last executing test programs:

3m6.60740681s ago: executing program 32 (id=15):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1d00000001000080782600003b02000080000000", @ANYRES32, @ANYBLOB="000000000002000000009f000000000000", @ANYRES32, @ANYBLOB="00000000050000000200"/25], 0x50)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYRESOCT=r4], 0x1c}}, 0x0)
ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, &(0x7f0000000400)=@req={0x28, &(0x7f0000000680)={'gre0\x00', @ifru_settings={0x0, 0x1, @fr_pvc_info=&(0x7f00000003c0)={0xcee8, 'syz_tun\x00'}}}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000480)='fsi_master_break\x00', r5, 0x0, 0x800004}, 0x38)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
fgetxattr(r1, &(0x7f0000000280)=@known='user.syz\x00', &(0x7f00000002c0)=""/13, 0xd)
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = syz_open_procfs(r6, &(0x7f00000006c0)='limits\x00')
preadv(r9, &(0x7f0000000300)=[{&(0x7f0000000000)=""/22, 0x16}, {0x0}], 0x2, 0x6c, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_WOWLAN(r4, &(0x7f0000010800)={0x0, 0x0, &(0x7f00000107c0)={&(0x7f0000007ec0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYRES32=r10, @ANYBLOB], 0x28}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xf, 0x4, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000000000000000000000006112010000000000950000000000000026eedb51d8b54ee35203ff2430bee0a3890a782f3842fff09d10d0f69298e699983c55381aa463f8cfcf63522ca6a7d52b9bfc82e74a69689d"], &(0x7f00000005c0)='syzkaller\x00', 0x58a, 0xffffffffffffff0d, 0x0, 0x40f00, 0xc, '\x00', 0x0, @cgroup_device, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)

2m26.747128896s ago: executing program 33 (id=102):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000080), 0x6)
ioctl$sock_bt_hci(r1, 0x400448e7, &(0x7f0000000000))
syz_usb_connect(0x0, 0x81, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000a7420040ab0501030001010203010902240001000000000904000002aad45c0009058e02000000000009050a06"], 0x0)

1m42.489745235s ago: executing program 34 (id=213):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = dup(r0)
getdents64(r1, &(0x7f0000002f40)=""/4098, 0x1002)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x294800)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f0000000040)={{0xff, 0x80}, 0x1, 0x1, 0x80000001, {0x7, 0xb4}, 0x4, 0x8})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), r4)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002600)={&(0x7f00000020c0)={0x44, r5, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0x18, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x14, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x4}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x820}, 0x4000)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001900)=@newtaction={0xeb8, 0x30, 0xb, 0x0, 0x0, {}, [{0xea4, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe58, 0x2, 0x0, 0x0, {{0xa}, {0xe2c, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x1, 0xf9}, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xffffffff}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1}, {}, {}, {0x0, 0x0, 0xff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7}]}}, @TCA_PEDIT_KEYS_EX={0x8, 0x5, 0x0, 0x1, [{0x4}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xeb8}}, 0x0)

1m37.12608976s ago: executing program 5 (id=233):
r0 = memfd_secret(0x0)
fsync(r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0xe, 0x0, &(0x7f00000017c0))
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
syz_open_dev$sndctrl(&(0x7f0000001440), 0x296, 0x300)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0), r7)
sendmsg$NLBL_MGMT_C_LISTDEF(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r8, 0xb23fc06c409ab55d}, 0x14}}, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r10 = dup(r9)
ioctl$TIOCL_SETVESABLANK(r10, 0x560e, &(0x7f0000000140))
r11 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r11, 0x541c, &(0x7f0000000000))
r12 = syz_open_dev$vim2m(&(0x7f0000000240), 0x6c, 0x2)
ppoll(&(0x7f0000000100)=[{r0, 0x180}, {r10, 0x3020}], 0x2, 0x0, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_CTRL(r12, 0xc008561c, &(0x7f0000000040)={0xf0f046})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

1m36.061352625s ago: executing program 5 (id=235):
r0 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x9)
setresuid(0x0, r3, 0x0)
sendmmsg$unix(r1, &(0x7f0000004d80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001940)=[@cred={{0x1c, 0x1, 0x2, {r0, r3}}}], 0x20, 0x1}}], 0x1, 0x0)

1m35.644627187s ago: executing program 5 (id=237):
r0 = socket$inet6(0xa, 0x3, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000180)=0x7f, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r2 = userfaultfd(0x80000)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000340)={0xaa, 0x304})
socket$isdn(0x22, 0x2, 0x1)
r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x40, 0x0, 0xfffffffd})
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo\x00')
fchdir(r4)
llistxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$kcm(r3, &(0x7f00000025c0)={0x0, 0x0, 0x0}, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r5, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x100, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, &(0x7f0000000100)={0x1, "000000000000003713714a64bdeb9000", <r7=>0xffffffffffffffff})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, &(0x7f0000000000)={0x5, "fa02c80a3a1e9d4b9aaf000000008d674fe69b5b7638dd031dd7504fe5809639", <r8=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r8, 0xc0303e03, &(0x7f0000000080)={"390008000000000000070000e4f5b53e0ca34dd02acecdc67c5e312462816800", r7})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)

1m34.393842278s ago: executing program 5 (id=240):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r1, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus\x00')
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x6, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r2, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r3, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)

1m28.674769697s ago: executing program 3 (id=270):
setsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x24, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000002340)={'xfrm0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
r2 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
keyctl$restrict_keyring(0x1d, 0x0, &(0x7f00000001c0)='user\x00', 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x5, 0x0, 0x0})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$802154_dgram(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000010000110000100000475000000000000", @ANYRES32=r1, @ANYBLOB="da"], 0x20}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000010000104005540000000000000480000", @ANYRES32=r1, @ANYBLOB='\v'], 0x20}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff}]})
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x1c0)
r6 = landlock_create_ruleset(&(0x7f0000000240)={0x20}, 0x10, 0x0)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file0\x00', 0x200000, 0x0)
landlock_restrict_self(r6, 0x0)
linkat(r7, &(0x7f0000000000)='./file0/file0/file0\x00', r7, 0x0, 0x1000)
r8 = inotify_init1(0x0)
inotify_add_watch(r8, &(0x7f0000000200)='.\x00', 0x80000c12)
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x140, 0x0)

1m28.381757253s ago: executing program 5 (id=272):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x5, &(0x7f0000000bc0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000850000007d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r1, 0x0, 0xfffffffffffffe83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdb6, 0x0, 0x0}, 0x12)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x14, 0x1, 0x4, 0x201}, 0x14}}, 0x0)

1m28.105790948s ago: executing program 5 (id=274):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000000)='wg2\x00', 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
r4 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000000)=0x10)
copy_file_range(r3, 0x0, r2, 0x0, 0x0, 0x10000000000000)
listen(r0, 0x0)
r5 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0xaf01, 0x0)
r7 = eventfd(0x0)
io_setup(0x7, &(0x7f0000000780)=<r8=>0x0)
io_submit(r8, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x0, r7, 0x0}])
ioctl$LOOP_SET_FD(r3, 0x4c00, r0)
write$binfmt_register(0xffffffffffffffff, &(0x7f0000000480)={0x3a, 'syz0', 0x3a, 'M', 0x3a, 0x7, 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, '', 0x3a, './file0'}, 0x12f)
ioctl$VHOST_SET_VRING_KICK(r6, 0x4008af20, &(0x7f00000005c0)={0x0, r7})
read$eventfd(r7, &(0x7f00000001c0), 0x8)
write$binfmt_misc(r7, &(0x7f0000000480), 0x8)
r9 = fsmount(r5, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x4, &(0x7f00000000c0)='sysfs\x00', &(0x7f0000000100)='sysfs\x00', 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000a00)=ANY=[@ANYRES32=r9, @ANYRES32=r0, @ANYRESDEC, @ANYBLOB="500200009078000006e939ca4405cd713c36e40899104316505ca209ed994c3a399e0d74fcb751e4b945ce88347acc966b0d52c411cbb7dc29342e7d0a205033ad8448f43ee06274338ab16e59e42e50e6ee86c59bf246c0ab2b75490b7317c8e7505d0328da561e4e1d736211e99808675ef12557e7c16236896bf516d0a867987a5669807fc5d6629ba3e363ac913c8fc4cc104f4637793777b540e4f2f3aca45a12c5423b7298daf8657cb39f0f105aa8f4fb5260f7df8751b7395bba88039dbf67f9f4613f3e9b795df3b2d6a47b722f49beecabdbc9a2f5efaba926999b153a5e4b77a61519c1188b4966e0b52e3dc1e1cfbba409070600109178c9379f6d2b53a84b22a1665c8c8dd322000062cf0d60fb6faba309887e6d41339950a6890ad2174cd0c1a9dfd11972c7b922ee7b0218ed0133c12a8e3054ed826f4a102dca2b7d3195013f21264beb4e9417241ad4aea59bf8ca853b492f3a1ae3ad22b9153874e35bf7bcc51be35ae2fc2e4c58dde529fc0ca8d8bb269f79b2381bfc5163dd52a5821422a7c83d8cd58f39a37906d42ff4fc31e7730f632e15"], 0x0)
write$tun(r1, &(0x7f00000007c0)={@val={0x0, 0x10}, @void, @ipv4=@igmp={{0x1d, 0x4, 0x3, 0x29, 0x16f, 0x65, 0x0, 0x4, 0x2, 0x0, @remote, @empty, {[@ssrr={0x89, 0xf, 0x44, [@broadcast, @rand_addr=0x64010101, @remote]}, @timestamp={0x44, 0x8, 0x80, 0x0, 0x5, [0xfff]}, @rr={0x7, 0x1f, 0x82, [@multicast2, @empty, @dev={0xac, 0x14, 0x14, 0x15}, @multicast1, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty]}, @lsrr={0x83, 0xb, 0x4f, [@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast]}, @ssrr={0x89, 0xf, 0x7e, [@local, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1]}, @ssrr={0x89, 0xf, 0xcd, [@multicast1, @multicast1, @rand_addr=0x64010102]}]}}, {0x14, 0xb4, 0x0, @rand_addr=0x64010101, "c598c20280a3449d270e3d89328b64ae18766f1a1465eb46f5667f516d9e976ef8d673c80f38d536380cb88732c4e5e13413b18e3edad0d98a126bb8ccb1a5278435aca2ec497b21242a1465caf2127741f9c93d374dd03604cd919f03be2f2930de3bce2bbe5173584626974cee681f1e55e3e6e9ca3d73039bb4f045fd358bb4ab2119c62669c74318db15c7f75ce24e2502e6374aa3d32370147fae753ebc268402be4dcf16183f6867a864b332ed95bba8dfa560c32b2567cf230fdaa82d4b7b4709a87658ff08cf8235d3e66af54c8579dc0827eafbcf0c2b7d538e6d2f56a05abcd2436587fc5aded62f7148dbcd213f"}}}, 0x173)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r10, 0x4b72, &(0x7f0000000040)={0x0, 0xfb, 0x8, 0xf, 0x3b, &(0x7f0000000100)="91df894eb9479dbf8f4bc04b9c4670fdac82bc40d8150a95d829e478bda8eb649bf2304d90bdf54f2c7b3ec8587f41de49770d3495d1538011730de826b9d5e501137fc25ec0d470ad5e48ce9ff99ce56a3c6679ce83d194fa8b634ab738a0032cf572a85c9b8b1095213e7723a94d21aa7d7cdd91ef1ef9642377c28e44cc15f94e4eb66c8155d614f63fdde4b1e4a53dc8e175c0e79eea8c044d5bfd57fb0872dc42eefabf78125935500e44b4d6f23899dde7832dbce8728a1718ba9386e21647dfc7b55353b3b7ca1ec10d223ef8aab6f6713c147adcbed30303c8a86b6e4aa096fd5011406a205a3f54c8c4d6c9c6e1e963b1279c4b31fd5db089a0aec337995dd772578c074d07cae179f337a9db13a9d8a1cf3aa7849d51b22b0fe9240964ef9ce9faad08d4de6fd398a4e13384a5baab2a8815305388353f5f77d1efd922c4d51a0b29450d6cf9709a53f3d52162489865db56090043eea757aea7f0ae49dbf9969daac7cb3749969e61758c0a96278024e80d77a56c5501632cc7d648a7fe7c9e299e1fb776d78f30a734e7d071608eefd2cabcb4f007a479464a0ce8fb893555a957cf0838d64f689c5ec6211d59a67f33f97839174364ae5f9cb970f4b6c504a6e33c6a06d84d1966b161fc1c9b35ed9ec2f7989f75bd9e4b9594d87dd67eaeb17f71156764d2468f4e563421360e0a6dded050a4a7c8ca1f75c096015d998e6be805a1f8a5ebddfa50f228261d1b0d0a41576e857d414fb334eeb221c7966cceba6e94a02f4df97f12e0a67c5ed266fa4cff67e2ae2de7f29fb4d0abb002df029be591c38e8aedc7ac53736a8ab40fa13383f1b0b0063f8ac5107f3be4b83d1a3739f3e334ad80a40a114e55db944df1aab093c55efd48068d35fb4f34537971e3df2bcdf68b86c4d3c966f4c6ca66413311ecf23a89035cb71cfc1722a2e598f891aa74cccc001d29e254b12cdd9f1ba240232ee6ea9434b1571470d4c627d5090e6f79f528159305d981526a77ada3916f41b861d6a5146e243d3e0a95f466b11b2de8adba71753dcd2db5655aab6a99f2fc2c801e66cc72649d14e8eb615d20959a6f66b5ea081720768d7299ad084794d9a5fc6d9449699b93be246d2c4d7562b2adda4605267dfbcf9b8578bd091aeb6cf250b8eea742497a0454d02af202990731c327201f9b7ac77a8452d11aaa1f83e375ba99d7ecb6b8630773afbcaa0761608348ab20bd4ab63ae70f40534a8bc2282393255194e433134bf69f7737b81c8c35f9513cdbae9744e8992fcfb7e5221a754d3a2db5811342ee5d671108fe493588d9ea78e8c2b32497468bf30f9efd007530f9c8f37289522ecb073d3a59b6fabd1692c81c82c90928713a00"})
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x41, 0x0)

1m27.885115946s ago: executing program 35 (id=274):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000000)='wg2\x00', 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
r4 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000000)=0x10)
copy_file_range(r3, 0x0, r2, 0x0, 0x0, 0x10000000000000)
listen(r0, 0x0)
r5 = fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0xaf01, 0x0)
r7 = eventfd(0x0)
io_setup(0x7, &(0x7f0000000780)=<r8=>0x0)
io_submit(r8, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x0, r7, 0x0}])
ioctl$LOOP_SET_FD(r3, 0x4c00, r0)
write$binfmt_register(0xffffffffffffffff, &(0x7f0000000480)={0x3a, 'syz0', 0x3a, 'M', 0x3a, 0x7, 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, '', 0x3a, './file0'}, 0x12f)
ioctl$VHOST_SET_VRING_KICK(r6, 0x4008af20, &(0x7f00000005c0)={0x0, r7})
read$eventfd(r7, &(0x7f00000001c0), 0x8)
write$binfmt_misc(r7, &(0x7f0000000480), 0x8)
r9 = fsmount(r5, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x4, &(0x7f00000000c0)='sysfs\x00', &(0x7f0000000100)='sysfs\x00', 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000a00)=ANY=[@ANYRES32=r9, @ANYRES32=r0, @ANYRESDEC, @ANYBLOB="500200009078000006e939ca4405cd713c36e40899104316505ca209ed994c3a399e0d74fcb751e4b945ce88347acc966b0d52c411cbb7dc29342e7d0a205033ad8448f43ee06274338ab16e59e42e50e6ee86c59bf246c0ab2b75490b7317c8e7505d0328da561e4e1d736211e99808675ef12557e7c16236896bf516d0a867987a5669807fc5d6629ba3e363ac913c8fc4cc104f4637793777b540e4f2f3aca45a12c5423b7298daf8657cb39f0f105aa8f4fb5260f7df8751b7395bba88039dbf67f9f4613f3e9b795df3b2d6a47b722f49beecabdbc9a2f5efaba926999b153a5e4b77a61519c1188b4966e0b52e3dc1e1cfbba409070600109178c9379f6d2b53a84b22a1665c8c8dd322000062cf0d60fb6faba309887e6d41339950a6890ad2174cd0c1a9dfd11972c7b922ee7b0218ed0133c12a8e3054ed826f4a102dca2b7d3195013f21264beb4e9417241ad4aea59bf8ca853b492f3a1ae3ad22b9153874e35bf7bcc51be35ae2fc2e4c58dde529fc0ca8d8bb269f79b2381bfc5163dd52a5821422a7c83d8cd58f39a37906d42ff4fc31e7730f632e15"], 0x0)
write$tun(r1, &(0x7f00000007c0)={@val={0x0, 0x10}, @void, @ipv4=@igmp={{0x1d, 0x4, 0x3, 0x29, 0x16f, 0x65, 0x0, 0x4, 0x2, 0x0, @remote, @empty, {[@ssrr={0x89, 0xf, 0x44, [@broadcast, @rand_addr=0x64010101, @remote]}, @timestamp={0x44, 0x8, 0x80, 0x0, 0x5, [0xfff]}, @rr={0x7, 0x1f, 0x82, [@multicast2, @empty, @dev={0xac, 0x14, 0x14, 0x15}, @multicast1, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty]}, @lsrr={0x83, 0xb, 0x4f, [@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast]}, @ssrr={0x89, 0xf, 0x7e, [@local, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1]}, @ssrr={0x89, 0xf, 0xcd, [@multicast1, @multicast1, @rand_addr=0x64010102]}]}}, {0x14, 0xb4, 0x0, @rand_addr=0x64010101, "c598c20280a3449d270e3d89328b64ae18766f1a1465eb46f5667f516d9e976ef8d673c80f38d536380cb88732c4e5e13413b18e3edad0d98a126bb8ccb1a5278435aca2ec497b21242a1465caf2127741f9c93d374dd03604cd919f03be2f2930de3bce2bbe5173584626974cee681f1e55e3e6e9ca3d73039bb4f045fd358bb4ab2119c62669c74318db15c7f75ce24e2502e6374aa3d32370147fae753ebc268402be4dcf16183f6867a864b332ed95bba8dfa560c32b2567cf230fdaa82d4b7b4709a87658ff08cf8235d3e66af54c8579dc0827eafbcf0c2b7d538e6d2f56a05abcd2436587fc5aded62f7148dbcd213f"}}}, 0x173)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r10, 0x4b72, &(0x7f0000000040)={0x0, 0xfb, 0x8, 0xf, 0x3b, &(0x7f0000000100)="91df894eb9479dbf8f4bc04b9c4670fdac82bc40d8150a95d829e478bda8eb649bf2304d90bdf54f2c7b3ec8587f41de49770d3495d1538011730de826b9d5e501137fc25ec0d470ad5e48ce9ff99ce56a3c6679ce83d194fa8b634ab738a0032cf572a85c9b8b1095213e7723a94d21aa7d7cdd91ef1ef9642377c28e44cc15f94e4eb66c8155d614f63fdde4b1e4a53dc8e175c0e79eea8c044d5bfd57fb0872dc42eefabf78125935500e44b4d6f23899dde7832dbce8728a1718ba9386e21647dfc7b55353b3b7ca1ec10d223ef8aab6f6713c147adcbed30303c8a86b6e4aa096fd5011406a205a3f54c8c4d6c9c6e1e963b1279c4b31fd5db089a0aec337995dd772578c074d07cae179f337a9db13a9d8a1cf3aa7849d51b22b0fe9240964ef9ce9faad08d4de6fd398a4e13384a5baab2a8815305388353f5f77d1efd922c4d51a0b29450d6cf9709a53f3d52162489865db56090043eea757aea7f0ae49dbf9969daac7cb3749969e61758c0a96278024e80d77a56c5501632cc7d648a7fe7c9e299e1fb776d78f30a734e7d071608eefd2cabcb4f007a479464a0ce8fb893555a957cf0838d64f689c5ec6211d59a67f33f97839174364ae5f9cb970f4b6c504a6e33c6a06d84d1966b161fc1c9b35ed9ec2f7989f75bd9e4b9594d87dd67eaeb17f71156764d2468f4e563421360e0a6dded050a4a7c8ca1f75c096015d998e6be805a1f8a5ebddfa50f228261d1b0d0a41576e857d414fb334eeb221c7966cceba6e94a02f4df97f12e0a67c5ed266fa4cff67e2ae2de7f29fb4d0abb002df029be591c38e8aedc7ac53736a8ab40fa13383f1b0b0063f8ac5107f3be4b83d1a3739f3e334ad80a40a114e55db944df1aab093c55efd48068d35fb4f34537971e3df2bcdf68b86c4d3c966f4c6ca66413311ecf23a89035cb71cfc1722a2e598f891aa74cccc001d29e254b12cdd9f1ba240232ee6ea9434b1571470d4c627d5090e6f79f528159305d981526a77ada3916f41b861d6a5146e243d3e0a95f466b11b2de8adba71753dcd2db5655aab6a99f2fc2c801e66cc72649d14e8eb615d20959a6f66b5ea081720768d7299ad084794d9a5fc6d9449699b93be246d2c4d7562b2adda4605267dfbcf9b8578bd091aeb6cf250b8eea742497a0454d02af202990731c327201f9b7ac77a8452d11aaa1f83e375ba99d7ecb6b8630773afbcaa0761608348ab20bd4ab63ae70f40534a8bc2282393255194e433134bf69f7737b81c8c35f9513cdbae9744e8992fcfb7e5221a754d3a2db5811342ee5d671108fe493588d9ea78e8c2b32497468bf30f9efd007530f9c8f37289522ecb073d3a59b6fabd1692c81c82c90928713a00"})
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x41, 0x0)

