last executing test programs:

25m3.943172979s ago: executing program 4 (id=257):
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448d4, &(0x7f0000000000)={0x3, 0x200, "fe00", 0x0, 0xf})

25m3.754179121s ago: executing program 4 (id=259):
r0 = syz_open_dev$video(&(0x7f0000000300), 0x9, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000000)={0xd, @vbi})

25m3.077598026s ago: executing program 4 (id=262):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bind$802154_raw(0xffffffffffffffff, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000005c0)='f2fs_map_blocks\x00', 0xffffffffffffffff, 0x0, 0xd0}, 0x18)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x10480, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00', <r5=>0x0})
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f0000000540)={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x4400046, r5})
r6 = socket$netlink(0x10, 0x3, 0x0)
lgetxattr(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280)=@known='user.syz\x00', &(0x7f00000003c0)=""/118, 0x76)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="300000001800ef0100000000000000000a0000000000d350bac3c65b7881050000000000000000000000000000000002fedbab0a35a8a64c1c31d4602d96ef1859ffeffb6d12ecfb00abd1cd546cb7f22ea3f4b43d4426e73d"], 0x30}, 0x1, 0x11}, 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
read$FUSE(r3, &(0x7f0000002080)={0x2020, 0x0, 0x0, <r7=>0x0}, 0x2020)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x10c1007, &(0x7f0000000680)={[{@verity_require}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@verity_require}], [{@euid_lt={'euid<', r7}}, {@obj_user={'obj_user', 0x3d, '},:$('}}, {@fsmagic}, {@euid_lt={'euid<', r7}}]})
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
mount$afs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x8000, 0x0)
chdir(&(0x7f00000001c0)='./bus\x00')
utime(&(0x7f0000000000)='./file0\x00', 0x0)

25m1.171642829s ago: executing program 4 (id=268):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, r2, 0x25, 0x0, @val=@netfilter={0x5, 0x1, 0x107, 0x1}}, 0x20)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r5=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r3, r5}, 0x40)

24m59.985650397s ago: executing program 4 (id=269):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000004f995b823a8cd01a3ea5a463a8387618dd1273a70fe495781c773751f37d20ccf11ae1243e448bebbb5ebd19ba6e0a18ce6411c9411759aa42dbf17e0d30abf817a8d8a71c7d9ce3fffe981d62e6f72609b66527579b2924bbb5ebaab1a5305e4079acd07990c278b0"], 0x48)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYRESHEX=r1], &(0x7f0000000100)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffe9d, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xfffffffffffffce8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x800000000000008, 0x88}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
openat$sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x200, 0x8a}, 0x0)
r3 = getpid()
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r6 = socket$unix(0x1, 0x2, 0x0)
r7 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000200)=0x10)
bind$unix(r6, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0xea5, './file0\x00'}})
write$dsp(0xffffffffffffffff, &(0x7f0000000000)="d9d2c4ca000000000000", 0xa)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x80801)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18976d0000000000000000000000000005b65d5a9ae0982f"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x10, &(0x7f0000000580)=@framed={{}, [@snprintf={{0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {0x3, 0x0}, {0x5}, {}, {}, {}, {}, {0x7, 0x0, 0x0, 0x8}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xbf}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

24m55.185312211s ago: executing program 4 (id=286):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffffffffffe84, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000240)={0x2c, 0x12, 0x1, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x0, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}, @typed={0xc, 0x1d, 0x0, 0x0, @u64=0x3}]}, 0x2c}], 0x1}, 0x0)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f00000010c0)={<r3=>0x0, "e0ca0c5103d151194f20fcc6a0541c4a"})
ioctl$BTRFS_IOC_DEV_INFO(r2, 0xd000941e, &(0x7f00000020c0)={<r4=>0x0, "ddd8f855a037906bcadd78dd632cc33b"})
ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000580)={<r5=>0x0, 0x1ff, 0x0, [0x100000000, 0x2, 0x8, 0x9, 0x39b], [0x2, 0x1, 0x7, 0x8, 0xfffffffffffffffa, 0xa74, 0x0, 0x100, 0x1, 0x8, 0x629, 0x8, 0x9b7, 0x5, 0x3, 0x7, 0x8, 0x372, 0x6, 0x9, 0x2, 0x1, 0x400, 0x72b2, 0x81, 0x4, 0x2, 0xfffffffffffffffa, 0x3, 0x3, 0x2, 0x3ff, 0x7f, 0x4, 0x0, 0x200, 0xfffffffffffffffd, 0xc6b, 0x2, 0x5, 0x6, 0xffffffff81cb3e64, 0xffffffff, 0x10, 0xa, 0x7, 0x5, 0x9, 0x0, 0x5, 0x2, 0x800, 0x4, 0x100000001, 0x80000000, 0xfe3, 0xe7, 0xfa6c, 0x9, 0x9, 0x4, 0x0, 0xff, 0x60915ba8, 0x10001, 0xfffffffffffffff8, 0x8000000, 0x400, 0xa, 0xffffffff80000001, 0xffff, 0x7ff, 0x4, 0xee4, 0x3, 0x0, 0xff, 0x5, 0x9, 0x85e, 0x0, 0x4, 0x400, 0x9, 0x5, 0x2, 0x1, 0x2, 0x5, 0x1c00000000000000, 0x3, 0x718, 0x4, 0x1, 0xff, 0x1, 0x2, 0x4, 0x7e, 0x7fff, 0x5, 0x9, 0x4, 0x4, 0xfe4, 0xffffffffffffff7e, 0x1, 0x942, 0x5, 0x8, 0x101, 0x4, 0xf, 0x7ec, 0xffffffffffffffff, 0x7, 0x2, 0x12000000000000, 0x1, 0x6, 0xffffe00000000000]})
ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f00000009c0)={0x5, 0x4, {0x5, @usage=0xc2, r3, 0x0, 0x5, 0xfffffffffffffa26, 0x2, 0x5, 0x440, @struct={0x4, 0x23}, 0x6, 0xd3, [0x7, 0x7, 0x59, 0x3ff, 0x6, 0xffffffffffffffff]}, {0x100, @usage=0x2, r4, 0x0, 0x5a, 0x5, 0x6, 0x400, 0x0, @usage=0x6, 0x6, 0x5, [0x5, 0x1, 0xdd6c, 0x9, 0x8, 0x7f]}, {0xd7a, @usage=0x6, r5, 0x7, 0x1, 0x40, 0xb, 0x874, 0x82, @struct={0x9, 0x1}, 0xfffffff8, 0x6, [0x4, 0x6, 0x284e, 0x6, 0x3, 0x7]}, {0x1, 0x9, 0x6}})
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
connect$unix(r7, 0x0, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$evdev(&(0x7f0000000540), 0x4, 0x400)
socketpair(0x2a, 0x1, 0x2, &(0x7f00000001c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$TCSETA(0xffffffffffffffff, 0x560a, &(0x7f0000001040)={0x0, 0x1, 0x4, 0x20, 0x0, "0000e5ff0100"})
getsockopt$EBT_SO_GET_ENTRIES(r8, 0x0, 0x81, 0x0, &(0x7f0000000340))
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8ab8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7", @ANYRES32=r9, @ANYBLOB="0000000000000000b703000000000000850000006900000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r10, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
ioctl$USBDEVFS_GET_CAPABILITIES(0xffffffffffffffff, 0x8004551a, &(0x7f0000000100))

24m39.670049122s ago: executing program 32 (id=286):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffffffffffe84, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000240)={0x2c, 0x12, 0x1, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x0, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}, @typed={0xc, 0x1d, 0x0, 0x0, @u64=0x3}]}, 0x2c}], 0x1}, 0x0)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f00000010c0)={<r3=>0x0, "e0ca0c5103d151194f20fcc6a0541c4a"})
ioctl$BTRFS_IOC_DEV_INFO(r2, 0xd000941e, &(0x7f00000020c0)={<r4=>0x0, "ddd8f855a037906bcadd78dd632cc33b"})
ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000580)={<r5=>0x0, 0x1ff, 0x0, [0x100000000, 0x2, 0x8, 0x9, 0x39b], [0x2, 0x1, 0x7, 0x8, 0xfffffffffffffffa, 0xa74, 0x0, 0x100, 0x1, 0x8, 0x629, 0x8, 0x9b7, 0x5, 0x3, 0x7, 0x8, 0x372, 0x6, 0x9, 0x2, 0x1, 0x400, 0x72b2, 0x81, 0x4, 0x2, 0xfffffffffffffffa, 0x3, 0x3, 0x2, 0x3ff, 0x7f, 0x4, 0x0, 0x200, 0xfffffffffffffffd, 0xc6b, 0x2, 0x5, 0x6, 0xffffffff81cb3e64, 0xffffffff, 0x10, 0xa, 0x7, 0x5, 0x9, 0x0, 0x5, 0x2, 0x800, 0x4, 0x100000001, 0x80000000, 0xfe3, 0xe7, 0xfa6c, 0x9, 0x9, 0x4, 0x0, 0xff, 0x60915ba8, 0x10001, 0xfffffffffffffff8, 0x8000000, 0x400, 0xa, 0xffffffff80000001, 0xffff, 0x7ff, 0x4, 0xee4, 0x3, 0x0, 0xff, 0x5, 0x9, 0x85e, 0x0, 0x4, 0x400, 0x9, 0x5, 0x2, 0x1, 0x2, 0x5, 0x1c00000000000000, 0x3, 0x718, 0x4, 0x1, 0xff, 0x1, 0x2, 0x4, 0x7e, 0x7fff, 0x5, 0x9, 0x4, 0x4, 0xfe4, 0xffffffffffffff7e, 0x1, 0x942, 0x5, 0x8, 0x101, 0x4, 0xf, 0x7ec, 0xffffffffffffffff, 0x7, 0x2, 0x12000000000000, 0x1, 0x6, 0xffffe00000000000]})
ioctl$BTRFS_IOC_BALANCE_V2(r1, 0xc4009420, &(0x7f00000009c0)={0x5, 0x4, {0x5, @usage=0xc2, r3, 0x0, 0x5, 0xfffffffffffffa26, 0x2, 0x5, 0x440, @struct={0x4, 0x23}, 0x6, 0xd3, [0x7, 0x7, 0x59, 0x3ff, 0x6, 0xffffffffffffffff]}, {0x100, @usage=0x2, r4, 0x0, 0x5a, 0x5, 0x6, 0x400, 0x0, @usage=0x6, 0x6, 0x5, [0x5, 0x1, 0xdd6c, 0x9, 0x8, 0x7f]}, {0xd7a, @usage=0x6, r5, 0x7, 0x1, 0x40, 0xb, 0x874, 0x82, @struct={0x9, 0x1}, 0xfffffff8, 0x6, [0x4, 0x6, 0x284e, 0x6, 0x3, 0x7]}, {0x1, 0x9, 0x6}})
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
connect$unix(r7, 0x0, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$evdev(&(0x7f0000000540), 0x4, 0x400)
socketpair(0x2a, 0x1, 0x2, &(0x7f00000001c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$TCSETA(0xffffffffffffffff, 0x560a, &(0x7f0000001040)={0x0, 0x1, 0x4, 0x20, 0x0, "0000e5ff0100"})
getsockopt$EBT_SO_GET_ENTRIES(r8, 0x0, 0x81, 0x0, &(0x7f0000000340))
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8ab8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7", @ANYRES32=r9, @ANYBLOB="0000000000000000b703000000000000850000006900000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r10, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
ioctl$USBDEVFS_GET_CAPABILITIES(0xffffffffffffffff, 0x8004551a, &(0x7f0000000100))

19m52.719036199s ago: executing program 2 (id=1125):
socket$inet_mptcp(0x2, 0x1, 0x106)
sync_file_range(0xffffffffffffffff, 0x2000000, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={0x0, 0x254}}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioprio_set$uid(0x0, 0xffffffffffffffff, 0x2000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001000)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x20004084)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)
close(0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[], 0xfc}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r5}, 0x10)
syz_io_uring_setup(0x39, &(0x7f0000000580)={0x0, 0xe7b7, 0x13500}, &(0x7f0000000240), &(0x7f0000001880))
syz_clone(0x40004080, 0x0, 0x0, 0x0, 0x0, 0x0)

19m47.097259721s ago: executing program 2 (id=1134):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000480)={0xffffffffffffffff, 0x2, 0x2}) (fail_nth: 1)

19m45.058133211s ago: executing program 2 (id=1142):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000ff0d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, r2, 0x25, 0x0, @val=@netfilter={0x5, 0x1, 0x107, 0x1}}, 0x20)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000020000000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r5=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r3, r5}, 0x40)

19m43.19782096s ago: executing program 2 (id=1147):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x1041, 0x0)
umount2(&(0x7f0000000000)='./file0/../file0\x00', 0x1)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00')
read$FUSE(r0, &(0x7f0000012380)={0x2020}, 0x2020)
read$FUSE(r0, &(0x7f00000145c0)={0x2020}, 0x2020)

19m42.247990978s ago: executing program 2 (id=1150):
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000000)={0x20, r1, 0x0, 0x0, &(0x7f0000000140)})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000180)={0x20, r1, 0x2, 0x0, &(0x7f00000001c0)=[{0x0, 0x1}, {0x3, 0x5}]})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x7, r1, 0x0, &(0x7f0000000240)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x1c})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000280)={0x18, r1})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f00000002c0)={0x28, 0x7, r1, 0x0, &(0x7f0000000300)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x2})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000340)={0x18, r1, 0x2, 0x1c})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000380)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f00000003c0)={0x18, r1})
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000400)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000440)={0x28, 0x7, r1, 0x0, &(0x7f0000000480)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x2})
ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f00000004c0)={0x28, 0x7, r2, r1, 0x1c, 0x3, 0xfffffffffffffffe})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000500)={0x18, r2, 0x3, 0x1c})
ioctl$IOMMU_DESTROY$ioas(r0, 0x3b80, &(0x7f0000000540)={0x8, r2})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000580)={0x18, r1})
ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r0, 0x3b87, &(0x7f00000005c0)={0x18, 0x0, 0x1})
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r0, 0x3b87, &(0x7f0000000600)={0x18, 0x1, 0x1, 0x0, r1})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000640)={0x20, r1, 0x0, 0x0, &(0x7f0000000680)})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f00000006c0)={0x48, 0x1, r1, 0x0, 0x1000, 0x2000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r1, 0x0, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000007c0)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1004000})
ioctl$IOMMU_TEST_OP_MD_CHECK_MAP(r0, 0x3ba0, &(0x7f0000000800)={0x48, 0x3, r3, 0x0, 0x1004000, 0x1000, &(0x7f0000ffc000)})
ioctl$IOMMU_TEST_OP_MD_CHECK_REFS(r0, 0x3ba0, &(0x7f0000000880)={0x48, 0x4, 0x0, 0x0, 0x1000, &(0x7f0000ffc000), 0x1})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000900)={0x18, r1, 0x1000, 0x1004000})

19m40.50203542s ago: executing program 2 (id=1155):
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001200192340834b80040d8c560a117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c100000000000224e0000", 0x58}], 0x1)

19m40.15191141s ago: executing program 33 (id=1155):
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001200192340834b80040d8c560a117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c100000000000224e0000", 0x58}], 0x1)

3m34.29607344s ago: executing program 6 (id=3352):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x4010200) (async)
unshare(0x4010200)
unshare(0x40020000)
socket$inet_icmp(0x2, 0x2, 0x1)

3m12.084433963s ago: executing program 6 (id=3352):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x4010200) (async)
unshare(0x4010200)
unshare(0x40020000)
socket$inet_icmp(0x2, 0x2, 0x1)

2m49.162035145s ago: executing program 1 (id=3966):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000f80)=ANY=[@ANYBLOB="1000018004"], 0x28}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0xb, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b", 0x0, 0xe00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="10000000040200000800000008000000e38954", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r1, &(0x7f00000003c0)='cgroup.events\x00', 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000000000000000800040001000000", 0x24)
unshare(0x2a020480)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_ENCAP(r2, 0x113, 0x1, &(0x7f0000000080)=0x1, 0x4)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000006c0)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x2000, 0x4, 0xffffffffffffffff})
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000580), 0x101000, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x5, 0x6}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000200)=0x3)
syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000380)=ANY=[@ANYBLOB="ec26bcaba003a8136210e9ba065106000000cb735548e61eb59e1bfa"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
read$msr(r6, &(0x7f0000000fc0)=""/102397, 0x18ffd)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16, @ANYBLOB="1709000000000000000001000000050007000000000008000900000000001400200000000000000000000400ffffe000fd6e08000a0000000004060002000100000014001f"], 0x5c}, 0x1, 0x620b}, 0x0)
ioctl$SNDCTL_DSP_POST(r6, 0x5008, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
close(r5)
ioctl$SNDCTL_SEQ_TESTMIDI(r4, 0x40045108, &(0x7f00000005c0)=0x400)

2m47.37524638s ago: executing program 1 (id=3970):
prctl$PR_SCHED_CORE(0x3e, 0x2000000000000001, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x840)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = gettid()
syz_open_procfs(r1, &(0x7f0000000240)='mounts\x00')
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000700000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000004000000000000000000000850000007a00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc2, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r5, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r2}, 0x20)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000280), 0x4)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="8b3700000000000000000500000008000300", @ANYRES32=r8], 0x28}}, 0x0)

