][   T54]  ? __pfx_kobject_add+0x10/0x10
[   61.293460][   T54]  ? kobject_put+0xab/0x5a0
[   61.297956][   T54]  device_add+0x289/0x1a70
[   61.302370][   T54]  ? __pfx_dev_set_name+0x10/0x10
[   61.307388][   T54]  ? __pfx_device_add+0x10/0x10
[   61.312241][   T54]  ? mgmt_send_event_skb+0x2f2/0x460
[   61.317531][   T54]  hci_conn_add_sysfs+0x17e/0x230
[   61.322564][   T54]  le_conn_complete_evt+0x1078/0x1d80
[   61.327942][   T54]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   61.333659][   T54]  ? trace_contention_end+0xea/0x140
[   61.338948][   T54]  hci_le_enh_conn_complete_evt+0x23d/0x380
[   61.344842][   T54]  ? skb_pull_data+0x166/0x210
[   61.349600][   T54]  hci_le_meta_evt+0x2e2/0x5d0
[   61.354362][   T54]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   61.360774][   T54]  hci_event_packet+0x666/0x1180
[   61.365706][   T54]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   61.371001][   T54]  ? __pfx_hci_event_packet+0x10/0x10
[   61.376385][   T54]  ? mark_held_locks+0x9f/0xe0
[   61.381149][   T54]  ? kcov_remote_start+0x3cf/0x6e0
[   61.386253][   T54]  ? lockdep_hardirqs_on+0x7c/0x110
[   61.391457][   T54]  hci_rx_work+0x2c6/0x16c0
[   61.395962][   T54]  ? lock_acquire+0x2f/0xb0
[   61.400464][   T54]  ? process_one_work+0x921/0x1ba0
[   61.405588][   T54]  process_one_work+0x9c5/0x1ba0
[   61.410529][   T54]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   61.416157][   T54]  ? __pfx_process_one_work+0x10/0x10
[   61.421564][   T54]  ? assign_work+0x1a0/0x250
[   61.426176][   T54]  worker_thread+0x6c8/0xf00
[   61.430768][   T54]  ? __pfx_worker_thread+0x10/0x10
[   61.435872][   T54]  kthread+0x2c1/0x3a0
[   61.439937][   T54]  ? _raw_spin_unlock_irq+0x23/0x50
[   61.445134][   T54]  ? __pfx_kthread+0x10/0x10
[   61.449718][   T54]  ret_from_fork+0x45/0x80
[   61.454123][   T54]  ? __pfx_kthread+0x10/0x10
[   61.458708][   T54]  ret_from_fork_asm+0x1a/0x30
[   61.463479][   T54]  </TASK>
[   61.498762][   T54] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   61.513438][   T54] Bluetooth: hci1: failed to register connection device
[   61.821384][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   61.823190][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   62.975491][   T29] kauditd_printk_skb: 34 callbacks suppressed
[   62.975509][   T29] audit: type=1400 audit(1731165108.648:155): avc:  denied  { create } for  pid=5922 comm="syz.2.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   62.975539][   T29] audit: type=1400 audit(1731165108.658:156): avc:  denied  { read } for  pid=5922 comm="syz.2.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   62.975557][   T29] audit: type=1400 audit(1731165108.728:157): avc:  denied  { write } for  pid=5922 comm="syz.2.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   62.981490][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   63.254802][ T5927] tty tty25: ldisc open failed (-12), clearing slot 24
[   63.353776][   T54] Bluetooth: hci3: command tx timeout
[   63.359228][   T54] Bluetooth: hci2: command tx timeout
[   63.367729][ T5829] Bluetooth: hci4: command tx timeout
[   63.381050][ T5829] Bluetooth: hci0: command tx timeout
[   63.387207][ T5829] Bluetooth: hci1: command tx timeout
[   64.511703][   T29] audit: type=1400 audit(1731165110.768:158): avc:  denied  { accept } for  pid=5932 comm="syz.3.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   64.962714][   T29] audit: type=1400 audit(1731165111.318:159): avc:  denied  { write } for  pid=5932 comm="syz.3.8" path="socket:[8484]" dev="sockfs" ino=8484 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   65.175686][   T29] audit: type=1400 audit(1731165111.418:160): avc:  denied  { setopt } for  pid=5932 comm="syz.3.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   65.347745][   T29] audit: type=1400 audit(1731165111.458:161): avc:  denied  { create } for  pid=5934 comm="syz.2.7" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   65.367393][   T29] audit: type=1400 audit(1731165111.808:162): avc:  denied  { read write } for  pid=5947 comm="syz.2.9" name="vhost-vsock" dev="devtmpfs" ino=1275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   65.391057][   T29] audit: type=1400 audit(1731165111.808:163): avc:  denied  { open } for  pid=5947 comm="syz.2.9" path="/dev/vhost-vsock" dev="devtmpfs" ino=1275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   66.688288][   T29] audit: type=1400 audit(1731165112.848:164): avc:  denied  { prog_run } for  pid=5947 comm="syz.2.9" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   69.206585][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[   69.217208][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/u9:4 Not tainted 6.12.0-rc6-syzkaller-00272-gda4373fbcf00 #0
[   69.228093][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   69.238336][ T5832] Workqueue: hci4 hci_rx_work
[   69.243045][ T5832] Call Trace:
[   69.246328][ T5832]  <TASK>
[   69.249264][ T5832]  dump_stack_lvl+0x16c/0x1f0
[   69.253963][ T5832]  sysfs_warn_dup+0x7f/0xa0
[   69.258485][ T5832]  sysfs_create_dir_ns+0x24d/0x2b0
[   69.263613][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   69.269261][ T5832]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   69.274653][ T5832]  ? kobject_add_internal+0x12d/0x990
[   69.280050][ T5832]  ? do_raw_spin_unlock+0x172/0x230
[   69.285270][ T5832]  kobject_add_internal+0x2c8/0x990
[   69.290493][ T5832]  kobject_add+0x16f/0x240
[   69.294933][ T5832]  ? __pfx_kobject_add+0x10/0x10
[   69.299887][ T5832]  ? class_to_subsys+0x3e/0x160
[   69.304754][ T5832]  ? do_raw_spin_unlock+0x172/0x230
[   69.309974][ T5832]  ? kobject_put+0xab/0x5a0
[   69.314504][ T5832]  device_add+0x289/0x1a70
[   69.318934][ T5832]  ? __pfx_dev_set_name+0x10/0x10
[   69.323983][ T5832]  ? __pfx_device_add+0x10/0x10
[   69.328855][ T5832]  ? mgmt_send_event_skb+0x2f2/0x460
[   69.334170][ T5832]  hci_conn_add_sysfs+0x17e/0x230
[   69.339220][ T5832]  le_conn_complete_evt+0x1078/0x1d80
[   69.344708][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   69.350444][ T5832]  ? trace_contention_end+0xea/0x140
[   69.355750][ T5832]  hci_le_enh_conn_complete_evt+0x23d/0x380
[   69.361670][ T5832]  ? skb_pull_data+0x166/0x210
[   69.366448][ T5832]  hci_le_meta_evt+0x2e2/0x5d0
[   69.371233][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   69.377687][ T5832]  hci_event_packet+0x666/0x1180
[   69.382660][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   69.387984][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[   69.393394][ T5832]  ? mark_held_locks+0x9f/0xe0
[   69.398186][ T5832]  ? kcov_remote_start+0x3cf/0x6e0
[   69.403324][ T5832]  ? lockdep_hardirqs_on+0x7c/0x110
[   69.408534][ T5832]  hci_rx_work+0x2c6/0x16c0
[   69.413048][ T5832]  ? lock_acquire+0x2f/0xb0
[   69.417544][ T5832]  ? process_one_work+0x921/0x1ba0
[   69.422655][ T5832]  process_one_work+0x9c5/0x1ba0
[   69.427598][ T5832]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   69.433226][ T5832]  ? __pfx_process_one_work+0x10/0x10
[   69.438608][ T5832]  ? assign_work+0x1a0/0x250
[   69.443201][ T5832]  worker_thread+0x6c8/0xf00
[   69.447804][ T5832]  ? __pfx_worker_thread+0x10/0x10
[   69.452907][ T5832]  kthread+0x2c1/0x3a0
[   69.456967][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[   69.462161][ T5832]  ? __pfx_kthread+0x10/0x10
[   69.466743][ T5832]  ret_from_fork+0x45/0x80
[   69.471153][ T5832]  ? __pfx_kthread+0x10/0x10
[   69.475740][ T5832]  ret_from_fork_asm+0x1a/0x30
[   69.480528][ T5832]  </TASK>
[   69.519213][ T5832] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   70.456476][ T5832] Bluetooth: hci4: failed to register connection device
[   70.487370][   T29] kauditd_printk_skb: 5 callbacks suppressed
[   70.487409][   T29] audit: type=1400 audit(1731165116.218:170): avc:  denied  { setopt } for  pid=5973 comm="syz.1.15" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   70.513536][   T29] audit: type=1400 audit(1731165116.218:171): avc:  denied  { read } for  pid=5973 comm="syz.1.15" name="sg0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   70.795719][   T29] audit: type=1400 audit(1731165116.218:172): avc:  denied  { open } for  pid=5973 comm="syz.1.15" path="/dev/sg0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   71.350483][   T29] audit: type=1400 audit(1731165116.228:173): avc:  denied  { ioctl } for  pid=5973 comm="syz.1.15" path="/dev/sg0" dev="devtmpfs" ino=710 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   71.591127][   T29] audit: type=1400 audit(1731165116.228:174): avc:  denied  { write } for  pid=5973 comm="syz.1.15" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   71.637314][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[   71.644424][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[   71.954700][   T29] audit: type=1400 audit(1731165118.528:175): avc:  denied  { create } for  pid=5996 comm="syz.0.18" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   72.193813][ T6001] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5
[   72.600875][   T29] audit: type=1400 audit(1731165118.748:176): avc:  denied  { write } for  pid=5996 comm="syz.0.18" name="kcm" dev="proc" ino=4026533153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   72.648288][   T54] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[   72.659652][   T54] CPU: 1 UID: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.12.0-rc6-syzkaller-00272-gda4373fbcf00 #0
[   72.670374][   T54] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[   72.680450][   T54] Workqueue: hci2 hci_rx_work
[   72.685147][   T54] Call Trace:
[   72.688421][   T54]  <TASK>
[   72.691353][   T54]  dump_stack_lvl+0x16c/0x1f0
[   72.696058][   T54]  sysfs_warn_dup+0x7f/0xa0
[   72.700580][   T54]  sysfs_create_dir_ns+0x24d/0x2b0
[   72.705710][   T54]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   72.711344][   T54]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   72.716715][   T54]  ? kobject_add_internal+0x12d/0x990
[   72.722105][   T54]  ? do_raw_spin_unlock+0x172/0x230
[   72.727321][   T54]  kobject_add_internal+0x2c8/0x990
[   72.732531][   T54]  kobject_add+0x16f/0x240
[   72.736963][   T54]  ? __pfx_kobject_add+0x10/0x10
[   72.741901][   T54]  ? class_to_subsys+0x3e/0x160
[   72.746752][   T54]  ? do_raw_spin_unlock+0x172/0x230
[   72.751949][   T54]  ? kobject_put+0xab/0x5a0
[   72.756458][   T54]  device_add+0x289/0x1a70
[   72.760871][   T54]  ? __pfx_dev_set_name+0x10/0x10
[   72.765892][   T54]  ? __pfx_device_add+0x10/0x10
[   72.770736][   T54]  ? mgmt_send_event_skb+0x2f2/0x460
[   72.776025][   T54]  hci_conn_add_sysfs+0x17e/0x230
[   72.781056][   T54]  le_conn_complete_evt+0x1078/0x1d80
[   72.786437][   T54]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   72.792155][   T54]  ? trace_contention_end+0xea/0x140
[   72.797445][   T54]  hci_le_enh_conn_complete_evt+0x23d/0x380
[   72.803346][   T54]  ? skb_pull_data+0x166/0x210
[   72.808115][   T54]  hci_le_meta_evt+0x2e2/0x5d0
[   72.812883][   T54]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   72.819303][   T54]  hci_event_packet+0x666/0x1180
[   72.824243][   T54]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   72.829530][   T54]  ? __pfx_hci_event_packet+0x10/0x10
[   72.834898][   T54]  ? mark_held_locks+0x9f/0xe0
[   72.839663][   T54]  ? kcov_remote_start+0x3cf/0x6e0
[   72.844765][   T54]  ? lockdep_hardirqs_on+0x7c/0x110
[   72.849997][   T54]  hci_rx_work+0x2c6/0x16c0
[   72.854536][   T54]  ? lock_acquire+0x2f/0xb0