1m27.036902319s ago: executing program 0 (id=278):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000001340)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000240), 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000001240), 0x10000, 0x0)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000001280)=@req={0x33cf, 0x5, 0x0, 0x4}, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$can_bcm(0x1d, 0x2, 0x2)
r4 = socket$inet(0x2, 0x3, 0x9)
sendmmsg$inet(r4, &(0x7f0000000c80)=[{{&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}}, {{&(0x7f00000001c0)={0x2, 0x0, @private}, 0x10, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1c000000000000000000000007000000860c"], 0x20}}], 0x2, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001000000000904000009030000000921000000012222000905810308"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000001300)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x5, "2313"}, @global=@item_4={0x3, 0x1, 0x1, "4353cb81"}, @global=@item_4, @local=@item_012={0x2, 0x2, 0x0, "9000"}, @main=@item_012={0x2, 0x0, 0x9, "803c"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x2, "5d8c3dda"}]}}, 0x0}, 0x0)
r6 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
read$hidraw(r6, 0x0, 0x11)
syz_usb_ep_write(r5, 0x81, 0x1, &(0x7f0000000000)='B')
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000080000207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000002000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
sysinfo(&(0x7f0000000240)=""/4096)
r8 = openat$cgroup_type(r2, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_type(r8, &(0x7f0000000280), 0x9)
r9 = openat$mixer(0xffffffffffffff9c, &(0x7f00000018c0), 0x0, 0x0)
ioctl$mixer_OSS_GETVERSION(r9, 0x8008631e, &(0x7f0000000000))

1m25.385264534s ago: executing program 3 (id=282):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000030000000000000000000000850000008700000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$IMADDTIMER(0xffffffffffffffff, 0x80044940, &(0x7f0000000380)=0xf4240)
getrandom(&(0x7f0000001100)=""/255, 0xffffffffffffffc0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000140))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r3 = dup3(r1, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000001c0))
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000580)=[@decrefs={0x40046307, 0x3}, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0x49, 0x0, &(0x7f00000003c0)="3ea300000000000000000000000009fa401bbf1bbaf7d98a06e9272edc433eff5a7833bc8c8e9042322523acd1f75e8cfc72cc3fe75ce963f1ffd2f4938b6fca7e4c84e2f2353697b9", 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x50)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001480), 0xffffffffffffffff)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NL802154_CMD_DEL_SEC_DEV(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000440)=ANY=[@ANYBLOB="feced3059ecdbec77d6ce2088867a1b9a7f24821bef60c32d3932074767645c04947309dec3b9c04ba3f3ed989da775556a904398b8b3045520d0bc1916330c04af30cce00a85319c5dcc84aed4eea4e8f08f33a4163f107d7e7f05ceff8a6d27b495731711790e7cabe4479673baf2d6a8d37126fd377ff1f2ba43ec7210414eda9b9f08b4f1b84a27c1d1ddbbce265512165cb98d2fc10c1a4a992651fb0e34c465d0a034ccdfbfef8634544294caaa57e6325013c18e6a30748b528f32390c9be246da887397e", @ANYRESDEC=r6, @ANYBLOB="81ed25bd7000fcdbdf251b00000010002e800b0004000201aaaa07aa116258baaaaa0c7392076f32e6173941db6e79d591170c3f946d380cbb3b27f619fea791096a33a7f709dac01e2aeb27268b1009d4bb00512be4af5d1035432b4a5e9066bf4b6a4dc6ccfa9439a55fbdcc12ba05f6800fcb55d9626170f3d0fca3f1c1c84ef637a7c4d32be36e4a6dfd7af35ff7e8bbcdea6bbb78b2a44672d64d17c496de7930ce96e092b5de60528eb3d49aa36479c1d2b5038b9a80574099c4da2b9756dd5f8cf50fdc0d3075aab3edbdf1fd96c2205655926f6748ab19b5440daa21ef04ca"], 0x30}, 0x1, 0x0, 0x0, 0x10008954}, 0x2004c095)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0x20, &(0x7f0000000300)={&(0x7f0000000180)=""/212, 0xd4, <r7=>0x0, &(0x7f0000000280)=""/77, 0x4d}}, 0x10)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', <r10=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001d000100000000000000000007000000", @ANYRES32=r10, @ANYBLOB="0000378c"], 0x1c}}, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x28, 0x0, 0x8, 0x101, 0x0, 0x0, {0x5, 0x0, 0x6}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x800}]}, 0x28}, 0x1, 0x0, 0x0, 0x4005001}, 0x24040840)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r11}, 0x69)
pwritev2(r11, &(0x7f00000000c0)=[{&(0x7f0000000000)="200902d035c2c698fccf01691a2c2ce3abbd2bfb9f489de253438fb5ef7c837dd4ec5e5a9e0180ed1084d7bc05ed579d9f7b9dad31f8c3e8e22f78a31d852ea652e914c2793418c197ebcb70591b518f14b7f00067c6eb47c63f520aec0e86335fe475c4dfa2a5ac20aa8b0ddd54862c4f7976e765f209e7d262ffa6e53fae738a8327ebccaed7859f2b541a1511c3b38a3e0100bbe4c61da56cc8282aeabffb79f6cf789272", 0xa6}], 0x1, 0x3, 0x1, 0x5)

1m24.302893103s ago: executing program 3 (id=287):
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) (async)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x1c}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xbe8}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) (async)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000071196a2ed3e18ec0f6cc0e787fa6feb215d8b076ce681588550c48452318d25c3991699d9ca2a6089ae1af79293041f216fa4e91698b3bdf3915149064538fd34aef5e723b9d1d4cd9f6790bedd024c3ceba1e1a53191a2237308274c8ce26d8b1f09c298025da07ed7222e9aa5c94f5c1fb929145860594aa6dded10b1964c835422fcc50368caf7f4611516fb40cb9712e62db4966c0acfe31128a89ae6b93b6539874b77643802fd86a3f5f60e877bc16981c221b1011c54b11b42b00f077758a520234908b527328e9dda024668824c7a7178cee2755446e6a32110b44dd", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x10, &(0x7f0000002380)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006a00000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x1}) (async)
r4 = memfd_secret(0x0)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r4)
ioctl$SCSI_IOCTL_GET_PCI(r6, 0x2284, &(0x7f0000000000)) (async)
r7 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{}, {}, {}]}, 0x10) (async)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f00000017c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x270, 0x168, 0x9, 0x0, 0xa, 0x388, 0x250, 0x250, 0x388, 0x250, 0x3, 0x0, {[{{@uncond, 0x6000000, 0x208, 0x270, 0x0, {0x0, 0x28e}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x39, 0x0, [@ipv4={'\x00', '\xff\xff', @broadcast}, @empty, @private0, @loopback, @mcast2, @remote, @private0, @ipv4={'\x00', '\xff\xff', @loopback}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2, @local, @dev, @loopback, @private1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @remote]}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0xf8, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)
r9 = socket(0x1a, 0xa, 0x3)
r10 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r10, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r11=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r9, 0x84, 0x72, &(0x7f0000000180)={r11}, 0xc) (async)
ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000000)={0x14, 0x1, 0x0, "6106007722366ccef4ba566c4acd3d00e7bfeb8cace586d84a500000000800"})
ioctl$SNAPSHOT_AVAIL_SWAP_SIZE(r3, 0x80083313, &(0x7f0000000000))
syz_open_dev$usbfs(&(0x7f0000000040), 0xc, 0x101701) (async)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000002c40)={0x0, 0x0, &(0x7f0000002c00)={&(0x7f0000002b80)={0x60, 0x0, 0x800, 0x70bd27, 0x0, {{}, {@void, @val={0xc, 0x99, {0xff}}}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x1c, 0x2c, 0x0, 0x1, [{0x8}, {0x8, 0x0, 0x8001}, {0x8}]}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x7}, @NL80211_ATTR_SCAN_FREQUENCIES={0x1c, 0x2c, 0x0, 0x1, [{0x8}, {0x8}, {0x8, 0x0, 0x786c}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x80}, 0x0) (async)
r12 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r12, 0x4008af03, &(0x7f00000007c0)) (async)
r13 = socket$packet(0x11, 0x3, 0x300)
dup(r13) (async)
r14 = fcntl$dupfd(r12, 0x0, r13)
ioctl$VHOST_SET_VRING_ADDR(r14, 0x4028af11, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0})

1m23.384885992s ago: executing program 0 (id=289):
mkdir(&(0x7f0000000180)='./bus\x00', 0xa0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000000a40)={0x2020}, 0x2020)
socket(0x10, 0x400000000080803, 0x0)

1m21.8168569s ago: executing program 0 (id=291):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000001040168b800000000000000000004000500010001"], 0x1c}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000200)={0x0, 0x40000, &(0x7f0000000100)={&(0x7f0000000180)={0x14, 0x1, 0x4, 0x201}, 0x14}}, 0x0)

1m21.565764193s ago: executing program 0 (id=293):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r1, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus\x00')
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x6, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r2, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r3, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)

1m21.387983144s ago: executing program 3 (id=294):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r1, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus\x00')
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x6, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r2, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r3, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)

1m19.585665357s ago: executing program 3 (id=298):
r0 = syz_io_uring_setup(0x2fe4, &(0x7f0000000180)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="200000001a1401ff"], 0x20}, 0x1, 0x0, 0x0, 0x4000015}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0, 0xe3d08660d3cd4e84})
io_uring_enter(r0, 0x92, 0x0, 0x0, 0x0, 0x0)

1m19.578718494s ago: executing program 0 (id=299):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000200001400000000000000", @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340), &(0x7f0000000280))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, &(0x7f0000000100))

1m18.709848592s ago: executing program 0 (id=303):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x6, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@var={0x2, 0x0, 0x0, 0xe, 0x2}, @volatile={0x0, 0x0, 0x0, 0x2}]}, {0x0, [0x0, 0x2e]}}, 0x0, 0x38, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=@base={0x9, 0x8, 0x8, 0x90, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r3, 0x1, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x47f9, 0x0, 0x0, 0x0, 0x0)
clock_nanosleep(0x9, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f00000001c0))

1m18.669463435s ago: executing program 36 (id=303):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x6, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@var={0x2, 0x0, 0x0, 0xe, 0x2}, @volatile={0x0, 0x0, 0x0, 0x2}]}, {0x0, [0x0, 0x2e]}}, 0x0, 0x38, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=@base={0x9, 0x8, 0x8, 0x90, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r3, 0x1, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x47f9, 0x0, 0x0, 0x0, 0x0)
clock_nanosleep(0x9, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f00000001c0))

1m18.398913833s ago: executing program 3 (id=306):
fsopen(&(0x7f00000000c0)='nfs\x00', 0x80ffff)

1m18.143573759s ago: executing program 37 (id=306):
fsopen(&(0x7f00000000c0)='nfs\x00', 0x80ffff)

1m7.021849309s ago: executing program 8 (id=329):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='oom_score_adj_update\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00')
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7654}]}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000080)='veno\x00', 0x5)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10)
sendmsg$inet(r2, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)
recvmsg(r2, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1, 0x0, 0x2000000000000}, 0x700)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000280)='0', 0x1}], 0x1)

1m5.7575449s ago: executing program 8 (id=331):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x28bd, 0x71, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\t'], 0x0, 0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/time_for_children\x00')
setns(r2, 0x0)
r3 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000e80)={@private2}, 0x1600bd74)
bind$alg(r0, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58)
r4 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201050037057b082d0800014b702c02030109021200070100a0000904"], 0x0)
syz_usb_control_io$uac1(r4, 0x0, &(0x7f0000000300)={0x44, &(0x7f0000000100)=ANY=[@ANYBLOB="400006"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r4, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000200)={0x0, 0x14}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a213c6cd3518fd910cdebbeb25c220ebddfca6d447d738beefd08b15286f81f3e24dc96e8dc15ebafc9e8f64fdc07b2cfa125cdc177a12e", @ANYRES64=r3, @ANYRESOCT=r0, @ANYRES8=r3, @ANYRES64=r3], 0x48)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = dup(r6)
syz_emit_ethernet(0x32, &(0x7f0000000440)=ANY=[@ANYBLOB="ffffffffff9dcd230d000000e1c688a849008100240008060001080006040004aaaaaaaaaaaa0a010101aaaaaaffffffff0000001d207178a857356d05ae39694c48aba7faee1c15d17d924d911d7b7c50fbebbefde1252c702c9d3acba8fd193d166ab881483a1f8db7515c54e944347bc69f17792a10a18825b32373432528f57028a24e19717b88e73c638325cbb15de27019f6834bd0ed097c49958078a811efe87cb3e409599b311e392a71b3a42c5fd0a5cb5d0f"], &(0x7f0000000400)={0x0, 0x2, [0xad0, 0x57e, 0xf5a, 0x780]})
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x12, 0xa, &(0x7f0000000180)=@raw=[@jmp={0x5, 0x0, 0x2, 0x4, 0x8, 0x40, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x845d}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x12}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @cb_func={0x18, 0x3, 0x4, 0x0, 0x2}, @map_idx_val={0x18, 0xf, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x9}], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, r7, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000002100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000002140)={'wlan0\x00'})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r9, 0xae03, 0x32)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r10, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r10, 0x40000)
syz_emit_ethernet(0x52, &(0x7f00000002c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0000f5", 0x1c, 0x6, 0x0, @rand_addr=' \x01\x00', @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, {[@window={0x3, 0x3}, @sack={0x5, 0x2}]}}}}}}}}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

1m3.659041521s ago: executing program 8 (id=337):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000200001400000000000000", @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340), &(0x7f0000000280))
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, &(0x7f0000000100))

1m2.735304244s ago: executing program 8 (id=341):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r1, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus\x00')
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x6, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r2, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r3, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)

1m1.806576178s ago: executing program 8 (id=344):
r0 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in6={0x21, 0xfffc, 0x2, 0x1c, {0x2d, 0x0, 0x4, @dev}}, 0x80, 0x0}, 0xfc00) (fail_nth: 3)

1m0.389249865s ago: executing program 8 (id=347):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000cc0)={'tunl0\x00', &(0x7f0000000c80)=@ethtool_sset_info={0xa, 0xfffff7ff, 0x100}})
ftruncate(r1, 0x6000000)
syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000200)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\x91\xfdy\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0`\xaa8\xc7\xc8\x9d\xfdA\b\x10\x92(c\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdI\x83\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7 \x1d\xa1\xce\x8b\xac \xe8\x88\xdc\x02\xd7\x04\x9b\x9aL\x9f([4\x81\xf6\xb6\xdf\x16J\xab\xecC\xe2{\xfd\x8a\xb4\x8e\x9c\xfb\xf6\xe9\xd8]B6{\xf0(\xaeW;)\x9f\x9cR\xae\x12G\xd8\xa4y', 0x0)
r4 = dup(r3)
write$cgroup_pid(r4, &(0x7f0000000040)=0xffffffffffffffff, 0xe)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000004, 0x11, r4, 0x0)
bind$802154_dgram(r2, &(0x7f0000000040)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=@newlink={0x30, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x4}}}]}, 0x30}}, 0x0)
copy_file_range(r1, 0x0, r1, 0x0, 0x9, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x5003}, 0x4)

1m0.273237636s ago: executing program 38 (id=347):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000cc0)={'tunl0\x00', &(0x7f0000000c80)=@ethtool_sset_info={0xa, 0xfffff7ff, 0x100}})
ftruncate(r1, 0x6000000)
syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000200)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\x91\xfdy\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0`\xaa8\xc7\xc8\x9d\xfdA\b\x10\x92(c\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdI\x83\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7 \x1d\xa1\xce\x8b\xac \xe8\x88\xdc\x02\xd7\x04\x9b\x9aL\x9f([4\x81\xf6\xb6\xdf\x16J\xab\xecC\xe2{\xfd\x8a\xb4\x8e\x9c\xfb\xf6\xe9\xd8]B6{\xf0(\xaeW;)\x9f\x9cR\xae\x12G\xd8\xa4y', 0x0)
r4 = dup(r3)
write$cgroup_pid(r4, &(0x7f0000000040)=0xffffffffffffffff, 0xe)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000004, 0x11, r4, 0x0)
bind$802154_dgram(r2, &(0x7f0000000040)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=@newlink={0x30, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x4}}}]}, 0x30}}, 0x0)
copy_file_range(r1, 0x0, r1, 0x0, 0x9, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x5003}, 0x4)

58.845827831s ago: executing program 7 (id=352):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000030000000000000000000000850000008700000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$IMADDTIMER(0xffffffffffffffff, 0x80044940, &(0x7f0000000380)=0xf4240)
getrandom(&(0x7f0000001100)=""/255, 0xffffffffffffffc0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000140))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r3 = dup3(r1, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000001c0))
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000580)=[@decrefs={0x40046307, 0x3}, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0x49, 0x0, &(0x7f00000003c0)="3ea300000000000000000000000009fa401bbf1bbaf7d98a06e9272edc433eff5a7833bc8c8e9042322523acd1f75e8cfc72cc3fe75ce963f1ffd2f4938b6fca7e4c84e2f2353697b9", 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x50)

57.934978183s ago: executing program 7 (id=355):
socket$inet6(0xa, 0x2, 0x3a)
socket$inet6(0xa, 0x2, 0x3a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ioctl$SIOCRSACCEPT(0xffffffffffffffff, 0x89e3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
getpriority(0x1, r0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x5)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYRES64=r0], 0x0, 0x34, 0x0, 0x1, 0x0, 0x10000, @value}, 0x28)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000000000000000000000300000008000100", @ANYRES32=0x0, @ANYBLOB="04000280"], 0x20}, 0x1, 0xf000}, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)

56.623769381s ago: executing program 7 (id=356):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000380)='fsi_master_acf_cmd_rel_addr\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/oops_count', 0x8081, 0x122)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x101a02, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0xfffffffffffffffd)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x0)
r4 = getpgrp(r0)
tkill(r4, 0x1b)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000100060000000077f2ab26850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
io_getevents(0x0, 0x0, 0x0, 0x0, 0x0)
unshare(0x4000400)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r6}, &(0x7f0000000080), &(0x7f0000000300)}, 0x20)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e0604250c"], 0x9)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="17da955f26000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r7, 0x0, 0x0}, 0x20)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r5}, 0x18)
socket(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(r8, 0x4008f510, &(0x7f00000003c0)=0x9)
socket(0x10, 0x3, 0x0)

55.72923284s ago: executing program 7 (id=360):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}})
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r1, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus\x00')
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x6, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r2, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r3, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)

51.631071968s ago: executing program 7 (id=367):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="85000000c900000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="180000589764a20000000000000000001801000020646c2500000000e12020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000006fd6810000002d0000008500000023000000954b9ade530b429a05de98c32d6eb28ee7c3c9216c0c583b2914d4c3b8f85c978e216c843d72a7aa93a44b5c160800000000000000611ddab8b305c1a8b13df0d1bda9456655a92b82fcb76d6ad5b02f83760a3be04add240f8a56476d4391bd3ef22df4d3258e1517b4f556079b8bde747c9f78fabb2bed0af5c964d4c30550e3b990b4d99de0bb708a73d4"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
setitimer(0x0, 0x0, 0x0)
open(0x0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000009000000dfa2bff372df8cdbeb318ab2bec8fc36903c0ec359caa1af3c914019395cc154010c693709800000000000000016a85adef34bf78c76e6222337923e1bea6ef682cc4375f594425d408ccc58187feb0e3d43347f989007a7c63f6dae2acb4af936461f34a8a32a50bbbb69ec85168947b86df9f2609bf93f7a1be259621818c3c75da31290bce645451b851111dd98ac4d8da9317c2c082020e0b2d634086785f3fe41a3053645cc413790faf7e229c782845b5bb774f7f154263178151ea93ff2cac4b181332c9c9a1c7d85616c8100000000000000d8300d19d585000000fc005774b56a7142047326f940e95b8489e1c5650f5c61299a295f39c88456391cffdef93e29f10f4a11f0cfbfc0ff976b20fef6033495b9b94777db9bb9b678ffc1130000009faa798226a080c01e47151268a02dc1a557cfdcf76305fbf6643df66b1b4d2d5e7bf698fc5a18d984ecb91e6683a5f522d536e2f3c43b89823659d1945258fc668950e5aacfffffffffffffff7f7a266c90e64efc8d8f730867202a9ee94e6a00"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0xf5010000, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x6d)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r3, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000480)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x5, @ipv4={'\x00', '\xff\xff', @remote}, 0xd}, 0x1c)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0xfffffd9d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendfile(r1, r4, 0x0, 0x8000002b)

50.461906169s ago: executing program 7 (id=372):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000200001400000000000000", @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340), &(0x7f0000000280))
mknod$loop(0x0, 0x100000000000600d, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, &(0x7f0000000100))

49.680700465s ago: executing program 39 (id=372):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000200001400000000000000", @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340), &(0x7f0000000280))
mknod$loop(0x0, 0x100000000000600d, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, &(0x7f0000000100))

10.725195388s ago: executing program 2 (id=527):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffffb}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000200)={0x34, r1, 0x1, 0x0, 0x0, {0x36}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x35, &(0x7f0000000040), 0x4)
syz_genetlink_get_family_id$smc(&(0x7f0000000040), r0)
iopl(0x3)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)

10.527271643s ago: executing program 2 (id=530):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')
r2 = dup3(r1, r0, 0x0)
fchdir(r2)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r3}, 0x10)
r4 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r6 = openat$cgroup_devices(r5, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r6, &(0x7f0000000140)=ANY=[@ANYBLOB='b 75:*'], 0xa)
mknodat$loop(r4, &(0x7f0000001600)='./file1\x00', 0x800, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
open$dir(&(0x7f0000000000)='./file1\x00', 0x80200, 0x84)