2m45.364858247s ago: executing program 1 (id=3975):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={&(0x7f00000019c0)=ANY=[@ANYBLOB="3c100000", @ANYRES16=r3, @ANYBLOB="010000000000000000000c0000000810038004100400be35816acc29c3f0a423c9bdbee53fcfda5f9461882123d7ab126ec218ab95a7efbd5bc1e30a574d6e7cdcb600e341f540de9ca7df43890be5ac78793fb76ff10ce7abec3ad97b843f726c44277cd34e636954ed6ff481c684abe14b1e0ef378b2ce8c3eaaea6969e36c06bf3a7b8c1f1bdb758b95ad54588e66b06429d29816133bb41d52207867b3d0b05652a492a89cc42251436dca42021fa5e3cbc27aa9ef90b40930e4d51a7cd1e53a6f325ab69dc208d86c88a40bb0dc834c5e6fb5a6a79e8fbd5df4105c53482fa7d294b7d2ac09c112d80ed255c7591fdd6600ec3207099a48d255c64cee5679ff6a6b56b06bff158730bc38fde14ee7a08d9c66602cb93c89eec7b5bedce1a467a131a185d1495a8ceb2fad64abeee40285c367c29d4a42f5aaadd7d5701f9f7dc5879f08a39f42a4e262efbc32b27e8d4ec3d382f306c1b30eef2ac07a611b093b872b47bb9198ac33fa0f73dda08adce116144fdeb6b9afa10560003f03b44cdbf42772858975b6d52e2529716bc2361749201308aef3c76504f9764cb0bf434e18a91253acd524c1e25c7151a7eb7b8288376d639641487433e409742c3f28093ce0341eb9393948ca8e3ba5849fac5af91fc07f4fc4bf6d9dfd3ae1340e97664bf80c93eee028a74c9a6c039b2640d02101391225b0001e8167e89f85da712db09584581c0aa247d0bb04fca5b10ed567ddd9db09961156dbea87ecea13420b8f289d639188f2041e9581a3e3980e55fae18bdb2372e68626c6d290c7f6fdceec6e11f67d6cf5ae9db962c1a52c9524db55cf6f3f91d88ae52db8aa5774bc019e26b6f87fc2d68249b0bd5f11242bf7ef1ee97c3cfc65d5f7ebb497a65e48c221e5efaf721841d0c5dd0b13adc6ccf8719c172fe14b59c12d7c94a54d21c21a583e61f1a555d20bef10df22c529fefabd0ab6f9ff990ffd3c669ce3bdeb12f756d79ad7b884b13cf6fa69b455785e36fcb49202abf8e423b23472a7ac44d927e7193b9cf4da5a6dc1f68ca19298376afe610b48480b32481fb44e3cb4f179e463ca9efe3577f36ee9c46a074569a633a75a84150d253b871dea38d5e1e02141301e7a9ce4e1029afae69a636f3671b2c135cf3bf34fe5e7157be9cad28a6ba20ccc8e959d354af4587c8e2cb0a45cfeba1f761a90c53e4b75e9a7b93ba496017a8cc1ce84c6c295c2e30f0691f8025868ff53703408b19e38078c9e0478c65c9974f033d6c9e895835b96a37ba8e30c2ae48339f167c2eea89a4e2bb22b8b5397793fb672862dbcb0e9ae4724da7086eeda3168b25864c236af8a403ecf64862504c54792abcc0a0db0443c6d9acd290ca5b551906725b79df73a6d68a254535e6f3a1c7862cd1348dba5dd6ae35c2348fa22ea8fbc405e6638433c61d5e6501311b5b81d6ccd14a59005f5272f74021cd02e343f7deb2753f23897476d72e213dc793e4f466d05155890bd758e3a1a60f09dc960a44fa09835c8cf72069cbcaacdc8be1b1bf63281817e84f0135b8da446dfb4459e54cc5c401b140621d10d933e779224320d0f0779e54d6a497afede5467ca64961d9d7f49cff919d40492810562e4f8260dcf33baab703713cec03e255013a5bc4f0f5c56ec5d997977d07a3bda00a5e7165fa70b5cf457484f66a967e97e484a1013e9689406bce1dc0eaca5d2b02b89dbae72f40f9b6569c753a40f810244f881c4f5c247ea9bb65cef0ffb542869d138eb94a80ae833359ac6ef759f1c67d123fb8fdd81f3ff2dfdb461a9ecc74062c72f6f455b08665fcfa45bc90ab4512c69097b4174c2e13a27cad9b7a7e6b8f1bae222bca78e10a5a36f97a6df2536336a203a87003c014fb521339b8d92a4bb11109624d65a68aa709b1eb61510ca4e6315e6cfbe337569f7bf584344142b380c3d90c648607dac547968185485b85fba2af93f4fc72d8c8aab1c58f14cac673017841aad3e2f8a86c5c750405533de0e224b1c847efaa3b6da8dccbaed48efb1a88bea829c02f67731eff1556ac6e4338c484fc49898ed49caf26b356e450ae0d2f6f86f25ffbe3a440dff1507b9dc2714b6ff9313142bc660c8944257cb2c8d05208b65c3937ec287d4923546902cc0e086e3d3bd13be8932402f2c11a2958ed3e43e24a6ce6fb3eb8f93129f20a424fedff9869ad7cbe6f5a920119d5f1e3677b9bf7ee25daf6434708f09384ddea857d95c2a0f3064f902dfd2c357870446b2fbdf656a1f5d72fe1c55861c4fe5197749da61372f4ffb84acd36f327d976308a5ecc4e663e96c148f8677849117605f30c85e8fcdf08f6855e256a3cc2565cf8289fcc45567a7eb9cba2252f0fb08c84c4cea1f45cb473193900f5c7129108fa3caa0759156305b216c81ff8b9dbb0de8a6ff89bed4040b706784799dd3f33a052e9c2fe113eb271f5a369a0462a7601cc5f288f90350bb4a70e30e2ec7ab5ace616fca27e2ec058618a8e7141b3be95b0ce9ff3d0a4e3dc2ae93db2ea68b67ece3d72b056225329929ae745cb2a8773c7845e088ab7e609062443d28fb5397f2ee95ec039e1f8b042a225695e1e32c3901aa1998b99f732fc5b7720986ca3d00e3445e45cb2be8777eee2a29aaffd6907dd364981c12d4a8081dc67f171589bda4e3c797fff3564db787c15fe6a1de4a1aaea6218bb445cb376d2f754cfa831cd7576e357160270f34078dd636469f5783c6fe130b89db87294dc70d010c9eed22a652cab66765e7a9a1daaad43ef75e62fd16df8915899e6680ac3897db4bd430077c36134d6d23c4ec3cd957feed7a54f6cabb6cbe088010a6e202357a2c7ac904211380c8180c8ac616ed3ce9f77752df6a6eddbd79d14006f1d6c6c3c7d3dea9ecf6b43c3d2e171959bf6133d4b7b07b70184e2d179ecf97f37e3d859f70ab9e449ec2f08b60a66afe194f0f09968502aa17caffe7204682ee8222e603b79fc43d985a407306640c479eca665020d4a1581ccefd6b18a49091c0b77de415b423a2d34c08a268baa83d6ba415f483433eba927df49d765f54e7df965e5b9ec9fc0b5585bf24d5d46fbb0e1ea4d3df46e787d32e7340fad28c8e911de9427fbceee55b860aa5310d469cad277956794e5ad6a1c53a133857dc1e720edde4e3234960ff4b9da51015eb12c499f60b1432c0d56dc67ba3507968b9623f27807677194b3262585ac3a36296de0afec67864e949ed5ab25ca81ce73740fecc8dc117c770c09f38dee55240918e92d4ac6dd26767c0fbbfaca4b391b72db39c380253df5c8304764c71d4699c56269da16462339848ef7e3afc43b599c5c5aade6a0550298c04cf8500c82d9709be0c420fa19f0148e69803219a3f3bee2a325233f7ffa6bb42019694c618ed44692fba5c5b94ac4d51ac9904acf7d139be3b07e3182f4259b108f9c899b5eac8c2c2985c48e294c5f4f9eeea8c477941d85ba4b724a42c52fe16ebbee9fdb63991f479bf522086026d5ab2ae4ed3c5b3c2b036fb5c15f1d6951b88cabf183b0513ed28fe92c96aecb49069dd7d45605fbe1c12e36ba1f546ceee8bd858063eefa8de7e043c752c57bb3ddf84106a6f97eba8ebe91fb6b40055bf9a054af6910c7ef52aefbe2ea7f9d628d64566ff78296adea8dd754f9e7a0e69e37191ef6b0f2ba0168df81d9ac9420df65c17b76bd1d053176b6983471910078bc4c25aa2d6aebc21314a6fbe074a7da1c606b9045dcc86df20b98d95b68524c71b3bf3ff9d21fee903ae6818f5e8599f652cba972ac9089f65fb9f336f3ddd0c406fab112048c7d28ce5c3470c599929404b87380dafc67a3721867aef06680053f7d4e644a7297c79587dc1fa50692e8f4f7abe6db7750a2de3f4f4d30b0fc26c578b3e69c8b7337a3917a86fca3292e81fa7f8d2636e8bf1fa9e1fefabd9663d4d38537f0392fc59cbf37423ba0ee85d64e7985cd9ea5d3af222d0b261616fedcaad18961041223943f658793b68f7f1e16869a0e963d94e381f2ef2977c38ec3079c4121f76f2db9d4abd64f6b2b95cd94a51aa36ac178ea64450fd219dd099bfad9675cf97cc7c55b371a1cb6db0a7abf99ba0a23b7d39f9bb305e3f2963f4069848963179f4b288204e917632c97aacf221b3395a013ce20bec1c6b34cb73cfc911bdc76b6d019993e722ed78d950f50870d6cb2732d8dc0f4f4bdcdf9af16ee290f719f1d61bd723cf61870a8a9a9232c31076fa5c7479fe3803fbe7fef5a83cbe279d71d265c28f424680a4146f6428c4fda5d09a4ca97c715a78c4fb2b9d0970bb94fbcbd4d38f6414e999c3f385c7792cdba84921fdf7467339a6cdd15b1a20295153aab05b79253d0d1410bdc18f61da47473d7e4f35cced95c333b7091d6d7c8d12626b17a30be2830059b63191d8832e32595e7d92918c52828a1263183afa89b5b05403d39c0b3b0121e1042e45811ebb81eb3309b3c6616573fa9e3d061996cc2b3c67a0b50686166ecaf47fc1b275da566902269b5dfa59a35a6918024c5450e7fa5a7dd52e2a6191e22b3b9ae111dfd7d785e0acf82a793d9cab98de1f92ec587c479b1699c97da6a0ab723f5d7df9128fa96cda54854e25c58d92cfe40f5ffe0bdc91f4205d9b4d2aaf3f6687303cd6cd04f5fe7f248ce4831a75490dc4775c800ff189caf4a10446b2d5161f810e33ed5a4e7e6b7ce9edbbc76b0b21555721a19ebef296dc68361c4b1988d79e5b818da5504c304dd080674900f92a917ac17695f8a4972027ab525e01efd1eb19035c093792b7bbe93ea7ee8510dc152a8b2451f2b54c9a3adfeff9fb7514e5e7f0a277d385fe6daaeeec8f1cc556c340f4c4e28b83ee2f5856546207def07d6f1a645c95924c83bf029e44b891e12867b6f3b4c08a920fb4b67da5bbc238f86bde8e3eab7bf6ccfafb5090c1b06a79dd5b2c8af7827866db20e9964639815b0f25513778f956c22d71ad39f30970d671ab9ab0f8fd50864fc8d1b8ae45083f109ce017c8ae5f55280f1cf3c0fd2df39e3e7061ec18ecf8feddda8c8baa8e92722843cc2f10572a0a1029b00675068380ed8a7c811cb2cc9ba0d6c2ee7eda5dde580a41254870c0431de796ccd46140e58f0efd9ffa2cc76bf306521c5b1b53495bcebc84ccb7edd7ec6e4b7b517fdcc36e68b2eb845e4b891c9865eff2680c3b0a1924c6678f974b1b9c1193127d68b07bf0f60c9d00bf44faae7918b262105f72d0846c02dfda32076777154ddd75342f1d3bc01382c63385454cdc149ac61995e0b54beda8c0e161dbb7b6f8eddcff7ed643cf25fac98f363dbee3ddd9d5bf279c60cf4d864c8cf1ec7f806d31f7652dfaa67e4b2ddaaec04b56f8aa2aa932eabafb9959270af75eecf7d8c0e60b3a578ea20e0cca75c3500de54265359a88726baade008d7397d5a6f906e3502f3de568a14a2822e6d377ea7d35559acc1112bc6f8be11abea82c94f71f89cb050d1dbf9171621f3ec5381c67bb59b9e55b5ad81cc11756acd65c7cd147bd6061061f72ee3d9300a448256bd9c8653e3aa32e7a890743a500ea480e2f41572984575492f1c321e81d3d9c68cc5f6393e5b1b0751a88875f77553d9e4699405eb46f6162a17085053ce46a9a1f33ff8b8464ba40f951ea9fa717253a91e717f489bf150af49a33dd4b37b5e7d92461e7d96b1b442c07101abfab1ab92ced3b332e38c7058cdd3f68eba8218339024070cf3b1ebedbcee601208e6f4bde65ac60a74fedacf3f30538b549a2d9e3c4d3bc369cfb08200001801400020076657468300000000000000000000000080003000300"/4150], 0x103c}}, 0x0)
r4 = dup(r1)
memfd_create(&(0x7f0000000400)='syztnl0\x00', 0x3)
socket$packet(0x11, 0x2, 0x300)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340))
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$KVM_GET_LAPIC(r4, 0x8400ae8e, &(0x7f0000000440)={"d997b5dfd9efb908c132959571ef45d9249df3b7e80b179970125c0dc199b6b27dc7c577e50cdfa42a5aa09c1fec4465d7e4c4c935471cd02384d0fb6efae5f94462707c530088887469c8a2ab08dfe6256df6e95085b6dc75cba5537f66b6de5764ba5088ebfa0bef97d8968811a20a0900098755fd5c0f8e897806b09ea27353d1748597f9498c49a8a8cd9d455d279ee159fe4642aa3d60af254aadc24325b7505c6e7a081d745b46ecc209734f10116b65f18958cf1d392ab88c1584c3ec15a0e666cee1e78301034f6fdf666b770cc53122cf21e0929c53d21d64cc320f67de513ea8d516d77faa357cff19a8ae904e13cbdf25eb891b5b175b729ed0cb2d98fd139b71ac7f323d8e3a40d05463dfad85967619306c4e3b0e3ef3f47c90a1525ab1586eed229bbe9850192f6b97e6b5b1c6aafd6eeae7aa1319e960fb93695f9e8e8d2ab637b657ffd3b4affbf7522dc50c19873d94b84cfb17b619cca16f394d222d582ae4916f3c812eb06ca19ea6968156dfec41c7529a475c2489da94c9695e0ce0ed2dff5c3becef415735f91abf5eb36c2ad947fa364204a31b1045db68193c58182a8b645348f588d1e2e50c6a624f52c84e4291f31fcc20655c9ded4ce2e6d47683c0c0bfa29c1fa1719bbb6ed88cb1054293122283d595374d50b4a1a3f1195264a1a600da5563cc0789b60af918fa130db4a7ce80b46970e5a7c01dc0007160ca3a424952498099811725ff25ac901570b1f64a69ce8f6ef13a919d754ee20f85c2d85a5be7c07401a57fd653740d482bda0b8f5f65c579c061c7893443b9c77c85d34bf9d83d2e8d4d5d8fedad785bb7a1a1954cc23056d48f070d9ffbd38fffc64ee26c06fcf3f03f62f1352d45f19af7ee7cfd1ae562ea69631e7b8e3584169c67efba34a08a61bf58929fa528b011b1cf58a9e6d43b9c986996135f3bf49f420f9ce14be389417d3bc4b89ff2348ef531b7d3afac672847a05df24e4a5db7e61b287c306e2b6f5da675a2e042e4040d38c76f413f93f5430f4005d1d63d4eea3ce0c0c933bdd52fa9b3e8e59b57b313c7f1ae9c99898457e5248501366e6f53a06ad7f3037982500cb1a718cf8f9af4f3cf5fd60d6caf21fe8ccd079413177301652ad039067bb66cb46c962e75acd994f6be2719d0dbdff6bd7f298be4c7d50f878f780e740a0f759368592f42e2d89d2ebe98a8095c254a712a5f5af78ef42fdbd61c16933582149e83b92c3fde3bd58cd561828c9443991349a41b678d598f3f962c867c49a01a2ac978fc206bc0af81d81a3034f4c05de720ca5c5f6668b1a30d59e2cb8dc95e75b09a9dcfadec3d2753fb1785f87acb5ef110c9d7c6fd32b2e6831c4d05cfdd22b3d13a8b240a806284a1ba49c039c7058182ce70e3614925b6b199748c0f026ef372fcaf8548217fe464e44402"})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000840)={r6, 0x65, {0x0, 0x0, 0x0, 0x5, 0xcf2000, 0x0, 0x12, 0x6, 0x11, "7c2522f0773e322a208225701dba74caa9843f99aa658b08cec62089ec66c8b101b695317496d584321419ed8857ec474298e9eea55ba647dd11294f6d824079", "a9591649bd8151504a949826140008fefd653dafb75b94d6fd71832a9d96fcceaa2d4fee08c45b6b018c360264ceb57a30cdcbe506b769ee59b0e95551288cf9", "2b1c0819cc67aba933df21b2b9f20b8aec350cf6a616ce2f679bf295e502cac8", [0x4, 0x400]}})
ioprio_set$pid(0x3, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
write$FUSE_CREATE_OPEN(r6, &(0x7f0000000a00)={0xa0, 0x0, 0x0, {{0x0, 0x3, 0x0, 0x4, 0x7, 0x2, {0x6, 0xff, 0x5, 0xfffffffffffffff5, 0x101, 0x5, 0x6, 0x8, 0x5, 0x6000, 0x60d1, 0x0, 0x0, 0x5eb5, 0x400}}, {0x0, 0x18}}}, 0xa0)
write$binfmt_script(r6, &(0x7f0000000180), 0xfea7)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000380)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x802c, @mcast2, 0x5}, 0x1c)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300"], 0x2c}}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f00000003c0)=ANY=[@ANYBLOB="46040000", @ANYRES16=r8, @ANYBLOB="ff830500000700ffffff", @ANYRES16=r0], 0x4}, 0x1, 0x0, 0x0, 0x20040040}, 0x0)
sendfile(r7, r5, 0x0, 0x100000000)

2m45.017321681s ago: executing program 6 (id=3352):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x4010200) (async)
unshare(0x4010200)
unshare(0x40020000)
socket$inet_icmp(0x2, 0x2, 0x1)

2m44.990639849s ago: executing program 1 (id=3977):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='pptp\x00', &(0x7f00000000c0)='TCPMSS\x00', 0x0)
write$rfkill(r2, &(0x7f0000000080)={0x0, 0x9, 0x0, 0x1, 0x1}, 0x8)
sendmsg$NFNL_MSG_ACCT_NEW(r1, 0x0, 0x4000000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x4, 0x6, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = socket(0x22, 0x2, 0x3)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'geneve1\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r8=>0x0})
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_MGMT(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000580)={0x2c, r9, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x300}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x1}]}, 0x2c}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x8582}, [@IFLA_AF_SPEC={0x24, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4}}, @AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @private1}]}]}]}, 0x44}}, 0x0)
getsockopt$packet_buf(r4, 0x107, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='workqueue_queue_work\x00', r10}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x2, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180b00000000000000000000000000000400000000000000c3000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x93, &(0x7f0000000100)=""/147, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x61e5cc96, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x22)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x405, 0xfffffffe, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_VER={0x5}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000840)=@raw={'raw\x00', 0x3c1, 0x3, 0x3e8, 0x1c0, 0x111, 0x4b4, 0x0, 0xd4feffff, 0x318, 0x20a, 0x278, 0x318, 0x278, 0x3, 0x0, {[{{@ipv6={@empty, @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x0, 0x198, 0x1c0, 0x0, {}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x2}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "6d93eb04697dfa39de04767f46614613a407abbf4ed2e83a63b484dbb3bf6b2a850e79009e2905d2f98ba19f91f3c9faee6d3686e9bee067f4e77d9ad66238750c4100d7ee97ec7646259d90edece6e9787a97bc956c01754c34c5c9518c46178ed5f9194454980e579c80eca35a58dc47d1d5e4ff6e216c724e88c702448587", 0x28}}]}, @common=@inet=@TCPMSS={0x28}}, {{@ipv6={@loopback, @private1, [], [], 'veth1_to_hsr\x00', 'pim6reg1\x00'}, 0x0, 0xf0, 0x158, 0x0, {}, [@common=@unspec=@nfacct={{0x48}, {'syz1\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x448)
r12 = syz_open_procfs(0x0, &(0x7f0000000000)='net/snmp\x00')
read$msr(r12, &(0x7f0000000380)=""/200, 0xc8)
ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r12, 0xc0405519, &(0x7f0000000100)={0x3, 0x3, 0x4, 0x8, 'syz0\x00', 0x2})

2m43.008362461s ago: executing program 1 (id=3980):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00\x00\f'], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000005ac0)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0xb, {[@local=@item_4={0x3, 0x2, 0x2, "d7fb65c7"}, @local, @main=@item_4={0x3, 0x0, 0xb, "8a0200a1"}]}}, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r3, 0x40045010, &(0x7f0000000040)=0x9)
ioctl$SNDCTL_DSP_SETTRIGGER(r3, 0x40045010, &(0x7f0000000080)=0x7)

2m40.213622052s ago: executing program 1 (id=3986):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x4, 0x288}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x20)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x10, 0x0, 0x1000, 0x0, &(0x7f0000000540)="8c750cfdab8ec61b0a71f310b6d8557d54ffc7763652b863e1f3cca1e4118fd4a2ffdcd247e6afc7e957dcceef68fa1fe0169ae97e1b61f4f8aaa3a7c92af2b0759ae5f4c7a47073f6619b7fb0cbc0606d34dec47d2a", 0x310296bd, 0x0, 0x1, {0x2}})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="16837ced209a77e9f0a9c012e897040cd8ee1985debccc323d0a8ba08c8ad9a1ee0000e11e269f4f59e2ed0749fc707338461f5a9cc32b5ce5d134cef75c6365f7a9348a1a025cfe1f00780027863a3f1deb16624ef5fecb89a106652c734294e84dd5"], 0x7c}, 0x1, 0x0, 0x0, 0x400c042}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x20000400)
socket$pppl2tp(0x18, 0x1, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

2m24.546612003s ago: executing program 34 (id=3986):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x4, 0x288}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x20)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x10, 0x0, 0x1000, 0x0, &(0x7f0000000540)="8c750cfdab8ec61b0a71f310b6d8557d54ffc7763652b863e1f3cca1e4118fd4a2ffdcd247e6afc7e957dcceef68fa1fe0169ae97e1b61f4f8aaa3a7c92af2b0759ae5f4c7a47073f6619b7fb0cbc0606d34dec47d2a", 0x310296bd, 0x0, 0x1, {0x2}})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="16837ced209a77e9f0a9c012e897040cd8ee1985debccc323d0a8ba08c8ad9a1ee0000e11e269f4f59e2ed0749fc707338461f5a9cc32b5ce5d134cef75c6365f7a9348a1a025cfe1f00780027863a3f1deb16624ef5fecb89a106652c734294e84dd5"], 0x7c}, 0x1, 0x0, 0x0, 0x400c042}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x20000400)
socket$pppl2tp(0x18, 0x1, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

2m2.044582048s ago: executing program 6 (id=3352):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x4010200) (async)
unshare(0x4010200)
unshare(0x40020000)
socket$inet_icmp(0x2, 0x2, 0x1)

1m13.121873708s ago: executing program 6 (id=3352):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x4010200) (async)
unshare(0x4010200)
unshare(0x40020000)
socket$inet_icmp(0x2, 0x2, 0x1)

30.864153477s ago: executing program 5 (id=4226):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xf59}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000740)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x6)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000100)="c3440f20c03509000000440f22c0b9800000c00f3235000100000f30b8001000000f23d80f21f835000000f00f23f8f3d3832b0000000f3267f3640f019d03000f320f300fc76d8c", 0x48}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x40000)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000280)={0xffffffffffffffff, &(0x7f0000000cc0), 0x0}, 0x20)
syz_open_dev$usbfs(0x0, 0x76, 0x101301)
r5 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card0/oss_mixer\x00', 0x298f3cc22e12b39a, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
write$proc_mixer(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="60647f061f23e874fc267b57af6b1bacef0e73d3643abbfd45427ca3e5c3d34515ac1d65d77ecdc2b4072a133ee9b4beb596ca2c0af633ffa89b77895f7dc8237361c35ffce6acb5c0be12384d6ed25c919ae52709"], 0x178)
dup3(r6, r5, 0x0)

28.519069604s ago: executing program 5 (id=4229):
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001a14010000000000000000000800010000000000080003000100000008004a0000000000", @ANYRESOCT], 0x30}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_aout(r0, &(0x7f0000000400)=ANY=[], 0x1a3)
write$binfmt_misc(r0, &(0x7f0000000040)="0db723740d6678af6874bb74fb7875012c7de0568a8315a6736b7635e00126b713064871082ef63a291542a0bbb266ec7c61a508716f1b1ea80046ef", 0xe5c)
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x8, 0x2180)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r0, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

27.933817614s ago: executing program 5 (id=4231):
r0 = socket$inet(0x2, 0x801, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
splice(r0, 0x0, r1, 0x0, 0x7ffff000, 0x0)

26.818268716s ago: executing program 5 (id=4233):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="17000000680009"], 0x2c}}, 0x800)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
lsetxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), &(0x7f0000000140)={0x0, 0xfb, 0x85, 0x5, 0x1, "45f15da366690e5981096dd1ec1aef02", "2488d08d8ff9633bd8274cba2d45838f448af04d234c9e3e5dbbc65c5724b557af4113e36430ba6cd5154362930ae70ddd925ebf7a0798efe86cc01332ba55011969fbfb36ca3e0ebc8ab44210dca80faa081a69c11009024f95e7d71319e03911ae23fc3814b6950b87d116fd67daf5"}, 0x85, 0x3)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x1001402, 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)

25.46208159s ago: executing program 5 (id=4236):
socket(0x40000000015, 0x5, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000480)=[{{&(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x39}}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000080)="e697", 0x2}], 0x1}}], 0x1, 0x24040890)
r1 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='ufshcd_upiu\x00', 0xffffffffffffffff, 0x0, 0xf1}, 0x18)
syz_open_dev$vcsa(&(0x7f0000000300), 0x1, 0x102)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket(0x15, 0x5, 0x0)
getsockopt(r5, 0x200000000114, 0x2711, 0x0, &(0x7f0000000040))
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r6}, 0x10)
sendmsg$kcm(r1, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x2}, 0x80, 0x0}, 0xe07e872424dde70b)
r7 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="1400000023000b6c8cfffdfccabb00f90429fc60", 0x14}], 0x1}, 0x2400c000)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000140)=0xffff0000, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680))
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)

25.045867106s ago: executing program 5 (id=4238):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000480)={r2, r1, 0x0, 0x3, &(0x7f0000000440)='-[\x00'}, 0x30)
lseek(0xffffffffffffffff, 0x8000, 0x3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

24.246380537s ago: executing program 35 (id=4238):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000480)={r2, r1, 0x0, 0x3, &(0x7f0000000440)='-[\x00'}, 0x30)
lseek(0xffffffffffffffff, 0x8000, 0x3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