[   72.859039][   T54]  ? process_one_work+0x921/0x1ba0
[   72.864168][   T54]  process_one_work+0x9c5/0x1ba0
[   72.869122][   T54]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   72.874756][   T54]  ? __pfx_process_one_work+0x10/0x10
[   72.880144][   T54]  ? assign_work+0x1a0/0x250
[   72.884771][   T54]  worker_thread+0x6c8/0xf00
[   72.889395][   T54]  ? __pfx_worker_thread+0x10/0x10
[   72.894514][   T54]  kthread+0x2c1/0x3a0
[   72.898589][   T54]  ? _raw_spin_unlock_irq+0x23/0x50
[   72.903791][   T54]  ? __pfx_kthread+0x10/0x10
[   72.908382][   T54]  ret_from_fork+0x45/0x80
[   72.912820][   T54]  ? __pfx_kthread+0x10/0x10
[   72.917439][   T54]  ret_from_fork_asm+0x1a/0x30
[   72.922226][   T54]  </TASK>
[   72.997807][   T29] audit: type=1400 audit(1731165118.748:177): avc:  denied  { connect } for  pid=5996 comm="syz.0.18" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   72.999472][   T54] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   73.035178][   T54] Bluetooth: hci2: failed to register connection device
[   73.068304][   T29] audit: type=1400 audit(1731165119.018:178): avc:  denied  { mount } for  pid=5995 comm="syz.1.19" name="/" dev="autofs" ino=8575 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[   73.093727][   T29] audit: type=1400 audit(1731165119.178:179): avc:  denied  { read } for  pid=5185 comm="acpid" name="event4" dev="devtmpfs" ino=2731 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   75.054976][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   75.091156][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   75.099627][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   76.334461][   T29] kauditd_printk_skb: 3 callbacks suppressed
[   76.334478][   T29] audit: type=1400 audit(1731165122.898:183): avc:  denied  { open } for  pid=6007 comm="syz.2.21" path="/dev/ptyq8" dev="devtmpfs" ino=127 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[   76.531703][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   76.591106][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[   76.599663][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   76.635087][    T9] cfg80211: failed to load regulatory.db
[   76.982399][   T29] audit: type=1400 audit(1731165122.948:184): avc:  denied  { ioctl } for  pid=6007 comm="syz.2.21" path="/dev/ptyq8" dev="devtmpfs" ino=127 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[   77.020368][   T29] audit: type=1400 audit(1731165123.208:185): avc:  denied  { read } for  pid=6045 comm="syz.3.29" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   77.171423][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   77.634386][   T29] audit: type=1400 audit(1731165123.208:186): avc:  denied  { open } for  pid=6045 comm="syz.3.29" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   78.775940][   T29] audit: type=1400 audit(1731165125.068:187): avc:  denied  { create } for  pid=6047 comm="syz.0.27" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   78.876423][   T29] audit: type=1400 audit(1731165125.328:188): avc:  denied  { search } for  pid=5494 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   80.598739][   T29] audit: type=1400 audit(1731165127.088:189): avc:  denied  { read } for  pid=6072 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   80.623875][   T29] audit: type=1400 audit(1731165127.088:190): avc:  denied  { open } for  pid=6072 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   80.648975][   T29] audit: type=1400 audit(1731165127.088:191): avc:  denied  { getattr } for  pid=6072 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1706 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   80.674258][   T29] audit: type=1400 audit(1731165127.088:192): avc:  denied  { getattr } for  pid=6072 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=1744 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   81.717566][ T6081] tty tty27: ldisc open failed (-12), clearing slot 26
[   81.894579][   T29] audit: type=1400 audit(1731165128.448:193): avc:  denied  { bind } for  pid=6078 comm="syz.4.34" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   82.168452][   T29] audit: type=1400 audit(1731165128.448:194): avc:  denied  { node_bind } for  pid=6078 comm="syz.4.34" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[   82.211208][   T29] audit: type=1400 audit(1731165128.448:195): avc:  denied  { map } for  pid=6078 comm="syz.4.34" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=8048 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   82.767582][   T29] audit: type=1400 audit(1731165128.448:196): avc:  denied  { read write } for  pid=6078 comm="syz.4.34" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=8048 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   82.967357][   T29] audit: type=1400 audit(1731165129.468:197): avc:  denied  { read } for  pid=6077 comm="sed" name="eth0.dhcp" dev="tmpfs" ino=1744 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   83.041153][   T29] audit: type=1400 audit(1731165129.468:198): avc:  denied  { open } for  pid=6077 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=1744 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   83.064698][ T6098] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input6
[   83.226552][ T6099] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   84.382670][   T29] audit: type=1400 audit(1731165130.928:199): avc:  denied  { write } for  pid=6068 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1705 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   84.474936][   T29] audit: type=1400 audit(1731165130.928:200): avc:  denied  { add_name } for  pid=6068 comm="dhcpcd-run-hook" name="resolv.conf.sl0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   84.497517][   T29] audit: type=1400 audit(1731165130.928:201): avc:  denied  { create } for  pid=6068 comm="dhcpcd-run-hook" name="resolv.conf.sl0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   84.519984][   T29] audit: type=1400 audit(1731165130.928:202): avc:  denied  { write } for  pid=6068 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.sl0.link" dev="tmpfs" ino=1941 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   87.987328][   T29] kauditd_printk_skb: 3 callbacks suppressed
[   87.987346][   T29] audit: type=1400 audit(1731165134.558:206): avc:  denied  { create } for  pid=6153 comm="syz.1.45" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   88.270369][   T29] audit: type=1400 audit(1731165134.818:207): avc:  denied  { read } for  pid=6153 comm="syz.1.45" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   88.814046][ T6154] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   88.820308][ T6154] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   88.830866][ T6154] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   88.838272][ T6154] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   88.842118][   T29] audit: type=1400 audit(1731165134.818:208): avc:  denied  { open } for  pid=6153 comm="syz.1.45" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   88.844304][ T6154] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   88.873963][ T6154] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   88.880607][ T6154] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   88.886820][ T6154] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   88.892792][ T6154] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   88.899313][ T6154] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   88.906179][ T6154] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   88.913025][ T6154] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   88.918936][ T6154] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   88.925304][ T6154] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   88.931817][ T6154] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[   88.937726][ T6154] Bluetooth: hci4: Opcode 0x0406 failed: -4
[   88.944197][ T6154] Bluetooth: hci4: Opcode 0x0406 failed: -4
[   88.950438][ T6154] Bluetooth: hci4: Opcode 0x0406 failed: -4
[   88.964204][   T29] audit: type=1400 audit(1731165134.838:209): avc:  denied  { setopt } for  pid=6150 comm="syz.3.43" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   90.218652][   T29] audit: type=1400 audit(1731165135.118:210): avc:  denied  { execute } for  pid=6153 comm="syz.1.45" path="/5/cpu.stat" dev="tmpfs" ino=45 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   91.763279][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[   91.769441][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[   91.775633][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[   91.781784][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[   91.810655][   T54] Bluetooth: hci1: command 0x0c1a tx timeout
[   92.311548][ T6193] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   92.317786][ T6193] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   92.323939][ T6193] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   92.329939][ T6193] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   92.336234][ T6193] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[   93.812670][   T29] audit: type=1400 audit(1731165140.378:211): avc:  denied  { name_bind } for  pid=6206 comm="syz.3.53" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[   93.836176][   T29] audit: type=1400 audit(1731165140.378:212): avc:  denied  { node_bind } for  pid=6206 comm="syz.3.53" saddr=::1 src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   94.386070][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout
[   94.392233][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[   94.398925][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[   94.407584][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[   94.414467][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[   96.475760][   T54] Bluetooth: hci1: command 0x0c1a tx timeout
[   96.482026][   T54] Bluetooth: hci0: command 0x0c1a tx timeout
[   96.488108][   T54] Bluetooth: hci2: command 0x0c1a tx timeout
[   96.494254][   T54] Bluetooth: hci3: command 0x0c1a tx timeout
[   96.500323][   T54] Bluetooth: hci4: command 0x0c1a tx timeout
[   98.840714][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout
[   98.840759][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[   98.840785][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[   98.867580][ T6276] tty tty29: ldisc open failed (-12), clearing slot 28
[  101.623923][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout
[  102.021543][ T6313] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  102.028226][ T6313] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  102.034315][ T6313] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  102.040310][ T6313] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  102.469838][ T6313] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  104.410675][   T54] Bluetooth: hci3: command 0x0c1a tx timeout
[  104.417389][   T54] Bluetooth: hci2: command 0x0c1a tx timeout
[  104.421218][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  104.429438][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  104.786363][   T54] Bluetooth: hci4: command 0x0c1a tx timeout
[  105.438288][   T29] audit: type=1400 audit(1731165151.578:213): avc:  denied  { create } for  pid=6348 comm="syz.1.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  105.513977][ T6353] netlink: 24 bytes leftover after parsing attributes in process `syz.3.77'.