10.359166382s ago: executing program 2 (id=531):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="120100009080e140fc044a500243010203010902120001000000000904"], 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000340))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
sendmsg$ETHTOOL_MSG_EEE_GET(r2, 0x0, 0x80)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r3, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r3, 0x4004743a, &(0x7f0000000300))
r4 = socket$inet_udp(0x2, 0x2, 0x0)
eventfd2(0x1, 0x800)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r4, 0x89f9, &(0x7f0000000840)={'sit0\x00', 0x0})
r5 = socket$inet6_dccp(0xa, 0x6, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000180)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@mcast1, 0x4e24, 0x40, 0x4e23, 0x0, 0xa, 0x0, 0x0, 0x8}, {0x8255, 0x7fffffff, 0x8, 0x1, 0x59, 0x1a, 0x1ff, 0x204}, {0x7, 0xffffffffffffff24, 0x2, 0xfff}, 0x7, 0x0, 0x0, 0x1, 0x1, 0x3}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4d5, 0x3c}, 0xa, @in6=@rand_addr=' \x01\x00', 0x3506, 0x5, 0x3, 0xf, 0x691, 0x146e626d, 0x3}}, 0xe8)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
dup(r6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x1)
write$binfmt_aout(r2, &(0x7f0000000100)=ANY=[], 0xfce1)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000000)={0x2, 0x8, 0x1, 0x0, 0x8})
ioctl$TCFLSH(r1, 0x540b, 0x2)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x5, 0x10100)
syz_usb_control_io(r0, 0x0, &(0x7f0000000b80)={0x84, &(0x7f0000000000)={0x40, 0xe, 0x1, "01"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

8.521523602s ago: executing program 6 (id=536):
pipe2(0x0, 0x0)
io_setup(0x2869b0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b4000000000000006111140000000000040000000000000095000000000000001abe5201462857a3db65e291772afa2114f5963ed660b870d974d2252829f8290f8d02e3b0096b3df3e6585851cb7efb50a982b66e14716ffe33a164c3d1ff5798", @ANYBLOB="940a3b526ec8a0173e17548d452620cfc2934a583ed8578dd9d5cc5dfc344c89730c46e2ac3807606f940f84"], &(0x7f0000000080)='GPL\x00', 0xffff, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x40}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0xa, &(0x7f0000000000)={r1, 0x0, 0x25, 0x2, @void}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000020000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r2, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
r4 = semget$private(0x0, 0x207, 0x0)
semtimedop(r4, &(0x7f00000002c0)=[{0x0, 0xff78}], 0x1, 0x0)
semctl$SETALL(r4, 0x0, 0x11, &(0x7f00000003c0)=[0x800])
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r5, 0x84, 0xc, &(0x7f0000000040)=0x9, 0x4)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x4000000)

7.816925229s ago: executing program 1 (id=538):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syslog(0x4, &(0x7f0000000180)=""/210, 0xd2)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x1)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
r4 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
getsockname$packet(r4, 0x0, &(0x7f0000001480))

7.555265071s ago: executing program 6 (id=539):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
socket$xdp(0x2c, 0x3, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r6, 0x0, 0xffffffffffffffff}, 0x50)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioperm(0x0, 0x444, 0xb1f)
syz_usb_connect$hid(0x4, 0x36, 0x0, 0x0)
r7 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r10 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r1, &(0x7f0000000600)={0xa0000010})
epoll_wait(r10, &(0x7f0000000000)=[{}], 0x1, 0x400)
close_range(r0, 0xffffffffffffffff, 0x0)

6.409922543s ago: executing program 1 (id=540):
r0 = socket(0x2, 0x80805, 0x7fffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xe, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800", @ANYRES32=r0, @ANYRES16], 0x0, 0x6, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000200)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder0\x00', 0x0, 0x0)

6.126454486s ago: executing program 1 (id=542):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$xdp(0x2c, 0x3, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r5, 0x0, 0xffffffffffffffff}, 0x50)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioperm(0x0, 0x444, 0xb1f)
syz_usb_connect$hid(0x4, 0x36, 0x0, 0x0)
r6 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r9 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r1, &(0x7f0000000100)={0x20000014})
epoll_wait(r9, &(0x7f0000000000)=[{}], 0x1, 0x400)
close_range(r0, 0xffffffffffffffff, 0x0)

5.953862665s ago: executing program 9 (id=543):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
userfaultfd(0x801)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x18a})
unshare(0x0)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x39}, {0x4, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xb, 0x4, "5c1d34", 0x80, 0x7}, {@none, 0x4, 0x8, "b3762d", 0x6, 0x5}, {@any, 0x7f, 0x6, "e9c935", 0x5, 0xd8}, {@any, 0x8, 0x75, "d5bce1", 0x17b, 0x3}]}}}, 0x3c)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000130000000e0001006e65746465767369600000000f0002006e657464657673696d300000080003000000000008000b0000000000291932f51bb7ca798bae6580204ad77502001dc938f8f14770d23147c6cb27c395117773a74ca0ca9915a439298b3718c5b38ef3b4a46cbeb66e717ce0dac37a4763dda6f369bd7e51939a3f60f91e974aace5704ae911e3babfc45c33aea263630000000000000000"], 0x4c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0500000006000000400000004000000000000000", @ANYRES32], 0x48)
r2 = socket$kcm(0xf, 0x3, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000100730109"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$inet(r2, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a17c45c8d260c9", 0x33fe0}], 0x1}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x2, 0x0, @local}, 0x1c)
socket(0x2, 0x2, 0x0)

5.785683985s ago: executing program 4 (id=544):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e21}, 0x95)
sendmmsg$unix(r4, &(0x7f0000004640)=[{{&(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000400)="0fcc797b3150c0029157517a1633062786030c7390241746d19fc093fd461aade73594928e1619df73f9556a686f23e2", 0x30}, {&(0x7f0000000500)="d17511204cb1b5430731ce1b02a5a0d8b623193c254cacdf778c9098ef4985b020fdf20ea99b6f7fbad34cca28aa7100a2f0daa8474ef58a439d32a79c68e7d8f6fc9339ecdc481420a45ed1d5655c992930e8eedffb26548bc64dc7f73e6242b05d4c91d272ae71bbbf392c89e50fa663c77ca6bcc70063069f10097b371e39149307c93c8c5e15b5704cb2ac57ee39a0693b82187fbd694bf0255163ea", 0x9e}, {&(0x7f0000001280)="baff512bc839336caf2c3ce50149ac2ac203a57600e6296e46c941c9bafb18d92c220fa629c5128a7aa55832d952f91c45eb29e93169f1f8d24a4ed547ca61afe6495d2137847a824bf6964ea488fad44797775366d33f776cfd45528349ec42f7915d42bf0949090bd3f24ebca2eeb0d909de7cf4b96ab1491c96e591f3cff064f00f2a0bff17929458b1efceade85aa3813c5c20e523340b59685a680ef443b01c3de0f26eb26a5fc0d3c8a12c4c4075f29c4d764500b8262134abae1c61fce6be4bfbdb9dc5f28b362e1ebfded88604e56901f45678a567e77f99eb3d34adb986f210a2b46b81a2cbab2accc6037e74b362a7860ad0673314710cf0139608201fb77a3d88903f028143fc0b488e4345fcf6e2efc2b434a795fc00a3d825571a92a90ea568e97e04c68ceb32e4530548248fe6e42173c38347db90da1d4d601978fcfb7b29e621a505db95ac80f0dcdfe25e75a2764e824b5f61cbb06d1e5dbc99b9a43d1113f9df7b2376a3a9669ac70a8af520bad246a1a5917fa8a56647424a0785c04934bd89c94ca5b20a6f004025f2a0815c792dc69a7f37f3da20797fbbc70efce078217b25074f8ffca0835acafbb1da47d91bd982a3663f3ffec151953f4e03ba4c31874124da4c86d2851622e397a7ba155182232677a46ffed678138e057074104cf13210290bebe0258761ce40062cf809b449671311a5bd0012ae9f3eef9b2b75c604ead668893cc6f10efeb3a09113578dca79815f4df9ec8fd7ce6891607e746dd31fe20f493cedd4c14f700e086f888e0e41c40a6cf8e60d12611c44f9d6e40f36f4327f14beb79b9c917cb8e475d647f768c6dcd14eaadc300e27aed5e2feaf874463155c97e161620fb98a668059c22145de71bc8292bdd7b0b4ba33454cebfad86ad1a1c1ac336b3338efb2420708d79f947013b9554a9e462a24fcdfc5245de923c0eeaf6811f60e2de13c58e51fc0788b987b3e9814b70dbaba2351e4efccd15f082ef0d7ca301233086d6c964d1d27b6ce1b763775254cee97bf4da9a93413f4248ccaa257b470afeb94a91ca6598c7837002e9042c542c0afb99657ca881109405ee532f3aefc1683f0535197fbb098f3ca8522853c09da5066849e8ebbe8386037d4fed1f9d8c3bf0a05e65ced6d0a1f44f7f574c6d2f1257a8a11543a390e8a0eea6d9a70b9e727156109f98142e446151cdfd65317ce05492477588af3740e6b1594a7d213fde963098a93ac87e73b3bb4b2740b71b42274e585204f0c77c2c4c2cbb74cbe94d52ef6c994c78ab2881f02db253066af62d5d3e80ce36c4c1561ef9938a813e8a0737f2a2485289991de4c6c01ca9a4c3ff535386043361b34ff1606a29fad2e758c69f28a814c79046f763221d2b5d37c3c2af55f9ac3d9c03d1cb75c67c6cd4b11ed1444296b06cf4505495e1ec26c9064b52442ada91b74d883885a3e761c0889d570d96dee51483e1f37c832fdffd1d021db93bbd5fc1fc64f9b4568d4b19565b707c2b4328ca85f0d4c1160fe4938d056f7186c1679f6006a7e574206d81e1d843f5bbc4e4bb4480efc1b39aea982528a280ee457ab6e82dc0dedd506b86018a1b142d10b52c20857a46b753ba45d68d7775db38f973178288873c37b7fbd91fc7493621317e4bbabd0dd1968028eac1306ff88fa09c747d69e78b6ad1f94d7ac1bdf75a9491d630ccbca46cfc2be82712fb268e83df629c0adce118425b3bf4ef859a521a8d8b791d3dd52536861bbd855ed63eb1e1ac61ba99e550aa485bf4333ccfe2f34ed7a936656a391eaca2bd711722d4d2bf47fae16406c4ba4a8e849d5e5ba394297b370974068f93040596ec43daacdf77f3915ea67db65056c3e666ff9bb71a41896fdc4c191576c70e30f613bd5a95719730265018210e9dde1ecfd50a5e54e792490ac449903b591b4744ec76dc58fa9997a01ab17503299d6a32123bf7c4b76f3a5614af7af571ee4b72f6c2b0a6c8a9606299d4439fbae634e3464cbbdafdc286e9d4f45b5a1fa48a351afcd719e25ce28454097008f18f0b50d87426d401fe326acf28f85b268b94f04a6d3e9b8b432f8b39edd43b925c80c05db39502479aadb34b83fc5a69998446f48661de36c9b82481f9be7299757846d1c7716743d1da241da05046d7a59a75016394b4495dc13cb0f6a8c315e4956fb979ac7de0a40ebafe1dbb98a99de20aa181bd66d41aeba1336ee966fbca94cf8458923d166f66c37bc1daee2419733c60abd9432e1344e592c875fa37d5df7538ba7dc799d1fbd6083c4efa04d93062fabfac15a27fcadebebbab50b3e66254ebcb6be0ecdc9d04334a8162103bbb237dcf9bc9c11c58feaca1fa845bdd5ec7ae39fb8b2cb98e3188a9c8d71cc055a66a17b44b3af46a7c5df551ed3be7e87fe0dfd1825e634cb437fee4183e1a218c4f1dfeddbc3fbf11481f947e6cb096a91d6b225abc10cd76329da82a121fd406ab86bd1829ca1324ef734bf8338960dd7d25b7d029e176b6061889e75d5aa5e84f51681ddbb13bb1af888249944277587c5c08268a8a2a8dd11de2c4ab4cf7808647fd8bd07caeebac065006c4ae8d77a5039c3af24d28198658a56f72a95ff395c31a73e98829f0a8cc7c134a185ca00c539f282ac749ba4fdbd7229ce546f6a81d8d3d1f84b36fdcdcf6998889668ebe9e43c590d9793ee53e4ebf665ad2b62f889ad3e47e3b4381e99ae835f6a2aabf24e9dd4320e8a517c218b1928cc37274f8cf7d126cdfde59a9a856b53b902ab0b86cabdd840f3ec5fe30baf8833cd4e6cd38cc2bf6136765bcf21da5a85c33c846e2a63ce685d3b0b315065cb8339d7bde01eb041c73675a862d630046f32a536761aadab0a3f8194acd5b9cbdbe7bca543faa2d0c75dabf76218b6658bb8e5c66257a0c1e2c0adaa7d3a8d52942c1b5aae78379ba05547bb55985213c1d55442b5a45167e2ffa6f9860b9a058e581fe06d1d304aa71ba1344db3ed4faf021cb072a5e45b3bc37a0f91343c8d49d5e139107d875fc040aa0e89efd0732450060448b7de11e4fa17d8865a0376a9418106c0527d07c8abcadde953a89fb1a571ec1c5b1334b31a7055cd7bef1a9330346987807f098068b6d8dcc508772020c2ce2c0594f0e32d81a9893ad3ff59e8aea5cce0f1b9862bdea714ee4a16ad8189052be15a8b90a46a1f72f124950cbda035400a3b295e53275bb4760d3bb7fd1c777593e94925e0c01136d4a2365fd6d3217a29c9f453d01fd7b280943852daf5babd69e0d79c0adc9a38e6f9597e50a9c4b43d1a9cb2f641a6f1640697bd2502cd805a3a4373047e223df7b950542c8ebf143841f39a31f6dbb809433112662a7a5d6fbb48b5077d29d3c38998ad34f833325061f81755bc02342a796303d09ba1bc79252a079e51883bd4a4a0ec2db586dd06bfa8009ebb7cd9f2a4ec4e2391baca6f77508961105433e17e3e9fea02a2935bf396d4bea63717011d75e494f66e5b092df4a42465744a06935de68aa19ba2fdfedf27e1fa501322c36a6844d292e125ee894d757fc2920a54f742107a12b26a293d3fc8c303cdf5518ec0b8afeed3143c4ab3afd049e6ce9ed972df4ca96e46bab6470a7b5b97a1275b390ae15aeb380209e73f2f02e36208c706a146c8468028420d1366acbb13407f1cbad418ee170c83f9ee0273f6572f89d094e3e3eb309b0179e8ace1f86efb2982f96204d9c1e44c321cc5a3b172d51f19cf0b6d75004082a560fedf428a28145092fa5a8ad21143b8c4003a3dc17d0d901e2a491af315c67f4f59a7218de76676406f6b2b2f6ea2a7a697428874f732446d03fed7fab91e6b2a955e0721302e41bb9b754878b72f594fce376c538f664bc6cd07ebe368ed344e33ee641b79b8aded8fea52800fe2da3eba80ab16986cabe94b92e45f2db734175269163baa059db3fd976ec69edc58b01e907fbd0fe4bff521376e521ebcb26a88ac0eee45bffa35ad78af02379de3c8b405956ba18043e7b0ae3addf28835c5e644f12e79b6498fa672aaa10bb9e77732d89de0a84d3cbcef14222a416bd72149b6e90493e786ed0b5877d479c0e23afae2b59aa45bff551add2ea3b5371c51f4772345ab27f90e89c9d756d7dc8d82fb37c53ce3a765fa57ae98a46fc43afa6af29e43593a3392ebaaa3543688cafd71969edade3b9204ff83a36c2208d39e82504ccca50a986fe8616e93436e25e854682191b9de6239eecdc5aa71ce8515510262e5b79237e6678980110d708c86d76ec209bc65e563736cf111290f8095bb93734f03e6903ca315015bafb618456c854a95794af09f5691f3625c739bfee835929c33f478b5637d409b46c2e118dfd3b3a24c2c499bd05076ade25e7fde19c72759d609c4157991d429673ffdb588794f4525bbc6c3a259dcd3df4b81aa7a00cdef6e6805ecabc3295f74f51ba76b2f8488de06c6d3977a9e318bc1ca5e959284dcf6dd65e1af051530ad9d774b54d7da2b0db1c940d7d0490098e4eff32eb74a06bb0061391245c6a52868b33c6d6149cecd29cf1676d7db3f56b07176de6a049a036034f408d94588b85525994133c221ecbed9a4dc5d61af16e8cf24c896f34aa60a715d9478a0d7ee2992854f8fc4e0f347b16130827d95d78cbfe52df8fcaa6f32a655ce9e9b5fb3d1b618d844076a814754943b7b10ba791be1ada374a77bc3ba058c149f09aa91b6c26936548922037eba46bc4f60a9897b11140744ee2d5af919d88623d08590bc9d395ec4dec0c681f210a75ef102e09c574f1e9fb4fa4bc36fc35b101f7bb037fb9f3bf9bddcd32e5e27231915471b2760a3547a1eca47d83b744c467dd6cf6e897f632bfe255d3ac51590eae308b9e3625e90450553e2564170b2827155b9805b22cbcc97f353f8bd514e346f0710ff8afdf35765dcb55317db6eedac550039ea6c599405a9f503b64fd2377dfbbfd4a6191165786e49e5cd626db4b3398ca36bca5b8ed2d6f10b04c80c2d1d0f9c2824fd77eed31d1a26da9c0cd4d6b31ea18a317cccd3dae60237a5d9720bbe68876f38682411ad751ab63cf6aa0f53299f043616c505605a26f3f45ada4a7b7916cc146b993a41b53a6422d03d606d191501e883ca4eab93405c8d457735f994115258ccd213e1a756be9625a9baa1b8f8e1c3d569352e443b63c6554e727cee4b36e4d5cd95f0d14ce4c1a464b55c0afd3f4076081c6af691730cc4c2f45f354e4da3468b84d42e22503ea764144a48b798ebd7df8b2b0ea81ae3c98f5550a03b2ad62298bb065c59e568147893e4fd2ba7f52d78e044e27c27ae550d1f3716cb9780ffdd70fb875be46555e8682a983720fbf1eb9186201226a532b6b44c1d7b979a81a6948ed75345170ed2d246784f65925fc1bca047ea3d5174e7132d648f18699b8166d63a1bf73f7f1ffac3138d20b16b2b45fd6c4ebe939a5759253cf8c3cdcd090fab6bcb83886dfab238a50c9b1ba32f792e88669c95a44dd337fad9fb2fe17f74bedd39962b2be0d6e8ca4a292a9cd43d9529fbebfa12366333bd9aa685377ce4f8e84ac778655ef90332b0b46d395ef0996f8c92a110050d3fd71b124684653577640f6afa2f9547851cd287ab67244b4a562132f89d9967f4e69f07b68b8cd9d6ee7e6c76f3e90a05889cdb66cfe0758f34ba8109822ac0af0b5dcffb704b42281c1ef173f5d2e4eea6a04afbacfd03ce354c70745038f0220efb95b040f63e73dd6183d927a40c6dcc799e6366", 0x1000}, {&(0x7f00000005c0)="8794a4934b7edae345034c58e9c49e72f45ec5ab3f203d14664ffb71fda02a5bd9f16ac977fd1aba98baa63116e3998fe33ab02c474d91e5c9a7c31e5ba0e000b770948fb58b0a4e61c90a130a764d94546303a8697b01f1d9840a77fbb45a5bc014df6f9d379e3e703a82914fad82b2b0df37e1a421898cd3c1d0bd4a3ddd3e1fdc3e2252afda7219fec52006739fa5d3d4ae63de70732754d9049511d310c8b8c19caf71648edc966e2a547e7b06f2a115b758a1573a20edc863dc1fc0bb1e125144c1c56666f851be80b03465d147dc187c266d3786caad4b9d45038db638b9902bb636ea3219", 0xe8}, {&(0x7f0000000440)="908630d231f0858b18d9648338d9a6e76d90cb214c1cf8444d687df5ada8f74fc0fc221ff6426cfcb90bdf62d70fecf87ad1ca0981ef1b0d1bb95e5753dffdcffb4f6e", 0x43}], 0x5, &(0x7f0000000980)=[@cred={{0x1c, 0x1, 0x2, {r2}}}, @cred={{0x1c, 0x1, 0x2, {r2}}}, @rights={{0x20, 0x1, 0x1, [r4, r0, r3, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [r0, r0, r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {r2}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, r1, r1, r3, r3]}}], 0xe8}}, {{&(0x7f0000004500)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f00000045c0)=[{&(0x7f0000004580)="7eda47f6fcb4ea3219f3d5cb72509e5e6413ee5943a183f8b19f110f17", 0x1d}], 0x1, &(0x7f0000004600)=[@cred={{0x1c}}, @rights={{0x10}}], 0x30, 0x4000}}], 0x2, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
poll(0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000040)={0x4010000000000}, 0x0)
timer_settime(0x0, 0x0, 0x0, &(0x7f0000000100))
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x5c, 0x2, 0x6, 0x5, 0xa, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6}, @IPSET_ATTR_PORT_TO={0x6}]}]}, 0x5c}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000002440)=ANY=[@ANYBLOB="34000000090605000a00000000000000000000000900020073797a300000000005000100060000000c00078006000440000000004bdfa39f4e425bd2428a3202a2a3efce2374fca53ed5d18aeb32"], 0x34}}, 0x0)
syz_open_dev$evdev(&(0x7f0000000740), 0x6, 0x40000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a300000000014000000110001"], 0x50}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x9000, 0x6}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x605, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x14}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x64}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a3c000000090a010400000000000000c9eb00000008000540000000100c0009800800014000000100f900010073797a310000000008000c4000000000140000001100640000000000000000000084000a"], 0x64}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
socket$kcm(0x10, 0x3, 0x10)