24.205966667s ago: executing program 6 (id=3352):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x4010200) (async)
unshare(0x4010200)
unshare(0x40020000)
socket$inet_icmp(0x2, 0x2, 0x1)

11.274789796s ago: executing program 7 (id=4264):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
arch_prctl$ARCH_MAP_VDSO_X32(0x2001, 0x3)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
chdir(&(0x7f0000000240)='./file0\x00')
r4 = creat(&(0x7f00000000c0)='./file0\x00', 0x408)
fallocate(r4, 0x0, 0x0, 0x2000402)

10.024450069s ago: executing program 7 (id=4266):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f0000000a80), 0x0, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000ac0)=ANY=[@ANYBLOB="180000000000000100000000000000009500000000000000"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r6}, 0x3e)
r7 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x1, 0x200)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r7, 0xc4c85512, &(0x7f0000000340)={{0x7, 0x4, 0x7c, 0x6, 'syz1\x00', 0x5}, 0x1, [0x5, 0xffff, 0x0, 0x805, 0x0, 0x8, 0x3, 0x101, 0x3ff, 0x3, 0x7, 0x80, 0x6, 0x5, 0xfff, 0xb42, 0x0, 0x2, 0xf3f, 0xffff, 0x2, 0xfffffffffffffffa, 0x0, 0xf4a, 0xfffffffffffffff7, 0x8000000000000001, 0x7, 0x4, 0x4, 0xc9, 0x4, 0x0, 0x4, 0x101, 0x101, 0x3, 0x8, 0x9, 0x10a, 0x7ff, 0x7ff, 0x8, 0x3, 0x10, 0x5166f659, 0x7fff, 0xfffffffffffffff9, 0x7728fcc0, 0x0, 0x3, 0x1, 0x8, 0xc, 0x5, 0x2, 0xfffffffffffffff4, 0x85, 0x4551, 0x4, 0xffffffffffff2f8a, 0x1, 0x9, 0x7, 0x2, 0xfffbfffffffffffa, 0x6, 0x7f, 0x2, 0x1ff, 0x1ff, 0x0, 0x6, 0xffffffffffffffff, 0x2, 0xd964, 0x7, 0xfffffffffffffff9, 0x1, 0x7, 0x80000000, 0x4, 0x9, 0x1, 0xcb, 0x9, 0x243, 0xcf40, 0x3, 0xffffffffffffffff, 0x4, 0xa69, 0x8, 0x8, 0x800000000000000, 0x8000000000000001, 0x9, 0xce8, 0xd, 0xffffffffffff8000, 0x5, 0x6e0, 0x1a02379b, 0xc2c, 0x3, 0x1, 0x6, 0x1, 0x0, 0x100000000002, 0x100000000, 0x8, 0x0, 0x6, 0x6, 0x3, 0x8, 0x1d2b, 0x5, 0x1, 0x2, 0x800000000, 0x168, 0x7, 0x3, 0x7, 0x3, 0x0, 0xbeca]})
r8 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_RECV_OWN_MSGS(r8, 0x65, 0x4, 0xfffffffffffffffe, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r5}, 0x18)
r9 = userfaultfd(0x801)
ioctl$UFFDIO_API(r9, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r9, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mprotect(&(0x7f0000f72000/0x4000)=nil, 0x4000, 0x1000002)
ioctl$UFFDIO_CONTINUE(r9, 0xc020aa08, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
dup(r1)
ptrace$peeksig(0x4209, r2, &(0x7f00000002c0)={0x800, 0x1, 0xa}, &(0x7f0000000580)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}])
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000b00)=ANY=[@ANYBLOB="141859e8cc387c0878924d0000000000000000da9ee09459c1c2d7e67b006d69"], 0x14}}, 0x0)

9.569083799s ago: executing program 3 (id=4268):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x100}, @jmp={0x5, 0x0, 0x9, 0x0, 0x4, 0xfffffffffffffe88, 0xfffffffffffffffc}], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000002c0)={'geneve1\x00', &(0x7f0000000380)=@ethtool_drvinfo={0x3, "9b801fa626270b87991d2e37a13eaa000000000200093bb4c83e787f49659355", "446e0d0fb9079ae357c460edb46e57f20700e3b56ce16711e400d6fee1b700", "05d64ba2349278361a13fa5d0489397b90b4d3ffbdaf41f88896771a54be03db", "d44a9f35a6cf85ebd47357121749cf809fe925de8f135bddba07ee891d45a5ef", "c249dbf490eb72bf5dce7d2225003e5dcc4907e997e2ec42fa0ab05b50be5b6b", "b768c92574b06339bb1ea332", 0x6, 0x0, 0xa, 0x3, 0x5d}})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
fcntl$getownex(r2, 0x409, &(0x7f0000000340))
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r3, 0x29, 0x41, &(0x7f0000000180)={'filter\x00', 0xe1, "b778f82e8184532eadef67b40a3b167c04e63e9bbf143e96ba9de09919c17ba3ca29b51564f658247443953c1e543a0f32d75d2ab2516c4c41eeb12c858b4273ae749faf2f56dc9990812b4bbea998ce1a81c531c4a32e3c978941a17136411622c5f9adb512a2e1d538999df3c00b522c837fb980144be0ea94fc7643762778f553e76799350c1ea8dab87977982b64698b40f1d0bac9edaabafb7d8be4bb20ae1227ae19074fa64154ea9903493d35f854423c04bea34e2a0d08ed5391a197dcb497c13f29bf3ed17781029030c18ba7e83460687bc916762bccc9c908a0b89c"}, &(0x7f0000000300)=0x105)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x18)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40186f40, &(0x7f0000000440)=0x20000)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000000)={0x14, 0x12, 0x1, 0x0, 0x0, "", [@generic='LyK']}, 0x14}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_macvtap\x00'})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000004c0000004c0000000500000002000000080000060400000003000000ffffffff0000000094b400000f000000070000000c000000010000000d0000000100000000000000060000000c000000ffffffff0c000000ffffffff0084a2282b"], &(0x7f0000000480)=""/2, 0x69, 0x2, 0x1, 0x6, 0x0, @void, @value}, 0x28)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x169a82, 0x0)
sendfile(r6, r6, 0x0, 0x7)
sendmmsg$sock(r0, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0), 0x30}}], 0x2, 0x20004874)

9.309150801s ago: executing program 3 (id=4269):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES16=0x0, @ANYRES64=0x0, @ANYBLOB="19ebd93d14af4905e1c8534798ff77e871044b3d6d3dcca61502"], 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000340)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty, 0x4}}}, 0x108)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2f, &(0x7f0000000200)={0x1, {{0xa, 0x4e20, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x4e20, 0xa4fffffb, @loopback}}}, 0x108)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
r6 = epoll_create1(0x0)
socket$unix(0x1, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYRES16=r5, @ANYRESOCT=0x0, @ANYRESOCT=r4], 0x10132)
recvmmsg(r7, 0x0, 0x0, 0x2, 0x0)
r8 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r8, &(0x7f0000000040)={0x1})
unshare(0x8060600)
socket$l2tp(0x2, 0x2, 0x73)
r9 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_S_OUTPUT(r9, 0xc004562f, &(0x7f00000000c0)=0x1)

8.733793686s ago: executing program 7 (id=4270):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file3\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000040)={@multicast, @broadcast, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @dev, @rand_addr, @empty, @dev}}}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b29, &(0x7f0000000040)={'wlan0\x00'})
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r4, 0x29, 0xc8, 0x0, 0xc000000)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
r7 = dup(r6)
write$FUSE_BMAP(r7, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r7, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0xf4}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@nodevmap}], [], 0x6b}})
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x4, 0x0, @mcast2}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r4, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x1}, 0x5c)
r8 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r8, 0x29, 0xd4, &(0x7f0000000180)=0x5, 0x4)

6.671385529s ago: executing program 0 (id=4271):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f046bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000080)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = shmget$private(0x0, 0x3000, 0x2, &(0x7f0000ffd000/0x3000)=nil)
shmat(r3, &(0x7f0000ffc000/0x3000)=nil, 0x4000)
shmctl$IPC_RMID(r3, 0x0)
r4 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x3f00)
write$6lowpan_enable(r4, &(0x7f0000000100)='0', 0x1)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@can_newroute={0x34, 0x18, 0x1, 0x0, 0x25dfdbfe, {}, [@CGW_CS_XOR={0x8}, @CGW_MOD_AND={0x15, 0x1, {{{}, 0x1, 0x0, 0x0, 0x0, "ee1990a380ecab90"}, 0x5}}]}, 0x34}}, 0x0)
remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)

6.41841754s ago: executing program 3 (id=4272):
socket$igmp(0x2, 0x3, 0x2)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = openat$smackfs_logging(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$smackfs_logging(r0, &(0x7f0000000100)=0x3, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0x6, 0x4, 0x248, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
socket$rds(0x15, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x8000001c)
r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r2, 0x402, 0x1a)
r3 = open(&(0x7f0000000100)='./file1\x00', 0x141242, 0x1b4)
write$tcp_mem(r3, &(0x7f00000002c0)={0x101, 0x20, 0x17fffffff, 0x20, 0xfffffffffffffff9}, 0x48)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
socket(0x40000000015, 0x5, 0x0)
socket(0x10, 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = msgget$private(0x0, 0x0)
msgrcv(r5, 0x0, 0x0, 0x1, 0x2000)
msgrcv(r5, &(0x7f0000000000)={0x0, ""/226}, 0xea, 0x0, 0x3000)
msgctl$IPC_SET(r5, 0x1, &(0x7f0000258f88)={{0x1, 0x0, 0x0, 0x0, 0x0, 0x170}, 0x0, 0x0, 0x800000000000000, 0x6, 0xffffffffffffffff, 0x0, 0x3, 0xe8, 0x0, 0x0, 0x0, 0xffffffffffffffff})
msgsnd(r5, &(0x7f0000000100)=ANY=[@ANYBLOB="0200c7612f33117c281794584c199e0af2676f21d1ef0000"], 0xe, 0x0)
msgrcv(r5, 0x0, 0x0, 0x3, 0x800)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYBLOB="0a000100000070"], 0x64}}, 0x0)

5.226011547s ago: executing program 7 (id=4273):
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001a14010000000000000000000800010000000000080003000100000008004a0000000000", @ANYRESOCT], 0x30}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_aout(r0, &(0x7f0000000400)=ANY=[], 0x1a3)
write$binfmt_misc(r0, &(0x7f0000000040)="0db723740d6678af6874bb74fb7875012c7de0568a8315a6736b7635e00126b713064871082ef63a291542a0bbb266ec7c61a508716f1b1ea80046ef", 0xe5c)
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x8, 0x2180)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r0, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

4.759733794s ago: executing program 0 (id=4274):
ioctl$CEC_S_MODE(0xffffffffffffffff, 0x40046109, &(0x7f0000000100)=0x21)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000240), 0x88002, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000040)=0x13)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@updsa={0x104, 0x1a, 0x1, 0x0, 0x0, {{@in6=@private0, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x2}, {@in6=@local, 0xa00, 0x2b}, @in=@rand_addr=0x64010101, {}, {}, {}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x40}, [@coaddr={0x14}]}, 0x104}}, 0x0)
fcntl$lock(0xffffffffffffffff, 0x5, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
setreuid(0xee01, 0x0)
ioctl$SOUND_PCM_READ_CHANNELS(r3, 0x80045006, &(0x7f0000000000))

4.701192773s ago: executing program 3 (id=4275):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
arch_prctl$ARCH_MAP_VDSO_X32(0x2001, 0x3)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
chdir(&(0x7f0000000240)='./file0\x00')
r5 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
fallocate(r5, 0x0, 0x0, 0x2000402)

4.291178181s ago: executing program 7 (id=4276):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44\x8cm\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r4)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x20b001, 0x10e)

3.388079169s ago: executing program 3 (id=4277):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, &(0x7f0000000180)})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r4 = creat(&(0x7f0000000440)='./file0\x00', 0x0)
open_by_handle_at(r4, &(0x7f0000000140)=@OVL_FILEID_V1={0x17, 0x300f8, {'\x00', {0x0, 0xfb, 0x15, 0x7, 0x5, "e8371f2efe0868327a31a705ec978547"}}}, 0x30000)

2.219264281s ago: executing program 3 (id=4278):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x100}, @jmp={0x5, 0x0, 0x9, 0x0, 0x4, 0xfffffffffffffe88, 0xfffffffffffffffc}], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000002c0)={'geneve1\x00', &(0x7f0000000380)=@ethtool_drvinfo={0x3, "9b801fa626270b87991d2e37a13eaa000000000200093bb4c83e787f49659355", "446e0d0fb9079ae357c460edb46e57f20700e3b56ce16711e400d6fee1b700", "05d64ba2349278361a13fa5d0489397b90b4d3ffbdaf41f88896771a54be03db", "d44a9f35a6cf85ebd47357121749cf809fe925de8f135bddba07ee891d45a5ef", "c249dbf490eb72bf5dce7d2225003e5dcc4907e997e2ec42fa0ab05b50be5b6b", "b768c92574b06339bb1ea332", 0x6, 0x0, 0xa, 0x3, 0x5d}})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
fcntl$getownex(r2, 0x409, &(0x7f0000000340))
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r3, 0x29, 0x41, &(0x7f0000000180)={'filter\x00', 0xe1, "b778f82e8184532eadef67b40a3b167c04e63e9bbf143e96ba9de09919c17ba3ca29b51564f658247443953c1e543a0f32d75d2ab2516c4c41eeb12c858b4273ae749faf2f56dc9990812b4bbea998ce1a81c531c4a32e3c978941a17136411622c5f9adb512a2e1d538999df3c00b522c837fb980144be0ea94fc7643762778f553e76799350c1ea8dab87977982b64698b40f1d0bac9edaabafb7d8be4bb20ae1227ae19074fa64154ea9903493d35f854423c04bea34e2a0d08ed5391a197dcb497c13f29bf3ed17781029030c18ba7e83460687bc916762bccc9c908a0b89c"}, &(0x7f0000000300)=0x105)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x18)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40186f40, &(0x7f0000000440)=0x20000)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000000)={0x14, 0x12, 0x1, 0x0, 0x0, "", [@generic='LyK']}, 0x14}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_macvtap\x00'})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000004c0000004c0000000500000002000000080000060400000003000000ffffffff0000000094b400000f000000070000000c000000010000000d0000000100000000000000060000000c000000ffffffff0c000000ffffffff0084a2282b"], &(0x7f0000000480)=""/2, 0x69, 0x2, 0x1, 0x6, 0x0, @void, @value}, 0x28)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x169a82, 0x0)
sendfile(r6, r6, 0x0, 0x7)
sendmmsg$sock(r0, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0), 0x30}}], 0x2, 0x20004874)

2.022533848s ago: executing program 0 (id=4279):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000010000000000000000001000850000008700000018010000202073250000eaffff1f20207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ff01000085000000060000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
io_setup(0x6, &(0x7f0000001380)=<r1=>0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00')
io_submit(r1, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x0, 0x48001)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
userfaultfd(0x801)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
syz_open_dev$tty20(0xc, 0x4, 0x1)
sendmmsg$inet6(r6, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r6, 0x84, 0x79, &(0x7f00000000c0)={0x0, 0x100, 0x9f7b}, 0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r6, 0x84, 0x77, &(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYBLOB="03000200c0f5000067a49ea8c80408ed3c4ce0870d1d1e222b499fbb62766b1bdb6cd54b13caf953a317097f2cb6e4948d13fd0dc0e299d588c1eb9137891b34d73ebd43ad8fb0054d8c00"], 0xc)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)

1.745115252s ago: executing program 7 (id=4280):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x4f, 0x205)
open$dir(0x0, 0x149800, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001c40)=@newtaction={0xf0, 0x30, 0x1, 0xe4ff, 0x0, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x81000000, 0x800, 0x0, 0x0, {0x0, 0x1}, {}, 0xffffffff}}]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x0, 0x0, 0x0, 0x400000, {0x0, 0x0, 0x0, 0x0, 0xffff}, {0x4}}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xf0}}, 0x0)

494.159137ms ago: executing program 0 (id=4281):
close(0xffffffffffffffff)
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
dup3(r0, r1, 0x80000)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000003c0)={0x55, 0x200, 0x5, {0x4, 0x79a6}, {0x7f, 0xc}, @const={0x5, {0x7a9, 0x0, 0x6, 0x9}}})
ioctl$MON_IOCQ_URB_LEN(r1, 0x9201)

305.303744ms ago: executing program 0 (id=4282):
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/softnet_stat\x00')
r1 = gettid()
r2 = socket$kcm(0x2, 0x1, 0x84)
sendmsg$inet(r2, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc)
sendmsg$inet(r2, &(0x7f0000000680)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000240)="f9", 0x1}], 0x1}, 0x4000080)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockopt$SO_J1939_SEND_PRIO(r3, 0x6b, 0x3, &(0x7f0000000580), &(0x7f00000005c0)=0x4)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
lseek(r0, 0x8001, 0x0)
request_key(&(0x7f00000004c0)='asymmetric\x00', &(0x7f0000000500)={'syz', 0x3}, &(0x7f0000000540)='syzkaller\x00', 0xfffffffffffffffd)
request_key(&(0x7f00000058c0)='asymmetric\x00', &(0x7f0000005900)={'syz', 0x3}, 0x0, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x18c, 0x203, 0x0, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x1d}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3}, {0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x16}, {}, {}, {0x7}, {}, {0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x100000}, {0xfffe}, {}, {}, {}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb84, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {}, {}, {}, {}, {0x100}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x2, 0x10000, 0x9, '\x00', {0x8}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540)

0s ago: executing program 0 (id=4283):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000140)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
openat$vnet(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$bt_hci(r0, &(0x7f0000000040), 0x6)
r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1, 0x18, &(0x7f0000000280)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @ldst={0x1, 0x0, 0x0, 0x9, 0x6}, @printk={@lu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @map_fd={0x18, 0x4, 0x1, 0x0, r4}, @generic={0x40, 0x1, 0x5, 0x7fff, 0xf}, @call={0x85, 0x0, 0x0, 0x99}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x1}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3767}}], &(0x7f0000000180)='GPL\x00', 0x733, 0xda, &(0x7f0000000340)=""/218, 0x41000, 0x25, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x4, 0x2, 0x0, 0x4}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x6, 0x0, &(0x7f00000004c0)=[{0x3, 0x4, 0xf, 0x6}, {0x5, 0x2, 0xa, 0x3}, {0x2, 0x1, 0xe, 0x7}, {0x3, 0x5, 0x6, 0x3}, {0x0, 0x1, 0x2, 0x8}, {0x5, 0x4, 0x9, 0x8}], 0x10, 0x8000, @void, @value}, 0x94)
ioctl$sock_bt_hci(r0, 0x400448e3, &(0x7f0000000500))
ioctl$sock_bt_hci(r0, 0x400448e7, &(0x7f0000000080))

kernel console output (not intermixed with test programs):