[  105.953987][   T29] audit: type=1400 audit(1731165152.528:214): avc:  denied  { write } for  pid=6352 comm="syz.3.77" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  107.487462][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  108.441795][   T29] audit: type=1400 audit(1731165154.418:215): avc:  denied  { connect } for  pid=6348 comm="syz.1.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  108.530300][   T29] audit: type=1400 audit(1731165154.468:216): avc:  denied  { write } for  pid=6348 comm="syz.1.73" name="card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  108.595826][ T6381] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  108.602145][ T6381] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  108.608196][ T6381] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  108.615045][ T6381] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  108.621134][ T6381] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  108.627123][ T6381] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  110.427132][   T29] audit: type=1400 audit(1731165156.718:217): avc:  denied  { write } for  pid=6391 comm="syz.0.83" name="001" dev="devtmpfs" ino=747 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  110.692920][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  110.698974][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  110.709274][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  110.715390][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  110.721016][   T54] Bluetooth: hci3: command 0x0c1a tx timeout
[  112.807774][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  113.402994][   T29] audit: type=1400 audit(1731165159.228:218): avc:  denied  { execute } for  pid=6422 comm="syz.4.90" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=9484 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  120.261297][   T29] audit: type=1400 audit(1731165165.748:219): avc:  denied  { create } for  pid=6497 comm="syz.1.106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  120.310248][   T29] audit: type=1400 audit(1731165165.748:220): avc:  denied  { bind } for  pid=6497 comm="syz.1.106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  120.639410][   T29] audit: type=1400 audit(1731165166.878:221): avc:  denied  { unmount } for  pid=5822 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  123.803003][   T29] audit: type=1400 audit(1731165169.898:222): avc:  denied  { read write } for  pid=6548 comm="syz.2.115" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  124.134896][   T29] audit: type=1400 audit(1731165169.908:223): avc:  denied  { open } for  pid=6548 comm="syz.2.115" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  124.902829][   T29] audit: type=1400 audit(1731165169.938:224): avc:  denied  { ioctl } for  pid=6548 comm="syz.2.115" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x125f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  125.092476][ T6567] netlink: 24 bytes leftover after parsing attributes in process `syz.4.117'.
[  125.240170][   T29] audit: type=1400 audit(1731165170.708:225): avc:  denied  { unmount } for  pid=5831 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  126.211433][   T29] audit: type=1400 audit(1731165172.778:226): avc:  denied  { ioctl } for  pid=6584 comm="syz.1.120" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  128.561875][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout
[  131.975440][ T6648] netlink: 24 bytes leftover after parsing attributes in process `syz.4.134'.
[  132.678437][ T6653] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  132.770784][ T6653] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  132.778548][ T6653] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  132.788950][ T6653] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  132.801676][ T6653] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  132.853440][ T6653] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  132.992562][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  133.031206][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  135.177737][ T6682] netlink: 24 bytes leftover after parsing attributes in process `syz.0.140'.
[  135.193569][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[  135.380077][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  135.386264][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  135.392341][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout
[  135.398447][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  137.252501][ T6695] netlink: 24 bytes leftover after parsing attributes in process `syz.2.143'.
[  137.566857][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  147.085586][ T6761] netlink: 24 bytes leftover after parsing attributes in process `syz.2.155'.
[  147.541127][ T6775] netlink: 24 bytes leftover after parsing attributes in process `syz.0.158'.
[  148.262489][ T5832] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  148.463376][   T29] audit: type=1400 audit(1731165195.038:227): avc:  denied  { create } for  pid=6766 comm="syz.4.157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  148.486859][ T5837] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  148.533825][   T29] audit: type=1400 audit(1731165195.068:228): avc:  denied  { setopt } for  pid=6766 comm="syz.4.157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  149.421185][   T29] audit: type=1400 audit(1731165195.078:229): avc:  denied  { read write } for  pid=6795 comm="syz.2.160" name="vbi8" dev="devtmpfs" ino=1004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  149.509324][   T29] audit: type=1400 audit(1731165195.078:230): avc:  denied  { open } for  pid=6795 comm="syz.2.160" path="/dev/vbi8" dev="devtmpfs" ino=1004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  149.532838][   T29] audit: type=1400 audit(1731165195.088:231): avc:  denied  { ioctl } for  pid=6795 comm="syz.2.160" path="/dev/vbi8" dev="devtmpfs" ino=1004 ioctlcmd=0x5657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  154.733996][ T6846] netlink: 24 bytes leftover after parsing attributes in process `syz.1.167'.
[  159.350343][ T5837] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  161.386991][ T6917] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  165.050105][ T6957] netlink: 24 bytes leftover after parsing attributes in process `syz.0.189'.
[  165.113332][ T6931] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  165.120138][ T6931] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  165.207803][ T6931] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  165.261161][ T6931] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  165.292743][ T6931] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  165.318379][ T6931] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  165.604457][ T6931] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  165.627288][ T6931] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  165.817129][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout
[  168.064306][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  168.070450][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  168.076607][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  168.085575][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout
[  168.363944][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  171.166064][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  171.172290][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  172.838942][ T7033] netlink: 24 bytes leftover after parsing attributes in process `syz.4.202'.
[  173.325769][ T7042] hub 6-0:1.0: USB hub found
[  173.332218][ T7042] hub 6-0:1.0: 1 port detected
[  173.939225][   T29] audit: type=1400 audit(1731165219.848:232): avc:  denied  { name_connect } for  pid=7029 comm="syz.1.199" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  174.072618][   T29] audit: type=1400 audit(1731165219.878:233): avc:  denied  { name_bind } for  pid=7029 comm="syz.1.199" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  175.662415][ T7061] netlink: 24 bytes leftover after parsing attributes in process `syz.2.205'.
[  177.016410][ T7060] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  177.141700][ T7060] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  177.190009][ T7060] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  177.235578][ T7060] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  177.265993][ T7060] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  177.297548][ T7060] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  177.304369][ T7060] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  177.370327][ T7060] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  179.272230][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  179.278354][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  179.284527][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  179.374046][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  179.418026][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout
[  180.287344][ T7107] hub 6-0:1.0: USB hub found
[  180.314810][ T7107] hub 6-0:1.0: 1 port detected
[  181.505209][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  181.511341][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout
[  181.517349][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  187.192300][ T5837] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  187.491180][ T7162] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  187.501212][ T7162] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  187.507265][ T7162] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  187.515230][ T7162] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  187.522182][ T7162] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  189.929444][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  189.935637][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  189.942005][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  189.948231][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout
[  191.472114][ T7190] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  193.165227][ T7202] netlink: 88 bytes leftover after parsing attributes in process `syz.0.233'.
[  194.313689][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  194.322589][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  198.321567][ T7253] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  199.757078][ T7267] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  202.893081][ T7287] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  208.441325][ T7310] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  208.448965][ T7310] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  208.455102][ T7310] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  208.461149][ T7310] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  208.467154][ T7310] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  208.635011][ T7319] netlink: 88 bytes leftover after parsing attributes in process `syz.3.257'.
[  210.430087][ T7334] hub 6-0:1.0: USB hub found
[  210.437129][ T7334] hub 6-0:1.0: 1 port detected
[  210.998096][ T5832] Bluetooth: hci4: command 0x0c1a tx timeout
[  211.004292][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  211.010393][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  211.016535][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout
[  211.023371][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[  211.868842][ T7347] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  213.552574][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  214.589502][ T7348] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  214.595653][ T7348] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  214.601742][ T7348] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  214.607750][ T7348] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  214.613981][ T7348] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  214.992569][ T7367] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  215.635089][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  216.773207][   T54] Bluetooth: hci1: command 0x0c1a tx timeout
[  216.779760][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  216.786089][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  216.802953][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  217.293694][ T7392] netlink: 24 bytes leftover after parsing attributes in process `syz.0.271'.