5.039438198s ago: executing program 2 (id=545):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24}, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000740)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x14, 0x2, @ipv4={'\x00', '\xff\xff', @broadcast}}]}}}]}, 0x48}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r3, 0x0, 0x10}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x804}, 0x20004090)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
r6 = pidfd_getfd(0xffffffffffffffff, r5, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r6, 0x4068aea3, &(0x7f0000000300)={0xbe, 0x0, 0x1})
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
r8 = socket$inet(0x2, 0x3, 0x102)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000200)={'vcan0\x00', <r9=>0x0})
bind$can_j1939(r7, &(0x7f0000000040)={0x1d, r9}, 0x18)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r9, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='rpm_return_int\x00', r10}, 0x10)
mmap(&(0x7f000038a000/0x3000)=nil, 0x3000, 0xfffffffffefffff0, 0x10, r4, 0x0)
r11 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r11, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_ALLOW_SUSPEND(r5, 0x5522)
close(r5)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r12 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x121041)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000000c0)={0x0, 0x0, 0x0, {0x0, 0x100000000000001}, {0x74, 0x2}})
ioctl$EVIOCGKEY(r12, 0x80404518, &(0x7f0000000200)=""/36)
r13 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r13, 0x0, 0x21, &(0x7f0000000f00)=0xffffffff, 0x4)

4.984219082s ago: executing program 9 (id=546):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) (async)
r1 = syz_open_procfs(0x0, &(0x7f0000000200)='net/vlan/config\x00')
preadv(r1, &(0x7f0000000100)=[{&(0x7f0000000000)=""/9, 0x2c}], 0x1, 0x61, 0x0) (async, rerun: 64)
read$FUSE(0xffffffffffffffff, &(0x7f0000000480)={0x2020}, 0x2020) (async, rerun: 64)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1e000000080900000700000005000000ca200400", @ANYRES32=r0, @ANYBLOB='\t\x00'/20, @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="010000000500000003000000ea310a00000000000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async, rerun: 64)
r3 = getpid() (async, rerun: 64)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x0, 0x2002, 0x0) (async)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r6, &(0x7f0000000000), 0x10)
setsockopt$CAN_RAW_FILTER(r6, 0x65, 0x1, 0x0, 0x0) (async, rerun: 64)
sched_setaffinity(0x0, 0x0, 0x0) (rerun: 64)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) (async)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000580)="0b102acdc64d8e703c55a47e57f3f8ee60", 0x0, 0x5, r2}, 0x38) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
getgroups(0x2, &(0x7f00000000c0)=[0xee00, 0x0]) (async, rerun: 64)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}) (rerun: 64)
sendmmsg$unix(r7, &(0x7f00000000c0), 0x3f, 0x0) (async)
ioctl$sock_TIOCINQ(r8, 0x541b, &(0x7f0000000100))

4.893992757s ago: executing program 4 (id=547):
syz_open_dev$usbfs(0x0, 0x76, 0x101b01)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8541)
r1 = shmget(0xffffffffffffffff, 0x1000, 0x800, &(0x7f0000ffe000/0x1000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, &(0x7f0000000000)=@get={0x1, 0x0, 0x1})
ioctl$IOMMU_HWPT_ALLOC$TEST(0xffffffffffffffff, 0x3b89, &(0x7f00000025c0)={0x28, 0x4, 0x0, 0x0, 0x0, 0x0, 0xdead, 0x0, 0x0})
creat(&(0x7f0000000440)='./file0\x00', 0x0)
link(&(0x7f0000000200)='./file0\x00', &(0x7f0000000280)='./file1\x00')
mount(&(0x7f0000000240)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)='ocfs2\x00', 0x0, 0x0)
shmctl$SHM_INFO(r1, 0xe, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
ioctl$USBDEVFS_BULK(r0, 0x5523, 0x0)

4.370611563s ago: executing program 1 (id=548):
setresuid(0x0, 0x0, 0xee00)
syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
shmget$private(0x0, 0x1000, 0x800, &(0x7f0000ffe000/0x1000)=nil)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000003c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$usbfs(0x0, 0x76, 0x101301)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'streebog512-generic\x00'}, 0x69)
r6 = accept$alg(r5, 0x0, 0x0)
sendmmsg$alg(r6, &(0x7f00000010c0)=[{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000002c0)="e9743bf46b8590ca61e997d12fc75272", 0x10}], 0x1, 0x0, 0x0, 0x20008004}], 0x1, 0x200000c0)
ioctl$USBDEVFS_DISCSIGNAL(r4, 0x8010550e, &(0x7f0000000540)={0x80, &(0x7f0000000440)="63038050de6f5cf77e5ff9321eb3f355fe00ee0f06ba6efe220ad521b95bbdfc23c9fa94bcf993c9a64ec92bebde4ac30a4b503abc627a2d282d274734bbc4c68046b3cc5edb8b76edfbd645668104e70852d87d2d9c82191f62946db7724f19f01b7b095b30a746d566764b581f5b84b739608b176cb049968b0a77337115cb5e534ae803e71246f423229019cd0a4c30767456f86dba221625a099049e4b3b794f4676"})
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000b80)=@raw={'raw\x00', 0x4001, 0x3, 0x2a8, 0x158, 0x0, 0x148, 0x158, 0x148, 0x210, 0x240, 0x240, 0x210, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0xf0, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'vlan0\x00', {0x0, 0x0, 0x1ff, 0x0, 0x0, 0x7, 0x7, 0x0, 0x8}}}, @inet=@rpfilter={{0x28}, {0x5}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00', {0x79}}}}, {{@uncond, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x1e83, 0x5, 0xfe0c, 'syz0\x00', {0xbb}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x308)
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f00000000c0))
r7 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
poll(&(0x7f0000000380)=[{0xffffffffffffffff, 0x62a8}, {0xffffffffffffffff, 0x3401}, {r3, 0x42a2}, {r4, 0x1200}, {r3, 0x20}], 0x5, 0x5a33)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000001c0)=0x1b)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$VHOST_SET_VRING_BASE(r7, 0xaf01, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

4.316981273s ago: executing program 6 (id=549):
clock_nanosleep(0x9, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f00000001c0)) (fail_nth: 1)

3.897412569s ago: executing program 4 (id=550):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f00000000c0)={0x8080000, 0xd000, 0x10})

3.674026033s ago: executing program 4 (id=551):
r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_mptcp_buf(r1, 0x11c, 0x1, &(0x7f0000000000)=""/54, &(0x7f0000000040)=0x36)
ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405668, &(0x7f0000000280)={0x0, 0x0, 0x8})

3.248727491s ago: executing program 6 (id=552):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, 0x0)
add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, r1)
r2 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0xffffffffffffffff, r4)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {<r5=>0xffffffffffffffff, r4}}, './file0\x00'})
fstat(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0, <r7=>0x0})
keyctl$chown(0x4, r1, r5, r7)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="650100001b"], 0x188}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010000305000000000000000000cf0000", @ANYRES32=r8, @ANYBLOB="03000000000000002000128008000100677265001400028008000600ac1414aa08000700e000000108000a0070", @ANYRES64=r6, @ANYRESDEC=r3], 0x48}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, 0x0) (async)
add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, r1) (async)
socket(0x10, 0x3, 0x0) (async)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) (async)
setregid(0xffffffffffffffff, r4) (async)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff, r4}}, './file0\x00'}) (async)
fstat(r0, &(0x7f00000001c0)) (async)
keyctl$chown(0x4, r1, r5, r7) (async)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
sendmsg$nl_xfrm(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0) (async)
sendmsg$nl_xfrm(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="650100001b"], 0x188}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010000305000000000000000000cf0000", @ANYRES32=r8, @ANYBLOB="03000000000000002000128008000100677265001400028008000600ac1414aa08000700e000000108000a0070", @ANYRES64=r6, @ANYRESDEC=r3], 0x48}}, 0x0) (async)

3.144446854s ago: executing program 9 (id=553):
r0 = socket(0x2, 0x80805, 0x7fffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xe, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800", @ANYRES32=r0, @ANYRES16], 0x0, 0x6, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000200)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder0\x00', 0x0, 0x0)

3.033263864s ago: executing program 9 (id=554):
r0 = syz_open_dev$sndpcmp(&(0x7f0000002440), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_PAUSE(r0, 0x80184132, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xa, 0x5, 0x2, 0x4, 0x4000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
close(r1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x8, 0x1, 0x13, 0x8}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000", @ANYRES16=r3], 0x64}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000009c0)={0x48, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_HELP={0x10, 0x5, 0x0, 0x1, {0x9, 0x1, 'pptp\x00'}}]}, 0x48}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
pipe2(&(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@cache_fscache}, {@cachetag={'cachetag', 0x3d, '\x14\xe2\xc3\x11\xe2\xcb\x86\xc8-Hs\xc6\xafm\xdc{\xde<Q\x1a\x13'}}]}})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000380)={<r10=>0x0, @broadcast, @multicast2}, &(0x7f00000003c0)=0xc)
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)=@delchain={0x94, 0x65, 0x300, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r10, {0xfff3, 0xd}, {}, {0xfff3, 0xd}}, [@filter_kind_options=@f_bpf={{0x8}, {0x60, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x5}, {0x2c, 0x5, [{0x166, 0x4, 0x81, 0xa1b2}, {0x96, 0xd0, 0x1, 0x200}, {0x3, 0x0, 0x2, 0xfff}, {0x2, 0xd, 0x8, 0x4}, {0x1, 0x3, 0x7, 0x7}]}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x4}, @TCA_BPF_FLAGS={0x8, 0x8, 0x1}, @TCA_BPF_FD={0x8}, @TCA_BPF_CLASSID={0x8, 0x3, {0xffee, 0xffe0}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x2}]}}, @TCA_CHAIN={0x8, 0xb, 0xf}]}, 0x94}, 0x1, 0x0, 0x0, 0x20000040}, 0x10800)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000350000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142da7646c4fe02996b60cf81ebcd50fa9ea4318123f602000000000000de89e661168c1886d0d4d94f204e345c652fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340a1c8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d255be1ed66d9051f22614d1f62734d679039a97d2b74f9e8e997ccd314000f747f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480e5aee9c9e5f2e5a56a6d920335c8e8726fd8329d9a728995b1531bd20360d33d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c55969a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047050d7296cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed03a6fe7860b3e13c3173a60a1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a0000000000000001ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada186b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8f09c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3138e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39289f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a12105edebc5e3b8dad4c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f200000000000000000089de7f8485d9507164a187220b36ddc7fa645d4bd0c1414c30a416"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7020000010000e1850000008600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x76)

2.953915709s ago: executing program 4 (id=555):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_DEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)={0x20, 0x2, 0x9, 0x401, 0x0, 0x0, {}, [@NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
fsopen(0x0, 0x0)
getcwd(0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x813014, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r5, 0x0, 0x0}, 0x20)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r6, &(0x7f0000000300), 0x20000000}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000021c0)={0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x10800ff, r6}, 0x38)
setsockopt$inet_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x1000, 0x0)

2.88330937s ago: executing program 1 (id=556):
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000980)=@gettclass={0x24, 0x2a, 0x10d, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x0, 0xfff2}}}, 0x24}}, 0x0)

946.105863ms ago: executing program 9 (id=557):
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYBLOB="00000000400000002400128009000100626f6e64000000001400028008000a000000000005001d"], 0x44}}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005f"], 0x3}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0xf00000000000000)

917.929767ms ago: executing program 4 (id=558):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ppoll(&(0x7f0000000180)=[{r0}], 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
listen(r0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000200)=0x2, 0x43)
ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0x1)
shutdown(r0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7902})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f3fd65bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e208000000729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d305"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='\a\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000000000000000000000200000008000b010000000008003f00eeff"], 0x24}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x1c, 0x1, 0x4, 0x3, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x2}]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_COALESCE(r4, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r5, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r6}, @void}}}, 0x28}}, 0x0)
r8 = dup2(r3, r3)
fcntl$dupfd(r8, 0x0, r8)
socket$inet(0x2, 0x801, 0x0)
r9 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
syz_usb_connect(0x0, 0x41, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000e518a708ac0501859d200000000109022f00010000000009040000000e0100000524", @ANYRES16=r9], 0x0)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
write$cgroup_devices(r1, &(0x7f0000000800)=ANY=[@ANYBLOB="2503"], 0xffdd)

329.640386ms ago: executing program 6 (id=559):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0bfc0000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}}, 0x0)
writev(r0, &(0x7f0000000040), 0x2)
sendmsg$OSF_MSG_REMOVE(r0, &(0x7f0000000300)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f00000003c0)={0x710, 0x1, 0x5, 0x201, 0x0, 0x0, {0x3, 0x0, 0x7}, [{{0x254, 0x1, {{0x2, 0xb5b6}, 0x3, 0x4, 0x8, 0x4, 0xb, 'syz1\x00', "9c5d2316116d9555d7b5291671571815b8e603d43019006eae16805e0f6e77d9", "2bc6a6a171bd0842e9ef2e709b327a1d9cdb23505e690fee97f82f310a765588", [{0x7, 0xd, {0x3, 0xb3}}, {0x3, 0x7, {0x1, 0x46d}}, {0x3, 0x8, {0x0, 0xf}}, {0xc3, 0x3ff, {0x3, 0x4}}, {0x3, 0x6, {0x1, 0x80000001}}, {0x3, 0xb, {0x0, 0x7}}, {0x6, 0x3, {0x1, 0x1}}, {0x4, 0x7e}, {0x1, 0x5, {0x3, 0x75}}, {0x7, 0x7, {0x3, 0x3e2}}, {0x7, 0xfff7, {0x0, 0x7}}, {0x800, 0x2, {0x1, 0x93}}, {0x5, 0x7fff, {0x1, 0x1}}, {0x6, 0x97b5, {0x1, 0x6}}, {0x1, 0xb1, {0x0, 0xed2}}, {0x6, 0x5b36, {0x3, 0x5745}}, {0xdb51, 0xff, {0x2, 0xaf40}}, {0x3, 0x7}, {0xff7f, 0x8, {0x1, 0x400}}, {0x1000, 0xffff, {0x1, 0x372}}, {0x2, 0x1, {0x1, 0x8}}, {0x9, 0x6, {0x0, 0x2}}, {0x9, 0x2, {0x3, 0x6}}, {0x4, 0x7bcc, {0x3, 0x10}}, {0xffff, 0x7, {0x1, 0x9}}, {0x3ff, 0x1, {0x3}}, {0x6, 0x3, {0x2, 0x7}}, {0x0, 0x7, {0x1, 0x7fff}}, {0x3, 0xff, {0x3}}, {0x2, 0x7fff, {0x2, 0x906}}, {0x0, 0x0, {0x1, 0x9732}}, {0x0, 0x8, {0x1, 0xae6}}, {0x4, 0x8000, {0x2, 0x9}}, {0x3, 0x1, {0x2, 0xffff}}, {0x44cf, 0x8, {0x1, 0x8}}, {0x5, 0x3, {0x3, 0x1490}}, {0x3, 0x4, {0x3, 0x4}}, {0x6, 0x748e, {0x0, 0x2}}, {0x8, 0x3, {0x1, 0x8004}}, {0x400, 0x0, {0x2, 0x4}}]}}}, {{0x254, 0x1, {{0x1, 0x9}, 0x0, 0x6, 0x5, 0x9, 0x1d, 'syz1\x00', "d7c86b4c74bebb17b0a9c963a6853476bc35308508511e3fc8826ffa0f85f39c", "d94b4954ff1afe5aae7724ba6255bbcad5675daa7bf5ca31d4a705ad48573e9c", [{0x5, 0x0, {0x1, 0x3}}, {0x5, 0x8001, {0x1, 0x9}}, {0x5, 0xbd, {0x0, 0x6}}, {0x2, 0xeca7, {0x0, 0x1}}, {0x4c8, 0x78f, {0x0, 0x1}}, {0x200, 0xa, {0x1, 0x8}}, {0x1, 0x40, {0x3, 0x8}}, {0x7, 0xfffd, {0x0, 0x6}}, {0x6, 0xf, {0x3, 0x91c80000}}, {0x6, 0x5, {0x0, 0x4}}, {0xa394, 0xffef, {0x0, 0xc}}, {0x2, 0x1, {0x3, 0x1}}, {0x8, 0x2, {0x1}}, {0x9, 0x7, {0x1, 0x4d}}, {0xc, 0x5, {0x2, 0x7}}, {0x0, 0x8001, {0x0, 0x2}}, {0x3, 0x100, {0x2, 0x6}}, {0xfff8, 0x1, {0x3, 0x3}}, {0x2229, 0x4, {0x2, 0xd}}, {0x1c, 0x6, {0x2, 0xffff}}, {0x6, 0x400, {0x3, 0x5}}, {0x8001, 0x5, {0x0, 0x2}}, {0x332a, 0x0, {0x0, 0x3}}, {0x6, 0x38, {0x2, 0x9}}, {0x7, 0x101, {0x1, 0x7}}, {0x40, 0x1, {0x1, 0x8}}, {0x1, 0x3, {0x3}}, {0x7, 0xf, {0x3}}, {0x9, 0x1ff, {0x0, 0x1000}}, {0x2, 0x200, {0x2, 0x3ff}}, {0x9, 0x1, {0x0, 0x3}}, {0x1, 0xbb, {0x1, 0x39}}, {0x7, 0x8000, {0x2, 0x3}}, {0x1, 0x1, {0x3, 0x9ce}}, {0x180, 0x800, {0x3, 0xbcc}}, {0xd, 0x1, {0x1, 0x52}}, {0x1, 0x0, {0x2, 0x8}}, {0xfeff, 0x41, {0x2, 0x7f}}, {0x101, 0xf, {0x2, 0x3}}, {0x2, 0x401, {0x3, 0x63c}}]}}}, {{0x254, 0x1, {{0x1, 0xfffffff0}, 0x5, 0xa7, 0x5, 0x7, 0x1c, 'syz0\x00', "8ae9d6cd355a7ee8d82d3ea8301ff3fb26be6a3961bb86e3ba1bd1050e334d86", "27bac1f1c4856af1b17bc3d37892acfb43f6dcb5d76d35e1e47b7009ae387670", [{0x5, 0x158f, {0x1, 0x8b}}, {0xff01, 0x0, {0x1, 0xffffffff}}, {0x1, 0xd40, {0x1, 0x2}}, {0x0, 0xfffd, {0x1, 0x40}}, {0x401, 0x0, {0x1, 0x11c}}, {0xa57, 0xc000, {0x0, 0x5}}, {0x9, 0xffff, {0x3, 0xffffff01}}, {0xfbf, 0x2, {0x2, 0x10}}, {0x7ad, 0x6, {0x2, 0x5}}, {0x8, 0x2, {0x0, 0x7f}}, {0x1, 0x3, {0x3, 0x1a00}}, {0x100, 0xe728, {0x3, 0x7}}, {0x7, 0xcb9, {0x2, 0x7ee7}}, {0x1ac9, 0x81, {0x3, 0x8}}, {0x4, 0x9, {0x2, 0x8}}, {0xb, 0x1000, {0x2, 0x7fffffff}}, {0x0, 0x81, {0x2, 0x8}}, {0x1800, 0xfff9, {0x0, 0xa2}}, {0x1ff, 0xfffa, {0x1, 0x8d17}}, {0x1, 0x1ff, {0x0, 0x5}}, {0xb, 0x2, {0x3, 0x4}}, {0x200, 0x5, {0x0, 0x2}}, {0x4, 0x3, {0x3, 0x3}}, {0x6, 0x6, {0x1, 0x1}}, {0x28, 0xe5, {0x0, 0x1}}, {0x0, 0x9, {0x1, 0x4}}, {0x80, 0x7, {0x3, 0x2}}, {0x5, 0x0, {0x3, 0x4}}, {0x2, 0x3, {0x0, 0x6}}, {0x9, 0x0, {0x3, 0x2}}, {0x0, 0x9, {0x0, 0x5}}, {0x5, 0x9841, {0x2}}, {0x7, 0x8000, {0x2, 0xf7d}}, {0x8, 0x40, {0x0, 0xfffffff7}}, {0xfffa, 0x7, {0x1, 0x4c4c254c}}, {0x14, 0x12, {0x2}}, {0x6, 0x22c1, {0x3}}, {0xe4, 0x1, {0x3, 0x4}}, {0x1c9, 0x8, {0x2}}, {0x9, 0x4, {0x3}}]}}}]}, 0x710}, 0x1, 0x0, 0x0, 0x4040010}, 0x90)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r1, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_settings={0x4, 0x0, @te1=0x0}})
ioctl$sock_netdev_private(r1, 0x89f0, &(0x7f0000000000))
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="06000000070a0101000000000000000500000000f1cf4926dfee2f275bb8f7c383c80105bc790d746b8b550230ef13216ababdfdb7c6971ee4ba81ec0be57185fde62c6fe1dd17442ef6c26125bbbaf1e23cb7b18d52c90c91df07947af12feb0d2184b7868012ba3434e9aa962c1748bc703a9d43ab137bb1d65f849450c27f3772ed6a8e472113397b9bac8dae737c73621efdd9ba2c1d898b1dd4a53edf3212620d8a"], 0x14}}, 0x0)