_adv: batadv0: Interface activated: batadv_slave_1
[ 1507.394033][T20127] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1507.440851][T20127] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1507.464176][T20127] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1507.493374][T20127] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1507.588841][T20374] netlink: 'syz.5.3962': attribute type 10 has an invalid length.
[ 1507.644410][T20374] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1507.662653][T20374] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 1507.910185][   T30] kauditd_printk_skb: 4749 callbacks suppressed
[ 1507.910345][   T30] audit: type=1400 audit(1745841390.322:388392): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=20127 comm="syz-executor" name="/" dev="sda1" ino=2
[ 1508.134436][T20127] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1508.231218][   T30] audit: type=1400 audit(1745841390.352:388393): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=20127 comm="syz-executor" name="/" dev="devtmpfs" ino=1
[ 1508.258819][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1508.267966][T18649] audit: audit_lost=41616 audit_rate_limit=0 audit_backlog_limit=64
[ 1508.268818][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1508.282661][    C1] audit: audit_lost=41617 audit_rate_limit=0 audit_backlog_limit=64
[ 1508.290694][    C1] audit: backlog limit exceeded
[ 1508.296412][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1508.302990][    C1] audit: audit_lost=41618 audit_rate_limit=0 audit_backlog_limit=64
[ 1508.643040][ T1302] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1508.659968][ T1302] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1508.768884][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1508.788017][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1508.890808][T20391] FAULT_INJECTION: forcing a failure.
[ 1508.890808][T20391] name failslab, interval 1, probability 0, space 0, times 0
[ 1508.904779][T20391] CPU: 1 UID: 0 PID: 20391 Comm: syz.3.3967 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1508.904806][T20391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1508.904818][T20391] Call Trace:
[ 1508.904825][T20391]  <TASK>
[ 1508.904834][T20391]  dump_stack_lvl+0x189/0x250
[ 1508.904868][T20391]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1508.904893][T20391]  ? __pfx__printk+0x10/0x10
[ 1508.904948][T20391]  ? ref_tracker_alloc+0x318/0x460
[ 1508.904973][T20391]  should_fail_ex+0x414/0x560
[ 1508.905009][T20391]  should_failslab+0xa8/0x100
[ 1508.905041][T20391]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1508.905069][T20391]  ? skb_clone+0x212/0x3a0
[ 1508.905096][T20391]  skb_clone+0x212/0x3a0
[ 1508.905123][T20391]  __netlink_deliver_tap+0x404/0x850
[ 1508.905167][T20391]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1508.905199][T20391]  netlink_deliver_tap+0x19c/0x1b0
[ 1508.905230][T20391]  netlink_unicast+0x72f/0x8d0
[ 1508.905268][T20391]  netlink_sendmsg+0x805/0xb30
[ 1508.905296][T20391]  ? is_bpf_text_address+0x26/0x2b0
[ 1508.905330][T20391]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1508.905376][T20391]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1508.905396][T20391]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1508.905426][T20391]  __sock_sendmsg+0x219/0x270
[ 1508.905458][T20391]  ____sys_sendmsg+0x505/0x830
[ 1508.905486][T20391]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1508.905519][T20391]  ? import_iovec+0x74/0xa0
[ 1508.905549][T20391]  ___sys_sendmsg+0x21f/0x2a0
[ 1508.905591][T20391]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1508.905655][T20391]  ? __fget_files+0x2a/0x420
[ 1508.905684][T20391]  ? __fget_files+0x3a0/0x420
[ 1508.905727][T20391]  __x64_sys_sendmsg+0x19b/0x260
[ 1508.905758][T20391]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1508.905801][T20391]  ? do_syscall_64+0xba/0x210
[ 1508.905828][T20391]  do_syscall_64+0xf6/0x210
[ 1508.905850][T20391]  ? clear_bhb_loop+0x45/0xa0
[ 1508.905876][T20391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1508.905897][T20391] RIP: 0033:0x7fdae4b8e969
[ 1508.905915][T20391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1508.905934][T20391] RSP: 002b:00007fdae29f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1508.905955][T20391] RAX: ffffffffffffffda RBX: 00007fdae4db5fa0 RCX: 00007fdae4b8e969
[ 1508.905970][T20391] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000004
[ 1508.905984][T20391] RBP: 00007fdae29f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1508.905997][T20391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1508.906009][T20391] R13: 0000000000000000 R14: 00007fdae4db5fa0 R15: 00007fff3a4fd488
[ 1508.906042][T20391]  </TASK>
[ 1509.219515][T20392] netlink: 'syz.5.3965': attribute type 13 has an invalid length.
[ 1512.055335][T20392] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1512.071465][T20392] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1512.245391][T20392] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1512.267582][T20392] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1512.399085][T20392] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1512.408159][T20392] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1512.418855][T20392] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1512.428197][T20392] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1512.491844][T20408] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3970'.
[ 1512.636588][T20422] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3975'.
[ 1512.937120][   T30] kauditd_printk_skb: 3529 callbacks suppressed
[ 1512.937139][   T30] audit: type=1400 audit(1745841395.352:389981): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=0 comm="swapper/1" saddr=10.128.0.169 src=30008 daddr=10.128.1.42 dest=53900 netif=eth0
[ 1512.986141][T16575] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1512.994287][T16575] audit: audit_lost=42266 audit_rate_limit=0 audit_backlog_limit=64
[ 1513.002914][T16575] audit: backlog limit exceeded
[ 1513.007932][T16575] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1513.015385][   T30] audit: type=1400 audit(1745841395.352:389982): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=0 comm="swapper/1" saddr=10.128.0.169 src=30008 daddr=10.128.1.42 dest=53900 netif=eth0
[ 1513.051859][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1513.058407][T18649] audit: audit_lost=42267 audit_rate_limit=0 audit_backlog_limit=64
[ 1513.096153][T16575] audit: audit_lost=42268 audit_rate_limit=0 audit_backlog_limit=64
[ 1513.113261][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1513.158652][   T36] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1513.367875][T20430] geneve1: entered promiscuous mode
[ 1513.395838][T20430] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[ 1513.473858][T20430] xt_nfacct: accounting object `syz1' does not exists
[ 1513.843217][   T36] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1514.015250][   T36] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1514.225585][T16252] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1514.237481][   T36] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1514.249936][T16252] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1514.264670][T16252] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1514.284740][T16252] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1514.293988][T16252] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1514.452969][   T36] bridge_slave_1: left allmulticast mode
[ 1514.458750][   T36] bridge_slave_1: left promiscuous mode
[ 1514.464822][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1514.474248][   T36] bridge_slave_0: left allmulticast mode
[ 1514.480614][   T36] bridge_slave_0: left promiscuous mode
[ 1514.486318][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1514.858474][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1514.872782][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1514.882932][   T36] bond0 (unregistering): Released all slaves
[ 1515.288279][T20434] chnl_net:caif_netlink_parms(): no params data found
[ 1515.300391][T16520] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[ 1515.480214][T16520] usb 2-1: Using ep0 maxpacket: 32
[ 1515.504437][T16520] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1515.549090][T16520] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1515.629294][T16520] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1515.663737][T16520] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1515.716911][T16520] usb 2-1: config 0 descriptor??
[ 1515.750192][T16520] hub 2-1:0.0: USB hub found
[ 1516.024460][T16520] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19)
[ 1516.392072][T16252] Bluetooth: hci2: command tx timeout
[ 1516.676990][T16520] hid-generic 0003:046D:C31C.0012: item fetching failed at offset 0/1
[ 1516.686442][T16520] hid-generic 0003:046D:C31C.0012: probe with driver hid-generic failed with error -22
[ 1516.734622][T20434] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1516.756064][T20434] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1516.757679][ T5827] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1516.763451][T20434] bridge_slave_0: entered allmulticast mode
[ 1516.765242][T20434] bridge_slave_0: entered promiscuous mode
[ 1516.786342][ T5827] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1516.796919][ T5827] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1516.807451][ T5827] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1516.821098][ T5827] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1516.845166][T20434] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1516.852421][ T5875] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[ 1516.869663][T20434] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1516.878205][T20434] bridge_slave_1: entered allmulticast mode
[ 1516.888083][T20434] bridge_slave_1: entered promiscuous mode
[ 1516.970782][ T3583] usb 2-1: USB disconnect, device number 72
[ 1517.022906][ T5875] usb 4-1: Using ep0 maxpacket: 8
[ 1517.122158][T20434] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1517.453515][ T5875] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1517.471630][ T5875] usb 4-1: config 8 has an invalid interface number: 121 but max is 0
[ 1517.481467][ T5875] usb 4-1: config 8 has no interface number 0
[ 1517.487933][ T5875] usb 4-1: config 8 interface 121 altsetting 1 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1517.499372][ T5875] usb 4-1: config 8 interface 121 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1517.509674][ T5875] usb 4-1: config 8 interface 121 has no altsetting 0
[ 1517.531571][   T36] hsr_slave_0: left promiscuous mode
[ 1517.538069][   T36] hsr_slave_1: left promiscuous mode
[ 1517.544046][ T5875] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=f0.98
[ 1517.556901][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1517.564415][ T5875] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1517.570535][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1517.573214][ T5875] usb 4-1: Product: syz
[ 1517.583795][ T5875] usb 4-1: Manufacturer: syz
[ 1517.588752][ T5875] usb 4-1: SerialNumber: syz
[ 1517.594680][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1517.603246][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1517.630103][   T36] veth1_macvtap: left promiscuous mode
[ 1517.635819][   T36] veth0_macvtap: left promiscuous mode
[ 1517.641947][   T36] veth1_vlan: left promiscuous mode
[ 1517.647626][   T36] veth0_vlan: left promiscuous mode
[ 1517.915421][ T5875] radio-si470x 4-1:8.121: could not find interrupt in endpoint
[ 1517.952094][ T5875] radio-si470x 4-1:8.121: probe with driver radio-si470x failed with error -5
[ 1518.183204][   T30] kauditd_printk_skb: 2404 callbacks suppressed
[ 1518.183221][   T30] audit: type=1400 audit(1745841400.402:391853): lsm=SMACK fn=smack_task_setscheduler action=granted subject="_" object="_" requested=w pid=20465 comm="syz.1.3986" opid=20465 ocomm="syz.1.3986"
[ 1518.210656][ T5875] radio-raremono 4-1:8.121: this is not Thanko's Raremono.
[ 1518.218494][ T5875] usbhid 4-1:8.121: couldn't find an input interrupt endpoint
[ 1518.233242][ T5875] usb 4-1: USB disconnect, device number 84
[ 1518.255142][   T30] audit: type=1400 audit(1745841400.402:391854): lsm=SMACK fn=smack_task_setscheduler action=granted subject="_" object="_" requested=w pid=20465 comm="syz.1.3986" opid=20465 ocomm="syz.1.3986"
[ 1518.361275][   T30] audit: type=1400 audit(1745841400.782:391855): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=26 comm="kdevtmpfs" name="/" dev="devtmpfs" ino=1
[ 1518.413236][   T30] audit: type=1400 audit(1745841400.782:391856): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=26 comm="kdevtmpfs" name="bus" dev="devtmpfs" ino=718
[ 1518.436380][   T30] audit: type=1400 audit(1745841400.782:391857): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=26 comm="kdevtmpfs" name="usb" dev="devtmpfs" ino=719
[ 1518.459387][   T30] audit: type=1400 audit(1745841400.782:391858): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=26 comm="kdevtmpfs" name="004" dev="devtmpfs" ino=734
[ 1518.486893][   T30] audit: type=1400 audit(1745841400.782:391859): lsm=SMACK fn=smack_inode_setattr action=granted subject="_" object="_" requested=w pid=26 comm="kdevtmpfs" name="084" dev="devtmpfs" ino=3155
[ 1518.516727][T16252] Bluetooth: hci2: command tx timeout
[ 1518.534121][   T30] audit: type=1400 audit(1745841400.782:391860): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=wx pid=26 comm="kdevtmpfs" name="004" dev="devtmpfs" ino=734
[ 1518.571579][   T30] audit: type=1400 audit(1745841400.782:391861): lsm=SMACK fn=smack_inode_unlink action=granted subject="_" object="_" requested=w pid=26 comm="kdevtmpfs" name="084" dev="devtmpfs" ino=3155
[ 1518.602774][   T30] audit: type=1400 audit(1745841400.782:391862): lsm=SMACK fn=smack_inode_unlink action=granted subject="_" object="_" requested=w pid=26 comm="kdevtmpfs" name="004" dev="devtmpfs" ino=734
[ 1518.910007][T16252] Bluetooth: hci3: command tx timeout
[ 1519.176220][   T36] team0 (unregistering): Port device team_slave_1 removed
[ 1519.270655][   T36] team0 (unregistering): Port device team_slave_0 removed
[ 1519.378588][T20488] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3989'.
[ 1520.154838][T20464] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3985'.
[ 1520.168092][T20434] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1520.379138][T20434] team0: Port device team_slave_0 added
[ 1520.453084][T20434] team0: Port device team_slave_1 added
[ 1520.605551][T16252] Bluetooth: hci2: command tx timeout
[ 1520.948406][T20434] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1520.957024][T20434] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1521.001416][T16252] Bluetooth: hci3: command tx timeout
[ 1521.007611][T20434] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1521.042281][T20434] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1521.073197][T20434] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1521.100149][T20434] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1521.369165][T20434] hsr_slave_0: entered promiscuous mode
[ 1521.376453][T20434] hsr_slave_1: entered promiscuous mode
[ 1521.390441][T20434] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1521.398136][T20434] Cannot create hsr debugfs directory
[ 1522.683557][T16252] Bluetooth: hci2: command tx timeout
[ 1523.079978][T16252] Bluetooth: hci3: command tx timeout
[ 1523.260134][T20505] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3994'.
[ 1523.272718][   T30] kauditd_printk_skb: 1238 callbacks suppressed
[ 1523.272732][   T30] audit: type=1400 audit(1745841404.232:392876): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=0 comm="swapper/1" saddr=10.128.0.169 src=30008 daddr=10.128.1.42 dest=53900 netif=eth0
[ 1523.319882][   T30] audit: type=1400 audit(1745841405.692:392877): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="sda1" ino=2
[ 1523.370393][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1523.376918][T18649] audit: audit_lost=42522 audit_rate_limit=0 audit_backlog_limit=64
[ 1523.385383][ T5485] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1523.390906][   T30] audit: type=1400 audit(1745841405.692:392878): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="var" dev="sda1" ino=1906
[ 1523.392034][ T5485] audit: audit_lost=42523 audit_rate_limit=0 audit_backlog_limit=64
[ 1523.410704][   T30] audit: type=1400 audit(1745841405.692:392879): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="var" dev="sda1" ino=1906
[ 1523.418485][ T5485] audit: backlog limit exceeded
[ 1523.438068][   T30] audit: type=1400 audit(1745841405.692:392880): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="sda1" ino=2
[ 1523.534483][T20508] trusted_key: encrypted_key: master key parameter is missing
[ 1523.990148][ T3583] usb 6-1: new full-speed USB device number 76 using dummy_hcd
[ 1524.031192][T20511] cgroup: fork rejected by pids controller in /syz3
[ 1524.118769][T20458] chnl_net:caif_netlink_parms(): no params data found
[ 1524.167966][ T3583] usb 6-1: not running at top speed; connect to a high speed hub
[ 1524.185698][ T3583] usb 6-1: config 13 has an invalid interface number: 158 but max is 2
[ 1524.198620][ T3583] usb 6-1: config 13 has an invalid interface number: 126 but max is 2
[ 1524.216288][ T3583] usb 6-1: config 13 has an invalid interface number: 7 but max is 2
[ 1524.239226][ T3583] usb 6-1: config 13 contains an unexpected descriptor of type 0x1, skipping
[ 1524.259939][ T3583] usb 6-1: config 13 has an invalid interface number: 96 but max is 2
[ 1524.292196][ T3583] usb 6-1: config 13 has an invalid interface number: 76 but max is 2
[ 1524.324285][ T3583] usb 6-1: config 13 has an invalid interface number: 137 but max is 2
[ 1524.341641][ T3583] usb 6-1: config 13 contains an unexpected descriptor of type 0x2, skipping
[ 1524.351894][ T3583] usb 6-1: config 13 has 6 interfaces, different from the descriptor's value: 3
[ 1524.363059][ T3583] usb 6-1: config 13 has no interface number 0
[ 1524.369323][ T3583] usb 6-1: config 13 has no interface number 1
[ 1524.376102][ T3583] usb 6-1: config 13 has no interface number 2
[ 1524.382763][ T3583] usb 6-1: config 13 has no interface number 3
[ 1524.397325][ T3583] usb 6-1: config 13 has no interface number 4
[ 1524.406397][ T3583] usb 6-1: config 13 has no interface number 5
[ 1524.413180][ T3583] usb 6-1: config 13 interface 158 altsetting 181 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[ 1524.432000][ T3583] usb 6-1: too many endpoints for config 13 interface 126 altsetting 75: 32, using maximum allowed: 30
[ 1524.444390][ T3583] usb 6-1: config 13 interface 126 altsetting 75 has an endpoint descriptor with address 0x3F, changing to 0xF
[ 1524.480188][ T3583] usb 6-1: config 13 interface 126 altsetting 75 has 1 endpoint descriptor, different from the interface descriptor's value: 32
[ 1524.582919][ T3583] usb 6-1: too many endpoints for config 13 interface 7 altsetting 147: 213, using maximum allowed: 30
[ 1524.667529][ T3583] usb 6-1: config 13 interface 7 altsetting 147 endpoint 0x3 has an invalid bInterval 146, changing to 4
[ 1524.755285][ T3583] usb 6-1: config 13 interface 7 altsetting 147 endpoint 0xE has invalid maxpacket 1023, setting to 64
[ 1524.796065][ T3583] usb 6-1: config 13 interface 7 altsetting 147 has 3 endpoint descriptors, different from the interface descriptor's value: 213
[ 1524.829908][ T3583] usb 6-1: config 13 interface 96 altsetting 3 endpoint 0xA has invalid maxpacket 512, setting to 64
[ 1524.857635][ T3583] usb 6-1: config 13 interface 96 altsetting 3 has a duplicate endpoint with address 0x3, skipping
[ 1524.874538][T20458] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1524.894954][T20458] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1524.903864][ T3583] usb 6-1: config 13 interface 96 altsetting 3 has a duplicate endpoint with address 0x3, skipping
[ 1525.159909][T16252] Bluetooth: hci3: command tx timeout
[ 1525.201890][T20458] bridge_slave_0: entered allmulticast mode
[ 1525.311219][ T3583] usb 6-1: config 13 interface 96 altsetting 3 has a duplicate endpoint with address 0xD, skipping
[ 1525.327734][T20458] bridge_slave_0: entered promiscuous mode
[ 1525.348899][ T3583] usb 6-1: config 13 interface 96 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[ 1525.381913][T20801] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3999'.
[ 1525.401485][ T3583] usb 6-1: config 13 interface 96 altsetting 3 has a duplicate endpoint with address 0x3, skipping
[ 1525.420255][T20458] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1525.427581][ T3583] usb 6-1: config 13 interface 96 altsetting 3 has 10 endpoint descriptors, different from the interface descriptor's value: 12
[ 1525.470887][T20458] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1525.479219][T20458] bridge_slave_1: entered allmulticast mode
[ 1525.485370][ T3583] usb 6-1: too many endpoints for config 13 interface 76 altsetting 244: 136, using maximum allowed: 30
[ 1525.498594][T20458] bridge_slave_1: entered promiscuous mode
[ 1525.528432][ T3583] usb 6-1: config 13 interface 76 altsetting 244 has 2 endpoint descriptors, different from the interface descriptor's value: 136
[ 1525.569311][ T3583] usb 6-1: config 13 interface 137 altsetting 13 endpoint 0x7 has invalid maxpacket 1023, setting to 64
[ 1525.592204][ T3583] usb 6-1: config 13 interface 137 altsetting 13 has a duplicate endpoint with address 0x1, skipping
[ 1525.619889][ T3583] usb 6-1: config 13 interface 137 altsetting 13 has a duplicate endpoint with address 0x6, skipping
[ 1525.639081][ T3583] usb 6-1: config 13 interface 137 altsetting 13 has a duplicate endpoint with address 0xC, skipping
[ 1525.715015][ T3583] usb 6-1: config 13 interface 137 altsetting 13 has a duplicate endpoint with address 0x8C, skipping
[ 1525.717374][T20458] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1525.790460][ T3583] usb 6-1: config 13 interface 137 altsetting 13 has an invalid descriptor for endpoint zero, skipping
[ 1525.828872][T20458] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1525.829922][ T3583] usb 6-1: config 13 interface 137 altsetting 13 has a duplicate endpoint with address 0xE, skipping
[ 1525.852766][ T3583] usb 6-1: config 13 interface 137 altsetting 13 has a duplicate endpoint with address 0x2, skipping
[ 1525.870149][ T3583] usb 6-1: config 13 interface 137 altsetting 13 has an invalid descriptor for endpoint zero, skipping
[ 1525.876437][   T36] bridge_slave_1: left promiscuous mode
[ 1525.884543][ T3583] usb 6-1: config 13 interface 137 altsetting 13 has a duplicate endpoint with address 0x3, skipping
[ 1525.928498][ T3583] usb 6-1: config 13 interface 137 altsetting 13 has an invalid descriptor for endpoint zero, skipping
[ 1525.941064][ T3583] usb 6-1: config 13 interface 137 altsetting 13 has a duplicate endpoint with address 0xD, skipping
[ 1525.950027][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1525.969930][ T3583] usb 6-1: config 13 interface 158 has no altsetting 0
[ 1525.981242][   T36] bridge_slave_0: left promiscuous mode
[ 1525.987095][ T3583] usb 6-1: config 13 interface 126 has no altsetting 0
[ 1525.994318][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1526.001826][ T3583] usb 6-1: config 13 interface 7 has no altsetting 0
[ 1526.039052][ T3583] usb 6-1: config 13 interface 96 has no altsetting 0
[ 1526.089728][ T3583] usb 6-1: config 13 interface 76 has no altsetting 0
[ 1526.096618][ T3583] usb 6-1: config 13 interface 137 has no altsetting 0
[ 1526.140003][ T3583] usb 6-1: New USB device found, idVendor=157e, idProduct=300d, bcdDevice=31.92
[ 1526.149266][ T3583] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1526.157695][ T3583] usb 6-1: Product: ÐŽ
[ 1526.162060][ T3583] usb 6-1: SerialNumber:  
[ 1526.416221][T20513] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1526.428559][T20513] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1526.646560][T20810] overlayfs: failed to decode file handle (len=5, type=248, flags=0, err=-22)
[ 1526.841282][T20810] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4002'.
[ 1527.566309][ T3583] usb 6-1: USB disconnect, device number 76
[ 1527.924678][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1527.958696][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1527.971334][   T36] bond0 (unregistering): Released all slaves
[ 1528.305300][   T30] kauditd_printk_skb: 1561 callbacks suppressed
[ 1528.305313][   T30] audit: type=1400 audit(1745841410.722:394393): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=18649 comm="syz-executor" saddr=10.128.0.169 src=30008 daddr=10.128.1.42 dest=53900 netif=eth0
[ 1528.341973][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1528.348555][T18649] audit: audit_lost=42540 audit_rate_limit=0 audit_backlog_limit=64
[ 1528.357817][T18649] audit: backlog limit exceeded
[ 1528.365995][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1528.367358][   T36] bond1 (unregistering): Released all slaves
[ 1528.377219][   T30] audit: type=1400 audit(1745841410.752:394394): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=30 comm="kauditd" saddr=10.128.0.169 src=30008 daddr=10.128.1.42 dest=53900 netif=eth0
[ 1528.403132][   T36] bond2 (unregistering): Released all slaves
[ 1528.409041][T18649] audit: audit_lost=42541 audit_rate_limit=0 audit_backlog_limit=64
[ 1528.421255][T18649] audit: backlog limit exceeded
[ 1528.426660][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1528.434165][T18649] audit: audit_lost=42542 audit_rate_limit=0 audit_backlog_limit=64