[  218.117478][ T7405] hub 6-0:1.0: USB hub found
[  218.131217][ T7405] hub 6-0:1.0: 1 port detected
[  218.760971][   T29] audit: type=1400 audit(1731165265.328:234): avc:  denied  { ioctl } for  pid=7407 comm="syz.1.275" path="socket:[13004]" dev="sockfs" ino=13004 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  220.136137][ T7414] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  220.142267][ T7414] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  220.148193][ T7414] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  220.156113][ T7414] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  220.162175][ T7414] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  220.168171][ T7414] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  222.551075][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  222.557131][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  222.563225][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  222.569228][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  222.575266][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  224.618655][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout
[  230.577227][ T7541] netlink: 24 bytes leftover after parsing attributes in process `syz.4.299'.
[  230.935910][ T7552] netlink: 24 bytes leftover after parsing attributes in process `syz.3.300'.
[  237.297053][   T29] audit: type=1400 audit(1731165283.868:235): avc:  denied  { rename } for  pid=5182 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  237.401127][   T29] audit: type=1400 audit(1731165283.868:236): avc:  denied  { unlink } for  pid=5182 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  237.424011][   T29] audit: type=1400 audit(1731165283.868:237): avc:  denied  { create } for  pid=5182 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  237.511195][   T29] audit: type=1400 audit(1731165284.088:238): avc:  denied  { ioctl } for  pid=7642 comm="syz.1.312" path="socket:[13391]" dev="sockfs" ino=13391 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  237.603123][   T29] audit: type=1400 audit(1731165284.178:239): avc:  denied  { read } for  pid=7642 comm="syz.1.312" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  237.626474][   T29] audit: type=1400 audit(1731165284.178:240): avc:  denied  { open } for  pid=7642 comm="syz.1.312" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  238.172989][ T7640] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  238.231184][ T7640] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  238.237247][ T7640] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  238.273249][ T7640] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  238.342316][ T7640] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  238.349154][ T7640] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  238.506182][ T7640] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  239.826387][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[  240.321099][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  240.327224][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout
[  240.451030][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout
[  240.457974][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  242.371177][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  242.531287][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  243.269503][   T29] audit: type=1400 audit(1731165289.828:241): avc:  denied  { create } for  pid=7705 comm="syz.0.325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  243.551266][   T29] audit: type=1400 audit(1731165289.828:242): avc:  denied  { connect } for  pid=7705 comm="syz.0.325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  243.854318][   T29] audit: type=1400 audit(1731165289.828:243): avc:  denied  { shutdown } for  pid=7705 comm="syz.0.325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  243.991091][   T29] audit: type=1400 audit(1731165289.828:244): avc:  denied  { write } for  pid=7705 comm="syz.0.325" path="socket:[13534]" dev="sockfs" ino=13534 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  244.041114][   T29] audit: type=1400 audit(1731165290.068:245): avc:  denied  { read write } for  pid=7703 comm="syz.4.323" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  244.064462][   T29] audit: type=1400 audit(1731165290.068:246): avc:  denied  { open } for  pid=7703 comm="syz.4.323" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  244.087772][   T29] audit: type=1400 audit(1731165290.578:247): avc:  denied  { unmount } for  pid=5827 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  244.619872][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  244.823925][ T7739] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  246.251348][ T5837] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  247.256746][   T29] audit: type=1400 audit(1731165293.828:248): avc:  denied  { ioctl } for  pid=7766 comm="syz.1.336" path="/dev/binderfs/binder0" dev="binder" ino=7 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  247.836920][   T29] audit: type=1400 audit(1731165294.408:249): avc:  denied  { create } for  pid=7766 comm="syz.1.336" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  248.024964][   T29] audit: type=1400 audit(1731165294.598:250): avc:  denied  { set_context_mgr } for  pid=7766 comm="syz.1.336" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  248.051057][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  248.872062][   T29] audit: type=1400 audit(1731165295.438:251): avc:  denied  { ioctl } for  pid=7766 comm="syz.1.336" path="socket:[13630]" dev="sockfs" ino=13630 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  253.254687][ T7834] netlink: 24 bytes leftover after parsing attributes in process `syz.3.346'.
[  254.380952][ T7853] hub 6-0:1.0: USB hub found
[  254.385924][ T7853] hub 6-0:1.0: 1 port detected
[  254.615612][ T5829] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  255.621946][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  255.850806][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  255.857292][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  258.544350][ T7902] fuse: Bad value for 'fd'
[  259.356130][ T7912] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns
[  261.249166][ T7934] hub 6-0:1.0: USB hub found
[  261.312060][ T7934] hub 6-0:1.0: 1 port detected
[  261.645761][ T7912] kvm: pic: non byte write
[  263.561948][ T7947] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  263.748556][ T7947] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  263.864660][ T7947] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  263.881231][ T7947] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  263.967516][ T7947] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  264.028094][ T7947] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  264.081540][ T7947] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  264.196161][ T7947] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  264.531136][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout
[  265.941413][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  266.083025][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  266.089079][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  266.188979][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  266.838039][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  267.837985][ T5837] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  268.216788][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  268.223250][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  269.945140][ T8041] netlink: 100 bytes leftover after parsing attributes in process `syz.4.381'.
[  270.161270][ T8022] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  270.181116][ T8022] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  270.187182][ T8022] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  270.386700][ T8022] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  270.456315][ T8022] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  270.631553][   T29] audit: type=1400 audit(1731165317.208:252): avc:  denied  { setopt } for  pid=8044 comm="syz.4.382" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  271.571308][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  272.450982][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  272.457167][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  272.464932][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  272.796661][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout
[  273.266932][ T8077] netlink: 24 bytes leftover after parsing attributes in process `syz.4.388'.
[  277.816722][ T8124] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  279.444464][ T8133] Zero length message leads to an empty skb
[  285.866393][ T8195] netlink: 24 bytes leftover after parsing attributes in process `syz.4.416'.
[  294.866484][ T8257] netlink: 24 bytes leftover after parsing attributes in process `syz.3.428'.
[  296.298059][ T8280] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  307.247439][ T8365] hub 6-0:1.0: USB hub found
[  307.252880][ T8365] hub 6-0:1.0: 1 port detected
[  309.531094][ T8376] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  309.538624][ T8376] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  309.544722][ T8376] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  309.551168][ T8376] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  310.109571][ T8376] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  310.115747][ T8376] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  310.122156][ T8376] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  312.771468][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  312.777516][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  312.784935][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  312.791146][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  312.797184][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  312.911211][ T8395] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  312.917302][ T8395] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  312.924933][ T8395] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  312.931204][ T8395] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  312.937246][ T8395] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  312.959522][ T5829] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  312.968327][ T5829] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  312.977890][ T5829] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  312.988904][ T5829] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  312.997718][ T5829] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  313.015197][ T5829] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  313.101135][   T29] audit: type=1400 audit(1731165359.598:253): avc:  denied  { mounton } for  pid=8398 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  313.453364][ T8398] chnl_net:caif_netlink_parms(): no params data found
[  313.540174][ T8398] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.569067][ T8398] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.617092][ T8398] bridge_slave_0: entered allmulticast mode
[  313.721641][ T8398] bridge_slave_0: entered promiscuous mode
[  313.756890][ T8398] bridge0: port 2(bridge_slave_1) entered blocking state
[  313.766723][ T8398] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.774094][ T8398] bridge_slave_1: entered allmulticast mode
[  313.784316][ T8398] bridge_slave_1: entered promiscuous mode
[  313.829137][ T8398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  313.858715][ T8398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  313.939829][ T8398] team0: Port device team_slave_0 added
[  313.963903][ T8398] team0: Port device team_slave_1 added
[  314.061770][ T8398] batman_adv: batadv0: Adding interface: batadv_slave_0
[  314.101059][ T8398] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.188829][ T8398] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  314.227530][ T8398] batman_adv: batadv0: Adding interface: batadv_slave_1
[  314.245257][ T8398] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.315987][ T8398] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  314.481390][ T8398] hsr_slave_0: entered promiscuous mode
[  315.156954][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  315.171343][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  315.171371][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[  315.177352][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  315.183716][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout
[  315.183767][ T5832] Bluetooth: hci5: command tx timeout
[  315.281366][ T8398] hsr_slave_1: entered promiscuous mode
[  315.287807][ T8398] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  315.295478][ T8398] Cannot create hsr debugfs directory
[  315.705096][ T8398] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  316.263224][ T8398] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  316.302174][ T8398] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  316.349276][ T8398] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  317.156471][ T8398] 8021q: adding VLAN 0 to HW filter on device bond0
[  317.189673][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  317.203525][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  317.217905][ T8398] 8021q: adding VLAN 0 to HW filter on device team0
[  317.261030][ T5837] Bluetooth: hci5: command tx timeout
[  317.390829][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.397964][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  317.458523][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.465705][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.899247][ T8398] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  319.025147][ T8398] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  319.364024][ T5837] Bluetooth: hci5: command tx timeout
[  319.779181][   T29] audit: type=1400 audit(1731165366.348:254): avc:  denied  { sys_module } for  pid=8398 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  320.654767][ T8398] 8021q: adding VLAN 0 to HW filter on device batadv0
[  321.012348][   T29] audit: type=1400 audit(1731165367.558:255): avc:  denied  { create } for  pid=8503 comm="syz.3.472" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  321.199646][   T29] audit: type=1400 audit(1731165367.568:256): avc:  denied  { ioctl } for  pid=8503 comm="syz.3.472" path="socket:[15976]" dev="sockfs" ino=15976 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  321.228271][   T29] audit: type=1400 audit(1731165367.568:257): avc:  denied  { bind } for  pid=8503 comm="syz.3.472" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  321.287906][   T29] audit: type=1400 audit(1731165367.838:258): avc:  denied  { write } for  pid=8503 comm="syz.3.472" path="socket:[15976]" dev="sockfs" ino=15976 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  321.412269][ T5837] Bluetooth: hci5: command tx timeout
[  322.836273][ T8398] veth0_vlan: entered promiscuous mode
[  322.845671][ T8398] veth1_vlan: entered promiscuous mode
[  322.859646][ T8398] veth0_macvtap: entered promiscuous mode
[  322.867734][ T8398] veth1_macvtap: entered promiscuous mode
[  322.878288][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  323.010974][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.020963][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.040933][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.070070][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.117032][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.190917][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.258101][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.321905][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.393250][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.572452][ T8398] batman_adv: batadv0: Interface activated: batadv_slave_0