329.091761ms ago: executing program 1 (id=560):
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
gettid()
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
fchdir(0xffffffffffffffff)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r4 = inotify_init1(0x0)
fcntl$setown(r4, 0x8, 0xffffffffffffffff)
fcntl$getownex(r4, 0x10, &(0x7f0000000140))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xe}, @NFTA_SOCKET_KEY={0x8}]}}}]}]}], {0x14}}, 0xd8}}, 0x0)

314.119491ms ago: executing program 2 (id=561):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f00000002c0)={0x3f})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
write$uinput_user_dev(r0, &(0x7f0000000300)={'syz1\x00', {0x547, 0x3, 0x1, 0x7}, 0x48, [0x800, 0x1, 0x0, 0x7, 0xffffffff, 0x2, 0x6, 0x8, 0x8416, 0x3516, 0x5, 0x6, 0x4, 0x40, 0xd1, 0x213, 0x2, 0x2, 0xb, 0x7f, 0x9, 0x3, 0x50f, 0x1, 0x18, 0x4e452280, 0x3, 0x7f, 0x7, 0x400, 0x5, 0xdaca, 0x9, 0x92, 0x2, 0x7, 0x3, 0x80, 0x400, 0xfffffff8, 0x118, 0x5, 0xc, 0x6, 0x10000, 0x9, 0x3d2c, 0x800, 0x201, 0xaf, 0x2, 0x9, 0x8, 0xb45, 0x8, 0x4, 0x800, 0xfe1, 0x401, 0x3, 0x4, 0xffff4992, 0xfffff6ae, 0x4], [0x10, 0x4, 0x40, 0x60000, 0x8000, 0x6, 0xfffff830, 0x10000, 0x6, 0x4, 0xa, 0x6, 0x3, 0x7, 0xbab, 0x7, 0x4, 0x2, 0x50c67913, 0x2, 0x908, 0x0, 0x7, 0x6, 0x1, 0x1ff, 0x5, 0x20000000, 0x5, 0x5, 0x5, 0x3, 0xffffffff, 0x10001, 0x8, 0x2c5, 0x4, 0x0, 0x5, 0x10001, 0x8, 0x5, 0x4, 0x2, 0x2621, 0x401bc273, 0x9, 0x0, 0x7, 0x1000, 0x4, 0x3, 0x7, 0x2c0, 0xfff, 0x6, 0x4, 0xe, 0x24, 0x1, 0x62e6, 0xc14, 0x6, 0xb], [0x6, 0x0, 0xb6, 0x9, 0x7, 0x8, 0xda000000, 0x200, 0xfffffffe, 0x0, 0x3, 0x8157, 0x6, 0x8, 0x4, 0x9b9a, 0xfffffffa, 0x7, 0x1, 0xcaec, 0x81, 0x200, 0x4254, 0x0, 0x800, 0xfffffffc, 0x0, 0x9, 0x7, 0x9e62, 0xffffff00, 0x1, 0x6, 0x3ff, 0xa, 0x5, 0x83, 0x3, 0x0, 0x8, 0x9, 0xffff, 0xe, 0x6, 0xa7, 0xfffffffd, 0x9, 0x100, 0x942, 0x2, 0x1, 0x5, 0x9, 0x81, 0x6, 0xf4, 0x5, 0x4, 0x2b, 0xe, 0x3, 0x80, 0x1, 0x1], [0x7, 0x101, 0x5, 0x2, 0x0, 0x2, 0x5b0, 0xdae, 0xa977, 0x6, 0xad29, 0x9, 0x31ed, 0x8001, 0x1, 0xfffffffa, 0x4, 0x4, 0x0, 0x4, 0x5, 0x7fff, 0x5a013c26, 0x5, 0x8, 0xfffffffa, 0x8, 0x0, 0x9, 0xfffffe00, 0x7, 0x8cd, 0xd, 0x18000000, 0xa, 0x9, 0x8, 0x200, 0x6, 0x0, 0x7, 0x7a, 0x11e, 0x9, 0x6, 0x5, 0x9, 0x101, 0x49, 0x1, 0x9, 0x1, 0x9, 0xf3b, 0x7, 0x6, 0x285, 0x5, 0x0, 0xf, 0x9, 0x8481, 0xa62, 0x6]}, 0x45c) (fail_nth: 1)

107.884966ms ago: executing program 6 (id=562):
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000200), &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x0, 0x0})
io_uring_enter(r0, 0x3f70, 0x0, 0x0, 0x0, 0x0)

107.038789ms ago: executing program 2 (id=563):
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000200), &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x0, 0x0})
io_uring_enter(r0, 0x3f70, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)

0s ago: executing program 9 (id=564):
r0 = socket(0x2, 0x80805, 0x7fffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xe, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="1800", @ANYRES32=r0, @ANYRES16], 0x0, 0x6, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000200)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder0\x00', 0x0, 0x0)

kernel console output (not intermixed with test programs):