[ 1528.715102][T20810] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0)
[ 1528.724749][T20810] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535
[ 1528.827226][   T36] : left promiscuous mode
[ 1528.916667][T20821] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4005'.
[ 1528.978404][   T36] tipc: Left network mode
[ 1529.051425][T20458] team0: Port device team_slave_0 added
[ 1529.094674][T20458] team0: Port device team_slave_1 added
[ 1530.122367][T20828] netlink: 'syz.5.4007': attribute type 11 has an invalid length.
[ 1530.156398][T20828] netlink: 224 bytes leftover after parsing attributes in process `syz.5.4007'.
[ 1530.183022][T20458] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1530.227542][T20458] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1530.426738][T20458] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1531.099506][T20458] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1531.107717][T20458] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1531.225815][T20458] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1531.893924][   T36] hsr_slave_0: left promiscuous mode
[ 1531.917440][   T36] hsr_slave_1: left promiscuous mode
[ 1531.933400][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1531.945359][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1533.333273][   T30] kauditd_printk_skb: 1396 callbacks suppressed
[ 1533.333289][   T30] audit: type=1400 audit(1745841415.742:395514): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=0 comm="swapper/1" saddr=10.128.0.169 src=30008 daddr=10.128.1.42 dest=53900 netif=eth0
[ 1533.382448][T20844] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1533.392197][   T30] audit: type=1400 audit(1745841415.742:395515): lsm=SMACK fn=smack_task_kill action=granted subject="_" object="_" requested=w pid=5811 comm="syz-executor" opid=16550 ocomm="syz-executor"
[ 1533.410081][T20844] audit: audit_lost=42635 audit_rate_limit=0 audit_backlog_limit=64
[ 1533.411503][   T30] audit: type=1400 audit(1745841415.742:395516): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18649 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1533.418749][T20844] audit: backlog limit exceeded
[ 1533.463379][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1533.470138][T18649] audit: audit_lost=42636 audit_rate_limit=0 audit_backlog_limit=64
[ 1533.472877][   T30] audit: type=1400 audit(1745841415.742:395517): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18649 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1533.478128][T18649] audit: backlog limit exceeded
[ 1535.803731][ T5827] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1535.823695][ T5827] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1535.836025][ T5827] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1535.885295][ T5827] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1535.896836][ T5827] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1535.948278][   T36] team_slave_1 (unregistering): left promiscuous mode
[ 1536.008391][   T36] team0 (unregistering): Port device team_slave_1 removed
[ 1536.245816][T20860] overlayfs: missing 'workdir'
[ 1536.246154][   T36] team_slave_0 (unregistering): left promiscuous mode
[ 1536.315157][   T36] team0 (unregistering): Port device team_slave_0 removed
[ 1537.379407][T20836] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4009'.
[ 1537.433681][T20458] hsr_slave_0: entered promiscuous mode
[ 1537.464033][T20458] hsr_slave_1: entered promiscuous mode
[ 1538.029941][T16252] Bluetooth: hci5: command tx timeout
[ 1538.549291][   T30] kauditd_printk_skb: 1745 callbacks suppressed
[ 1538.549312][   T30] audit: type=1400 audit(1745841420.462:396900): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="sda1" ino=2
[ 1538.570740][T20434] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1538.583872][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1538.583912][ T5174] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1538.599842][T18649] audit: audit_lost=42758 audit_rate_limit=0 audit_backlog_limit=64
[ 1538.600514][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1538.614422][    C1] audit: audit_lost=42759 audit_rate_limit=0 audit_backlog_limit=64
[ 1538.618096][T18649] audit: backlog limit exceeded
[ 1538.622437][    C1] audit: backlog limit exceeded
[ 1538.623396][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1538.638789][    C1] audit: audit_lost=42760 audit_rate_limit=0 audit_backlog_limit=64
[ 1538.689456][T20434] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1538.890025][T20434] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1538.952543][T20434] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1539.048295][   T36] IPVS: stop unused estimator thread 0...
[ 1539.150448][T16520] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[ 1539.300841][T16520] usb 4-1: device descriptor read/64, error -71
[ 1539.470061][ T3583] usb 6-1: new high-speed USB device number 77 using dummy_hcd
[ 1539.566305][T16520] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[ 1539.620187][T20434] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1539.664545][ T3583] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1539.694212][ T3583] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1539.719046][T20854] chnl_net:caif_netlink_parms(): no params data found
[ 1539.726097][ T3583] usb 6-1: New USB device found, idVendor=222a, idProduct=0001, bcdDevice= 0.00
[ 1539.735374][ T3583] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1539.750085][T16520] usb 4-1: device descriptor read/64, error -71
[ 1539.753687][ T3583] usb 6-1: config 0 descriptor??
[ 1539.863445][T20434] 8021q: adding VLAN 0 to HW filter on device team0
[ 1539.870377][T16520] usb usb4-port1: attempt power cycle
[ 1539.915917][T15912] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1539.923176][T15912] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1540.109942][T16252] Bluetooth: hci5: command tx timeout
[ 1540.145955][T20854] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1540.161928][T20854] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1540.169269][T20854] bridge_slave_0: entered allmulticast mode
[ 1540.211845][T20854] bridge_slave_0: entered promiscuous mode
[ 1540.250128][T16520] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[ 1540.292624][ T3583] hid-generic 0003:222A:0001.0013: unknown main item tag 0x0
[ 1540.295417][T16520] usb 4-1: device descriptor read/8, error -71
[ 1540.311308][ T3583] hid-generic 0003:222A:0001.0013: unknown main item tag 0x0
[ 1540.343622][T20854] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1540.350315][ T3583] hid-generic 0003:222A:0001.0013: hidraw0: USB HID v0.00 Device [HID 222a:0001] on usb-dummy_hcd.5-1/input0
[ 1540.359958][T20854] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1540.379824][T20854] bridge_slave_1: entered allmulticast mode
[ 1540.387044][T20854] bridge_slave_1: entered promiscuous mode
[ 1540.412556][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1540.419711][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1540.461841][ T3583] usb 6-1: USB disconnect, device number 77
[ 1540.569959][T16520] usb 4-1: new high-speed USB device number 88 using dummy_hcd
[ 1540.589116][T20854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1540.602940][T16520] usb 4-1: device descriptor read/8, error -71
[ 1540.669241][T20854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1540.721328][T16520] usb usb4-port1: unable to enumerate USB device
[ 1540.770846][T20458] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1540.815385][T20854] team0: Port device team_slave_0 added
[ 1540.866902][T20458] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1540.898345][T20854] team0: Port device team_slave_1 added
[ 1540.958891][T20458] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1540.980474][T20458] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1541.121286][T20854] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1541.138483][T20854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1541.189697][T20854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1541.260035][T20886] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 1541.283574][T20886] team0: Port device batadv1 added
[ 1541.313862][T20854] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1541.336575][T20854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1541.380418][T20854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1541.533480][T20854] hsr_slave_0: entered promiscuous mode
[ 1541.546638][T20854] hsr_slave_1: entered promiscuous mode
[ 1541.557967][T20854] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1541.566632][T20854] Cannot create hsr debugfs directory
[ 1542.101357][T20458] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1542.190613][T16252] Bluetooth: hci5: command tx timeout
[ 1542.426746][T20434] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1543.137347][T20458] 8021q: adding VLAN 0 to HW filter on device team0
[ 1543.466118][ T5968] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1543.473358][ T5968] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1543.503689][T20904] overlayfs: missing 'workdir'
[ 1543.561423][ T5968] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1543.568585][ T5968] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1543.577609][   T30] kauditd_printk_skb: 2572 callbacks suppressed
[ 1543.577626][   T30] audit: type=1400 audit(1745841425.992:399206): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=20901 comm="syz.3.4024" name="269" dev="tmpfs" ino=1538
[ 1543.623914][T20905] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1543.630026][   T30] audit: type=1400 audit(1745841425.992:399207): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=20901 comm="syz.3.4024" name="269" dev="tmpfs" ino=1538
[ 1543.659977][   T30] audit: type=1400 audit(1745841425.992:399208): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=20901 comm="syz.3.4024" name="bus" dev="tmpfs" ino=1544
[ 1543.679083][T20905] audit: audit_lost=42850 audit_rate_limit=0 audit_backlog_limit=64
[ 1543.679106][T20905] audit: backlog limit exceeded
[ 1543.679324][T20905] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1543.714880][T20854] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1543.723983][T20905] audit: audit_lost=42851 audit_rate_limit=0 audit_backlog_limit=64
[ 1543.738771][T20905] audit: backlog limit exceeded
[ 1543.744113][   T30] audit: type=1400 audit(1745841426.022:399209): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=20901 comm="syz.3.4024" name="bus" dev="tmpfs" ino=1544
[ 1543.753310][T20854] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1543.830774][T20854] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1543.855595][T20854] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1544.272256][T20434] veth0_vlan: entered promiscuous mode
[ 1544.280175][T16252] Bluetooth: hci5: command tx timeout
[ 1544.307775][T20434] veth1_vlan: entered promiscuous mode
[ 1545.006682][T20909] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4025'.
[ 1545.077728][T20434] veth0_macvtap: entered promiscuous mode
[ 1545.133438][T20434] veth1_macvtap: entered promiscuous mode
[ 1545.246708][T20434] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1545.261875][T20434] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1545.272409][T20434] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1545.283391][T20434] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1545.295972][T20434] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1545.876374][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.131461][T20434] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1546.155442][T20434] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1546.243827][T20434] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1546.259985][T20434] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1546.272335][T20434] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1546.395803][T20854] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1546.478378][T20434] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1546.501799][T20434] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1546.519822][T20434] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1546.528579][T20434] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1546.766039][T20854] 8021q: adding VLAN 0 to HW filter on device team0
[ 1546.948173][T20458] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1547.025548][T19915] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1547.032763][T19915] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1547.096557][T19915] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1547.103772][T19915] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1547.504854][ T1302] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1547.556240][ T1302] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1547.793389][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1547.843701][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1548.385150][T20458] veth0_vlan: entered promiscuous mode
[ 1548.431416][T20458] veth1_vlan: entered promiscuous mode
[ 1548.730878][T20458] veth0_macvtap: entered promiscuous mode
[ 1548.742268][   T30] kauditd_printk_skb: 5354 callbacks suppressed
[ 1548.742286][   T30] audit: type=1400 audit(1745841431.162:403339): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="sda1" ino=2
[ 1548.817436][   T30] audit: type=1400 audit(1745841431.162:403340): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="var" dev="sda1" ino=1906
[ 1548.817872][T20458] veth1_macvtap: entered promiscuous mode
[ 1549.016657][T20950] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1549.041084][   T30] audit: type=1400 audit(1745841431.162:403341): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="var" dev="sda1" ino=1906
[ 1549.068202][   T30] audit: type=1400 audit(1745841431.162:403342): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="sda1" ino=2
[ 1549.089273][   T30] audit: type=1400 audit(1745841431.162:403343): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="tmpfs" ino=1
[ 1549.131068][T20458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1549.142100][T20458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1549.157175][T20458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1549.168352][T20458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1549.180278][T20458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1549.191876][T20458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1549.204814][T20458] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1549.224451][T20854] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1549.255410][   T30] audit: type=1400 audit(1745841431.162:403344): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=wa pid=5174 comm="syslogd" name="messages" dev="tmpfs" ino=14
[ 1549.266804][T20458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1549.341970][T20458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1549.369443][T20951] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1549.386397][T20458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1549.388421][   T30] audit: type=1400 audit(1745841431.162:403345): lsm=SMACK fn=smack_file_open action=granted subject="_" object="_" requested=r pid=5174 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=14
[ 1549.416339][T20951] audit: audit_lost=43266 audit_rate_limit=0 audit_backlog_limit=64
[ 1549.416365][T20951] audit: backlog limit exceeded
[ 1549.438104][T20458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1549.488840][T20458] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1549.528924][T20458] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1549.571379][T20458] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1549.650803][T20954] 9pnet_fd: Insufficient options for proto=fd
[ 1549.667303][T20458] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1549.699840][T20458] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1549.739961][T20458] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1549.769989][T20458] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1550.137389][T15912] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1550.288335][T15912] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1550.542636][T20963] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[ 1550.581178][ T3583] IPVS: starting estimator thread 0...
[ 1550.610459][T20964] overlayfs: missing 'workdir'
[ 1551.299945][T20965] IPVS: using max 30 ests per chain, 72000 per kthread
[ 1551.920421][ T7177] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1551.928299][ T7177] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1552.012327][T20975] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4035'.
[ 1553.745429][T20854] veth0_vlan: entered promiscuous mode
[ 1553.761871][   T30] kauditd_printk_skb: 4715 callbacks suppressed
[ 1553.761897][   T30] audit: type=1400 audit(1745841436.172:406048): lsm=SMACK fn=smack_file_open action=granted subject="_" object="*" requested=r pid=20458 comm="syz-executor" path="/syzcgroup/cpu/syz6/memory.limit_in_bytes" dev="cgroup" ino=714
[ 1553.819269][T20854] veth1_vlan: entered promiscuous mode
[ 1553.889805][   T30] audit: type=1400 audit(1745841436.172:406049): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=20458 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1553.932182][T16244] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1553.938730][T16244] audit: audit_lost=43946 audit_rate_limit=0 audit_backlog_limit=64
[ 1553.947732][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1553.954298][    C1] audit: audit_lost=43947 audit_rate_limit=0 audit_backlog_limit=64
[ 1553.962321][    C1] audit: backlog limit exceeded
[ 1553.968071][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1553.974681][    C1] audit: audit_lost=43948 audit_rate_limit=0 audit_backlog_limit=64
[ 1553.982751][    C1] audit: backlog limit exceeded
[ 1554.012615][T20987] FAULT_INJECTION: forcing a failure.
[ 1554.012615][T20987] name failslab, interval 1, probability 0, space 0, times 0
[ 1554.039954][T20987] CPU: 1 UID: 0 PID: 20987 Comm: syz.0.4038 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1554.039982][T20987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1554.039995][T20987] Call Trace:
[ 1554.040004][T20987]  <TASK>
[ 1554.040014][T20987]  dump_stack_lvl+0x189/0x250
[ 1554.040051][T20987]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1554.040081][T20987]  ? __pfx__printk+0x10/0x10
[ 1554.040120][T20987]  ? __pfx___might_resched+0x10/0x10
[ 1554.040148][T20987]  ? fs_reclaim_acquire+0x7d/0x100
[ 1554.040175][T20987]  should_fail_ex+0x414/0x560
[ 1554.040212][T20987]  should_failslab+0xa8/0x100
[ 1554.040245][T20987]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1554.040275][T20987]  ? uprobe_register+0x1ac/0x950
[ 1554.040299][T20987]  uprobe_register+0x1ac/0x950
[ 1554.040318][T20987]  ? trace_kmalloc+0x1f/0xd0
[ 1554.040354][T20987]  bpf_uprobe_multi_link_attach+0xa1e/0xda0
[ 1554.040393][T20987]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[ 1554.040416][T20987]  ? __fget_files+0x2a/0x420
[ 1554.040451][T20987]  ? __fget_files+0x2a/0x420
[ 1554.040482][T20987]  ? __fget_files+0x2a/0x420
[ 1554.040528][T20987]  ? bpf_prog_attach_check_attach_type+0x453/0x540
[ 1554.040562][T20987]  link_create+0x70a/0x8a0
[ 1554.040593][T20987]  __sys_bpf+0x599/0x860
[ 1554.040618][T20987]  ? __pfx___sys_bpf+0x10/0x10
[ 1554.040653][T20987]  ? ksys_write+0x1f0/0x250
[ 1554.040677][T20987]  ? rcu_is_watching+0x15/0xb0
[ 1554.040715][T20987]  __x64_sys_bpf+0x7c/0x90
[ 1554.040734][T20987]  do_syscall_64+0xf6/0x210
[ 1554.040756][T20987]  ? clear_bhb_loop+0x45/0xa0
[ 1554.040782][T20987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1554.040803][T20987] RIP: 0033:0x7fcb62d8e969
[ 1554.040822][T20987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1554.040840][T20987] RSP: 002b:00007fcb63b0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1554.040862][T20987] RAX: ffffffffffffffda RBX: 00007fcb62fb5fa0 RCX: 00007fcb62d8e969
[ 1554.040878][T20987] RDX: 000000000000003c RSI: 00002000000005c0 RDI: 000000000000001c
[ 1554.040891][T20987] RBP: 00007fcb63b0e090 R08: 0000000000000000 R09: 0000000000000000
[ 1554.040905][T20987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1554.040917][T20987] R13: 0000000000000000 R14: 00007fcb62fb5fa0 R15: 00007ffc4b7650b8
[ 1554.040950][T20987]  </TASK>
[ 1555.259375][T20854] veth0_macvtap: entered promiscuous mode
[ 1555.277071][T20854] veth1_macvtap: entered promiscuous mode
[ 1555.557946][T20854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1555.585080][T20854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.612394][T20854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1555.623431][T20854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.637647][T20854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1555.666384][T20854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.751152][T20854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1555.790998][T20854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.843069][T20854] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1556.144164][T15912] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1556.287909][T20854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1556.317177][T20854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1556.332228][T20854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1556.347404][T20854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1556.366182][T20854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1556.386572][T20854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1556.412738][T20854] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1556.427042][T20854] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1556.445500][T20854] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1556.528268][T20854] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1556.548480][T20854] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1556.559669][T20854] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1556.569448][T20854] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1556.752509][T15912] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1556.941273][T15912] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1557.061451][T15912] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1557.142134][T19915] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1557.166357][T19915] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1557.237969][ T1302] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1557.267128][ T1302] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1557.439027][T15912] bridge_slave_1: left allmulticast mode
[ 1557.460015][T15912] bridge_slave_1: left promiscuous mode
[ 1557.470727][T15912] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1557.485180][T15912] bridge_slave_0: left allmulticast mode
[ 1557.499922][T15912] bridge_slave_0: left promiscuous mode
[ 1557.511261][T15912] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1558.848779][   T30] kauditd_printk_skb: 2262 callbacks suppressed
[ 1559.175988][T21014] nbd: device at index 0 is going down
[ 1559.210893][   T30] audit: type=1400 audit(1745841441.262:407873): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=21012 comm="syz.5.4047" saddr=10.128.0.169 src=30008 daddr=10.128.1.42 dest=53900 netif=eth0
[ 1559.358746][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1559.376224][   T30] audit: type=1400 audit(1745841441.282:407874): lsm=SMACK fn=smack_task_setscheduler action=granted subject="_" object="_" requested=w pid=21012 comm="syz.5.4047" opid=21012 ocomm="syz.5.4047"
[ 1559.398022][T21007] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1559.405084][T21007] audit: audit_lost=44095 audit_rate_limit=0 audit_backlog_limit=64
[ 1559.413187][T18649] audit: audit_lost=44096 audit_rate_limit=0 audit_backlog_limit=64
[ 1559.413208][T18649] audit: backlog limit exceeded
[ 1559.413231][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1559.421257][T21007] audit: backlog limit exceeded
[ 1559.437998][T18649] audit: audit_lost=44097 audit_rate_limit=0 audit_backlog_limit=64
[ 1560.649380][ T5827] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1560.660517][ T5827] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1560.669327][ T5827] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1560.677888][ T5827] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1560.685792][ T5827] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1561.049137][T21033] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4049'.
[ 1562.759913][ T5827] Bluetooth: hci3: command tx timeout
[ 1562.924915][T15912] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1563.025925][T15912] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1563.065668][T15912] bond0 (unregistering): Released all slaves
[ 1563.204771][T21013] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4046'.
[ 1563.853785][   T30] kauditd_printk_skb: 1495 callbacks suppressed
[ 1563.853806][   T30] audit: type=1400 audit(1745841446.272:408931): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=20465 comm="iou-wrk-20467" saddr=10.128.0.169 src=30008 daddr=10.128.1.42 dest=53900 netif=eth0
[ 1563.897573][T21045] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1563.904353][T21045] audit: audit_lost=44244 audit_rate_limit=0 audit_backlog_limit=64
[ 1563.912486][T21045] audit: backlog limit exceeded