[  326.830359][ T5829] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  326.847945][ T5829] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  326.856030][ T5829] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  326.930427][ T5829] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  326.940308][ T5829] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  326.947809][ T5829] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  327.970755][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  327.990744][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.010526][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.022869][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.078369][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.093760][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.106565][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.293535][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.388501][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  328.531814][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  328.777433][ T8398] batman_adv: batadv0: Interface activated: batadv_slave_1
[  328.903241][ T6924] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.001616][ T8398] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  329.011684][ T8398] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  329.020403][ T8398] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  329.038775][ T8398] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  329.117282][ T5829] Bluetooth: hci0: command tx timeout
[  329.185906][ T6924] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.276536][ T8550] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  329.821814][ T6924] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.600078][ T6924] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.760989][ T6181] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  330.801671][ T6181] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  330.826744][ T8522] chnl_net:caif_netlink_parms(): no params data found
[  331.171960][ T5829] Bluetooth: hci0: command tx timeout
[  331.266134][ T8522] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.273793][ T8522] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.316643][ T8522] bridge_slave_0: entered allmulticast mode
[  331.350440][ T8522] bridge_slave_0: entered promiscuous mode
[  331.395925][ T6181] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  331.404737][ T8522] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.436550][ T6181] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  331.455294][ T8522] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.486455][ T8522] bridge_slave_1: entered allmulticast mode
[  331.497138][ T8522] bridge_slave_1: entered promiscuous mode
[  331.546752][   T29] audit: type=1400 audit(1731165378.118:259): avc:  denied  { mount } for  pid=8398 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  331.600436][   T29] audit: type=1400 audit(1731165378.148:260): avc:  denied  { mounton } for  pid=8398 comm="syz-executor" path="/root/syzkaller.dPfVJY/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  331.698132][ T8522] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  331.759642][ T8522] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  331.883495][ T6924] bridge_slave_1: left allmulticast mode
[  331.921105][ T6924] bridge_slave_1: left promiscuous mode
[  331.927945][ T6924] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.025795][ T6924] bridge_slave_0: left allmulticast mode
[  332.050969][ T6924] bridge_slave_0: left promiscuous mode
[  332.056701][ T6924] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.428498][ T5837] Bluetooth: hci0: command tx timeout
[  334.857284][ T6924] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  334.869745][ T6924] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  334.879811][ T6924] bond0 (unregistering): Released all slaves
[  334.940028][ T8522] team0: Port device team_slave_0 added
[  334.948004][ T8522] team0: Port device team_slave_1 added
[  335.001996][ T8522] batman_adv: batadv0: Adding interface: batadv_slave_0
[  335.011761][ T8612] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  335.017806][ T8612] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  335.024901][ T8612] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  335.031011][ T8612] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  335.036967][ T8612] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  335.065266][ T8522] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.091889][ T8522] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  335.105698][ T8522] batman_adv: batadv0: Adding interface: batadv_slave_1
[  335.112702][ T8522] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.138619][ T8522] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  335.265202][ T8612] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  335.280176][ T8612] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  335.287764][ T8612] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  335.295008][ T8612] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  336.209390][ T8522] hsr_slave_0: entered promiscuous mode
[  336.222033][ T8522] hsr_slave_1: entered promiscuous mode
[  336.234191][ T8522] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  336.388570][ T8522] Cannot create hsr debugfs directory
[  337.525470][ T8652] netlink: 24 bytes leftover after parsing attributes in process `syz.5.496'.
[  337.538062][ T5829] Bluetooth: hci5: command 0x0c1a tx timeout
[  337.561522][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  337.567569][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  337.573678][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  337.580485][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  338.021742][ T8646] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  338.028922][ T8646] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  338.035061][ T8646] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  338.041107][ T8646] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  338.047050][ T8646] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  338.116288][ T8646] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  339.436686][ T8690] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  340.205445][ T8522] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  340.274641][ T5829] Bluetooth: hci5: command 0x0c1a tx timeout
[  340.283083][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  340.289196][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  340.295441][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  340.321806][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  340.482339][ T8522] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  340.893504][ T8698] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  340.899628][ T8698] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  340.905948][ T8698] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  340.912115][ T8698] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  340.918174][ T8698] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  341.049543][ T8706] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  341.521690][ T8522] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  341.614844][ T8713] netlink: 24 bytes leftover after parsing attributes in process `syz.5.506'.
[  341.802324][ T8522] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  342.075780][ T6924] hsr_slave_0: left promiscuous mode
[  342.257584][ T6924] hsr_slave_1: left promiscuous mode
[  342.479163][ T6924] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  342.510535][ T6924] batman_adv: batadv0: Removing interface: batadv_slave_0
[  342.537289][ T6924] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  342.550144][ T6924] batman_adv: batadv0: Removing interface: batadv_slave_1
[  342.646826][ T6924] veth1_macvtap: left promiscuous mode
[  342.687946][ T6924] veth0_macvtap: left promiscuous mode
[  342.717151][ T6924] veth1_vlan: left promiscuous mode
[  342.730362][ T6924] veth0_vlan: left promiscuous mode
[  343.511040][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout
[  343.513782][ T5832] Bluetooth: hci5: command 0x0c1a tx timeout
[  343.517263][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  343.530986][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  343.537015][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  344.129842][ T8754] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  345.762429][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout
[  345.768644][ T5837] Bluetooth: hci5: command 0x0c1a tx timeout
[  346.723936][ T6924] team0 (unregistering): Port device team_slave_1 removed
[  346.759923][ T6924] team0 (unregistering): Port device team_slave_0 removed
[  347.299091][ T8522] 8021q: adding VLAN 0 to HW filter on device bond0
[  347.315320][ T8522] 8021q: adding VLAN 0 to HW filter on device team0
[  347.335960][ T6891] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.342427][ T8780] netlink: 24 bytes leftover after parsing attributes in process `syz.0.515'.
[  347.343071][ T6891] bridge0: port 1(bridge_slave_0) entered forwarding state
[  347.465592][ T6891] bridge0: port 2(bridge_slave_1) entered blocking state
[  347.472780][ T6891] bridge0: port 2(bridge_slave_1) entered forwarding state
[  347.580961][ T8788] netlink: 24 bytes leftover after parsing attributes in process `syz.3.517'.
[  347.811061][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout
[  348.661892][ T8798] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  348.668982][ T8798] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  348.996708][ T8798] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  349.004210][ T8798] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  349.010345][ T8798] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  349.036749][ T8798] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  349.043089][ T8798] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  349.069606][ T8798] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  349.521970][ T6924] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  350.846750][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  350.910042][ T8522] 8021q: adding VLAN 0 to HW filter on device batadv0
[  351.201178][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  351.207236][ T5829] Bluetooth: hci5: command 0x0c1a tx timeout
[  351.213796][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  351.219847][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  351.379928][ T6924] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.622970][ T6924] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.941012][ T5826] Bluetooth: hci1: command 0x0c1a tx timeout
[  353.255251][ T5826] Bluetooth: hci4: command 0x0c1a tx timeout
[  353.263897][ T5837] Bluetooth: hci5: command 0x0c1a tx timeout
[  353.980403][ T6924] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.176958][ T8868] netlink: 24 bytes leftover after parsing attributes in process `syz.5.528'.
[  354.212706][ T8862] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  354.218799][ T8862] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  354.226050][ T8862] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  354.232099][ T8862] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  354.239225][ T8862] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  354.265172][ T6924] bridge_slave_1: left allmulticast mode
[  354.288338][ T6924] bridge_slave_1: left promiscuous mode
[  354.294819][ T6924] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.313488][ T6924] bridge_slave_0: left allmulticast mode
[  354.319327][ T6924] bridge_slave_0: left promiscuous mode
[  354.325397][ T6924] bridge0: port 1(bridge_slave_0) entered disabled state
[  356.445513][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  356.451810][ T5826] Bluetooth: hci5: command 0x0c1a tx timeout
[  356.458025][ T5826] Bluetooth: hci4: command 0x0c1a tx timeout
[  356.458194][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  356.464147][ T5826] Bluetooth: hci1: command 0x0c1a tx timeout
[  359.368498][ T6924] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  359.380806][ T6924] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  359.402735][ T6924] bond0 (unregistering): Released all slaves
[  359.556496][ T8522] veth0_vlan: entered promiscuous mode
[  359.566602][ T8522] veth1_vlan: entered promiscuous mode
[  359.587974][ T8522] veth0_macvtap: entered promiscuous mode
[  359.596390][ T8522] veth1_macvtap: entered promiscuous mode
[  359.609768][ T8522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.620290][ T8522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.631015][ T8522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.642347][ T8522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.652254][ T8522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.662752][ T8522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.672647][ T8522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.683150][ T8522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.693029][ T8522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  359.703535][ T8522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.714633][ T8522] batman_adv: batadv0: Interface activated: batadv_slave_0
[  359.723988][ T8522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  359.735298][ T8522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.747939][ T8522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  359.758720][ T8879] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  359.765015][ T8879] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  359.771086][ T8879] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  359.777523][ T8879] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  359.779172][ T8522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.783529][ T8879] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  359.793372][ T8522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  359.793390][ T8522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  359.793399][ T8522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  359.793413][ T8522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.209660][ T8522] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  360.385113][ T8522] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  360.442006][ T8522] batman_adv: batadv0: Interface activated: batadv_slave_1
[  360.576037][ T8879] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  361.075927][ T8522] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  361.115989][ T8522] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.440978][ T8522] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  361.449722][ T8522] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  362.485232][ T5826] Bluetooth: hci5: command 0x0c1a tx timeout
[  362.493295][ T5826] Bluetooth: hci4: command 0x0c1a tx timeout
[  362.499424][ T5826] Bluetooth: hci2: command 0x0c1a tx timeout
[  362.501261][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  362.819807][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  364.685138][ T5826] Bluetooth: hci5: command 0x0c1a tx timeout
[  368.806451][ T6924] hsr_slave_0: left promiscuous mode
[  368.886571][ T6924] hsr_slave_1: left promiscuous mode
[  368.892830][ T6924] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  368.900265][ T6924] batman_adv: batadv0: Removing interface: batadv_slave_0
[  368.910163][ T6924] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  368.922685][ T9011] netlink: 24 bytes leftover after parsing attributes in process `syz.3.553'.