ected cc 0x1001 length: 249 > 9
[  166.064336][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  166.080126][ T5842] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  166.088143][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  166.289223][ T7344] chnl_net:caif_netlink_parms(): no params data found
[  166.413060][ T7344] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.435447][ T7356] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  166.449903][ T7344] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.486966][ T7344] bridge_slave_0: entered allmulticast mode
[  166.504252][ T7344] bridge_slave_0: entered promiscuous mode
[  166.528261][ T7344] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.557242][ T7344] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.600382][ T7344] bridge_slave_1: entered allmulticast mode
[  166.617124][ T7344] bridge_slave_1: entered promiscuous mode
[  166.895868][ T7344] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  166.912382][ T7344] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  167.442990][ T7344] team0: Port device team_slave_0 added
[  167.450434][    T9] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  167.481520][ T7344] team0: Port device team_slave_1 added
[  167.608013][ T7344] batman_adv: batadv0: Adding interface: batadv_slave_0
[  167.622029][ T7344] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.650072][    C0] vkms_vblank_simulate: vblank timer overrun
[  167.657071][    T9] usb 1-1: Using ep0 maxpacket: 16
[  167.679989][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.691547][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  167.705073][ T7344] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  167.716409][    T9] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  167.739676][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.748832][ T7344] batman_adv: batadv0: Adding interface: batadv_slave_1
[  167.764571][ T7344] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  167.793645][    T9] usb 1-1: config 0 descriptor??
[  167.857212][ T7344] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  168.097306][ T7344] hsr_slave_0: entered promiscuous mode
[  168.117523][ T7344] hsr_slave_1: entered promiscuous mode
[  168.143341][ T5843] Bluetooth: hci1: command tx timeout
[  168.150282][ T7344] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  168.157951][ T7344] Cannot create hsr debugfs directory
[  168.239520][  T965] usb 4-1: USB disconnect, device number 14
[  168.333806][    T9] microsoft 0003:045E:07DA.0003: ignoring exceeding usage max
[  168.343889][    T9] microsoft 0003:045E:07DA.0003: No inputs registered, leaving
[  168.441449][ T7344] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  168.456577][    T9] microsoft 0003:045E:07DA.0003: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  168.470025][    T9] microsoft 0003:045E:07DA.0003: no inputs found
[  168.476400][    T9] microsoft 0003:045E:07DA.0003: could not initialize ff, continuing anyway
[  168.496823][ T7344] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  168.512232][ T7344] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  168.527769][ T7344] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  168.738500][ T7344] 8021q: adding VLAN 0 to HW filter on device bond0
[  168.779431][ T7344] 8021q: adding VLAN 0 to HW filter on device team0
[  168.820274][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  168.827364][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  168.872901][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  168.879990][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  169.120978][ T7415] netlink: 12 bytes leftover after parsing attributes in process `syz.7.285'.
[  169.153798][ T7415] netlink: 8 bytes leftover after parsing attributes in process `syz.7.285'.
[  169.339165][ T7344] 8021q: adding VLAN 0 to HW filter on device batadv0
[  169.380881][   T29] kauditd_printk_skb: 33 callbacks suppressed
[  169.380896][   T29] audit: type=1400 audit(1730143525.539:375): avc:  denied  { read } for  pid=7425 comm="syz.3.287" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  169.409765][    C0] vkms_vblank_simulate: vblank timer overrun
[  169.461439][ T7426] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  169.470195][   T29] audit: type=1400 audit(1730143525.539:376): avc:  denied  { open } for  pid=7425 comm="syz.3.287" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  169.493368][    C0] vkms_vblank_simulate: vblank timer overrun
[  169.509628][ T7426] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  169.550178][ T7426] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  169.604916][ T7426] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  169.612474][ T7426] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  169.627682][ T7426] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  169.732568][ T7426] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  169.865002][ T7426] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  170.080270][ T7426] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  170.196085][    T8] usb 1-1: USB disconnect, device number 9
[  170.217016][ T7426] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  170.236515][ T5842] Bluetooth: hci1: command tx timeout
[  170.256629][ T7426] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  170.758169][ T7426] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  171.022414][ T7344] veth0_vlan: entered promiscuous mode
[  171.072777][ T7426] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  171.112366][ T7426] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  171.477048][ T7459] SELinux: security_context_str_to_sid () failed with errno=-22
[  171.741902][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout
[  171.747954][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout
[  171.782057][   T29] audit: type=1400 audit(1730143527.629:377): avc:  denied  { mounton } for  pid=7453 comm="syz.1.290" path="/dev/binderfs" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  171.819731][ T5843] Bluetooth: hci4: command 0x0c1a tx timeout
[  171.831067][ T7344] veth1_vlan: entered promiscuous mode
[  171.849980][ T7344] veth0_macvtap: entered promiscuous mode
[  171.860761][ T7344] veth1_macvtap: entered promiscuous mode
[  171.886085][ T7344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.927988][ T7344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.941068][ T7344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.955782][ T7344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.965747][ T7344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  171.977551][ T7344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  171.987704][ T7344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.012143][ T7344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.030056][ T7344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.050361][ T7344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.071131][ T7344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.085135][ T7344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.104460][ T7426] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  172.113183][ T7344] batman_adv: batadv0: Interface activated: batadv_slave_0
[  172.299566][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout
[  172.402971][ T7464] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  172.447420][ T7344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.549592][ T7344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.562258][ T7344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  172.589269][ T7344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.496032][ T7344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.506533][ T7344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.506654][ T5843] Bluetooth: hci1: command 0x0419 tx timeout
[  173.516724][ T7344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.516759][ T7344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.516847][ T7344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.516880][ T7344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.516950][ T7344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.516982][ T7344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.518336][ T7344] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.608704][ T7344] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.617910][ T7344] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.626986][ T7344] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.635830][ T7344] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  173.826078][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout
[  173.832472][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout
[  173.911377][ T5843] Bluetooth: hci4: command 0x0c1a tx timeout
[  174.108579][ T7495] syz.7.297: attempt to access beyond end of device
[  174.108579][ T7495] nbd7: rw=0, sector=0, nr_sectors = 1 limit=0
[  174.121541][ T7495] (syz.7.297,7495,1):ocfs2_get_sector:1769 ERROR: status = -5
[  174.129322][ T7495] (syz.7.297,7495,1):ocfs2_sb_probe:749 ERROR: status = -5
[  174.136851][ T7495] (syz.7.297,7495,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  174.148962][ T7495] (syz.7.297,7495,1):ocfs2_fill_super:1178 ERROR: status = -5
[  174.419728][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout
[  174.508800][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.516704][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.582808][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  174.608334][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  174.707638][ T7503] loop7: detected capacity change from 0 to 16384
[  175.047982][   T39] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[  175.096112][   T29] audit: type=1400 audit(1730143531.249:378): avc:  denied  { write } for  pid=7517 comm="syz.8.305" path="socket:[15113]" dev="sockfs" ino=15113 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  175.098164][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  175.120622][   T25] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  175.150378][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  175.158990][   T29] audit: type=1400 audit(1730143531.289:379): avc:  denied  { nlmsg_read } for  pid=7517 comm="syz.8.305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  175.162824][   T52] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.200249][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  175.229924][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  175.256730][ T5842] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  175.264768][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  175.328860][   T52] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.369680][   T25] usb 8-1: Using ep0 maxpacket: 16
[  175.385221][   T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  175.405553][   T25] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  175.438592][   T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  175.462716][   T25] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  175.471453][   T52] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.496245][   T25] usb 8-1: New USB device found, idVendor=1608, idProduct=0303, bcdDevice=a1.cb
[  175.506490][   T25] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.518377][   T25] usb 8-1: Product: syz
[  175.523833][   T25] usb 8-1: Manufacturer: syz
[  175.536913][   T25] usb 8-1: SerialNumber: syz
[  175.575364][   T25] usb 8-1: config 0 descriptor??
[  175.585362][ T5842] Bluetooth: hci1: command 0x0419 tx timeout
[  175.672574][   T52] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.728968][   T25] io_ti 8-1:0.0: required endpoints missing
[  175.817455][ T5843] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  175.842678][ T5843] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  175.935495][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  176.060735][ T5843] Bluetooth: hci4: command 0x0c1a tx timeout
[  176.072470][ T5846] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  176.087165][ T5846] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  176.098495][ T5846] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  176.473750][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout
[  176.653869][ T7520] chnl_net:caif_netlink_parms(): no params data found
[  176.689467][ T7507] batman_adv: batadv0: Adding interface: dummy0
[  176.696977][ T7507] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.733977][ T7507] batman_adv: batadv0: Interface activated: dummy0
[  176.748797][   T29] audit: type=1400 audit(1730143532.899:380): avc:  denied  { create } for  pid=7505 comm="syz.7.302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  176.777872][   T52] bridge_slave_1: left allmulticast mode
[  176.777990][   T29] audit: type=1400 audit(1730143532.929:381): avc:  denied  { ioctl } for  pid=7505 comm="syz.7.302" path="socket:[15190]" dev="sockfs" ino=15190 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  176.808405][   T52] bridge_slave_1: left promiscuous mode
[  176.808617][   T52] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.821706][ T5912] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  176.832299][   T52] bridge_slave_0: left allmulticast mode
[  176.837945][   T52] bridge_slave_0: left promiscuous mode
[  176.844669][   T52] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.994532][ T5912] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  177.007004][ T5912] usb 9-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  177.027243][ T5912] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.049149][ T5912] usb 9-1: config 0 descriptor??
[  177.075636][ T5912] pwc: Askey VC010 type 2 USB webcam detected.
[  177.218048][   T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.236599][   T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.247778][   T52] bond0 (unregistering): Released all slaves
[  177.294775][ T7560] batadv0: mtu less than device minimum
[  177.307292][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.319495][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.331320][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.343132][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.349989][ T5846] Bluetooth: hci0: command tx timeout
[  177.354715][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.370896][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.382709][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.394542][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.410718][ T7560] net_ratelimit: 3 callbacks suppressed
[  177.410733][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.428270][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.442293][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.454197][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.466009][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.477817][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.485509][ T5912] pwc: recv_control_msg error -32 req 02 val 2b00
[  177.489412][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.506309][ T7560] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  177.518356][   T29] audit: type=1400 audit(1730143533.639:382): avc:  denied  { write } for  pid=7552 comm="syz.8.310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  177.557412][ T5912] pwc: recv_control_msg error -32 req 02 val 2700
[  177.570561][ T5912] pwc: recv_control_msg error -32 req 02 val 2c00
[  177.606401][ T7507] netlink: 8 bytes leftover after parsing attributes in process `syz.7.302'.
[  177.626327][    T8] usb 8-1: USB disconnect, device number 3
[  177.659710][ T5846] Bluetooth: hci1: command 0x0419 tx timeout
[  177.786248][ T5912] pwc: recv_control_msg error -71 req 04 val 1300
[  177.804559][ T5912] pwc: recv_control_msg error -71 req 04 val 1400
[  177.814613][ T5912] pwc: recv_control_msg error -71 req 02 val 2000
[  177.822059][ T5912] pwc: recv_control_msg error -71 req 02 val 2100
[  177.828766][ T5912] pwc: recv_control_msg error -71 req 04 val 1500
[  177.837189][ T5912] pwc: recv_control_msg error -71 req 02 val 2500
[  177.843926][ T5912] pwc: recv_control_msg error -71 req 02 val 2400
[  177.850682][ T5912] pwc: recv_control_msg error -71 req 02 val 2600
[  177.869965][ T5912] pwc: recv_control_msg error -71 req 02 val 2900
[  177.885461][ T5912] pwc: recv_control_msg error -71 req 02 val 2800
[  177.901772][ T5912] pwc: recv_control_msg error -71 req 04 val 1100
[  177.908490][ T5912] pwc: recv_control_msg error -71 req 04 val 1200
[  177.930614][ T5912] pwc: Registered as video103.
[  177.936297][ T5912] input: PWC snapshot button as /devices/platform/dummy_hcd.8/usb9/9-1/input/input7
[  178.021192][ T5912] usb 9-1: USB disconnect, device number 2
[  178.051780][   T52] hsr_slave_0: left promiscuous mode
[  178.059041][   T52] hsr_slave_1: left promiscuous mode
[  178.097248][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  178.134713][   T52] batman_adv: batadv0: Removing interface: batadv_slave_0
[  178.171322][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  178.178785][   T52] batman_adv: batadv0: Removing interface: batadv_slave_1
[  178.207282][   T52] veth1_macvtap: left promiscuous mode
[  178.217396][   T52] veth0_macvtap: left promiscuous mode
[  178.239641][   T52] veth1_vlan: left promiscuous mode
[  178.244938][   T52] veth0_vlan: left promiscuous mode
[  178.426583][ T5846] Bluetooth: hci2: command tx timeout
[  178.552163][ T7589] netlink: 256 bytes leftover after parsing attributes in process `syz.7.312'.
[  179.138879][   T29] audit: type=1400 audit(1730143535.289:383): avc:  denied  { getopt } for  pid=7593 comm="syz.8.315" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  180.229947][ T5846] Bluetooth: hci0: command tx timeout
[  180.240190][ T5842] Bluetooth: hci1: command 0x0419 tx timeout
[  180.743043][ T5846] Bluetooth: hci2: command tx timeout
[  180.826556][   T29] audit: type=1400 audit(1730143536.979:384): avc:  denied  { getopt } for  pid=7609 comm="syz.7.319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  180.960750][   T29] audit: type=1400 audit(1730143537.119:385): avc:  denied  { write } for  pid=7609 comm="syz.7.319" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  180.999692][    T8] usb 9-1: new full-speed USB device number 3 using dummy_hcd
[  181.049547][   T45] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  181.126554][   T52] team0 (unregistering): Port device team_slave_1 removed
[  181.163716][    T8] usb 9-1: unable to get BOS descriptor or descriptor too short
[  181.192498][    T8] usb 9-1: not running at top speed; connect to a high speed hub
[  181.200343][    T9] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  181.229267][    T8] usb 9-1: config 2 has an invalid interface number: 212 but max is 1
[  181.239573][   T45] usb 2-1: Using ep0 maxpacket: 16
[  181.252533][    T8] usb 9-1: config 2 has an invalid interface number: 226 but max is 1
[  181.307916][   T52] team0 (unregistering): Port device team_slave_0 removed
[  181.315576][    T8] usb 9-1: config 2 has no interface number 0
[  181.325665][    T8] usb 9-1: config 2 has no interface number 1
[  181.355445][    T8] usb 9-1: config 2 interface 212 altsetting 9 endpoint 0x1 has invalid maxpacket 512, setting to 64
[  181.369655][    T9] usb 8-1: Using ep0 maxpacket: 16
[  181.403013][    T9] usb 8-1: config 0 has no interfaces?
[  181.415809][    T8] usb 9-1: config 2 interface 226 altsetting 0 has a duplicate endpoint with address 0x1, skipping
[  181.422960][   T45] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  181.427639][    T8] usb 9-1: config 2 interface 226 altsetting 0 endpoint 0x85 has invalid maxpacket 37745, setting to 64
[  181.441183][   T45] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  181.456868][    T8] usb 9-1: config 2 interface 226 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  181.467579][   T45] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  181.476846][    T8] usb 9-1: config 2 interface 226 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  181.486378][   T45] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.500736][    T9] usb 8-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  181.500763][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.500783][    T9] usb 8-1: Product: syz
[  181.500798][    T9] usb 8-1: Manufacturer: syz
[  181.500813][    T9] usb 8-1: SerialNumber: syz
[  181.502990][    T9] usb 8-1: config 0 descriptor??
[  181.510474][   T45] usb 2-1: Product: syz
[  181.541035][   T45] usb 2-1: Manufacturer: syz
[  181.545674][   T45] usb 2-1: SerialNumber: syz
[  181.552588][   T45] usb 2-1: config 0 descriptor??
[  181.560688][   T45] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  181.570179][   T45] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  181.576987][    T8] usb 9-1: config 2 interface 212 has no altsetting 0
[  181.600860][    T8] usb 9-1: New USB device found, idVendor=0738, idProduct=4540, bcdDevice=c6.ce
[  181.610402][    T8] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.618416][    T8] usb 9-1: Product: syz
[  181.622852][    T8] usb 9-1: Manufacturer: syz
[  181.627466][    T8] usb 9-1: SerialNumber: syz
[  181.771373][   T29] audit: type=1400 audit(1730143537.929:386): avc:  denied  { read write } for  pid=7609 comm="syz.7.319" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  181.774730][   T25] usb 8-1: USB disconnect, device number 4
[  181.815771][   T29] audit: type=1400 audit(1730143537.929:387): avc:  denied  { open } for  pid=7609 comm="syz.7.319" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  181.915419][ T7520] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.922684][ T7520] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.930484][ T7520] bridge_slave_0: entered allmulticast mode
[  181.937331][ T7520] bridge_slave_0: entered promiscuous mode
[  181.949195][ T7543] chnl_net:caif_netlink_parms(): no params data found
[  181.960877][ T7520] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.968142][ T7520] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.975406][ T7520] bridge_slave_1: entered allmulticast mode
[  181.983847][ T7520] bridge_slave_1: entered promiscuous mode
[  182.050154][ T7520] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  182.066344][ T7520] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  182.171223][   T45] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  182.178026][   T45] em28xx 2-1:0.0: Config register raw data: 0x24
[  182.185579][   T45] em28xx 2-1:0.0: I2S Audio (1 sample rate(s))
[  182.198165][   T45] em28xx 2-1:0.0: No AC97 audio processor
[  182.227460][ T7520] team0: Port device team_slave_0 added
[  182.249877][ T7543] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.267326][ T7543] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.276960][ T7543] bridge_slave_0: entered allmulticast mode
[  182.292040][ T7543] bridge_slave_0: entered promiscuous mode
[  182.310147][ T5846] Bluetooth: hci0: command tx timeout
[  182.331491][ T7520] team0: Port device team_slave_1 added
[  182.340231][ T7543] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.347324][ T7543] bridge0: port 2(bridge_slave_1) entered disabled state
[  182.366506][ T7543] bridge_slave_1: entered allmulticast mode
[  182.383156][ T7543] bridge_slave_1: entered promiscuous mode
[  182.482223][ T7520] batman_adv: batadv0: Adding interface: batadv_slave_0
[  182.489869][ T7520] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.517507][ T7520] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  182.563469][ T7520] batman_adv: batadv0: Adding interface: batadv_slave_1
[  182.578073][ T7520] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.612727][ T7520] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  182.650408][ T7543] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  182.683923][ T7543] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  182.781007][ T5846] Bluetooth: hci2: command tx timeout
[  182.798985][   T52] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.835716][ T7543] team0: Port device team_slave_0 added
[  182.869993][ T7543] team0: Port device team_slave_1 added
[  182.890093][   T52] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.913938][ T7520] hsr_slave_0: entered promiscuous mode
[  182.927206][ T7520] hsr_slave_1: entered promiscuous mode
[  183.039419][    T8] input: Mad Catz Beat Pad as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:2.226/input/input8
[  183.078711][    T8] usb 9-1: USB disconnect, device number 3
[  183.138947][   T52] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.239630][ T7543] batman_adv: batadv0: Adding interface: batadv_slave_0
[  183.263190][ T7543] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  183.328614][ T7543] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  183.364544][ T7543] batman_adv: batadv0: Adding interface: batadv_slave_1
[  183.574272][ T7661] netlink: 256 bytes leftover after parsing attributes in process `syz.8.321'.
[  183.740410][   T29] audit: type=1400 audit(1730143539.749:388): avc:  denied  { write } for  pid=5181 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  183.921630][ T7543] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  183.989794][ T7543] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  184.009278][   T29] audit: type=1400 audit(1730143539.749:389): avc:  denied  { remove_name } for  pid=5181 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  184.038070][   T29] audit: type=1400 audit(1730143539.749:390): avc:  denied  { add_name } for  pid=5181 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  184.062213][   T29] audit: type=1400 audit(1730143540.139:391): avc:  denied  { connect } for  pid=7663 comm="syz.7.322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  184.199263][   T52] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.262493][    T8] usb 2-1: USB disconnect, device number 8
[  184.395543][ T5846] Bluetooth: hci0: command tx timeout
[  185.019701][ T7677] netlink: 256 bytes leftover after parsing attributes in process `syz.8.324'.
[  185.646162][ T5846] Bluetooth: hci2: command tx timeout
[  185.972143][ T7543] hsr_slave_0: entered promiscuous mode
[  185.992052][ T7543] hsr_slave_1: entered promiscuous mode
[  186.008638][ T7543] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  186.020609][ T7543] Cannot create hsr debugfs directory
[  186.033035][   T52] bridge_slave_1: left allmulticast mode
[  186.052443][   T52] bridge_slave_1: left promiscuous mode
[  186.066150][   T52] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.108298][   T52] bridge_slave_0: left allmulticast mode
[  186.129043][   T52] bridge_slave_0: left promiscuous mode
[  186.135047][   T52] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.739709][   T25] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[  186.913700][   T25] usb 8-1: config index 0 descriptor too short (expected 6427, got 27)
[  186.975891][   T25] usb 8-1: config 0 has an invalid interface number: 21 but max is 0
[  186.994300][   T25] usb 8-1: config 0 has no interface number 0
[  187.000841][   T25] usb 8-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  187.012675][   T25] usb 8-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  187.037882][   T25] usb 8-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  187.049158][   T25] usb 8-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  187.061860][   T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.077552][   T25] usb 8-1: config 0 descriptor??
[  187.083116][   T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  187.083318][ T7707] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  187.107108][   T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  187.117718][   T52] bond0 (unregistering): Released all slaves
[  187.216279][   T52] IPVS: stopping backup sync thread 6970 ...
[  187.506998][ T7520] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  187.509698][ T5883] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  187.539091][ T7520] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  187.573499][   T52] hsr_slave_0: left promiscuous mode
[  187.583419][   T52] hsr_slave_1: left promiscuous mode
[  187.590839][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  187.598315][   T52] batman_adv: batadv0: Removing interface: batadv_slave_0
[  187.608584][   T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  187.616196][   T52] batman_adv: batadv0: Removing interface: batadv_slave_1
[  187.635574][   T52] veth1_macvtap: left promiscuous mode
[  187.641733][   T52] veth0_macvtap: left promiscuous mode
[  187.647256][   T52] veth1_vlan: left promiscuous mode
[  187.652639][   T52] veth0_vlan: left promiscuous mode
[  187.692028][ T5883] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  187.703580][ T5883] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  187.714791][ T5883] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  187.724710][ T5883] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  187.737493][ T5883] usb 2-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  187.747597][ T5883] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.756081][ T5883] usb 2-1: Product: syz
[  187.760523][ T5883] usb 2-1: Manufacturer: syz
[  187.766920][ T5883] usb 2-1: SerialNumber: syz
[  187.780321][ T5883] usb 2-1: config 0 descriptor??
[  187.796574][ T5883] ums-isd200 2-1:0.0: USB Mass Storage device detected
[  187.915394][   T52] team0 (unregistering): Port device vlan0 removed
[  188.007980][ T5883] scsi host1: usb-storage 2-1:0.0
[  188.016900][ T5883] usb 2-1: USB disconnect, device number 9
[  188.121606][ T5912] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  188.150918][   T52] team0 (unregistering): Port device team_slave_1 removed
[  188.177668][   T52] team0 (unregistering): Port device team_slave_0 removed
[  188.280875][ T5912] usb 9-1: Using ep0 maxpacket: 16
[  188.297943][ T5912] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  188.313052][ T5912] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.323677][ T5912] usb 9-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  188.333413][ T5912] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.343480][ T5912] usb 9-1: config 0 descriptor??
[  188.469709][ T7520] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  188.481674][ T7520] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  188.762165][ T7520] 8021q: adding VLAN 0 to HW filter on device bond0
[  188.774629][ T5912] uclogic 0003:28BD:0071.0004: interface is invalid, ignoring
[  188.882785][ T7743] netem: change failed
[  188.925940][ T7520] 8021q: adding VLAN 0 to HW filter on device team0
[  188.939281][   T67] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.946411][   T67] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.043743][ T7732] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  189.085169][ T7732] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  189.151239][ T7520] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  189.161655][ T7520] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  189.179342][   T67] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.186434][   T67] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.238369][   T25] usb 8-1: USB disconnect, device number 5
[  189.403884][ T5912] usb 9-1: USB disconnect, device number 4
[  189.444665][ T7543] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  189.464229][ T7543] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  189.500254][ T7543] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  189.512445][ T7543] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  189.543106][ T7520] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.663514][ T7543] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.705950][ T7543] 8021q: adding VLAN 0 to HW filter on device team0
[  189.727326][ T5993] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.734446][ T5993] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.745457][   T25] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  189.770915][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.778019][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.783704][   T29] audit: type=1400 audit(1730143545.909:392): avc:  denied  { create } for  pid=7752 comm="syz.1.335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  189.819457][ T7543] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  189.903444][   T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.914727][   T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.939542][   T25] usb 8-1: New USB device found, idVendor=0404, idProduct=2801, bcdDevice= 0.00
[  189.973490][   T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.013267][ T7520] veth0_vlan: entered promiscuous mode
[  190.035903][   T25] usb 8-1: config 0 descriptor??
[  190.077999][ T7520] veth1_vlan: entered promiscuous mode
[  190.375775][ T7520] veth0_macvtap: entered promiscuous mode
[  190.417593][ T7520] veth1_macvtap: entered promiscuous mode