[ 1563.917498][T21045] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1563.924240][T21045] audit: audit_lost=44245 audit_rate_limit=0 audit_backlog_limit=64
[ 1563.932389][T21045] audit: backlog limit exceeded
[ 1563.937570][T21045] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1563.944330][T21045] audit: audit_lost=44246 audit_rate_limit=0 audit_backlog_limit=64
[ 1563.952540][T21045] audit: backlog limit exceeded
[ 1564.874614][ T5827] Bluetooth: hci3: command tx timeout
[ 1564.968526][T21045] ALSA: mixer_oss: invalid OSS volume '`d#ètü&{W¯k¬ïsÓd:»ýEB|£åÃÓ'
[ 1564.977044][T21045] ALSA: mixer_oss: invalid OSS volume 'ö3ÿ¨›w‰_}È#saÃ_ü欵À¾8MnÒ\‘šå''
[ 1565.019981][ T6644] usb 4-1: new high-speed USB device number 89 using dummy_hcd
[ 1565.231136][ T6644] usb 4-1: too many configurations: 237, using maximum allowed: 8
[ 1565.293004][ T6644] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1565.303192][ T6644] usb 4-1: can't read configurations, error -61
[ 1566.162428][ T6644] usb 4-1: new high-speed USB device number 90 using dummy_hcd
[ 1566.371338][ T6644] usb 4-1: too many configurations: 237, using maximum allowed: 8
[ 1566.414792][ T6644] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1566.432074][ T6644] usb 4-1: can't read configurations, error -61
[ 1566.457204][T15912] hsr_slave_0: left promiscuous mode
[ 1566.912155][ T6644] usb usb4-port1: attempt power cycle
[ 1566.914002][ T5827] Bluetooth: hci3: command tx timeout
[ 1566.947822][T15912] hsr_slave_1: left promiscuous mode
[ 1566.954327][T15912] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1566.961977][T15912] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1566.993655][T15912] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1567.012165][T15912] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1567.264665][T15912] veth1_macvtap: left promiscuous mode
[ 1567.293266][T15912] veth0_macvtap: left promiscuous mode
[ 1567.309244][T15912] veth1_vlan: left promiscuous mode
[ 1567.327928][T15912] veth0_vlan: left promiscuous mode
[ 1567.617380][T21074] FAULT_INJECTION: forcing a failure.
[ 1567.617380][T21074] name failslab, interval 1, probability 0, space 0, times 0
[ 1567.630553][T21074] CPU: 1 UID: 0 PID: 21074 Comm: syz.3.4061 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1567.630572][T21074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1567.630580][T21074] Call Trace:
[ 1567.630587][T21074]  <TASK>
[ 1567.630598][T21074]  dump_stack_lvl+0x189/0x250
[ 1567.630653][T21074]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1567.630681][T21074]  ? __pfx__printk+0x10/0x10
[ 1567.630719][T21074]  ? __pfx___might_resched+0x10/0x10
[ 1567.630741][T21074]  ? fs_reclaim_acquire+0x7d/0x100
[ 1567.630760][T21074]  should_fail_ex+0x414/0x560
[ 1567.630786][T21074]  should_failslab+0xa8/0x100
[ 1567.630810][T21074]  __kmalloc_noprof+0xcb/0x4f0
[ 1567.630830][T21074]  ? pfkey_spdadd+0x88e/0x1a30
[ 1567.630855][T21074]  pfkey_spdadd+0x88e/0x1a30
[ 1567.630885][T21074]  ? __pfx_pfkey_spdadd+0x10/0x10
[ 1567.630905][T21074]  ? kmem_cache_free+0x192/0x3f0
[ 1567.630936][T21074]  pfkey_sendmsg+0xbfb/0x1090
[ 1567.630968][T21074]  ? __pfx_pfkey_sendmsg+0x10/0x10
[ 1567.631011][T21074]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1567.631026][T21074]  ? __pfx_pfkey_sendmsg+0x10/0x10
[ 1567.631046][T21074]  __sock_sendmsg+0x219/0x270
[ 1567.631069][T21074]  ____sys_sendmsg+0x505/0x830
[ 1567.631090][T21074]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1567.631114][T21074]  ? import_iovec+0x74/0xa0
[ 1567.631145][T21074]  ___sys_sendmsg+0x21f/0x2a0
[ 1567.631163][T21074]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1567.631207][T21074]  ? __fget_files+0x2a/0x420
[ 1567.631228][T21074]  ? __fget_files+0x3a0/0x420
[ 1567.631258][T21074]  __x64_sys_sendmsg+0x19b/0x260
[ 1567.631277][T21074]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1567.631306][T21074]  ? do_syscall_64+0xba/0x210
[ 1567.631325][T21074]  do_syscall_64+0xf6/0x210
[ 1567.631341][T21074]  ? clear_bhb_loop+0x45/0xa0
[ 1567.631359][T21074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1567.631374][T21074] RIP: 0033:0x7fdae4b8e969
[ 1567.631389][T21074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1567.631402][T21074] RSP: 002b:00007fdae29d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1567.631417][T21074] RAX: ffffffffffffffda RBX: 00007fdae4db6080 RCX: 00007fdae4b8e969
[ 1567.631428][T21074] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000008
[ 1567.631437][T21074] RBP: 00007fdae29d5090 R08: 0000000000000000 R09: 0000000000000000
[ 1567.631452][T21074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1567.631461][T21074] R13: 0000000000000000 R14: 00007fdae4db6080 R15: 00007fff3a4fd488
[ 1567.631484][T21074]  </TASK>
[ 1568.861332][   T30] kauditd_printk_skb: 1782 callbacks suppressed
[ 1568.861385][   T30] audit: type=1400 audit(1745841451.282:410252): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=21072 comm="syz.3.4061" saddr=10.128.0.169 src=30008 daddr=10.128.1.42 dest=53900 netif=eth0
[ 1568.922261][   T30] audit: type=1400 audit(1745841451.322:410253): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="sda1" ino=2
[ 1568.965517][T21084] program syz.0.4065 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1568.975194][   T30] audit: type=1400 audit(1745841451.322:410254): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="var" dev="sda1" ino=1906
[ 1568.989935][ T5827] Bluetooth: hci3: command tx timeout
[ 1569.040569][T21084] Bluetooth: MGMT ver 1.23
[ 1569.042158][   T30] audit: type=1400 audit(1745841451.322:410255): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="var" dev="sda1" ino=1906
[ 1569.068587][   T30] audit: type=1400 audit(1745841451.322:410256): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="sda1" ino=2
[ 1569.081168][T21084] netlink: 'syz.0.4065': attribute type 1 has an invalid length.
[ 1569.086773][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1569.094596][   T30] audit: type=1400 audit(1745841451.322:410257): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="tmpfs" ino=1
[ 1569.094645][   T30] audit: type=1400 audit(1745841451.322:410258): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=wa pid=5174 comm="syslogd" name="messages" dev="tmpfs" ino=15
[ 1569.094683][   T30] audit: type=1400 audit(1745841451.322:410259): lsm=SMACK fn=smack_file_open action=granted subject="_" object="_" requested=r pid=5174 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=15
[ 1569.094721][   T30] audit: type=1400 audit(1745841451.322:410260): lsm=SMACK fn=smack_inode_getattr action=granted subject="_" object="_" requested=r pid=5174 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=15
[ 1569.094760][   T30] audit: type=1400 audit(1745841451.322:410261): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21083 comm="syz-executor" name="54" dev="proc" ino=88468
[ 1569.119238][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1570.855436][T15912] team0 (unregistering): Port device team_slave_1 removed
[ 1571.816108][T15912] team0 (unregistering): Port device team_slave_0 removed
[ 1574.066906][   T30] kauditd_printk_skb: 698 callbacks suppressed
[ 1574.066926][   T30] audit: type=1400 audit(1745841456.482:410960): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=16244 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1574.116668][T16244] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1574.128705][T16244] audit: audit_lost=44401 audit_rate_limit=0 audit_backlog_limit=64
[ 1574.151198][T16244] audit: backlog limit exceeded
[ 1574.156141][   T30] audit: type=1400 audit(1745841456.482:410961): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=16529 comm="kworker/u8:1" saddr=10.128.0.169 src=30008 daddr=10.128.1.42 dest=53900 netif=eth0
[ 1574.179601][T16244] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1574.186277][T16244] audit: audit_lost=44402 audit_rate_limit=0 audit_backlog_limit=64
[ 1574.194683][T16244] audit: backlog limit exceeded
[ 1574.199545][T16244] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1574.206575][   T30] audit: type=1400 audit(1745841456.482:410962): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=16529 comm="kworker/u8:1" saddr=10.128.0.169 src=30008 daddr=10.128.1.42 dest=53900 netif=eth0
[ 1574.992776][T21081] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4064'.
[ 1575.584996][T21029] chnl_net:caif_netlink_parms(): no params data found
[ 1575.592808][ T5827] Bluetooth: Wrong link type (-22)
[ 1575.744549][T21133] overlayfs: failed to decode file handle (len=5, type=248, flags=0, err=-22)
[ 1576.790947][T21139] FAULT_INJECTION: forcing a failure.
[ 1576.790947][T21139] name failslab, interval 1, probability 0, space 0, times 0
[ 1576.807668][T21137] netlink: 156 bytes leftover after parsing attributes in process `syz.3.4080'.
[ 1577.028128][T21139] CPU: 1 UID: 0 PID: 21139 Comm: syz.7.4079 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1577.028159][T21139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1577.028173][T21139] Call Trace:
[ 1577.028181][T21139]  <TASK>
[ 1577.028190][T21139]  dump_stack_lvl+0x189/0x250
[ 1577.028226][T21139]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1577.028254][T21139]  ? __pfx__printk+0x10/0x10
[ 1577.028290][T21139]  ? __pfx___might_resched+0x10/0x10
[ 1577.028326][T21139]  should_fail_ex+0x414/0x560
[ 1577.028370][T21139]  should_failslab+0xa8/0x100
[ 1577.028403][T21139]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1577.028433][T21139]  ? __alloc_skb+0x112/0x2d0
[ 1577.028458][T21139]  __alloc_skb+0x112/0x2d0
[ 1577.028481][T21139]  netlink_dump+0x245/0xe70
[ 1577.028525][T21139]  ? __pfx_netlink_dump+0x10/0x10
[ 1577.028572][T21139]  ? __asan_memset+0x22/0x50
[ 1577.028597][T21139]  ? genl_start+0x499/0x6c0
[ 1577.028630][T21139]  __netlink_dump_start+0x5cb/0x7e0
[ 1577.028669][T21139]  genl_family_rcv_msg_dumpit+0x1e7/0x2c0
[ 1577.028698][T21139]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[ 1577.028721][T21139]  ? genl_get_cmd+0x67f/0x910
[ 1577.028745][T21139]  ? __pfx___mutex_lock+0x10/0x10
[ 1577.028767][T21139]  ? __pfx_genl_start+0x10/0x10
[ 1577.028787][T21139]  ? __pfx_genl_dumpit+0x10/0x10
[ 1577.028808][T21139]  ? __pfx_genl_done+0x10/0x10
[ 1577.028838][T21139]  ? stack_depot_save_flags+0x40/0x910
[ 1577.028876][T21139]  genl_rcv_msg+0x5da/0x790
[ 1577.028907][T21139]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1577.028929][T21139]  ? __pfx_nl802154_dump_wpan_phy+0x10/0x10
[ 1577.028959][T21139]  ? __pfx_nl802154_dump_wpan_phy_done+0x10/0x10
[ 1577.029006][T21139]  netlink_rcv_skb+0x219/0x490
[ 1577.029038][T21139]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1577.029063][T21139]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1577.029119][T21139]  ? down_read+0x1ad/0x2e0
[ 1577.029144][T21139]  genl_rcv+0x28/0x40
[ 1577.029165][T21139]  netlink_unicast+0x758/0x8d0
[ 1577.029205][T21139]  netlink_sendmsg+0x805/0xb30
[ 1577.029234][T21139]  ? is_bpf_text_address+0x26/0x2b0
[ 1577.029270][T21139]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1577.029310][T21139]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1577.029329][T21139]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1577.029368][T21139]  __sock_sendmsg+0x219/0x270
[ 1577.029399][T21139]  ____sys_sendmsg+0x505/0x830
[ 1577.029428][T21139]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1577.029461][T21139]  ? import_iovec+0x74/0xa0
[ 1577.029491][T21139]  ___sys_sendmsg+0x21f/0x2a0
[ 1577.029516][T21139]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1577.029579][T21139]  ? __fget_files+0x2a/0x420
[ 1577.029608][T21139]  ? __fget_files+0x3a0/0x420
[ 1577.029650][T21139]  __x64_sys_sendmsg+0x19b/0x260
[ 1577.029676][T21139]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1577.029717][T21139]  ? do_syscall_64+0xba/0x210
[ 1577.029746][T21139]  do_syscall_64+0xf6/0x210
[ 1577.029766][T21139]  ? clear_bhb_loop+0x45/0xa0
[ 1577.029792][T21139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1577.029811][T21139] RIP: 0033:0x7fbdb898e969
[ 1577.029831][T21139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1577.029848][T21139] RSP: 002b:00007fbdb9843038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1577.029869][T21139] RAX: ffffffffffffffda RBX: 00007fbdb8bb5fa0 RCX: 00007fbdb898e969
[ 1577.029883][T21139] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[ 1577.029897][T21139] RBP: 00007fbdb9843090 R08: 0000000000000000 R09: 0000000000000000
[ 1577.029910][T21139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1577.029922][T21139] R13: 0000000000000000 R14: 00007fbdb8bb5fa0 R15: 00007ffcdcb91498
[ 1577.029954][T21139]  </TASK>
[ 1579.118090][   T30] kauditd_printk_skb: 2823 callbacks suppressed
[ 1579.118109][   T30] audit: type=1400 audit(1745841461.532:412467): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=20854 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1579.163628][T21158] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1579.170748][T20854] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1579.180121][T21159] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1579.185851][T20854] audit: audit_lost=44843 audit_rate_limit=0 audit_backlog_limit=64
[ 1579.186729][T21159] audit: audit_lost=44844 audit_rate_limit=0 audit_backlog_limit=64
[ 1579.196801][T20854] audit: backlog limit exceeded
[ 1579.226733][T20854] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1579.248213][T21158] audit: audit_lost=44845 audit_rate_limit=0 audit_backlog_limit=64
[ 1579.258409][T20854] audit: audit_lost=44846 audit_rate_limit=0 audit_backlog_limit=64
[ 1579.317676][T21161] loop8: detected capacity change from 0 to 7
[ 1579.333358][T21161] Dev loop8: unable to read RDB block 7
[ 1579.344162][T21029] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1579.358204][T21161]  loop8: AHDI p1 p3 p4
[ 1579.371596][T21029] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1579.388136][T21161] loop8: partition table partially beyond EOD, truncated
[ 1579.399996][T21029] bridge_slave_0: entered allmulticast mode
[ 1579.420043][T21161] loop8: p1 start 975770946 is beyond EOD, truncated
[ 1579.589952][T21161] loop8: p3 start 6514546 is beyond EOD, truncated
[ 1579.926831][T21029] bridge_slave_0: entered promiscuous mode
[ 1579.959321][T21029] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1579.966958][T21029] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1579.984954][T21029] bridge_slave_1: entered allmulticast mode
[ 1580.095513][T21029] bridge_slave_1: entered promiscuous mode
[ 1580.138647][T21165] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4086'.
[ 1580.324240][T21175] netlink: 'syz.3.4089': attribute type 3 has an invalid length.
[ 1580.407134][T21175] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.4089'.
[ 1580.464745][T21029] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1580.499314][T21029] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1581.469368][T21181] netlink: 11356 bytes leftover after parsing attributes in process `syz.3.4089'.
[ 1582.232611][T21029] team0: Port device team_slave_0 added
[ 1583.565289][T21029] team0: Port device team_slave_1 added
[ 1584.430832][   T30] kauditd_printk_skb: 1798 callbacks suppressed
[ 1584.430854][   T30] audit: type=1400 audit(1745841466.842:413840): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18649 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1584.488481][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1584.506440][   T30] audit: type=1400 audit(1745841466.842:413841): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18649 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1584.506726][T21205] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1584.546775][   T30] audit: type=1400 audit(1745841466.842:413842): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18649 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1584.550247][T20434] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1584.578771][T18649] audit: audit_lost=44988 audit_rate_limit=0 audit_backlog_limit=64
[ 1584.589586][ T5174] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1584.591764][ T5827] Bluetooth: hci0: unexpected event for opcode 0x0000
[ 1584.602902][T21205] audit: audit_lost=44989 audit_rate_limit=0 audit_backlog_limit=64
[ 1584.602926][T21205] audit: backlog limit exceeded
[ 1584.663269][T21029] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1584.691399][T21029] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1584.729571][T21029] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1584.742534][T21029] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1584.749504][T21029] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1584.777829][T21029] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1584.954647][T21213] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4099'.
[ 1585.034697][T21211] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4100'.
[ 1585.060596][T21213] vlan2: entered promiscuous mode
[ 1585.165303][T21211] vlan2: entered promiscuous mode
[ 1585.337244][T21217] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1585.436901][T21029] hsr_slave_0: entered promiscuous mode
[ 1585.450224][T21029] hsr_slave_1: entered promiscuous mode
[ 1585.541791][T21221] dns_resolver: Unsupported server list version (0)
[ 1588.602379][ T5827] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[ 1588.611795][ T5827] Bluetooth: hci0: Injecting HCI hardware error event
[ 1588.620675][ T5827] Bluetooth: hci0: hardware error 0x00
[ 1589.482749][   T30] kauditd_printk_skb: 2058 callbacks suppressed
[ 1589.482770][   T30] audit: type=1400 audit(1745841471.812:415560): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=21254 comm="syz.5.4113" saddr=10.128.0.169 src=30008 daddr=10.128.1.42 dest=53900 netif=eth0
[ 1589.530581][   T30] audit: type=1400 audit(1745841471.942:415561): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21257 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1589.587016][   T30] audit: type=1400 audit(1745841471.942:415562): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21257 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1590.183236][T21258] sg_write: data in/out 6291420/14 bytes for SCSI command 0x0-- guessing data in;
[ 1590.183236][T21258]    program syz.0.4112 not setting count and/or reply_len properly
[ 1590.183839][   T30] audit: type=1400 audit(1745841471.942:415563): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21257 comm="syz-executor" name="23" dev="tmpfs" ino=136
[ 1590.327904][   T30] audit: type=1400 audit(1745841471.942:415564): lsm=SMACK fn=smack_task_setpgid action=granted subject="_" object="_" requested=w pid=21257 comm="syz-executor" opid=21257 ocomm="syz-executor"
[ 1590.347272][   T30] audit: type=1400 audit(1745841471.942:415565): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21257 comm="syz-executor" name="23" dev="tmpfs" ino=136
[ 1590.366870][   T30] audit: type=1400 audit(1745841471.942:415566): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21257 comm="syz-executor" name="23" dev="tmpfs" ino=136
[ 1590.368521][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1590.393937][T21260] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1590.412762][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1590.438570][T21261] 9pnet_fd: Insufficient options for proto=fd
[ 1590.890492][ T5827] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1591.634368][T21265] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4115'.
[ 1591.733886][T21265] vlan2: entered promiscuous mode
[ 1591.738967][T21265] dummy0: entered promiscuous mode
[ 1591.946412][ T5827] Bluetooth: hci1: unexpected event for opcode 0x0403
[ 1592.115356][T21029] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1592.201763][T21029] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1592.394422][T21029] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1592.692372][T21029] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1593.632498][T21029] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1593.694896][T21029] 8021q: adding VLAN 0 to HW filter on device team0
[ 1593.707372][ T5968] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1593.714581][ T5968] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1593.783986][T16529] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1593.791205][T16529] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1594.584076][   T30] kauditd_printk_skb: 1601 callbacks suppressed
[ 1594.584095][   T30] audit: type=1400 audit(1745841477.002:416994): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=20434 comm="syz-executor" name="25" dev="tmpfs" ino=147
[ 1594.703921][   T30] audit: type=1400 audit(1745841477.002:416995): lsm=SMACK fn=smack_inode_getattr action=granted subject="_" object="_" requested=r pid=20434 comm="syz-executor" path="/25/cgroup.net" dev="tmpfs" ino=150
[ 1594.723967][   T30] audit: type=1400 audit(1745841477.002:416996): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=20434 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1594.743803][   T30] audit: type=1400 audit(1745841477.002:416997): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=20434 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1594.746989][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1594.770470][T16244] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1594.777192][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1594.777212][    C1] audit: audit_lost=45163 audit_rate_limit=0 audit_backlog_limit=64
[ 1594.777229][    C1] audit: backlog limit exceeded
[ 1594.777519][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1594.800244][T21298] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1594.823839][T21029] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1594.860507][T21029] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1594.891392][T21301] ALSA: mixer_oss: invalid OSS volume '`d#ètü&{W¯k¬ïsÓd:»ýEB|£åÃÓ'
[ 1594.941037][T21301] ALSA: mixer_oss: invalid OSS volume 'ö3ÿ¨›w‰_}È#saÃ_ü欵À¾8MnÒ\‘šå''
[ 1597.089934][T21029] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1598.542280][T21029] veth0_vlan: entered promiscuous mode
[ 1598.596938][T21029] veth1_vlan: entered promiscuous mode
[ 1598.677823][T21029] veth0_macvtap: entered promiscuous mode
[ 1598.718552][T21029] veth1_macvtap: entered promiscuous mode
[ 1598.808175][T21029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1598.851623][T21029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1598.896303][T21029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1598.923948][T21029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1598.949684][T21029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1599.019813][T21029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1599.041111][T21029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1599.063425][T21029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1599.098460][T21029] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1599.178977][T21029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1599.217561][T21029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1599.254910][T21029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1599.294839][T21029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1599.466775][T21029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1599.480077][T21029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1599.496580][T21029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1599.517689][T21029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1599.680044][   T30] kauditd_printk_skb: 3645 callbacks suppressed
[ 1599.680083][   T30] audit: type=1400 audit(1745841481.942:420082): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=16244 comm="syz-executor" name="/" dev="devtmpfs" ino=1
[ 1600.122161][T21029] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1600.247265][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1600.259356][T21029] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1600.280354][T18649] audit: audit_lost=45352 audit_rate_limit=0 audit_backlog_limit=64
[ 1600.288460][T18649] audit: backlog limit exceeded
[ 1600.294410][T21029] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1600.300753][T21355] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1600.309634][T21355] audit: audit_lost=45353 audit_rate_limit=0 audit_backlog_limit=64
[ 1600.319858][   T30] audit: type=1400 audit(1745841481.942:420083): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=rw pid=16244 comm="syz-executor" name="loop3" dev="devtmpfs" ino=650
[ 1600.326199][T21029] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1600.342562][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1600.356165][T21029] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1600.371321][T20434] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1600.377837][T20434] audit: audit_lost=45354 audit_rate_limit=0 audit_backlog_limit=64
[ 1600.501236][T21356] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1602.227454][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1602.379974][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1603.028086][T16529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1603.037149][T16529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1604.694067][   T30] kauditd_printk_skb: 3010 callbacks suppressed
[ 1604.694086][   T30] audit: type=1400 audit(1745841487.112:421519): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18649 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1604.743768][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1604.745259][T20434] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1604.775430][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1604.782013][    C1] audit: audit_lost=45880 audit_rate_limit=0 audit_backlog_limit=64