[  368.946014][ T6924] batman_adv: batadv0: Removing interface: batadv_slave_1
[  369.024481][ T6924] veth1_macvtap: left promiscuous mode
[  369.061638][ T6924] veth0_macvtap: left promiscuous mode
[  369.067345][ T6924] veth1_vlan: left promiscuous mode
[  369.072883][ T6924] veth0_vlan: left promiscuous mode
[  369.910260][ T6924] team0 (unregistering): Port device team_slave_1 removed
[  369.939506][ T6924] team0 (unregistering): Port device team_slave_0 removed
[  370.242623][ T3481] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  370.283204][ T3481] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  370.298789][ T6570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  370.306940][ T8996] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  370.313768][ T8996] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  370.319810][ T8996] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  370.325824][ T8996] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  370.333451][ T8996] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  370.339493][ T8996] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  370.403584][ T6570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  370.521396][ T9016] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  370.527490][ T9016] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  370.533566][ T9016] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  370.539578][ T9016] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  370.545702][ T9016] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  372.020094][ T9049] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  372.911131][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  372.917457][ T5829] Bluetooth: hci5: command 0x0c1a tx timeout
[  372.925029][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  372.932691][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  372.939310][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  375.734127][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout
[  375.740932][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout
[  377.057484][ T9082] netlink: 24 bytes leftover after parsing attributes in process `syz.4.565'.
[  378.882707][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  378.981113][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  379.186214][ T9108] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  379.192326][ T9108] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  379.198258][ T9108] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  379.363548][ T9108] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  379.369648][ T9108] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  379.375822][ T9108] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  380.629671][ T9123] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  380.635820][ T9123] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  380.641873][ T9123] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  380.647965][ T9123] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  380.654081][ T9123] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  381.900922][ T5826] Bluetooth: hci1: command 0x0c1a tx timeout
[  383.236787][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  383.242878][ T5826] Bluetooth: hci5: command 0x0c1a tx timeout
[  383.248880][ T5826] Bluetooth: hci4: command 0x0c1a tx timeout
[  383.254952][ T5826] Bluetooth: hci2: command 0x0c1a tx timeout
[  385.339602][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  385.372428][ T9176] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  385.378497][ T9176] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  385.384720][ T9176] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  385.390735][ T9176] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  385.396873][ T9176] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  385.426192][ T9180] netlink: 24 bytes leftover after parsing attributes in process `syz.6.580'.
[  387.151764][ T9200] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  387.158175][ T9200] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  387.164407][ T9200] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  387.171111][ T9200] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  387.177147][ T9200] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  387.183845][ T9200] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  387.428797][ T9215] netlink: 24 bytes leftover after parsing attributes in process `syz.0.586'.
[  389.867746][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  389.874180][ T5826] Bluetooth: hci5: command 0x0c1a tx timeout
[  389.982846][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout
[  389.988899][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  389.994950][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  390.111388][ T9233] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  390.117369][ T9233] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  390.640909][ T9233] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  390.647547][ T9233] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  390.654342][ T9233] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  390.660808][ T9233] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  392.151031][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  392.750752][ T9260] netlink: 48 bytes leftover after parsing attributes in process `syz.6.591'.
[  393.513397][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  393.520402][ T5826] Bluetooth: hci5: command 0x0c1a tx timeout
[  393.526579][ T5826] Bluetooth: hci4: command 0x0c1a tx timeout
[  393.532614][ T5826] Bluetooth: hci2: command 0x0c1a tx timeout
[  393.593256][ T9261] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  394.211001][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  394.532274][ T9284] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  395.571103][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  395.831714][ T9290] netlink: 36 bytes leftover after parsing attributes in process `syz.3.599'.
[  395.939846][ T9296] netlink: 24 bytes leftover after parsing attributes in process `syz.6.601'.
[  397.286344][ T9302] tty tty31: ldisc open failed (-12), clearing slot 30
[  401.422128][ T9344] netlink: 20 bytes leftover after parsing attributes in process `syz.6.609'.
[  402.396133][ T9355] netlink: 24 bytes leftover after parsing attributes in process `syz.6.613'.
[  403.424648][ T5826] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  403.736378][ T9373] netlink: 20 bytes leftover after parsing attributes in process `syz.0.614'.
[  407.546286][ T9386] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  407.553754][ T9386] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  407.559778][ T9386] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  407.565964][ T9386] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  407.572452][ T9386] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  407.578380][ T9386] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  410.013977][ T9417] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  410.064652][ T5826] Bluetooth: hci1: command 0x0c1a tx timeout
[  410.070908][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  410.076948][ T5826] Bluetooth: hci5: command 0x0c1a tx timeout
[  410.083057][ T5826] Bluetooth: hci4: command 0x0c1a tx timeout
[  410.089119][ T5826] Bluetooth: hci2: command 0x0c1a tx timeout
[  412.179866][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  421.522214][ T9512] netlink: 20 bytes leftover after parsing attributes in process `syz.3.639'.
[  421.573073][ T9511] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  424.275764][ T9542] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  424.656811][ T9546] netlink: 24 bytes leftover after parsing attributes in process `syz.3.647'.
[  424.950570][   T29] audit: type=1400 audit(1731165471.518:261): avc:  denied  { create } for  pid=9551 comm="syz.5.649" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  426.549822][   T29] audit: type=1400 audit(1731165473.118:262): avc:  denied  { write } for  pid=9551 comm="syz.5.649" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  427.159272][ T5826] Bluetooth: hci4: command 0x0c1a tx timeout
[  430.599492][ T9626] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  440.435419][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  440.596038][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  446.093517][ T9782] netlink: 8 bytes leftover after parsing attributes in process `syz.4.689'.
[  449.375398][ T9805] netlink: 24 bytes leftover after parsing attributes in process `syz.5.695'.
[  452.623213][ T9842] netlink: 8 bytes leftover after parsing attributes in process `syz.0.698'.
[  457.877147][ T9888] netlink: 24 bytes leftover after parsing attributes in process `syz.0.710'.
[  460.172601][ T9922] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  460.492686][ T9932] netlink: 8 bytes leftover after parsing attributes in process `syz.6.715'.
[  467.172912][ T9998] netlink: 8 bytes leftover after parsing attributes in process `syz.5.726'.
[  467.731021][T10006] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  473.746111][ T5824] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  474.726491][T10091] autofs: Unknown parameter 'fd0x0000000000000000'
[  475.208488][T10095] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  475.849231][ T5824] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  475.881314][ T5824] usb 6-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  475.890444][ T5824] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.985697][T10109] netlink: 8 bytes leftover after parsing attributes in process `syz.4.751'.
[  476.086143][ T5824] usb 6-1: config 0 descriptor??
[  477.444150][ T5824] usbhid 6-1:0.0: can't add hid device: -71
[  477.451369][ T5824] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  477.566282][ T5824] usb 6-1: USB disconnect, device number 2
[  479.365600][T10133] hub 6-0:1.0: USB hub found
[  479.370526][T10133] hub 6-0:1.0: 1 port detected
[  479.572375][ T5877] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  480.143613][ T5877] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  480.398713][ T5877] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  480.485619][ T5877] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.518167][ T5877] usb 4-1: config 0 descriptor??
[  481.033402][T10127] netlink: 56 bytes leftover after parsing attributes in process `syz.3.757'.
[  481.449867][ T5877] usbhid 4-1:0.0: can't add hid device: -71
[  481.458727][ T5877] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  481.470270][ T5877] usb 4-1: USB disconnect, device number 2
[  483.020634][T10190] autofs: Unknown parameter '0x0000000000000000'
[  483.740965][ T5824] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  485.387074][ T5824] usb 6-1: device not accepting address 3, error -71
[  485.441210][ T5877] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  486.545085][ T5877] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  486.555030][ T5877] usb 5-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  486.564637][ T5877] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.915792][ T5877] usb 5-1: config 0 descriptor??
[  487.556042][T10207] netlink: 56 bytes leftover after parsing attributes in process `syz.4.771'.
[  490.638070][ T5877] usbhid 5-1:0.0: can't add hid device: -71
[  490.644163][ T5877] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  490.655536][ T5877] usb 5-1: USB disconnect, device number 2
[  492.951066][ T5824] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  493.297287][ T5824] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  493.297447][ T5824] usb 6-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  493.297513][ T5824] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  493.433621][ T5824] usb 6-1: config 0 descriptor??
[  493.967157][T10268] netlink: 56 bytes leftover after parsing attributes in process `syz.5.783'.