[  190.447620][ T7520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.460354][   T29] audit: type=1400 audit(1730143546.609:393): avc:  denied  { name_connect } for  pid=7762 comm="syz.7.336" dest=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  190.488248][ T7520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.498309][ T7520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.498337][ T5883] IPVS: starting estimator thread 0...
[  190.509180][ T7520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.524970][ T7520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.535537][ T7520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.545682][ T7520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.556384][ T7520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.566413][ T7520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.576928][ T7520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.588120][ T7520] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.598140][ T7520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.609028][ T7520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.619401][ T7520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.630925][ T7520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.641138][ T7520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.642846][ T7810] IPVS: using max 28 ests per chain, 67200 per kthread
[  190.651606][ T7520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.651620][ T7520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.651631][ T7520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.688804][ T7520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.699324][ T7520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.712561][ T7520] batman_adv: batadv0: Interface activated: batadv_slave_1
[  190.730360][ T7543] 8021q: adding VLAN 0 to HW filter on device batadv0
[  190.744198][ T7520] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.753032][ T7520] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.770153][ T7520] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.789017][ T7520] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  191.041114][ T1041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  191.072697][ T1041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.149773][ T5959] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  191.276695][ T1160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  191.300249][ T1160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.326724][   T25] usbhid 8-1:0.0: can't add hid device: -71
[  191.341513][   T25] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  191.370154][ T5959] usb 2-1: Using ep0 maxpacket: 8
[  191.384582][ T5959] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.444878][   T25] usb 8-1: USB disconnect, device number 6
[  191.466285][ T5959] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  191.549706][ T5959] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  191.564290][ T7543] veth0_vlan: entered promiscuous mode
[  191.571176][ T5959] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  191.592686][ T5959] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.603922][ T7543] veth1_vlan: entered promiscuous mode
[  191.623850][ T5959] usb 2-1: Product: syz
[  191.633290][ T5959] usb 2-1: Manufacturer: syz
[  191.650626][ T5959] usb 2-1: SerialNumber: syz
[  191.680320][ T7543] veth0_macvtap: entered promiscuous mode
[  191.688778][ T7543] veth1_macvtap: entered promiscuous mode
[  191.701809][ T7543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.712268][ T7543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.722099][ T7543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.732553][ T7543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.742878][ T7543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.753755][ T7543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.763590][ T7543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.774068][ T7543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.783893][ T7543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.795482][ T7543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.805946][ T7543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  191.816426][ T7543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  191.860759][ T7543] batman_adv: batadv0: Interface activated: batadv_slave_0
[  191.881415][ T7543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.581157][ T7543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.816617][ T7543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.827140][ T7543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.836971][ T7543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.857596][ T7543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.869680][ T7543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.880878][ T7543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.890922][ T7543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.901435][ T7543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.911275][ T7543] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.921893][ T7543] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.933039][ T7543] batman_adv: batadv0: Interface activated: batadv_slave_1
[  193.021508][ T7543] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  193.030793][ T7543] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  193.053143][ T7543] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  193.082880][ T7543] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.192362][ T5884] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  193.230373][   T35] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.251800][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.269114][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.300324][   T35] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.333718][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.344715][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.360398][ T5884] usb 8-1: Using ep0 maxpacket: 32
[  193.380639][ T5884] usb 8-1: config 0 has an invalid interface number: 61 but max is 0
[  193.395444][ T5884] usb 8-1: config 0 has no interface number 0
[  193.405998][ T5884] usb 8-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6
[  193.417789][   T35] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.431294][ T5884] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.461656][ T5884] usb 8-1: Product: syz
[  193.465859][ T5884] usb 8-1: Manufacturer: syz
[  193.501983][ T5884] usb 8-1: SerialNumber: syz
[  193.519165][ T5884] usb 8-1: config 0 descriptor??
[  193.526576][   T29] audit: type=1400 audit(1730143549.689:394): avc:  denied  { read } for  pid=7868 comm="syz.4.307" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  193.639596][   T29] audit: type=1400 audit(1730143549.769:395): avc:  denied  { open } for  pid=7868 comm="syz.4.307" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  193.883112][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  193.890973][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  193.968076][ T5884] viperboard 8-1:0.61: version 0.00 found at bus 008 address 007
[  194.007455][   T29] audit: type=1400 audit(1730143550.149:396): avc:  denied  { write } for  pid=7868 comm="syz.4.307" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  194.078313][   T35] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.096548][ T5884] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100
[  194.141416][ T5884] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[  194.159204][ T5846] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  194.169808][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  194.178576][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  194.196301][ T5846] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  194.205332][ T5846] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  194.217257][ T5846] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  194.246949][ T5884] usb 8-1: USB disconnect, device number 7
[  194.424210][ T7888] syzkaller0: entered promiscuous mode
[  194.454262][ T7888] syzkaller0: entered allmulticast mode
[  194.869441][ T7895] binder: BINDER_SET_CONTEXT_MGR already set
[  194.879671][ T7895] binder: 7893:7895 ioctl 4018620d 200001c0 returned -16
[  195.128804][ T5959] cdc_ncm 2-1:1.0: bind() failure
[  195.138049][   T29] audit: type=1400 audit(1730143551.299:397): avc:  denied  { create } for  pid=7896 comm="syz.4.353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  195.157450][   T29] audit: type=1400 audit(1730143551.299:398): avc:  denied  { bind } for  pid=7896 comm="syz.4.353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  195.176566][   T29] audit: type=1400 audit(1730143551.299:399): avc:  denied  { write } for  pid=7896 comm="syz.4.353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  195.198025][ T5959] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -71
[  195.212638][ T5959] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -71
[  195.232160][ T5959] usbtest 2-1:1.1: probe with driver usbtest failed with error -71
[  195.271090][ T5959] usb 2-1: USB disconnect, device number 10
[  195.609612][ T5959] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  195.906658][ T5959] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  195.916482][ T5959] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  195.926369][ T5959] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  195.936677][ T5959] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  195.964684][ T5959] usb 2-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  195.973919][ T5959] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.997389][ T5959] usb 2-1: Product: syz
[  196.002306][ T5959] usb 2-1: Manufacturer: syz
[  196.007308][ T5959] usb 2-1: SerialNumber: syz
[  196.272897][ T5959] usb 2-1: config 0 descriptor??
[  196.330435][ T5846] Bluetooth: hci1: command tx timeout
[  196.375955][ T5959] ums-isd200 2-1:0.0: USB Mass Storage device detected
[  196.579877][ T5959] scsi host1: usb-storage 2-1:0.0
[  196.593848][ T5959] usb 2-1: USB disconnect, device number 11
[  196.950864][   T35] bridge_slave_1: left allmulticast mode
[  196.956530][   T35] bridge_slave_1: left promiscuous mode
[  196.970653][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.979361][   T35] bridge_slave_0: left allmulticast mode
[  196.986316][   T35] bridge_slave_0: left promiscuous mode
[  197.006192][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.169263][ T5846] Bluetooth: hci3: unexpected event for opcode 0x0c25
[  197.797606][   T29] audit: type=1400 audit(1730143553.949:400): avc:  denied  { map } for  pid=7918 comm="syz.1.359" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  197.822429][   T29] audit: type=1400 audit(1730143553.949:401): avc:  denied  { execute } for  pid=7918 comm="syz.1.359" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  197.853693][  T965] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  198.177597][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  198.204400][  T965] usb 10-1: config 0 has an invalid interface number: 5 but max is 0
[  198.212693][  T965] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  198.223087][  T965] usb 10-1: config 0 has no interface number 0
[  198.229718][  T965] usb 10-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00
[  198.239915][  T965] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.250043][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  198.271692][   T35] bond0 (unregistering): Released all slaves
[  198.303427][  T965] usb 10-1: config 0 descriptor??
[  198.381814][ T5846] Bluetooth: hci1: command tx timeout
[  198.876293][   T25] usb 10-1: USB disconnect, device number 2
[  198.945569][ T7879] chnl_net:caif_netlink_parms(): no params data found
[  198.978302][ T7939] FAULT_INJECTION: forcing a failure.
[  198.978302][ T7939] name failslab, interval 1, probability 0, space 0, times 0
[  198.993859][ T7939] CPU: 1 UID: 0 PID: 7939 Comm: syz.9.362 Not tainted 6.12.0-rc5-syzkaller #0
[  199.002693][ T7939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  199.012722][ T7939] Call Trace:
[  199.015974][ T7939]  <TASK>
[  199.018878][ T7939]  dump_stack_lvl+0x16c/0x1f0
[  199.023552][ T7939]  should_fail_ex+0x497/0x5b0
[  199.028203][ T7939]  ? fs_reclaim_acquire+0xae/0x150
[  199.033288][ T7939]  should_failslab+0xc2/0x120
[  199.037940][ T7939]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  199.043285][ T7939]  ? security_inode_alloc+0x3b/0x2b0
[  199.048543][ T7939]  security_inode_alloc+0x3b/0x2b0
[  199.053629][ T7939]  inode_init_always_gfp+0xc5f/0xfb0
[  199.058908][ T7939]  alloc_inode+0x82/0x230
[  199.063212][ T7939]  sock_alloc+0x40/0x280
[  199.067429][ T7939]  do_accept+0x144/0x530
[  199.071651][ T7939]  ? __pfx_do_accept+0x10/0x10
[  199.076399][ T7939]  __sys_accept4+0x102/0x1c0
[  199.080968][ T7939]  ? __pfx___sys_accept4+0x10/0x10
[  199.086057][ T7939]  ? __pfx_ksys_write+0x10/0x10
[  199.090886][ T7939]  __x64_sys_accept4+0x96/0x100
[  199.095716][ T7939]  ? lockdep_hardirqs_on+0x7c/0x110
[  199.100907][ T7939]  do_syscall_64+0xcd/0x250
[  199.105425][ T7939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.111328][ T7939] RIP: 0033:0x7fc36f77e719
[  199.115744][ T7939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.135358][ T7939] RSP: 002b:00007fc37064a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  199.143759][ T7939] RAX: ffffffffffffffda RBX: 00007fc36f935f80 RCX: 00007fc36f77e719
[  199.151715][ T7939] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  199.159671][ T7939] RBP: 00007fc37064a090 R08: 0000000000000000 R09: 0000000000000000
[  199.167622][ T7939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.175577][ T7939] R13: 0000000000000000 R14: 00007fc36f935f80 R15: 00007ffd0f8c2b18
[  199.183546][ T7939]  </TASK>
[  199.325486][   T35] hsr_slave_0: left promiscuous mode
[  200.540660][ T7947] FAULT_INJECTION: forcing a failure.
[  200.540660][ T7947] name failslab, interval 1, probability 0, space 0, times 0
[  200.554290][ T7947] CPU: 0 UID: 0 PID: 7947 Comm: syz.9.364 Not tainted 6.12.0-rc5-syzkaller #0
[  200.563142][ T7947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  200.573193][ T7947] Call Trace:
[  200.576465][ T7947]  <TASK>
[  200.579388][ T7947]  dump_stack_lvl+0x16c/0x1f0
[  200.584080][ T7947]  should_fail_ex+0x497/0x5b0
[  200.588756][ T7947]  ? fs_reclaim_acquire+0xae/0x150
[  200.593867][ T7947]  should_failslab+0xc2/0x120
[  200.598544][ T7947]  __kmalloc_noprof+0xcb/0x400
[  200.603310][ T7947]  sock_kmalloc+0x111/0x170
[  200.607814][ T7947]  hash_alloc_result+0xd7/0x150
[  200.612660][ T7947]  hash_sendmsg+0x696/0xf30
[  200.617175][ T7947]  ____sys_sendmsg+0xaaf/0xc90
[  200.621944][ T7947]  ? copy_msghdr_from_user+0x10b/0x160
[  200.627399][ T7947]  ? __pfx_____sys_sendmsg+0x10/0x10
[  200.632693][ T7947]  ? __pfx___lock_acquire+0x10/0x10
[  200.637888][ T7947]  ___sys_sendmsg+0x135/0x1e0
[  200.642564][ T7947]  ? __pfx____sys_sendmsg+0x10/0x10
[  200.647779][ T7947]  ? lock_acquire+0x2f/0xb0
[  200.652277][ T7947]  ? __fget_files+0x40/0x3f0
[  200.656882][ T7947]  ? fdget+0x176/0x210
[  200.660955][ T7947]  __sys_sendmsg+0x117/0x1f0
[  200.665543][ T7947]  ? __pfx___sys_sendmsg+0x10/0x10
[  200.670649][ T7947]  ? __fget_files+0x244/0x3f0
[  200.675347][ T7947]  do_syscall_64+0xcd/0x250
[  200.679856][ T7947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.685750][ T7947] RIP: 0033:0x7fc36f77e719
[  200.690164][ T7947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.709767][ T7947] RSP: 002b:00007fc370608038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  200.718175][ T7947] RAX: ffffffffffffffda RBX: 00007fc36f936130 RCX: 00007fc36f77e719
[  200.726139][ T7947] RDX: 0000000000000040 RSI: 0000000020000900 RDI: 000000000000000c
[  200.734106][ T7947] RBP: 00007fc370608090 R08: 0000000000000000 R09: 0000000000000000
[  200.742071][ T7947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.750033][ T7947] R13: 0000000000000000 R14: 00007fc36f936130 R15: 00007ffd0f8c2b18
[  200.757986][ T7947]  </TASK>
[  200.761967][   T35] hsr_slave_1: left promiscuous mode
[  200.763618][   T29] audit: type=1400 audit(1730143555.619:402): avc:  denied  { ioctl } for  pid=7943 comm="syz.9.364" path="socket:[17308]" dev="sockfs" ino=17308 ioctlcmd=0x8904 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  200.808501][ T5846] Bluetooth: hci1: command tx timeout
[  200.822164][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  200.833060][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  200.840690][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  200.857294][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  200.905536][   T35] veth1_macvtap: left promiscuous mode
[  200.954963][   T35] veth0_macvtap: left promiscuous mode
[  200.976556][   T35] veth1_vlan: left promiscuous mode
[  200.992960][   T35] veth0_vlan: left promiscuous mode
[  201.239547][   T25] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  201.489681][   T25] usb 5-1: Using ep0 maxpacket: 8
[  201.644867][   T25] usb 5-1: unable to read config index 0 descriptor/start: -61
[  201.666944][   T25] usb 5-1: can't read configurations, error -61
[  201.809716][   T25] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  201.969634][   T25] usb 5-1: Using ep0 maxpacket: 8
[  201.988605][   T25] usb 5-1: unable to read config index 0 descriptor/start: -61
[  202.008366][   T25] usb 5-1: can't read configurations, error -61
[  202.017126][   T25] usb usb5-port1: attempt power cycle
[  202.208773][   T35] team0 (unregistering): Port device team_slave_1 removed
[  202.257105][   T35] team0 (unregistering): Port device team_slave_0 removed
[  202.584409][ T7962] FAULT_INJECTION: forcing a failure.
[  202.584409][ T7962] name failslab, interval 1, probability 0, space 0, times 0
[  202.601247][ T7962] CPU: 1 UID: 0 PID: 7962 Comm: syz.4.370 Not tainted 6.12.0-rc5-syzkaller #0
[  202.610116][ T7962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  202.620162][ T7962] Call Trace:
[  202.623432][ T7962]  <TASK>
[  202.626340][ T7962]  dump_stack_lvl+0x16c/0x1f0
[  202.630998][ T7962]  should_fail_ex+0x497/0x5b0
[  202.635653][ T7962]  ? fs_reclaim_acquire+0xae/0x150
[  202.640738][ T7962]  should_failslab+0xc2/0x120
[  202.645396][ T7962]  __kmalloc_noprof+0xcb/0x400
[  202.650152][ T7962]  ? d_absolute_path+0x137/0x1b0
[  202.655065][ T7962]  tomoyo_encode2+0x100/0x3e0
[  202.659735][ T7962]  tomoyo_encode+0x29/0x50
[  202.664151][ T7962]  tomoyo_realpath_from_path+0x19d/0x720
[  202.669781][ T7962]  tomoyo_path_number_perm+0x245/0x590
[  202.675218][ T7962]  ? tomoyo_path_number_perm+0x232/0x590
[  202.680829][ T7962]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  202.686796][ T7962]  ? trace_lock_acquire+0x14a/0x1d0
[  202.691988][ T7962]  ? lock_acquire+0x2f/0xb0
[  202.696480][ T7962]  ? __fget_files+0x40/0x3f0
[  202.701051][ T7962]  ? __fget_files+0x244/0x3f0
[  202.705707][ T7962]  security_file_ioctl+0x9b/0x240
[  202.710718][ T7962]  __x64_sys_ioctl+0xbb/0x220
[  202.715399][ T7962]  do_syscall_64+0xcd/0x250
[  202.719915][ T7962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.725807][ T7962] RIP: 0033:0x7f6c2cb7e719
[  202.730197][ T7962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.749779][ T7962] RSP: 002b:00007f6c2d903038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  202.758173][ T7962] RAX: ffffffffffffffda RBX: 00007f6c2cd36058 RCX: 00007f6c2cb7e719
[  202.759762][    T9] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  202.766113][ T7962] RDX: 0000000020000040 RSI: 00000000000007ab RDI: 0000000000000003
[  202.766128][ T7962] RBP: 00007f6c2d903090 R08: 0000000000000000 R09: 0000000000000000
[  202.766140][ T7962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.766152][ T7962] R13: 0000000000000001 R14: 00007f6c2cd36058 R15: 00007ffcd490da78
[  202.766175][ T7962]  </TASK>
[  202.818220][ T7962] ERROR: Out of memory at tomoyo_realpath_from_path.
[  202.861017][ T5846] Bluetooth: hci1: command tx timeout
[  202.911417][    T9] usb 2-1: Using ep0 maxpacket: 8
[  202.919750][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  202.986913][    T9] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  203.006338][    T9] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  203.019097][    T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  203.028707][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  203.038614][    T9] usb 2-1: Product: syz
[  203.044417][    T9] usb 2-1: Manufacturer: syz
[  203.052772][    T9] usb 2-1: SerialNumber: syz
[  203.121599][ T7879] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.151532][ T7879] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.181463][ T7879] bridge_slave_0: entered allmulticast mode
[  203.201158][ T7879] bridge_slave_0: entered promiscuous mode
[  203.211514][ T7879] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.218611][ T7879] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.225917][ T7879] bridge_slave_1: entered allmulticast mode
[  203.233882][ T7879] bridge_slave_1: entered promiscuous mode
[  203.434501][   T29] audit: type=1400 audit(1730143559.469:403): avc:  denied  { create } for  pid=7966 comm="syz.9.371" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  203.507298][ T7879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  203.820818][ T7879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  203.837374][   T29] audit: type=1400 audit(1730143559.479:404): avc:  denied  { ioctl } for  pid=7966 comm="syz.9.371" path="socket:[17336]" dev="sockfs" ino=17336 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  204.000627][   T29] audit: type=1400 audit(1730143560.159:405): avc:  denied  { read } for  pid=7975 comm="syz.9.374" path="socket:[17845]" dev="sockfs" ino=17845 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  204.046910][ T7879] team0: Port device team_slave_0 added
[  204.079664][   T29] audit: type=1400 audit(1730143560.209:406): avc:  denied  { read write } for  pid=7975 comm="syz.9.374" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  204.081517][ T7879] team0: Port device team_slave_1 added
[  204.148910][   T29] audit: type=1400 audit(1730143560.209:407): avc:  denied  { open } for  pid=7975 comm="syz.9.374" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  204.252995][   T29] audit: type=1400 audit(1730143560.209:408): avc:  denied  { watch } for  pid=7975 comm="syz.9.374" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  204.399910][   T29] audit: type=1400 audit(1730143560.209:409): avc:  denied  { watch_sb watch_reads } for  pid=7975 comm="syz.9.374" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  205.299607][   T29] audit: type=1400 audit(1730143560.379:410): avc:  denied  { write } for  pid=7976 comm="syz.4.375" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  205.896426][ T7879] batman_adv: batadv0: Adding interface: batadv_slave_0
[  205.903469][ T7879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.929402][ T7879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  205.934472][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  205.941561][ T7879] batman_adv: batadv0: Adding interface: batadv_slave_1
[  205.954088][ T7879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.960675][ T5842] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  205.981136][ T7879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  205.991091][ T5842] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  206.007328][ T5842] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  206.014659][ T5842] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  206.021840][ T5842] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  206.203848][   T29] audit: type=1400 audit(1730143562.359:411): avc:  denied  { ioctl } for  pid=7994 comm="syz.9.378" path="socket:[17903]" dev="sockfs" ino=17903 ioctlcmd=0x662a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  206.228901][   T29] audit: type=1326 audit(1730143562.359:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7994 comm="syz.9.378" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc36f77e719 code=0x0
[  206.230710][ T7879] hsr_slave_0: entered promiscuous mode
[  206.258907][ T7879] hsr_slave_1: entered promiscuous mode
[  206.267111][ T7879] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  206.274931][ T7879] Cannot create hsr debugfs directory
[  206.433620][ T7998] Cannot find add_set index 0 as target
[  206.649146][ T7990] chnl_net:caif_netlink_parms(): no params data found
[  206.753048][ T7990] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.761636][ T7990] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.768870][ T7990] bridge_slave_0: entered allmulticast mode
[  206.775743][ T7990] bridge_slave_0: entered promiscuous mode
[  206.818903][ T7990] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.826929][ T7990] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.836971][ T7990] bridge_slave_1: entered allmulticast mode
[  206.845140][ T7990] bridge_slave_1: entered promiscuous mode
[  206.891493][ T7990] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  206.906400][ T7990] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  206.945625][    T9] cdc_ncm 2-1:1.0: bind() failure
[  206.974338][ T7990] team0: Port device team_slave_0 added
[  206.987851][ T7990] team0: Port device team_slave_1 added
[  206.994247][    T9] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -71
[  207.002655][    T9] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -71
[  207.015276][    T9] usbtest 2-1:1.1: probe with driver usbtest failed with error -71
[  207.029972][    T9] usb 2-1: USB disconnect, device number 12
[  207.066219][ T7879] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  207.155832][ T8008] netlink: 'syz.1.379': attribute type 10 has an invalid length.
[  207.194581][ T8008] geneve0: entered promiscuous mode
[  207.238942][ T8008] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  207.256420][ T7879] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  207.260826][   T29] audit: type=1400 audit(1730143563.409:413): avc:  denied  { write } for  pid=8011 comm="syz.4.381" name="sg0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  207.290031][ T7879] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  207.317884][ T7879] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  207.326369][ T7990] batman_adv: batadv0: Adding interface: batadv_slave_0
[  207.335850][ T7990] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.382848][ T7990] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  207.477587][ T7990] batman_adv: batadv0: Adding interface: batadv_slave_1
[  207.532692][ T7990] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.805682][ T7990] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  208.139611][ T5843] Bluetooth: hci3: command tx timeout
[  208.176514][ T8021] netlink: 128124 bytes leftover after parsing attributes in process `syz.9.383'.
[  208.200835][ T7990] hsr_slave_0: entered promiscuous mode
[  208.207846][ T7990] hsr_slave_1: entered promiscuous mode
[  208.213797][ T7990] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  208.223049][ T7990] Cannot create hsr debugfs directory
[  208.333465][   T29] audit: type=1400 audit(1730143564.459:414): avc:  denied  { getopt } for  pid=8016 comm="syz.1.382" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  208.870135][   T29] audit: type=1400 audit(1730143565.019:415): avc:  denied  { unmount } for  pid=5837 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  209.029047][ T7990] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.169411][ T7879] 8021q: adding VLAN 0 to HW filter on device bond0
[  209.184042][ T7879] 8021q: adding VLAN 0 to HW filter on device team0
[  209.241164][ T8036] netlink: 16 bytes leftover after parsing attributes in process `syz.4.388'.
[  209.286987][ T7990] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.298720][ T8040] netlink: 8 bytes leftover after parsing attributes in process `syz.1.387'.
[  209.324509][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.331625][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.340528][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.347570][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.416517][   T29] audit: type=1326 audit(1730143565.569:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8038 comm="syz.1.387" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff8f457e719 code=0x0
[  209.489758][   T29] audit: type=1400 audit(1730143565.649:417): avc:  denied  { create } for  pid=8038 comm="syz.1.387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  209.512033][ T7990] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.624059][ T7990] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.979792][ T5884] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  210.272096][ T5843] Bluetooth: hci3: command tx timeout
[  210.425830][ T7990] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  210.454527][ T5884] usb 10-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  210.458473][ T7879] 8021q: adding VLAN 0 to HW filter on device batadv0
[  210.494846][ T7879] veth0_vlan: entered promiscuous mode
[  210.504681][ T7879] veth1_vlan: entered promiscuous mode
[  210.522555][ T7879] veth0_macvtap: entered promiscuous mode
[  210.531297][ T5884] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 31, changing to 7
[  210.542582][ T5884] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  210.581853][ T5884] usb 10-1: string descriptor 0 read error: -22
[  210.588171][ T5884] usb 10-1: New USB device found, idVendor=2013, idProduct=0251, bcdDevice=e8.6e
[  210.589723][ T7879] veth1_macvtap: entered promiscuous mode
[  210.611691][ T7990] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  210.618418][ T5884] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.636840][ T5884] usb 10-1: config 0 descriptor??
[  210.643646][ T7879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  210.662143][   T29] audit: type=1400 audit(1730143566.819:418): avc:  denied  { mount } for  pid=8066 comm="syz.4.393" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  210.662901][ T5884] em28xx 10-1:0.0: New device   @ 480 Mbps (2013:0251, interface 0, class 0)
[  210.696354][ T8067] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  210.713539][ T7879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.727814][ T5884] em28xx 10-1:0.0: Audio interface 0 found (Vendor Class)
[  210.733770][ T7879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  210.749626][   T29] audit: type=1400 audit(1730143566.899:419): avc:  denied  { unmount } for  pid=7543 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  210.754697][ T7879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.799612][   T25] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  210.804161][ T7879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  210.823751][ T7879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.835650][ T7879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  210.853654][ T7879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.867138][ T7879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  210.886177][ T7879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.896409][ T7879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  210.907393][ T7879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.920861][ T7879] batman_adv: batadv0: Interface activated: batadv_slave_0
[  210.965861][ T7990] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  210.973787][ T5884] em28xx 10-1:0.0: unknown em28xx chip ID (0)
[  210.984929][ T5884] em28xx 10-1:0.0: Config register raw data: 0xfffffffb
[  210.985181][ T7990] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  211.003042][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  211.012965][   T25] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  211.027032][ T5884] em28xx 10-1:0.0: AC97 chip type couldn't be determined
[  211.038380][ T7879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  211.059235][ T7879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.063109][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  211.078782][ T5884] em28xx 10-1:0.0: No AC97 audio processor
[  211.086440][ T7879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  211.095430][   T25] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  211.110488][ T5884] usb 10-1: USB disconnect, device number 3
[  211.116975][ T5884] em28xx 10-1:0.0: Disconnecting em28xx
[  211.133787][ T7879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.196958][ T7879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  211.223991][ T7879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.255992][ T7879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  211.278429][ T5884] em28xx 10-1:0.0: Freeing device
[  211.284784][   T25] usb 2-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  211.296655][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.304756][   T25] usb 2-1: Product: syz
[  211.308919][   T25] usb 2-1: Manufacturer: syz
[  211.309545][ T7879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.313614][   T25] usb 2-1: SerialNumber: syz