[ 1604.790053][    C1] audit: backlog limit exceeded
[ 1604.795358][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1604.801941][    C1] audit: audit_lost=45881 audit_rate_limit=0 audit_backlog_limit=64
[ 1604.809970][    C1] audit: backlog limit exceeded
[ 1604.810004][T20434] audit: audit_lost=45882 audit_rate_limit=0 audit_backlog_limit=64
[ 1605.829193][ T5968] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1606.184970][ T5968] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1606.295376][ T5968] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1606.411731][ T5968] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1606.710283][ T5968] bridge_slave_1: left allmulticast mode
[ 1606.715995][ T5968] bridge_slave_1: left promiscuous mode
[ 1606.740833][ T5968] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1606.785901][ T5968] bridge_slave_0: left allmulticast mode
[ 1606.791750][ T5968] bridge_slave_0: left promiscuous mode
[ 1606.797433][ T5968] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1607.349922][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.617724][ T5827] Bluetooth: hci1: unexpected event for opcode 0x0403
[ 1608.483427][T21419] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1608.836512][T16252] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1608.846296][T16252] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1608.855430][T16252] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1608.866109][ T5968] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1608.877732][ T5968] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1608.891616][T16252] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1608.901492][T16252] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1608.933669][ T5968] bond0 (unregistering): Released all slaves
[ 1609.908484][   T30] kauditd_printk_skb: 1511 callbacks suppressed
[ 1609.908504][   T30] audit: type=1400 audit(1745841491.842:422910): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=21422 comm="syz.5.4156" saddr=10.128.0.169 src=30008 daddr=10.128.1.42 dest=53900 netif=eth0
[ 1610.002038][   T30] audit: type=1400 audit(1745841492.332:422911): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=0 comm="swapper/1" saddr=10.128.0.169 src=30008 daddr=10.128.1.42 dest=53900 netif=eth0
[ 1610.025063][   T30] audit: type=1400 audit(1745841492.372:422912): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="sda1" ino=2
[ 1610.049068][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1610.059281][T18649] audit: audit_lost=45923 audit_rate_limit=0 audit_backlog_limit=64
[ 1610.068387][T18649] audit: backlog limit exceeded
[ 1610.071756][T21427] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1610.073357][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1610.093235][ T5968] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1610.100091][ T5968] audit: audit_lost=45924 audit_rate_limit=0 audit_backlog_limit=64
[ 1610.999957][T16252] Bluetooth: hci3: command tx timeout
[ 1611.197691][T21430] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4158'.
[ 1612.416607][T21443] syz.7.4160 (21443) used greatest stack depth: 18144 bytes left
[ 1612.837639][T21449] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4162'.
[ 1613.102245][T16252] Bluetooth: hci3: command tx timeout
[ 1615.174334][   T30] kauditd_printk_skb: 2388 callbacks suppressed
[ 1615.174385][   T30] audit: type=1400 audit(1745841497.582:424716): lsm=SMACK fn=smack_file_ioctl action=granted subject="_" object="_" requested=w pid=21458 comm="syz.0.4165" path="/dev/video8" dev="devtmpfs" ino=953
[ 1615.201179][T16252] Bluetooth: hci3: command tx timeout
[ 1615.205491][ T5968] hsr_slave_0: left promiscuous mode
[ 1615.305225][   T30] audit: type=1400 audit(1745841497.582:424717): lsm=SMACK fn=smack_file_ioctl action=granted subject="_" object="_" requested=r pid=21458 comm="syz.0.4165" path="/dev/video8" dev="devtmpfs" ino=953
[ 1615.326720][   T30] audit: type=1400 audit(1745841497.652:424718): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21458 comm="syz.0.4165" name="newroot" dev="tmpfs" ino=2
[ 1615.354390][ T5968] hsr_slave_1: left promiscuous mode
[ 1615.384046][ T5968] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1615.391711][ T5968] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1615.412508][   T30] audit: type=1400 audit(1745841497.652:424719): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21458 comm="syz.0.4165" name="/" dev="devtmpfs" ino=1
[ 1615.440723][ T5968] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1615.448535][ T5968] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1615.457990][   T30] audit: type=1400 audit(1745841497.652:424720): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=rw pid=21458 comm="syz.0.4165" name="vbi0" dev="devtmpfs" ino=954
[ 1616.168779][   T30] audit: type=1400 audit(1745841497.662:424721): lsm=SMACK fn=smack_file_open action=granted subject="_" object="_" requested=r pid=21458 comm="syz.0.4165" path="/dev/vbi0" dev="devtmpfs" ino=954
[ 1616.188184][   T30] audit: type=1400 audit(1745841497.712:424722): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="sda1" ino=2
[ 1616.216611][   T30] audit: type=1400 audit(1745841497.712:424723): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="var" dev="sda1" ino=1906
[ 1616.279451][ T5968] veth1_macvtap: left promiscuous mode
[ 1616.310179][   T30] audit: type=1400 audit(1745841497.732:424724): lsm=SMACK fn=smack_file_ioctl action=granted subject="_" object="_" requested=w pid=21458 comm="syz.0.4165" path="/dev/vbi0" dev="devtmpfs" ino=954
[ 1616.330541][ T5968] veth0_macvtap: left promiscuous mode
[ 1616.348885][T20434] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1616.359968][ T5968] veth1_vlan: left promiscuous mode
[ 1616.365460][ T5968] veth0_vlan: left promiscuous mode
[ 1617.233188][T16252] Bluetooth: hci3: command tx timeout
[ 1617.518029][ T5968] team0 (unregistering): Port device team_slave_1 removed
[ 1617.599328][ T5968] team0 (unregistering): Port device team_slave_0 removed
[ 1618.792120][T21420] chnl_net:caif_netlink_parms(): no params data found
[ 1621.183096][   T30] kauditd_printk_skb: 911 callbacks suppressed
[ 1621.183118][   T30] audit: type=1400 audit(1745841502.152:425466): lsm=SMACK fn=smack_task_setscheduler action=granted subject="_" object="_" requested=w pid=21480 comm="syz.5.4171" opid=21480 ocomm="syz.5.4171"
[ 1621.298684][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1621.305291][    C1] audit: audit_lost=46178 audit_rate_limit=0 audit_backlog_limit=64
[ 1621.313316][    C1] audit: backlog limit exceeded
[ 1621.372150][T20854] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1621.375633][T21492] hfsplus: unable to find HFS+ superblock
[ 1621.385750][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1621.390512][T20854] audit: audit_lost=46179 audit_rate_limit=0 audit_backlog_limit=64
[ 1621.392390][    C1] audit: audit_lost=46180 audit_rate_limit=0 audit_backlog_limit=64
[ 1621.408312][    C1] audit: backlog limit exceeded
[ 1621.415549][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1622.295910][T21420] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1622.430052][T21420] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1622.472036][T21420] bridge_slave_0: entered allmulticast mode
[ 1622.853781][T21420] bridge_slave_0: entered promiscuous mode
[ 1622.874184][T21420] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1622.910996][T21420] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1622.927008][T21420] bridge_slave_1: entered allmulticast mode
[ 1623.077740][T21420] bridge_slave_1: entered promiscuous mode
[ 1623.087619][T21507] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4177'.
[ 1624.400938][T21420] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1624.483333][T21420] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1624.662270][T16252] Bluetooth: hci1: unexpected event for opcode 0x0403
[ 1625.113562][T21420] team0: Port device team_slave_0 added
[ 1625.227811][T21420] team0: Port device team_slave_1 added
[ 1626.263508][   T30] kauditd_printk_skb: 1129 callbacks suppressed
[ 1626.263545][   T30] audit: type=1400 audit(1745841508.682:426515): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=20854 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1626.281242][T20854] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1626.289972][ T5174] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1626.330589][T21420] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1626.347282][T21531] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1626.354023][ T5174] audit: audit_lost=46208 audit_rate_limit=0 audit_backlog_limit=64
[ 1626.354730][T20854] audit: audit_lost=46209 audit_rate_limit=0 audit_backlog_limit=64
[ 1626.380580][T21420] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1626.412680][T21531] audit: audit_lost=46210 audit_rate_limit=0 audit_backlog_limit=64
[ 1626.427028][ T5174] audit: backlog limit exceeded
[ 1626.432134][T21531] audit: backlog limit exceeded
[ 1626.436992][T21531] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1626.525023][T21420] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1626.596395][T21420] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1626.668139][T21420] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1626.782392][T21420] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1626.889970][T16845] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[ 1627.074684][T16845] usb 8-1: config 0 has an invalid interface number: 41 but max is 0
[ 1627.110396][T21420] hsr_slave_0: entered promiscuous mode
[ 1627.126286][T16845] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1627.170083][T21420] hsr_slave_1: entered promiscuous mode
[ 1627.184050][T16845] usb 8-1: config 0 has no interface number 0
[ 1627.215749][T16845] usb 8-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[ 1627.264005][T16845] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1627.308230][T16845] usb 8-1: Product: syz
[ 1627.326348][T16845] usb 8-1: Manufacturer: syz
[ 1627.351551][T16845] usb 8-1: SerialNumber: syz
[ 1627.388826][T16845] usb 8-1: config 0 descriptor??
[ 1627.415684][T16845] ims_pcu 8-1:0.41: Missing CDC union descriptor
[ 1627.428716][T16845] ims_pcu 8-1:0.41: probe with driver ims_pcu failed with error -22
[ 1627.683237][T21532] netlink: 'syz.3.4181': attribute type 7 has an invalid length.
[ 1627.769365][    T9] usb 8-1: USB disconnect, device number 2
[ 1627.791899][T21540] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4181'.
[ 1628.532106][T21540] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 1629.499273][T21555] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4189'.
[ 1631.363339][   T30] kauditd_printk_skb: 1123 callbacks suppressed
[ 1631.363357][   T30] audit: type=1400 audit(1745841513.782:427543): lsm=SMACK fn=smack_unix_may_send action=granted subject="_" object="_" requested=w pid=5485 comm="dhcpcd"
[ 1631.720921][   T30] audit: type=1400 audit(1745841513.802:427544): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="sda1" ino=2
[ 1632.010012][   T30] audit: type=1400 audit(1745841513.802:427545): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="var" dev="sda1" ino=1906
[ 1632.033641][T20434] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1632.040619][T21562] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1632.041688][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1632.047147][T21562] audit: audit_lost=46243 audit_rate_limit=0 audit_backlog_limit=64
[ 1632.047169][T21562] audit: backlog limit exceeded
[ 1632.066918][    C1] audit: audit_lost=46244 audit_rate_limit=0 audit_backlog_limit=64
[ 1632.075035][    C1] audit: backlog limit exceeded
[ 1633.803704][T21582] ALSA: mixer_oss: invalid OSS volume '`d#ètü&{W¯k¬ïsÓd:»ýEB|£åÃÓ'
[ 1633.812556][T21582] ALSA: mixer_oss: invalid OSS volume 'ö3ÿ¨›w‰_}È#saÃ_ü欵À¾8MnÒ\‘šå''
[ 1634.497005][T21420] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1635.401583][T21420] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1636.028346][T21420] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1636.172682][T21420] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1636.826321][   T30] kauditd_printk_skb: 1739 callbacks suppressed
[ 1636.826348][   T30] audit: type=1400 audit(1745841519.242:428980): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21601 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1636.866559][ T6644] libceph: connect (1)[c::]:6789 error -101
[ 1636.885808][ T5174] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1636.912766][T21606] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1636.921169][T21603] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1636.938621][T21603] audit: audit_lost=46347 audit_rate_limit=0 audit_backlog_limit=64
[ 1636.950171][T21604] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1637.130111][T21604] audit: audit_lost=46348 audit_rate_limit=0 audit_backlog_limit=64
[ 1637.131256][T21608] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1637.138316][T21604] audit: backlog limit exceeded
[ 1637.146526][T21606] audit: audit_lost=46349 audit_rate_limit=0 audit_backlog_limit=64
[ 1637.317784][T21604] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4203'.
[ 1637.415555][ T6644] libceph: mon0 (1)[c::]:6789 connect error
[ 1637.449822][T16520] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[ 1637.953390][T21420] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1637.994868][T21597] ceph: No mds server is up or the cluster is laggy
[ 1637.995287][ T6644] libceph: connect (1)[c::]:6789 error -101
[ 1638.009954][ T6644] libceph: mon0 (1)[c::]:6789 connect error
[ 1638.075498][T21420] 8021q: adding VLAN 0 to HW filter on device team0
[ 1638.093737][T16520] usb 8-1: config 0 has an invalid interface number: 41 but max is 0
[ 1638.148278][T16520] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1638.182044][T19110] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1638.189296][T19110] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1638.464073][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1638.471298][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1638.484327][T16520] usb 8-1: config 0 has no interface number 0
[ 1638.505488][T16520] usb 8-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[ 1638.555970][T21420] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1638.723146][T21420] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1638.956682][T16520] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1639.571596][T16520] usb 8-1: Product: syz
[ 1639.596753][T16520] usb 8-1: Manufacturer: syz
[ 1639.620004][T16520] usb 8-1: SerialNumber: syz
[ 1639.642553][T16520] usb 8-1: config 0 descriptor??
[ 1639.702687][T16520] ims_pcu 8-1:0.41: Missing CDC union descriptor
[ 1639.918423][T16520] ims_pcu 8-1:0.41: probe with driver ims_pcu failed with error -22
[ 1640.249885][ T5827] Bluetooth: hci2: command 0x0406 tx timeout
[ 1640.682739][T16520] usb 8-1: USB disconnect, device number 3
[ 1641.116638][T21644] ALSA: mixer_oss: invalid OSS volume '`d#ètü&{W¯k¬ïsÓd:»ýEB|£åÃÓ'
[ 1641.126564][T21644] ALSA: mixer_oss: invalid OSS volume 'ö3ÿ¨›w‰_}È#saÃ_ü欵À¾8MnÒ\‘šå''
[ 1641.922605][   T30] kauditd_printk_skb: 3370 callbacks suppressed
[ 1641.922623][   T30] audit: type=1400 audit(1745841524.342:430408): lsm=SMACK fn=smack_file_ioctl action=granted subject="_" object="_" requested=w pid=21636 comm="syz.0.4213" path="/dev/video3" dev="devtmpfs" ino=936
[ 1641.964544][   T30] audit: type=1400 audit(1745841524.352:430409): lsm=SMACK fn=smack_file_ioctl action=granted subject="_" object="_" requested=r pid=21636 comm="syz.0.4213" path="/dev/video3" dev="devtmpfs" ino=936
[ 1642.542475][   T30] audit: type=1400 audit(1745841524.382:430410): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="sda1" ino=2
[ 1642.697384][   T30] audit: type=1400 audit(1745841524.382:430411): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="var" dev="sda1" ino=1906
[ 1642.737831][T20854] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1642.740008][ T5174] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1642.752323][T20854] audit: audit_lost=46998 audit_rate_limit=0 audit_backlog_limit=64
[ 1642.799607][T20854] audit: backlog limit exceeded
[ 1642.802092][   T30] audit: type=1400 audit(1745841524.382:430412): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="var" dev="sda1" ino=1906
[ 1642.824548][ T5174] audit: audit_lost=46999 audit_rate_limit=0 audit_backlog_limit=64
[ 1642.883560][T21420] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1646.931967][   T30] kauditd_printk_skb: 2952 callbacks suppressed
[ 1646.931987][   T30] audit: type=1400 audit(1745841529.342:432795): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21685 comm="modprobe" name="/" dev="sda1" ino=2
[ 1647.004633][T18649] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1647.023642][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1647.030230][    C1] audit: audit_lost=47190 audit_rate_limit=0 audit_backlog_limit=64
[ 1647.033860][T21687] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1647.038201][    C1] audit: backlog limit exceeded
[ 1647.045644][T21688] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1647.050216][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1647.062708][    C1] audit: audit_lost=47191 audit_rate_limit=0 audit_backlog_limit=64
[ 1647.070711][    C1] audit: backlog limit exceeded
[ 1647.239681][T21420] veth0_vlan: entered promiscuous mode
[ 1648.087039][T21420] veth1_vlan: entered promiscuous mode
[ 1648.318675][T21695] ALSA: mixer_oss: invalid OSS volume '`d#ètü&{W¯k¬ïsÓd:»ýEB|£åÃÓ'
[ 1648.328272][T21695] ALSA: mixer_oss: invalid OSS volume 'ö3ÿ¨›w‰_}È#saÃ_ü欵À¾8MnÒ\‘šå''
[ 1648.742884][T21420] veth0_macvtap: entered promiscuous mode
[ 1648.767506][T21420] veth1_macvtap: entered promiscuous mode
[ 1648.844882][T21420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1649.369451][T21420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1649.397043][T21420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1649.443665][T21420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1649.467772][T21420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1649.492620][T21420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1649.510251][T21705] loop8: detected capacity change from 0 to 7
[ 1649.560521][T21420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1649.571246][T21420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1649.585270][T21420] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1649.680266][T21701] veth1_to_hsr: entered allmulticast mode
[ 1649.689873][T21705] Dev loop8: unable to read RDB block 7
[ 1649.695449][T21705]  loop8: AHDI p1 p3 p4
[ 1649.732462][T21705] loop8: partition table partially beyond EOD, truncated
[ 1649.746830][T21420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1649.757705][T21705] loop8: p1 start 975770946 is beyond EOD, truncated
[ 1649.763429][T21420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1649.777845][T21420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1649.798128][T21420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1649.808148][T21420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1649.809954][T21705] loop8: p3 start 6514546 is beyond EOD, 
[ 1649.818816][T21420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1649.834654][T21420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1649.845285][T21705] truncated
[ 1649.848816][T21420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1649.885380][T21420] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1649.937338][T21420] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1650.031076][T21420] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1650.063294][T21420] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1650.083548][T21420] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1651.862684][T19915] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1651.907235][T19915] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1651.982008][   T30] kauditd_printk_skb: 1406 callbacks suppressed
[ 1651.982028][   T30] audit: type=1400 audit(1745841534.402:434012): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21420 comm="syz-executor" name="phy56" dev="debugfs" ino=92324
[ 1652.069438][T21721] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1652.069464][T21722] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1652.078160][T21420] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1652.099847][T21721] audit: audit_lost=47256 audit_rate_limit=0 audit_backlog_limit=64
[ 1652.129973][   T30] audit: type=1400 audit(1745841534.402:434013): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21420 comm="syz-executor" name="netdev:wlan1" dev="debugfs" ino=92356
[ 1652.143868][T21420] audit: audit_lost=47257 audit_rate_limit=0 audit_backlog_limit=64
[ 1652.177491][T21722] audit: audit_lost=47258 audit_rate_limit=0 audit_backlog_limit=64
[ 1652.185710][T21420] audit: backlog limit exceeded
[ 1652.187280][T21723] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1652.224694][T19110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1652.396177][T19110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1653.934585][   T53] bridge_slave_1: left allmulticast mode
[ 1653.945820][   T53] bridge_slave_1: left promiscuous mode
[ 1653.956206][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1653.993041][   T53] bridge_slave_0: left allmulticast mode
[ 1653.998880][   T53] bridge_slave_0: left promiscuous mode
[ 1654.037721][   T53] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1654.518626][ T5827] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1654.536940][ T5827] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1654.548134][ T5827] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1654.567011][ T5827] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1654.577775][ T5827] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1655.747505][   T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1655.800716][   T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1655.844298][   T53] bond0 (unregistering): (slave batadv0): Releasing backup interface
[ 1655.887169][   T53] bond0 (unregistering): Released all slaves
[ 1656.591481][ T5827] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1656.603156][ T5827] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1656.611001][ T5827] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1656.631654][ T5827] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1656.669938][ T5827] Bluetooth: hci1: command tx timeout
[ 1656.677129][ T5827] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1657.078240][   T30] kauditd_printk_skb: 3173 callbacks suppressed
[ 1657.084725][   T30] audit: type=1400 audit(1745841539.392:436692): lsm=SMACK fn=smack_task_setscheduler action=granted subject="_" object="_" requested=w pid=21769 comm="syz.3.4248" opid=21769 ocomm="syz.3.4248"
[ 1657.593811][   T30] audit: type=1400 audit(1745841539.392:436693): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21769 comm="syz.3.4248" name="newroot" dev="tmpfs" ino=2
[ 1657.621010][ T5174] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1657.627569][ T5174] audit: audit_lost=47424 audit_rate_limit=0 audit_backlog_limit=64
[ 1657.651905][T16244] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1657.658567][    C1] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1657.658607][    C1] audit: audit_lost=47425 audit_rate_limit=0 audit_backlog_limit=64
[ 1657.658626][    C1] audit: backlog limit exceeded
[ 1657.665768][   T30] audit: type=1400 audit(1745841539.402:436694): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21769 comm="syz.3.4248" name="/" dev="devtmpfs" ino=1
[ 1657.665803][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1658.136247][   T53] hsr_slave_0: left promiscuous mode
[ 1658.169839][   T53] hsr_slave_1: left promiscuous mode
[ 1658.175986][   T53] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1658.231679][   T53] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1658.550452][   T53] team0 (unregistering): Port device batadv1 removed
[ 1658.760064][ T5827] Bluetooth: hci3: command tx timeout
[ 1658.762164][T11180] Bluetooth: hci1: command tx timeout
[ 1659.670038][ T6644] usb 4-1: new high-speed USB device number 92 using dummy_hcd
[ 1660.549945][ T6644] usb 4-1: config 0 has an invalid interface number: 41 but max is 0
[ 1660.561266][ T6644] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1660.592294][T11180] Bluetooth: hci5: command 0x0406 tx timeout
[ 1660.617890][ T6644] usb 4-1: config 0 has no interface number 0
[ 1660.630301][ T6644] usb 4-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[ 1660.649258][ T6644] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1660.687932][ T6644] usb 4-1: Product: syz
[ 1660.719928][ T6644] usb 4-1: Manufacturer: syz
[ 1660.724576][ T6644] usb 4-1: SerialNumber: syz
[ 1660.762346][ T6644] usb 4-1: config 0 descriptor??
[ 1660.781705][ T6644] ims_pcu 4-1:0.41: Missing CDC union descriptor
[ 1660.797595][ T6644] ims_pcu 4-1:0.41: probe with driver ims_pcu failed with error -22
[ 1660.829942][T16252] Bluetooth: hci1: command tx timeout
[ 1660.840087][T16252] Bluetooth: hci3: command tx timeout
[ 1661.005251][   T53] team0 (unregistering): Port device team_slave_1 removed