[  494.301134][    C0] raw-gadget.0 gadget.5: ignoring, device is not running
[  494.332942][ T5824] usbhid 6-1:0.0: can't add hid device: -32
[  494.339151][ T5824] usbhid 6-1:0.0: probe with driver usbhid failed with error -32
[  494.400016][ T5824] usb 6-1: USB disconnect, device number 5
[  494.951330][T10315] hub 6-0:1.0: USB hub found
[  494.956858][T10315] hub 6-0:1.0: 1 port detected
[  495.443913][ T5877] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  496.968441][T10339] hub 6-0:1.0: USB hub found
[  496.975171][T10339] hub 6-0:1.0: 1 port detected
[  497.625717][T10337] netlink: 24 bytes leftover after parsing attributes in process `syz.4.791'.
[  498.488634][T10349] hub 6-0:1.0: USB hub found
[  498.493588][T10349] hub 6-0:1.0: 1 port detected
[  498.519008][T10350] hub 6-0:1.0: USB hub found
[  498.523986][T10350] hub 6-0:1.0: 1 port detected
[  499.206798][ T5877] usb 7-1: unable to read config index 0 descriptor/all
[  499.214035][ T5877] usb 7-1: can't read configurations, error -71
[  499.670925][T10363] hub 6-0:1.0: USB hub found
[  499.681089][T10363] hub 6-0:1.0: 1 port detected
[  499.821639][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  500.788732][T10378] hub 6-0:1.0: USB hub found
[  500.794174][T10378] hub 6-0:1.0: 1 port detected
[  501.603341][T10388] hub 6-0:1.0: USB hub found
[  501.611139][T10388] hub 6-0:1.0: 1 port detected
[  502.493571][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  502.500184][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  502.681506][T10394] hub 6-0:1.0: USB hub found
[  502.686544][T10394] hub 6-0:1.0: 1 port detected
[  503.673102][T10406] hub 6-0:1.0: USB hub found
[  503.678763][T10406] hub 6-0:1.0: 1 port detected
[  503.761027][ T5877] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  503.987938][ T5877] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  504.124222][ T5877] usb 7-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  504.350104][ T5877] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.557603][ T5877] usb 7-1: config 0 descriptor??
[  505.096358][T10397] netlink: 56 bytes leftover after parsing attributes in process `syz.6.803'.
[  505.285166][T10432] hub 6-0:1.0: USB hub found
[  505.291126][T10432] hub 6-0:1.0: 1 port detected
[  505.733000][ T5879] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  505.828876][ T5877] usbhid 7-1:0.0: can't add hid device: -71
[  505.836790][ T5877] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  505.879599][ T5877] usb 7-1: USB disconnect, device number 4
[  505.912339][ T5879] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  505.927119][ T5879] usb 5-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  506.003265][ T5879] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.042723][T10445] netlink: 56 bytes leftover after parsing attributes in process `syz.5.811'.
[  506.049398][ T5879] usb 5-1: config 0 descriptor??
[  506.554012][T10426] netlink: 56 bytes leftover after parsing attributes in process `syz.4.809'.
[  506.573421][ T5879] usbhid 5-1:0.0: can't add hid device: -71
[  506.579665][ T5879] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  506.711514][ T5879] usb 5-1: USB disconnect, device number 3
[  507.241049][ T5824] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  507.403395][ T5824] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  507.429123][ T5824] usb 7-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  507.439525][ T5824] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.474515][ T5824] usb 7-1: config 0 descriptor??
[  507.791026][ T5874] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  508.594827][T10381] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  508.610348][ T5874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  508.679518][ T5824] usbhid 7-1:0.0: can't add hid device: -71
[  508.682065][ T5874] usb 5-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  508.690666][ T5824] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  508.776934][T10381] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  508.800925][T10381] usb 1-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  508.819292][ T5824] usb 7-1: USB disconnect, device number 5
[  508.872800][ T5874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.894783][ T5874] usb 5-1: config 0 descriptor??
[  508.895186][T10381] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.117403][T10505] hub 6-0:1.0: USB hub found
[  509.123056][T10505] hub 6-0:1.0: 1 port detected
[  509.471312][T10381] usb 1-1: config 0 descriptor??
[  509.792884][T10483] netlink: 56 bytes leftover after parsing attributes in process `syz.4.817'.
[  509.941090][ T5876] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  510.139739][ T5874] usbhid 5-1:0.0: can't add hid device: -71
[  510.146749][ T5874] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  510.421989][T10487] netlink: 88 bytes leftover after parsing attributes in process `syz.0.818'.
[  510.454066][ T5876] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  510.470891][ T5874] usb 5-1: USB disconnect, device number 4
[  510.479918][ T5876] usb 6-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  510.519366][ T5876] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.559384][ T5876] usb 6-1: config 0 descriptor??
[  510.578482][T10381] usbhid 1-1:0.0: can't add hid device: -71
[  510.591153][T10381] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  510.623715][T10381] usb 1-1: USB disconnect, device number 2
[  511.155238][T10512] netlink: 56 bytes leftover after parsing attributes in process `syz.5.823'.
[  512.283479][ T5876] usbhid 6-1:0.0: can't add hid device: -71
[  512.289489][ T5876] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  512.392104][ T5876] usb 6-1: USB disconnect, device number 6
[  513.928804][T10578] hub 6-0:1.0: USB hub found
[  513.934151][T10578] hub 6-0:1.0: 1 port detected
[  515.390901][ T5824] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  516.164137][ T5824] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  516.174105][ T5824] usb 5-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  516.235950][ T5824] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  516.291629][ T5824] usb 5-1: config 0 descriptor??
[  518.405328][T10585] netlink: 88 bytes leftover after parsing attributes in process `syz.4.833'.
[  518.747941][ T5824] usbhid 5-1:0.0: can't add hid device: -71
[  518.796252][ T5824] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  518.851694][ T5824] usb 5-1: USB disconnect, device number 5
[  519.100965][ T5877] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  519.283060][ T5877] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  519.323010][ T5877] usb 7-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  519.394733][ T5877] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.445699][ T5877] usb 7-1: config 0 descriptor??
[  520.086281][ T5826] Bluetooth: Unexpected start frame (len 30)
[  520.656785][T10625] netlink: 88 bytes leftover after parsing attributes in process `syz.6.840'.
[  521.434539][ T5829] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  521.447680][ T5877] usbhid 7-1:0.0: can't add hid device: -71
[  521.456123][ T5877] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  521.502700][ T5877] usb 7-1: USB disconnect, device number 6
[  521.844587][ T5826] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  523.850062][ T5826] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  524.433325][ T5826] Bluetooth: Unexpected start frame (len 30)
[  525.855730][ T5826] Bluetooth: Unexpected start frame (len 30)
[  525.862736][ T5826] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  527.353295][T10759] hub 6-0:1.0: USB hub found
[  527.358348][T10759] hub 6-0:1.0: 1 port detected
[  528.249670][ T5829] Bluetooth: Unexpected start frame (len 30)
[  528.666844][ T5829] Bluetooth: Unexpected start frame (len 30)
[  529.828231][T10795] hub 6-0:1.0: USB hub found
[  529.833696][T10795] hub 6-0:1.0: 1 port detected
[  529.867936][ T5829] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  530.781292][ T5829] Bluetooth: Unexpected start frame (len 30)
[  532.341848][T10810] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  532.347906][T10810] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  532.348405][ T5829] Bluetooth: Unexpected start frame (len 30)
[  532.360148][ T5829] ==================================================================
[  532.368222][ T5829] BUG: KASAN: slab-use-after-free in sk_skb_reason_drop+0x3d/0x1a0
[  532.376140][ T5829] Write of size 4 at addr ffff888061a885e4 by task kworker/u9:3/5829
[  532.384206][ T5829] 
[  532.386533][ T5829] CPU: 0 UID: 0 PID: 5829 Comm: kworker/u9:3 Not tainted 6.12.0-rc6-syzkaller-00272-gda4373fbcf00 #0
[  532.397387][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  532.407437][ T5829] Workqueue: hci1 hci_rx_work
[  532.412141][ T5829] Call Trace:
[  532.415398][ T5829]  <TASK>