[ 1661.081689][   T53] team0 (unregistering): Port device team_slave_0 removed
[ 1661.924584][ T6644] usb 4-1: USB disconnect, device number 92
[ 1661.971145][T21744] chnl_net:caif_netlink_parms(): no params data found
[ 1662.079823][   T30] kauditd_printk_skb: 1111 callbacks suppressed
[ 1662.079842][   T30] audit: type=1400 audit(1745841544.482:437759): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=20434 comm="syz-executor" name="56" dev="tmpfs" ino=307
[ 1662.146409][T21799] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1662.159948][T21799] audit: audit_lost=47440 audit_rate_limit=0 audit_backlog_limit=64
[ 1662.162616][   T30] audit: type=1400 audit(1745841544.492:437766): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=20434 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1662.167958][T21799] audit: backlog limit exceeded
[ 1662.194103][T21799] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1662.200747][T21799] audit: audit_lost=47441 audit_rate_limit=0 audit_backlog_limit=64
[ 1662.208787][T21799] audit: backlog limit exceeded
[ 1662.213806][T21799] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1662.220390][T21799] audit: audit_lost=47442 audit_rate_limit=0 audit_backlog_limit=64
[ 1662.234979][T21802] openvswitch: netlink: Message has 24 unknown bytes.
[ 1662.241932][T21802] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1662.514985][T21744] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1662.599960][T21744] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1662.607306][T21744] bridge_slave_0: entered allmulticast mode
[ 1662.627109][T21744] bridge_slave_0: entered promiscuous mode
[ 1662.664872][T21744] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1662.690015][T21809] cgroup: subsys name conflicts with all
[ 1662.706308][T21744] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1662.746058][T21744] bridge_slave_1: entered allmulticast mode
[ 1662.794052][T21744] bridge_slave_1: entered promiscuous mode
[ 1662.910229][T16252] Bluetooth: hci3: command tx timeout
[ 1662.915683][T16252] Bluetooth: hci1: command tx timeout
[ 1663.136270][T21744] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1663.228305][T21744] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1663.908291][T21744] team0: Port device team_slave_0 added
[ 1663.949401][T21744] team0: Port device team_slave_1 added
[ 1664.166640][T21766] chnl_net:caif_netlink_parms(): no params data found
[ 1664.287542][T21744] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1664.309944][T21744] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1664.399874][T21744] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1664.578046][   T53] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1664.646724][T21744] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1664.669748][T21744] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1664.765629][T21744] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1664.981508][   T53] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1664.991911][T16252] Bluetooth: hci3: command tx timeout
[ 1665.003818][T21826] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4261'.
[ 1665.181443][T21831] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1665.389953][T16252] Bluetooth: hci5: command 0x0406 tx timeout
[ 1666.144439][T21837] tty tty35: ldisc open failed (-12), clearing slot 34
[ 1666.224753][   T53] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1666.474868][T21836] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[ 1666.515083][T21841] dns_resolver: Unsupported server list version (0)
[ 1666.677409][T21744] hsr_slave_0: entered promiscuous mode
[ 1666.704369][T21744] hsr_slave_1: entered promiscuous mode
[ 1666.726729][T21744] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1666.736277][T21744] Cannot create hsr debugfs directory
[ 1666.778152][   T53] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1666.998787][T21766] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1667.055800][T21766] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1667.064782][T21766] bridge_slave_0: entered allmulticast mode
[ 1667.718977][T20434] audit_log_start: 1456 callbacks suppressed
[ 1667.718996][T20434] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1667.778429][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1667.785014][    C1] audit: audit_lost=47491 audit_rate_limit=0 audit_backlog_limit=64
[ 1667.793041][    C1] audit: backlog limit exceeded
[ 1667.800018][T20854] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1667.806044][T21766] bridge_slave_0: entered promiscuous mode
[ 1667.806545][T20854] audit: audit_lost=47492 audit_rate_limit=0 audit_backlog_limit=64
[ 1667.818424][T21766] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1667.829986][ T5174] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1667.830059][T21766] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1667.836509][ T5174] audit: audit_lost=47493 audit_rate_limit=0 audit_backlog_limit=64
[ 1667.843890][T21766] bridge_slave_1: entered allmulticast mode
[ 1667.859863][   T30] audit: type=1400 audit(1745841549.502:439078): lsm=SMACK fn=smack_task_setscheduler action=granted subject="_" object="_" requested=w pid=21842 comm="syz.7.4264" opid=21842 ocomm="syz.7.4264"
[ 1667.861437][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1667.899944][T21766] bridge_slave_1: entered promiscuous mode
[ 1668.208456][T21766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1668.250336][T21766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1668.562552][T21766] team0: Port device team_slave_0 added
[ 1668.639149][T21766] team0: Port device team_slave_1 added
[ 1668.765681][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1668.786748][T21766] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1668.801794][T21766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1669.065295][T21766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1669.217142][T21766] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1669.234101][T21766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1669.435171][T21766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1670.791542][   T53] bridge_slave_1: left allmulticast mode
[ 1670.797257][   T53] bridge_slave_1: left promiscuous mode
[ 1670.813863][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1670.852866][   T53] bridge_slave_0: left allmulticast mode
[ 1670.858583][   T53] bridge_slave_0: left promiscuous mode
[ 1670.885723][   T53] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1672.373459][T21873] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4272'.
[ 1672.505378][   T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1672.524105][   T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1672.541559][   T53] bond0 (unregistering): Released all slaves
[ 1672.722886][   T30] kauditd_printk_skb: 1317 callbacks suppressed
[ 1672.722905][   T30] audit: type=1400 audit(1745841555.142:440186): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21744 comm="syz-executor" name="/" dev="sda1" ino=2
[ 1672.783375][   T30] audit: type=1400 audit(1745841555.142:440187): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21744 comm="syz-executor" name="/" dev="sysfs" ino=1
[ 1672.802944][   T30] audit: type=1400 audit(1745841555.142:440188): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21744 comm="syz-executor" name="bus" dev="sysfs" ino=11
[ 1672.822139][   T30] audit: type=1400 audit(1745841555.142:440189): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21744 comm="syz-executor" name="netdevsim" dev="sysfs" ino=23653
[ 1672.857761][T21766] hsr_slave_0: entered promiscuous mode
[ 1672.863924][   T30] audit: type=1400 audit(1745841555.142:440190): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=w pid=21744 comm="syz-executor" name="new_device" dev="sysfs" ino=23659
[ 1672.906443][   T30] audit: type=1400 audit(1745841555.142:440191): lsm=SMACK fn=smack_file_open action=granted subject="_" object="_" requested=r pid=21744 comm="syz-executor" path="/sys/bus/netdevsim/new_device" dev="sysfs" ino=23659
[ 1672.928439][   T30] audit: type=1400 audit(1745841555.172:440192): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="sda1" ino=2
[ 1672.950149][   T30] audit: type=1400 audit(1745841555.172:440193): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="var" dev="sda1" ino=1906
[ 1672.962742][T21766] hsr_slave_1: entered promiscuous mode
[ 1672.969480][   T30] audit: type=1400 audit(1745841555.172:440194): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="var" dev="sda1" ino=1906
[ 1673.006915][   T30] audit: type=1400 audit(1745841555.172:440195): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="sda1" ino=2
[ 1673.036294][T21766] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1673.049779][T21766] Cannot create hsr debugfs directory
[ 1675.021468][T21894] overlayfs: failed to decode file handle (len=5, type=248, flags=0, err=-22)
[ 1675.165009][   T53] hsr_slave_0: left promiscuous mode
[ 1675.211033][   T53] hsr_slave_1: left promiscuous mode
[ 1675.236000][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1675.282275][   T53] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1675.330473][   T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1675.337959][   T53] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1675.445343][   T53] veth1_macvtap: left promiscuous mode
[ 1675.485957][   T53] veth0_macvtap: left promiscuous mode
[ 1675.610024][   T53] veth1_vlan: left promiscuous mode
[ 1675.615457][   T53] veth0_vlan: left promiscuous mode
[ 1677.790648][   T30] kauditd_printk_skb: 1550 callbacks suppressed
[ 1677.790665][   T30] audit: type=1400 audit(1745841560.202:441746): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21913 comm="kworker/u8:6" name="/" dev="sda1" ino=2
[ 1677.857847][   T30] audit: type=1400 audit(1745841560.232:441747): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=21913 comm="kworker/u8:6" name="sbin" dev="sda1" ino=1208
[ 1677.915616][T20434] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1677.922674][   T30] audit: type=1400 audit(1745841560.242:441748): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="/" dev="sda1" ino=2
[ 1677.953511][T20434] audit: audit_lost=47564 audit_rate_limit=0 audit_backlog_limit=64
[ 1677.968036][T20434] audit: backlog limit exceeded
[ 1677.974993][   T30] audit: type=1400 audit(1745841560.242:441749): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5174 comm="syslogd" name="var" dev="sda1" ino=1906
[ 1677.994458][T20434] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1678.001468][T20434] audit: audit_lost=47565 audit_rate_limit=0 audit_backlog_limit=64
[ 1678.009487][T20434] audit: backlog limit exceeded
[ 1678.350137][   T31] INFO: task syz.1.3986:20467 blocked for more than 143 seconds.
[ 1678.367450][   T31]       Not tainted 6.15.0-rc4-syzkaller #0
[ 1678.374652][   T31]       Blocked by coredump.
[ 1678.379990][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1678.388855][   T31] task:syz.1.3986      state:D stack:26264 pid:20467 tgid:20465 ppid:16575  task_flags:0x400548 flags:0x00024002
[ 1678.401501][   T31] Call Trace:
[ 1678.405385][   T31]  <TASK>
[ 1678.408419][   T31]  __schedule+0x168f/0x4c70
[ 1678.413621][   T31]  ? schedule+0x165/0x360
[ 1678.418702][   T31]  ? __pfx___schedule+0x10/0x10
[ 1678.424314][   T31]  ? schedule+0x91/0x360
[ 1678.428679][   T31]  schedule+0x165/0x360
[ 1678.433534][   T31]  schedule_timeout+0x9a/0x270
[ 1678.438527][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1678.444468][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1678.450410][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1678.455727][   T31]  ? wait_for_completion+0x267/0x5d0
[ 1678.465348][   T31]  wait_for_completion+0x2bf/0x5d0
[ 1678.472632][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[ 1678.478965][   T31]  ? io_wq_put_and_exit+0x160/0x690
[ 1678.487397][   T31]  ? io_wq_put_and_exit+0x160/0x690
[ 1678.494803][   T31]  io_wq_put_and_exit+0x31b/0x690
[ 1678.502209][   T31]  ? io_wq_put_and_exit+0x160/0x690
[ 1678.510691][   T31]  io_uring_clean_tctx+0x11f/0x1a0
[ 1678.515875][   T31]  ? __pfx_io_uring_clean_tctx+0x10/0x10
[ 1678.532738][   T31]  ? io_uring_drop_tctx_refs+0x131/0x1c0
[ 1678.543272][   T31]  io_uring_cancel_generic+0x68f/0x730
[ 1678.548813][   T31]  ? __pfx_io_uring_cancel_generic+0x10/0x10
[ 1678.574135][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1678.587983][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1678.597733][   T31]  ? io_uring_unreg_ringfd+0x52f/0x540
[ 1678.607987][   T31]  do_exit+0x56a/0x2550
[ 1678.616415][   T31]  ? do_raw_spin_lock+0x121/0x290
[ 1678.621531][   T31]  ? __pfx_do_exit+0x10/0x10
[ 1678.626161][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1678.631661][   T31]  do_group_exit+0x21c/0x2d0
[ 1678.636300][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1678.641598][   T31]  get_signal+0x125e/0x1310
[ 1678.646160][   T31]  arch_do_signal_or_restart+0x95/0x780
[ 1678.651848][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1678.658062][   T31]  ? local_irq_enable_exit_to_user+0x5/0x10
[ 1678.666477][   T31]  syscall_exit_to_user_mode+0x8b/0x120
[ 1678.675603][   T31]  do_syscall_64+0x103/0x210
[ 1678.680916][   T31]  ? clear_bhb_loop+0x45/0xa0
[ 1678.685721][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1678.695619][   T31] RIP: 0033:0x7f0caa18e969
[ 1678.700896][   T31] RSP: 002b:00007f0caafc8038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1678.713483][   T31] RAX: 0000000000010106 RBX: 00007f0caa3b6080 RCX: 00007f0caa18e969
[ 1678.748233][   T31] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000007
[ 1678.756544][   T31] RBP: 00007f0caa210ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1678.764818][   T31] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 1678.775443][   T31] R13: 0000000000000000 R14: 00007f0caa3b6080 R15: 00007ffeaebb94f8
[ 1678.783645][   T31]  </TASK>
[ 1678.791309][   T31] 
[ 1678.791309][   T31] Showing all locks held in the system:
[ 1678.811718][   T31] 1 lock held by khungtaskd/31:
[ 1678.816739][   T31]  #0: ffffffff8df3b860 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1678.827989][   T31] 5 locks held by kworker/u8:3/53:
[ 1678.833502][   T31]  #0: ffff88801aef3948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b1/0x17a0
[ 1678.845641][   T31]  #1: ffffc90000be7c60 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ec/0x17a0
[ 1678.857646][   T31]  #2: ffffffff8f2d49d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0x145/0xbd0
[ 1678.867397][   T31]  #3: ffffffff8f2e1508 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0xdc/0x890
[ 1678.885248][   T31]  #4: ffffffff8df41338 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f4/0x730
[ 1678.897895][   T31] 2 locks held by getty/5579:
[ 1678.904522][   T31]  #0: ffff8880351e20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1678.914650][   T31]  #1: ffffc90002ffe2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 1678.925115][   T31] 1 lock held by syz-executor/5811:
[ 1678.930531][   T31]  #0: ffff8880b88399d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xad/0x140
[ 1678.941845][   T31] 3 locks held by kworker/u8:14/10136:
[ 1678.948534][   T31]  #0: ffff88801a089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b1/0x17a0
[ 1678.960732][   T31]  #1: ffffc900046efc60 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ec/0x17a0
[ 1678.974820][   T31]  #2: ffffffff8f2e1508 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[ 1678.984018][   T31] 1 lock held by iou-wrk-20467/20468:
[ 1678.998633][   T31]  #0: ffff8880775200a8 (&ctx->uring_lock){+.+.}-{4:4}, at: io_provide_buffers+0x7a1/0xa70
[ 1679.011370][   T31] 1 lock held by iou-wrk-20467/20469:
[ 1679.027836][   T31]  #0: ffff8880775200a8 (&ctx->uring_lock){+.+.}-{4:4}, at: io_provide_buffers+0x7a1/0xa70
[ 1679.039389][   T31] 1 lock held by iou-wrk-20467/20470:
[ 1679.048394][   T31]  #0: ffff8880775200a8 (&ctx->uring_lock){+.+.}-{4:4}, at: io_provide_buffers+0x7a1/0xa70
[ 1679.058691][   T31] 1 lock held by iou-wrk-20467/20471:
[ 1679.064381][   T31]  #0: ffff8880775200a8 (&ctx->uring_lock){+.+.}-{4:4}, at: io_provide_buffers+0x7a1/0xa70
[ 1679.076241][   T31] 1 lock held by iou-wrk-20467/20472:
[ 1679.081847][   T31]  #0: ffff8880775200a8 (&ctx->uring_lock){+.+.}-{4:4}, at: io_provide_buffers+0x7a1/0xa70
[ 1679.095799][   T31] 1 lock held by iou-wrk-20467/20473:
[ 1679.102123][   T31]  #0: ffff8880775200a8 (&ctx->uring_lock){+.+.}-{4:4}, at: io_provide_buffers+0x7a1/0xa70
[ 1679.112670][   T31] 1 lock held by iou-wrk-20467/20474:
[ 1679.118156][   T31] 1 lock held by iou-wrk-20467/20475:
[ 1679.124952][   T31]  #0: ffff8880775200a8 (&ctx->uring_lock){+.+.}-{4:4}, at: io_provide_buffers+0x7a1/0xa70
[ 1679.136223][   T31] 7 locks held by syz-executor/21744:
[ 1679.145657][   T31]  #0: ffff888035250420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x211/0xa90
[ 1679.155737][   T31]  #1: ffff88814d0a6888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e0/0x4f0
[ 1679.168912][   T31]  #2: ffff8881453770f8 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x203/0x4f0
[ 1679.183740][   T31]  #3: ffffffff8eb820e8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: new_device_store+0x12c/0x6f0
[ 1679.194486][   T31]  #4: ffff888028a630e8 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x400
[ 1679.208266][   T31]  #5: ffff888028a61250 (&devlink->lock_key#26){+.+.}-{4:4}, at: nsim_drv_probe+0xc1/0xb70
[ 1679.221657][   T31]  #6: ffffffff8f2e1508 (rtnl_mutex){+.+.}-{4:4}, at: nsim_create+0x7df/0xef0
[ 1679.236338][   T31] 4 locks held by syz-executor/21766:
[ 1679.242238][   T31]  #0: ffff888035250420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x211/0xa90
[ 1679.251853][   T31]  #1: ffff888146776488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e0/0x4f0
[ 1679.262115][   T31]  #2: ffff8881453771e8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x203/0x4f0
[ 1679.273470][   T31]  #3: ffffffff8eb820e8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x360
[ 1679.286098][   T31] 1 lock held by syz.3.4278/21897:
[ 1679.291725][   T31]  #0: ffffffff8f2e1508 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x71c/0xb70
[ 1679.302523][   T31] 1 lock held by syz.7.4280/21905:
[ 1679.307889][   T31]  #0: ffffffff8f2e1508 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x71c/0xb70
[ 1679.327095][   T31] 1 lock held by syz.0.4283/21914:
[ 1679.334854][   T31]  #0: ffffffff8df41338 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b7/0x730
[ 1679.362779][   T31] 
[ 1679.476461][   T31] =============================================
[ 1679.476461][   T31] 
[ 1679.509835][   T31] NMI backtrace for cpu 0
[ 1679.509855][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1679.509876][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1679.509886][   T31] Call Trace:
[ 1679.509894][   T31]  <TASK>
[ 1679.509903][   T31]  dump_stack_lvl+0x189/0x250
[ 1679.509929][   T31]  ? __wake_up_klogd+0xd9/0x110
[ 1679.509949][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1679.509971][   T31]  ? __pfx__printk+0x10/0x10
[ 1679.510007][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 1679.510041][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1679.510060][   T31]  ? _printk+0xcf/0x120
[ 1679.510088][   T31]  ? __pfx__printk+0x10/0x10
[ 1679.510114][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1679.510142][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1679.510172][   T31]  watchdog+0xfee/0x1030
[ 1679.510193][   T31]  ? watchdog+0x1de/0x1030
[ 1679.510219][   T31]  kthread+0x70e/0x8a0
[ 1679.510240][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1679.510257][   T31]  ? __pfx_kthread+0x10/0x10
[ 1679.510276][   T31]  ? __pfx_kthread+0x10/0x10
[ 1679.510292][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1679.510316][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1679.510342][   T31]  ? __pfx_kthread+0x10/0x10
[ 1679.510358][   T31]  ret_from_fork+0x4b/0x80
[ 1679.510388][   T31]  ? __pfx_kthread+0x10/0x10
[ 1679.510406][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1679.510443][   T31]  </TASK>
[ 1679.510481][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 1679.656709][    C1] NMI backtrace for cpu 1
[ 1679.656727][    C1] CPU: 1 UID: 0 PID: 5811 Comm: syz-executor Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1679.656748][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1679.656759][    C1] RIP: 0010:lockdep_hardirqs_on+0x64/0x150
[ 1679.656791][    C1] Code: 75 51 65 8b 05 1d 84 23 07 85 c0 75 7b 65 8b 05 ca 80 23 07 85 c0 75 70 83 3d 67 6e 2e 0e 00 75 32 48 c7 04 24 00 00 00 00 9c <8f> 04 24 f7 04 24 00 02 00 00 75 6e 83 3d 49 6e 2e 0e 00 75 14 48
[ 1679.656814][    C1] RSP: 0018:ffffc90003f7f890 EFLAGS: 00000046
[ 1679.656830][    C1] RAX: 0000000000000000 RBX: ffff88802f9b8000 RCX: ae9fcbcb0373df00
[ 1679.656842][    C1] RDX: 0000000000000006 RSI: ffffffff8d91f7da RDI: ffffffff8185b63d
[ 1679.656855][    C1] RBP: ffffc90003f7f950 R08: ffffffff8f7d9f77 R09: 1ffffffff1efb3ee
[ 1679.656868][    C1] R10: dffffc0000000000 R11: fffffbfff1efb3ef R12: ffffffff89c5f15a
[ 1679.656881][    C1] R13: ffff888023fda640 R14: dffffc0000000000 R15: 1ffff920007eff18
[ 1679.656895][    C1] FS:  0000555556f32500(0000) GS:ffff888126202000(0000) knlGS:0000000000000000
[ 1679.656910][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1679.656921][    C1] CR2: 0000555556d265c8 CR3: 00000000333e4000 CR4: 00000000003526f0
[ 1679.656937][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1679.656947][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1679.656958][    C1] Call Trace:
[ 1679.656966][    C1]  <TASK>
[ 1679.656976][    C1]  __local_bh_enable_ip+0x12d/0x1c0
[ 1679.657004][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1679.657033][    C1]  ? tcp_recvmsg+0x1fa/0x810
[ 1679.657057][    C1]  tcp_recvmsg+0x1fa/0x810
[ 1679.657082][    C1]  ? __pfx_tcp_recvmsg+0x10/0x10
[ 1679.657103][    C1]  ? __schedule+0x16ad/0x4c70
[ 1679.657134][    C1]  ? sock_rps_record_flow+0x19/0x400
[ 1679.657156][    C1]  inet_recvmsg+0x147/0x250
[ 1679.657175][    C1]  ? schedule+0x165/0x360
[ 1679.657200][    C1]  ? __pfx_inet_recvmsg+0x10/0x10
[ 1679.657220][    C1]  ? __lock_acquire+0xaac/0xd20
[ 1679.657241][    C1]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[ 1679.657259][    C1]  ? security_socket_recvmsg+0x7e/0x2e0
[ 1679.657287][    C1]  sock_recvmsg+0x1a8/0x270
[ 1679.657313][    C1]  sock_read_iter+0x231/0x2f0
[ 1679.657336][    C1]  ? __pfx_sock_read_iter+0x10/0x10
[ 1679.657355][    C1]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1679.657387][    C1]  ? bpf_lsm_file_permission+0x9/0x20
[ 1679.657407][    C1]  ? security_file_permission+0x75/0x290
[ 1679.657429][    C1]  vfs_read+0x4cd/0x980
[ 1679.657456][    C1]  ? __pfx_vfs_read+0x10/0x10
[ 1679.657483][    C1]  ? __rseq_handle_notify_resume+0x37e/0x11f0
[ 1679.657507][    C1]  ksys_read+0x145/0x250
[ 1679.657530][    C1]  ? __pfx_ksys_read+0x10/0x10
[ 1679.657554][    C1]  ? do_syscall_64+0xba/0x210
[ 1679.657574][    C1]  do_syscall_64+0xf6/0x210
[ 1679.657591][    C1]  ? clear_bhb_loop+0x45/0xa0
[ 1679.657612][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1679.657629][    C1] RIP: 0033:0x7ff8ea98d33d
[ 1679.657644][    C1] Code: a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb b5 e8 a8 48 00 00 0f 1f 84 00 00 00 00 00 80 3d 01 72 1f 00 00 74 17 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 5b c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec
[ 1679.657659][    C1] RSP: 002b:00007fff3af8d5e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1679.657676][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff8ea98d33d
[ 1679.657688][    C1] RDX: 0000000000000004 RSI: 00007fff3af8d5fc RDI: 0000000000000003
[ 1679.657699][    C1] RBP: 0000000000000000 R08: 0000000015ca7136 R09: 7fffffffffffffff
[ 1679.657711][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff3af8da10
[ 1679.657722][    C1] R13: 0000000000000004 R14: 00007fff3af8d5fc R15: 00007fff3af8d690
[ 1679.657743][    C1]  </TASK>
[ 1679.658985][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1680.022187][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[ 1680.032256][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 1680.042316][   T31] Call Trace:
[ 1680.045601][   T31]  <TASK>
[ 1680.048537][   T31]  dump_stack_lvl+0x99/0x250
[ 1680.053144][   T31]  ? __asan_memcpy+0x40/0x70
[ 1680.057741][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1680.062952][   T31]  ? __pfx__printk+0x10/0x10
[ 1680.067567][   T31]  panic+0x2db/0x790
[ 1680.071483][   T31]  ? __pfx_panic+0x10/0x10
[ 1680.075931][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[ 1680.081777][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1680.087168][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[ 1680.093349][   T31]  watchdog+0x102d/0x1030
[ 1680.097703][   T31]  ? watchdog+0x1de/0x1030
[ 1680.102156][   T31]  kthread+0x70e/0x8a0
[ 1680.106237][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1680.110927][   T31]  ? __pfx_kthread+0x10/0x10
[ 1680.115529][   T31]  ? __pfx_kthread+0x10/0x10
[ 1680.120215][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1680.125432][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1680.130675][   T31]  ? __pfx_kthread+0x10/0x10
[ 1680.135283][   T31]  ret_from_fork+0x4b/0x80
[ 1680.139718][   T31]  ? __pfx_kthread+0x10/0x10
[ 1680.144327][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1680.149121][   T31]  </TASK>
[ 1680.152438][   T31] Kernel Offset: disabled
[ 1680.156763][   T31] Rebooting in 86400 seconds..