[  532.418310][ T5829]  dump_stack_lvl+0x116/0x1f0
[  532.422975][ T5829]  print_report+0xc3/0x620
[  532.427375][ T5829]  ? __virt_addr_valid+0x5e/0x590
[  532.432378][ T5829]  ? __phys_addr+0xc6/0x150
[  532.436863][ T5829]  kasan_report+0xd9/0x110
[  532.441272][ T5829]  ? sk_skb_reason_drop+0x3d/0x1a0
[  532.446382][ T5829]  ? sk_skb_reason_drop+0x3d/0x1a0
[  532.451504][ T5829]  kasan_check_range+0xef/0x1a0
[  532.456390][ T5829]  sk_skb_reason_drop+0x3d/0x1a0
[  532.461323][ T5829]  l2cap_recv_acldata+0x129/0xb70
[  532.466436][ T5829]  hci_rx_work+0xb1c/0x16c0
[  532.470965][ T5829]  process_one_work+0x9c5/0x1ba0
[  532.475923][ T5829]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  532.481566][ T5829]  ? __pfx_process_one_work+0x10/0x10
[  532.486936][ T5829]  ? assign_work+0x1a0/0x250
[  532.491522][ T5829]  worker_thread+0x6c8/0xf00
[  532.496104][ T5829]  ? __pfx_worker_thread+0x10/0x10
[  532.501211][ T5829]  kthread+0x2c1/0x3a0
[  532.505271][ T5829]  ? _raw_spin_unlock_irq+0x23/0x50
[  532.510464][ T5829]  ? __pfx_kthread+0x10/0x10
[  532.515048][ T5829]  ret_from_fork+0x45/0x80
[  532.519463][ T5829]  ? __pfx_kthread+0x10/0x10
[  532.524050][ T5829]  ret_from_fork_asm+0x1a/0x30
[  532.528820][ T5829]  </TASK>
[  532.531824][ T5829] 
[  532.534147][ T5829] Allocated by task 5829:
[  532.538472][ T5829]  kasan_save_stack+0x33/0x60
[  532.543155][ T5829]  kasan_save_track+0x14/0x30
[  532.547823][ T5829]  __kasan_slab_alloc+0x89/0x90
[  532.552667][ T5829]  kmem_cache_alloc_node_noprof+0x153/0x310
[  532.558567][ T5829]  __alloc_skb+0x2b1/0x380
[  532.562983][ T5829]  l2cap_recv_frag+0x13d/0x2b0
[  532.567752][ T5829]  l2cap_recv_acldata+0x2a1/0xb70
[  532.572772][ T5829]  hci_rx_work+0xb1c/0x16c0
[  532.577268][ T5829]  process_one_work+0x9c5/0x1ba0
[  532.582196][ T5829]  worker_thread+0x6c8/0xf00
[  532.586773][ T5829]  kthread+0x2c1/0x3a0
[  532.590827][ T5829]  ret_from_fork+0x45/0x80
[  532.595230][ T5829]  ret_from_fork_asm+0x1a/0x30
[  532.599983][ T5829] 
[  532.602288][ T5829] Freed by task 10810:
[  532.606334][ T5829]  kasan_save_stack+0x33/0x60
[  532.610999][ T5829]  kasan_save_track+0x14/0x30
[  532.615660][ T5829]  kasan_save_free_info+0x3b/0x60
[  532.620677][ T5829]  __kasan_slab_free+0x51/0x70
[  532.625427][ T5829]  kmem_cache_free+0x152/0x4b0
[  532.630175][ T5829]  kfree_skbmem+0x1a4/0x1f0
[  532.634678][ T5829]  sk_skb_reason_drop+0x136/0x1a0
[  532.639695][ T5829]  l2cap_conn_del+0xa5/0x730
[  532.644273][ T5829]  l2cap_connect_cfm+0x9e6/0xf80
[  532.649196][ T5829]  hci_conn_failed+0x1c3/0x340
[  532.653944][ T5829]  hci_abort_conn_sync+0x75a/0xb50
[  532.659056][ T5829]  hci_disconnect_all_sync.constprop.0+0x104/0x3c0
[  532.665557][ T5829]  hci_suspend_sync+0x772/0xab0
[  532.670393][ T5829]  hci_suspend_dev+0x30a/0x510
[  532.675149][ T5829]  hci_suspend_notifier+0x28d/0x2f0
[  532.680344][ T5829]  notifier_call_chain+0xb9/0x410
[  532.685371][ T5829]  blocking_notifier_call_chain_robust+0xc9/0x170
[  532.691774][ T5829]  pm_notifier_call_chain_robust+0x27/0x60
[  532.697562][ T5829]  snapshot_open+0x189/0x2b0
[  532.702143][ T5829]  misc_open+0x35a/0x420
[  532.706392][ T5829]  chrdev_open+0x237/0x6a0
[  532.710801][ T5829]  do_dentry_open+0x6ca/0x1530
[  532.715556][ T5829]  vfs_open+0x82/0x3f0
[  532.719621][ T5829]  path_openat+0x1e6a/0x2d60
[  532.724202][ T5829]  do_filp_open+0x1dc/0x430
[  532.728690][ T5829]  do_sys_openat2+0x17a/0x1e0
[  532.733353][ T5829]  __x64_sys_openat+0x175/0x210
[  532.738200][ T5829]  do_syscall_64+0xcd/0x250
[  532.742722][ T5829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.748609][ T5829] 
[  532.750915][ T5829] The buggy address belongs to the object at ffff888061a88500
[  532.750915][ T5829]  which belongs to the cache skbuff_head_cache of size 240
[  532.765468][ T5829] The buggy address is located 228 bytes inside of
[  532.765468][ T5829]  freed 240-byte region [ffff888061a88500, ffff888061a885f0)
[  532.779245][ T5829] 
[  532.781549][ T5829] The buggy address belongs to the physical page:
[  532.787947][ T5829] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x61a88
[  532.796705][ T5829] memcg:ffff888032bbc881
[  532.800921][ T5829] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  532.808013][ T5829] page_type: f5(slab)
[  532.811983][ T5829] raw: 00fff00000000000 ffff88801ea91780 dead000000000100 dead000000000122
[  532.820550][ T5829] raw: 0000000000000000 00000000000c000c 00000001f5000000 ffff888032bbc881
[  532.829112][ T5829] page dumped because: kasan: bad access detected
[  532.835526][ T5829] page_owner tracks the page as allocated
[  532.841232][ T5829] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 8566, tgid 8562 (syz.0.484), ts 331157518755, free_ts 327767117142
[  532.860414][ T5829]  post_alloc_hook+0x2d1/0x350
[  532.865174][ T5829]  get_page_from_freelist+0xf7d/0x2d10
[  532.870617][ T5829]  __alloc_pages_noprof+0x223/0x25a0
[  532.875885][ T5829]  alloc_pages_mpol_noprof+0x2c9/0x610
[  532.881331][ T5829]  new_slab+0x2c9/0x410
[  532.885471][ T5829]  ___slab_alloc+0xdac/0x1880
[  532.890133][ T5829]  __slab_alloc.constprop.0+0x56/0xb0
[  532.895575][ T5829]  kmem_cache_alloc_node_noprof+0xed/0x310
[  532.901390][ T5829]  __alloc_skb+0x2b1/0x380
[  532.905805][ T5829]  skb_copy+0x1c9/0x3a0
[  532.909953][ T5829]  mac80211_hwsim_tx_frame_no_nl.isra.0+0xb7f/0x12f0
[  532.916620][ T5829]  mac80211_hwsim_tx_frame+0x1eb/0x2a0
[  532.922068][ T5829]  mac80211_hwsim_beacon_tx+0x592/0xa00
[  532.927600][ T5829]  __iterate_interfaces+0x2d0/0x5d0
[  532.932787][ T5829]  ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0
[  532.939796][ T5829]  mac80211_hwsim_beacon+0x105/0x200
[  532.945069][ T5829] page last free pid 5200 tgid 5200 stack trace:
[  532.951378][ T5829]  free_unref_page+0x5f4/0xdc0
[  532.956130][ T5829]  __put_partials+0x14c/0x170
[  532.960790][ T5829]  qlist_free_all+0x4e/0x120
[  532.965375][ T5829]  kasan_quarantine_reduce+0x192/0x1e0
[  532.970829][ T5829]  __kasan_slab_alloc+0x69/0x90
[  532.975677][ T5829]  kmem_cache_alloc_noprof+0x121/0x2f0
[  532.981126][ T5829]  getname_flags.part.0+0x4c/0x550
[  532.986230][ T5829]  getname_flags+0x93/0xf0
[  532.990645][ T5829]  vfs_fstatat+0x86/0x160
[  532.994965][ T5829]  __do_sys_newfstatat+0xa2/0x130
[  532.999977][ T5829]  do_syscall_64+0xcd/0x250
[  533.004462][ T5829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  533.010349][ T5829] 
[  533.012652][ T5829] Memory state around the buggy address:
[  533.018259][ T5829]  ffff888061a88480: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[  533.026297][ T5829]  ffff888061a88500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  533.034336][ T5829] >ffff888061a88580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  533.042376][ T5829]                                                        ^
[  533.050068][ T5829]  ffff888061a88600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  533.058196][ T5829]  ffff888061a88680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  533.066235][ T5829] ==================================================================
[  533.120511][ T5829] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  533.127733][ T5829] CPU: 0 UID: 0 PID: 5829 Comm: kworker/u9:3 Not tainted 6.12.0-rc6-syzkaller-00272-gda4373fbcf00 #0
[  533.138593][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  533.148653][ T5829] Workqueue: hci1 hci_rx_work
[  533.153346][ T5829] Call Trace:
[  533.156618][ T5829]  <TASK>
[  533.159543][ T5829]  dump_stack_lvl+0x3d/0x1f0
[  533.164139][ T5829]  panic+0x71d/0x800
[  533.168042][ T5829]  ? __pfx_panic+0x10/0x10
[  533.172466][ T5829]  ? preempt_schedule_thunk+0x1a/0x30
[  533.177837][ T5829]  ? preempt_schedule_common+0x44/0xc0
[  533.183307][ T5829]  check_panic_on_warn+0xab/0xb0
[  533.188252][ T5829]  end_report+0x117/0x180
[  533.192587][ T5829]  kasan_report+0xe9/0x110
[  533.197011][ T5829]  ? sk_skb_reason_drop+0x3d/0x1a0
[  533.202127][ T5829]  ? sk_skb_reason_drop+0x3d/0x1a0
[  533.207243][ T5829]  kasan_check_range+0xef/0x1a0
[  533.212107][ T5829]  sk_skb_reason_drop+0x3d/0x1a0
[  533.217052][ T5829]  l2cap_recv_acldata+0x129/0xb70
[  533.222088][ T5829]  hci_rx_work+0xb1c/0x16c0
[  533.226603][ T5829]  process_one_work+0x9c5/0x1ba0
[  533.231546][ T5829]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  533.237179][ T5829]  ? __pfx_process_one_work+0x10/0x10
[  533.242556][ T5829]  ? assign_work+0x1a0/0x250
[  533.247154][ T5829]  worker_thread+0x6c8/0xf00
[  533.251746][ T5829]  ? __pfx_worker_thread+0x10/0x10
[  533.256858][ T5829]  kthread+0x2c1/0x3a0
[  533.260931][ T5829]  ? _raw_spin_unlock_irq+0x23/0x50
[  533.266134][ T5829]  ? __pfx_kthread+0x10/0x10
[  533.270724][ T5829]  ret_from_fork+0x45/0x80
[  533.275139][ T5829]  ? __pfx_kthread+0x10/0x10
[  533.279731][ T5829]  ret_from_fork_asm+0x1a/0x30
[  533.284509][ T5829]  </TASK>
[  533.287741][ T5829] Kernel Offset: disabled
[  533.292049][ T5829] Rebooting in 86400 seconds..