[  211.563733][   T25] usb 2-1: config 0 descriptor??
[  211.593338][ T7879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  211.671636][   T25] ums-isd200 2-1:0.0: USB Mass Storage device detected
[  211.801356][ T7879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.864563][ T7879] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  211.890177][   T25] scsi host1: usb-storage 2-1:0.0
[  211.899928][ T7879] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  211.915049][   T25] usb 2-1: USB disconnect, device number 13
[  211.940745][ T7879] batman_adv: batadv0: Interface activated: batadv_slave_1
[  211.949218][ T8089] netlink: 256 bytes leftover after parsing attributes in process `syz.4.395'.
[  211.981415][ T7879] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  211.993462][ T7879] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.002556][ T7879] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.056232][ T7879] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.088924][ T8102] netlink: 12 bytes leftover after parsing attributes in process `syz.4.397'.
[  212.310347][ T5843] Bluetooth: hci3: command tx timeout
[  212.342999][ T8099] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  212.354809][ T8099] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  212.397182][ T1160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.427174][ T1160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.494622][ T8115] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[  212.521622][ T6072] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.531916][ T7990] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.546579][ T6072] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.622795][ T7990] 8021q: adding VLAN 0 to HW filter on device team0
[  212.656002][ T1041] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.663114][ T1041] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.723801][ T1041] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.730885][ T1041] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.791270][   T29] audit: type=1400 audit(1730143568.939:420): avc:  denied  { read append } for  pid=8124 comm="syz.4.401" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  212.814880][ T7990] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  212.814903][ T7990] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  213.000702][   T29] audit: type=1400 audit(1730143568.939:421): avc:  denied  { open } for  pid=8124 comm="syz.4.401" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  213.631273][   T29] audit: type=1400 audit(1730143568.949:422): avc:  denied  { ioctl } for  pid=8124 comm="syz.4.401" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x942d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  213.660186][  T965] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  213.688084][ T8145] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8145 comm=syz.2.405
[  213.706166][   T29] audit: type=1400 audit(1730143569.359:423): avc:  denied  { block_suspend } for  pid=8130 comm="syz.1.402" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  213.748915][ T7990] 8021q: adding VLAN 0 to HW filter on device batadv0
[  213.774111][   T29] audit: type=1400 audit(1730143569.909:424): avc:  denied  { unmount } for  pid=8144 comm="syz.2.405" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  213.824439][  T965] usb 5-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice= 0.00
[  213.833668][  T965] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.872844][  T965] usb 5-1: config 0 descriptor??
[  214.404884][ T5843] Bluetooth: hci3: command tx timeout
[  214.720589][  T965] gs_usb 5-1:0.0: Configuring for 136 interfaces
[  214.726966][  T965] gs_usb 5-1:0.0: Driver cannot handle more that 3 CAN interfaces
[  214.734906][  T965] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -22
[  214.869223][ T7990] veth0_vlan: entered promiscuous mode
[  214.967114][  T965] usb 5-1: USB disconnect, device number 5
[  214.986872][ T7990] veth1_vlan: entered promiscuous mode
[  215.042512][ T7990] veth0_macvtap: entered promiscuous mode
[  215.057808][ T7990] veth1_macvtap: entered promiscuous mode
[  215.090499][ T7990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.111369][ T7990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.127644][ T7990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.148743][ T7990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.169120][ T7990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.194260][ T7990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.204415][ T7990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.215301][ T7990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.277166][ T7990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.306446][ T7990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.324602][ T5959] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  215.337334][ T7990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.378716][ T7990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.533433][ T5959] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  215.546180][ T5959] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  215.639380][ T7990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.798093][ T5959] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  215.849059][ T7990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.901342][ T7990] batman_adv: batadv0: Interface activated: batadv_slave_0
[  215.928083][ T5959] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  215.932585][ T7990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.015094][ T5959] usb 3-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  216.019493][ T7990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.030594][ T5959] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.078296][ T7990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.079538][   T29] audit: type=1400 audit(1730143572.219:425): avc:  denied  { setopt } for  pid=8198 comm="syz.4.411" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  216.115664][ T7990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.117504][ T5959] usb 3-1: Product: syz
[  216.139369][ T7990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.146109][ T5959] usb 3-1: Manufacturer: syz
[  216.168252][ T7990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.174697][ T5959] usb 3-1: SerialNumber: syz
[  216.196621][ T5959] usb 3-1: config 0 descriptor??
[  216.204892][ T7990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.218762][ T5959] ums-isd200 3-1:0.0: USB Mass Storage device detected
[  216.269753][ T7990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.295920][ T7990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.307671][ T7990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.323674][ T7990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.346422][ T7990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.366715][ T7990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.380751][ T7990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.426607][ T5959] scsi host1: usb-storage 3-1:0.0
[  216.429975][ T7990] batman_adv: batadv0: Interface activated: batadv_slave_1
[  216.474367][ T5959] usb 3-1: USB disconnect, device number 2
[  216.480407][ T7990] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.489104][ T7990] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.548307][ T7990] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.563693][ T7990] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.668963][ T1160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.697104][ T1160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.777686][   T29] audit: type=1400 audit(1730143572.929:426): avc:  denied  { create } for  pid=8226 comm="syz.4.416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  216.798102][    T8] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  216.940894][ T1160] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.948865][ T1160] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.053218][   T29] audit: type=1400 audit(1730143573.199:427): avc:  denied  { read } for  pid=8230 comm="syz.6.373" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  217.119601][    T8] usb 10-1: Using ep0 maxpacket: 16
[  217.147067][    T8] usb 10-1: config 0 has an invalid interface number: 172 but max is 1
[  217.162958][    T8] usb 10-1: config 0 has no interface number 1
[  217.176355][    T8] usb 10-1: config 0 interface 172 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  217.191386][    T8] usb 10-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  217.356872][    T8] usb 10-1: New USB device found, idVendor=1949, idProduct=0004, bcdDevice=88.12
[  217.366162][    T8] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.390970][    T8] usb 10-1: Product: syz
[  217.395233][    T8] usb 10-1: Manufacturer: syz
[  217.588849][ T8243] netlink: 'syz.2.418': attribute type 10 has an invalid length.
[  217.859847][   T29] audit: type=1400 audit(1730143573.959:428): avc:  denied  { map } for  pid=8241 comm="syz.1.419" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  217.929670][ T8243] bond0: (slave bond_slave_0): Releasing backup interface
[  218.215341][    T8] usb 10-1: SerialNumber: syz
[  218.244497][    T8] usb 10-1: config 0 descriptor??
[  218.249659][    T8] usb 10-1: Interface #172 referenced by multiple IADs
[  218.361337][    T8] usb-storage 10-1:0.172: USB Mass Storage device detected
[  218.575658][    T8] usb-storage 10-1:0.172: Quirks match for vid 1949 pid 0004: 80000000
[  219.003413][    T8] usb-storage 10-1:0.0: USB Mass Storage device detected
[  219.012920][    T8] usb-storage 10-1:0.0: Quirks match for vid 1949 pid 0004: 80000000
[  219.199737][    T8] usb 10-1: USB disconnect, device number 4
[  219.301212][ T8276] fuse: Bad value for 'user_id'
[  219.306094][ T8276] fuse: Bad value for 'user_id'
[  219.362300][ T8281] loop7: detected capacity change from 0 to 16384
[  219.478307][ T8290] netlink: 8 bytes leftover after parsing attributes in process `syz.4.430'.
[  219.486736][ T8285] netlink: 8 bytes leftover after parsing attributes in process `syz.9.428'.
[  219.652215][   T29] audit: type=1326 audit(1730143575.809:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8289 comm="syz.4.430" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6c2cb7e719 code=0x0
[  219.692395][ T8281] I/O error, dev loop7, sector 1664 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 0
[  219.697354][ T8291] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  219.702651][ T8281] I/O error, dev loop7, sector 1664 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  219.702852][ T8281] Buffer I/O error on dev loop7, logical block 208, async page read
[  220.288145][ T8291] Buffer I/O error on dev loop7, logical block 0, async page read
[  220.297012][   T29] audit: type=1326 audit(1730143576.449:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8284 comm="syz.9.428" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc36f77e719 code=0x0
[  220.319669][    C1] vkms_vblank_simulate: vblank timer overrun
[  220.340572][ T8291] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  220.388905][ T8291] Buffer I/O error on dev loop7, logical block 0, async page read
[  220.399506][ T8291] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  220.411972][ T8291] Buffer I/O error on dev loop7, logical block 0, async page read
[  220.427568][ T8291] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  220.436826][ T8291] Buffer I/O error on dev loop7, logical block 0, async page read
[  220.497315][ T8291] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  220.517436][ T8291] Buffer I/O error on dev loop7, logical block 0, async page read
[  220.525615][   T29] audit: type=1400 audit(1730143576.679:431): avc:  denied  { write } for  pid=8313 comm="syz.4.432" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  220.533027][ T8291] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  220.548465][    C1] vkms_vblank_simulate: vblank timer overrun
[  220.558631][ T8314] random: crng reseeded on system resumption
[  220.584516][ T8291] Buffer I/O error on dev loop7, logical block 0, async page read
[  220.625184][   T29] audit: type=1400 audit(1730143576.779:432): avc:  denied  { relabelfrom } for  pid=8313 comm="syz.4.432" name="" dev="pipefs" ino=19084 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  220.651122][ T8291] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  220.689533][ T8291] Buffer I/O error on dev loop7, logical block 0, async page read
[  220.712577][ T8291] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  220.750814][ T8291] Buffer I/O error on dev loop7, logical block 0, async page read
[  220.768865][ T8291] ldm_validate_partition_table(): Disk read failed.
[  220.801456][ T8291] Buffer I/O error on dev loop7, logical block 0, async page read
[  220.809655][ T8291] Dev loop7: unable to read RDB block 0
[  220.819013][ T8291]  loop7: unable to read partition table
[  220.834362][ T8291] loop_reread_partitions: partition scan of loop7 (K�>�i)��/480���#�	�$q�Z����I�����[�u�@3b������j!5MM�]
z) failed (rc=-5)
[  221.010575][ T5843] Bluetooth: hci4: unexpected event for opcode 0x204e
[  221.228205][   T29] audit: type=1400 audit(1730143577.369:433): avc:  denied  { write } for  pid=8330 comm="syz.1.436" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  221.425850][ T8349] netem: change failed
[  221.499760][ T5884] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  221.567859][   T29] audit: type=1400 audit(1730143577.719:434): avc:  denied  { bind } for  pid=8348 comm="syz.2.440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  221.571548][    C0] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  221.941506][   T29] audit: type=1400 audit(1730143578.069:435): avc:  denied  { create } for  pid=8348 comm="syz.2.440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  221.986812][ T8352] netlink: 'syz.1.441': attribute type 7 has an invalid length.
[  222.047165][ T5884] usb 10-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  222.072781][ T8352] netlink: 140 bytes leftover after parsing attributes in process `syz.1.441'.
[  222.087470][ T5884] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 31, changing to 7
[  222.145075][ T5884] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  222.404832][ T5884] usb 10-1: string descriptor 0 read error: -22
[  222.413813][ T5884] usb 10-1: New USB device found, idVendor=2013, idProduct=0251, bcdDevice=e8.6e
[  222.429001][ T5884] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.469993][ T5884] usb 10-1: config 0 descriptor??
[  222.506863][ T5884] em28xx 10-1:0.0: New device   @ 480 Mbps (2013:0251, interface 0, class 0)
[  222.527996][ T5884] em28xx 10-1:0.0: Audio interface 0 found (Vendor Class)
[  222.539367][ T8383] loop7: detected capacity change from 0 to 16384
[  222.670087][    T8] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  222.689918][   T29] audit: type=1400 audit(1730143578.839:436): avc:  denied  { create } for  pid=8322 comm="syz.9.434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  222.722700][ T8390] Dev loop7: unable to read RDB block 8
[  222.754916][ T8394] capability: warning: `syz.9.434' uses deprecated v2 capabilities in a way that may be insecure
[  222.805756][   T29] audit: type=1400 audit(1730143578.959:437): avc:  denied  { watch watch_reads } for  pid=8322 comm="syz.9.434" path=2F6D656D66643A2D42D54E49C56A9A707070F00884A26D202864656C6574656429 dev="hugetlbfs" ino=20522 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  222.809860][ T8390]  loop7: unable to read partition table
[  222.834149][    C1] vkms_vblank_simulate: vblank timer overrun
[  222.839881][    T8] usb 3-1: device descriptor read/64, error -71
[  222.842002][ T8394] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  222.867356][ T8390] loop_reread_partitions: partition scan of loop7 (K�>�i)��/480���#�	�$q�Z����I�����[�u�@3b������j!5MM�]
z) failed (rc=-5)
[  222.891322][ T8394] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  222.924281][   T29] audit: type=1400 audit(1730143579.069:438): avc:  denied  { add_name } for  pid=8393 comm="syz.1.448" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  222.927691][ T8324] netlink: 'syz.9.434': attribute type 11 has an invalid length.
[  223.032069][   T29] audit: type=1400 audit(1730143579.069:439): avc:  denied  { create } for  pid=8393 comm="syz.1.448" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  223.078885][   T29] audit: type=1400 audit(1730143579.069:440): avc:  denied  { associate } for  pid=8393 comm="syz.1.448" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  223.119573][    T8] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  223.155118][   T29] audit: type=1400 audit(1730143579.159:441): avc:  denied  { unmount } for  pid=5837 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  223.419814][ T5884] em28xx 10-1:0.0: unknown em28xx chip ID (0)
[  223.433132][ T5884] em28xx 10-1:0.0: Config register raw data: 0xfffffffb
[  223.539688][    T8] usb 3-1: device descriptor read/64, error -71
[  223.694725][ T5884] em28xx 10-1:0.0: AC97 chip type couldn't be determined
[  223.701894][ T5884] em28xx 10-1:0.0: No AC97 audio processor
[  223.720156][ T5884] usb 10-1: USB disconnect, device number 5
[  223.730767][ T5884] em28xx 10-1:0.0: Disconnecting em28xx
[  224.093308][ T5884] em28xx 10-1:0.0: Freeing device
[  224.497129][    T8] usb usb3-port1: attempt power cycle
[  224.827100][ T8446] netlink: 40 bytes leftover after parsing attributes in process `syz.9.459'.
[  224.861552][    T8] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  224.866226][ T5881] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  224.880272][    T8] usb 3-1: device descriptor read/8, error -71
[  225.739813][    T8] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  225.982810][    T8] usb 3-1: device not accepting address 6, error -71
[  225.990372][    T8] usb usb3-port1: unable to enumerate USB device
[  226.323279][    T8] usb 3-1: new low-speed USB device number 7 using dummy_hcd
[  226.529588][ T5881] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  226.538482][ T5881] usb 2-1: config 1 has no interface number 0
[  226.544657][ T5881] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  226.556073][ T5881] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  226.561991][    T8] usb 3-1: unable to get BOS descriptor set
[  226.565623][ T5881] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 64895, setting to 1024
[  226.589501][ T5881] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[  226.631505][    T8] usb 3-1: config 0 has too many interfaces: 234, using maximum allowed: 32
[  226.661204][    T8] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 234
[  226.675805][    T8] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  226.695148][    T8] usb 3-1: string descriptor 0 read error: -22
[  226.718526][    T8] usb 3-1: New USB device found, idVendor=0009, idProduct=c2a1, bcdDevice= 0.40
[  226.777788][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.802088][ T5881] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  226.811323][ T5881] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.818573][   T29] audit: type=1400 audit(1730143582.979:442): avc:  denied  { ioctl } for  pid=8477 comm="syz.4.464" path="/dev/uinput" dev="devtmpfs" ino=920 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  226.819664][ T5881] usb 2-1: Product: syz
[  226.848512][ T5881] usb 2-1: Manufacturer: syz
[  226.853233][ T5881] usb 2-1: SerialNumber: syz
[  226.877662][    T8] usb 3-1: config 0 descriptor??
[  226.917318][    T8] cdc_ether 3-1:0.0: probe with driver cdc_ether failed with error -22
[  226.941340][ T8483] IPv6: NLM_F_REPLACE set, but no existing node found!
[  226.968694][   T29] audit: type=1400 audit(1730143583.109:443): avc:  denied  { sqpoll } for  pid=8467 comm="syz.9.463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  226.990233][ T8479] netlink: 12 bytes leftover after parsing attributes in process `syz.9.463'.
[  227.001392][ T8483] netlink: 256 bytes leftover after parsing attributes in process `syz.6.465'.
[  227.018252][   T29] audit: type=1400 audit(1730143583.159:444): avc:  denied  { map } for  pid=8480 comm="syz.6.465" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  227.112876][ T8432] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  227.205538][ T8506] FAULT_INJECTION: forcing a failure.
[  227.205538][ T8506] name failslab, interval 1, probability 0, space 0, times 0
[  227.216172][   T29] audit: type=1400 audit(1730143583.369:445): avc:  denied  { read } for  pid=8490 comm="syz.4.466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  227.218577][ T8506] CPU: 0 UID: 0 PID: 8506 Comm: syz.6.467 Not tainted 6.12.0-rc5-syzkaller #0
[  227.246528][ T8506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  227.256569][ T8506] Call Trace:
[  227.259836][ T8506]  <TASK>
[  227.262755][ T8506]  dump_stack_lvl+0x16c/0x1f0
[  227.267436][ T8506]  should_fail_ex+0x497/0x5b0
[  227.272106][ T8506]  should_failslab+0xc2/0x120
[  227.276779][ T8506]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  227.282140][ T8506]  ? rcu_is_watching+0x12/0xc0
[  227.286893][ T8506]  ? dst_alloc+0x99/0x1a0
[  227.291215][ T8506]  ? __pfx_ip6_dst_gc+0x10/0x10
[  227.296055][ T8506]  dst_alloc+0x99/0x1a0
[  227.300201][ T8506]  ip6_dst_alloc+0x2c/0x90
[  227.304604][ T8506]  ip6_pol_route+0x956/0x1120
[  227.309271][ T8506]  ? __pfx_ip6_pol_route+0x10/0x10
[  227.314381][ T8506]  ? __pfx_widen_string+0x10/0x10
[  227.319392][ T8506]  ? __pfx___lock_acquire+0x10/0x10
[  227.324577][ T8506]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  227.330281][ T8506]  fib6_rule_lookup+0x386/0x720
[  227.335121][ T8506]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  227.340478][ T8506]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  227.346095][ T8506]  ? rcu_is_watching+0x12/0xc0
[  227.350891][ T8506]  ? trace_lock_acquire+0x14a/0x1d0
[  227.356098][ T8506]  ? dev_get_by_index_rcu+0x102/0x140
[  227.361468][ T8506]  ip6_route_output_flags+0x1d0/0x640
[  227.366838][ T8506]  ip6_dst_lookup_tail.constprop.0+0x56e/0x19e0
[  227.373075][ T8506]  ? hlock_class+0x4e/0x130
[  227.377569][ T8506]  ? __lock_acquire+0xbdd/0x3ce0
[  227.382507][ T8506]  ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10
[  227.389183][ T8506]  ? hlock_class+0x4e/0x130
[  227.393674][ T8506]  ? mark_lock+0xb5/0xc60
[  227.397986][ T8506]  ? hlock_class+0x4e/0x130
[  227.402482][ T8506]  ip6_dst_lookup_flow+0x99/0x1d0
[  227.407501][ T8506]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[  227.413131][ T8506]  ? __pfx_mark_lock+0x10/0x10
[  227.417885][ T8506]  tcp_v6_connect+0xe07/0x20e0
[  227.422638][ T8506]  ? __lock_acquire+0x163e/0x3ce0
[  227.427654][ T8506]  ? __pfx_tcp_v6_connect+0x10/0x10
[  227.432846][ T8506]  ? release_sock+0x21/0x220
[  227.437423][ T8506]  ? __pfx_mark_lock+0x10/0x10
[  227.442176][ T8506]  ? __inet_stream_connect+0x3c7/0x1020
[  227.447709][ T8506]  __inet_stream_connect+0x3c7/0x1020
[  227.453068][ T8506]  ? find_held_lock+0x2d/0x110
[  227.457822][ T8506]  ? __pfx___inet_stream_connect+0x10/0x10
[  227.463620][ T8506]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  227.468978][ T8506]  ? __pfx_inet_stream_connect+0x10/0x10
[  227.474598][ T8506]  ? mark_held_locks+0x9f/0xe0
[  227.479343][ T8506]  ? inet_stream_connect+0x43/0xa0
[  227.484444][ T8506]  ? __local_bh_enable_ip+0xa4/0x120
[  227.489723][ T8506]  ? __pfx_inet_stream_connect+0x10/0x10
[  227.495352][ T8506]  inet_stream_connect+0x57/0xa0
[  227.500281][ T8506]  __sys_connect_file+0x14d/0x190
[  227.505297][ T8506]  __sys_connect+0x147/0x180
[  227.509876][ T8506]  ? __pfx___sys_connect+0x10/0x10
[  227.514986][ T8506]  ? __pfx_ksys_write+0x10/0x10
[  227.519832][ T8506]  __x64_sys_connect+0x72/0xb0
[  227.524586][ T8506]  ? lockdep_hardirqs_on+0x7c/0x110
[  227.529775][ T8506]  do_syscall_64+0xcd/0x250
[  227.534273][ T8506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.540155][ T8506] RIP: 0033:0x7f8ac7f7e719
[  227.544553][ T8506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.564146][ T8506] RSP: 002b:00007f8ac8d1b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  227.572550][ T8506] RAX: ffffffffffffffda RBX: 00007f8ac8136058 RCX: 00007f8ac7f7e719
[  227.580513][ T8506] RDX: 000000000000001c RSI: 0000000020000180 RDI: 0000000000000004
[  227.588473][ T8506] RBP: 00007f8ac8d1b090 R08: 0000000000000000 R09: 0000000000000000
[  227.596429][ T8506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  227.604384][ T8506] R13: 0000000000000001 R14: 00007f8ac8136058 R15: 00007ffd72324b48
[  227.612350][ T8506]  </TASK>
[  227.792113][ T8499] ebtables: ebtables: counters copy to user failed while replacing table
[  228.051740][   T29] audit: type=1400 audit(1730143584.209:446): avc:  denied  { mounton } for  pid=8526 comm="syz.6.471" path="/13/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  228.055724][ T8527] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  228.101911][ T8508] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  228.148563][ T5881] cdc_ncm 2-1:1.1: bind() failure
[  228.239987][ T5881] usb 3-1: USB disconnect, device number 7
[  228.386868][ T8540] netlink: 'syz.6.472': attribute type 1 has an invalid length.
[  228.409561][ T8540] netlink: 9240 bytes leftover after parsing attributes in process `syz.6.472'.
[  229.021818][   T29] audit: type=1400 audit(1730143585.159:447): avc:  denied  { accept } for  pid=8568 comm="syz.2.479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  229.307670][ T8566] netlink: 8 bytes leftover after parsing attributes in process `syz.9.478'.
[  229.678111][   T29] audit: type=1326 audit(1730143585.829:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8565 comm="syz.9.478" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc36f77e719 code=0x0
[  229.721022][    T8] usb 2-1: USB disconnect, device number 14
[  230.983906][ T8597] netlink: 4 bytes leftover after parsing attributes in process `syz.6.482'.
[  231.008517][ T8597] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  236.563237][ T5881] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  236.624621][ T8661] overlayfs: failed to resolve './file1': -2
[  236.772366][ T5881] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  237.026673][ T5881] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  237.061686][ T5881] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice= 0.00
[  237.088460][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.162131][ T8669] input: syz0 as /devices/virtual/input/input14
[  237.363344][ T5881] usb 2-1: config 0 descriptor??
[  237.526251][   T29] audit: type=1400 audit(1730143593.679:449): avc:  denied  { ioctl } for  pid=8676 comm="syz.4.502" path="user:[4026531837]" dev="nsfs" ino=4026531837 ioctlcmd=0xb704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  238.201660][ T5881] appleir 0003:05AC:8243.0005: report_id 0 is invalid
[  238.208460][ T5881] appleir 0003:05AC:8243.0005: item 0 0 1 8 parsing failed
[  238.216065][ T5881] appleir 0003:05AC:8243.0005: parse failed
[  238.222908][ T5881] appleir 0003:05AC:8243.0005: probe with driver appleir failed with error -22
[  238.310422][   T29] audit: type=1400 audit(1730143594.459:450): avc:  denied  { setopt } for  pid=8688 comm="syz.9.503" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  238.322839][ T8690] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  238.434974][ T8690] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  238.621227][ T8709] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  238.623467][ T5881] usb 2-1: USB disconnect, device number 15
[  240.011358][ T1041] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.107353][ T8733] netlink: 8 bytes leftover after parsing attributes in process `syz.6.513'.
[  240.150654][ T5881] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  240.179635][   T29] audit: type=1400 audit(1730143596.319:451): avc:  denied  { read write } for  pid=8735 comm="syz.2.512" name="btrfs-control" dev="devtmpfs" ino=1309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  240.262572][ T8739] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  240.279865][   T29] audit: type=1400 audit(1730143596.319:452): avc:  denied  { open } for  pid=8735 comm="syz.2.512" path="/dev/btrfs-control" dev="devtmpfs" ino=1309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  240.303990][ T5881] usb 5-1: Using ep0 maxpacket: 16
[  240.324159][ T5881] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  240.338101][ T5881] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  240.377006][ T5881] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  240.413392][ T5881] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  240.428679][ T5881] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.437930][   T29] audit: type=1400 audit(1730143596.589:453): avc:  denied  { setopt } for  pid=8746 comm="syz.6.517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  240.468572][ T1041] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.474861][ T5881] usb 5-1: Product: syz
[  240.497897][ T5881] usb 5-1: Manufacturer: syz
[  240.504572][   T29] audit: type=1400 audit(1730143596.589:454): avc:  denied  { read } for  pid=8746 comm="syz.6.517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  240.536967][ T5881] usb 5-1: SerialNumber: syz
[  240.616001][   T29] audit: type=1400 audit(1730143596.649:455): avc:  denied  { unmount } for  pid=7879 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  240.729686][ T1041] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.886846][ T1041] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.996003][ T5881] usb 5-1: 0:2 : does not exist
[  241.528937][ T5883] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  241.682388][ T5883] usb 10-1: Using ep0 maxpacket: 16
[  241.702043][ T5883] usb 10-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  241.720164][ T5883] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.738453][ T5883] usb 10-1: Product: syz
[  241.748557][ T5883] usb 10-1: Manufacturer: syz
[  241.783835][ T5883] usb 10-1: SerialNumber: syz
[  241.807159][ T5959] usb 2-1: new full-speed USB device number 16 using dummy_hcd
[  241.834831][ T1041] bridge_slave_1: left allmulticast mode
[  241.842745][ T5883] usb 10-1: config 0 descriptor??
[  241.850118][ T1041] bridge_slave_1: left promiscuous mode
[  241.855930][ T1041] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.990382][ T5959] usb 2-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  242.000513][ T5959] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.009227][ T5959] usb 2-1: Product: syz
[  242.234165][ T5959] usb 2-1: Manufacturer: syz
[  242.362790][ T5883] ssu100 10-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  242.388889][ T1041] bridge_slave_0: left allmulticast mode
[  242.395994][ T5883] ssu100 10-1:0.0: probe with driver ssu100 failed with error -5
[  242.421895][ T1041] bridge_slave_0: left promiscuous mode
[  242.431775][ T1041] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.457026][ T5959] usb 2-1: SerialNumber: syz
[  242.465967][ T5959] usb 2-1: config 0 descriptor??
[  242.824073][ T8801] netlink: 16 bytes leftover after parsing attributes in process `syz.6.526'.
[  242.890613][ T5959] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  242.907564][ T5959] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  242.923110][ T5959] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) error while loading driver (-19)
[  242.934862][ T5959] usb 2-1: USB disconnect, device number 16
[  242.962980][   T29] audit: type=1400 audit(1730143599.119:456): avc:  denied  { write } for  pid=8766 comm="syz.9.520" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  243.038484][ T8806] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  243.170821][ T8809] netlink: 8 bytes leftover after parsing attributes in process `syz.6.529'.
[  243.207985][ T1041] bond0 (unregistering): (slave geneve0): Releasing backup interface
[  243.226449][   T29] audit: type=1400 audit(1730143599.379:457): avc:  denied  { module_request } for  pid=8807 comm="syz.6.529" kmod="net-pf-10-proto-0-type-0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  243.249113][    C1] vkms_vblank_simulate: vblank timer overrun
[  243.274574][   T29] audit: type=1326 audit(1730143599.429:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8807 comm="syz.6.529" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8ac7f7e719 code=0x0
[  243.331280][   T29] audit: type=1400 audit(1730143599.479:459): avc:  denied  { write } for  pid=8766 comm="syz.9.520" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  243.439619][ T5883] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  244.049137][ T5883] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  244.067800][ T5883] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.081161][ T5883] usb 3-1: Product: syz
[  244.081540][ T1041] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  244.109033][ T5883] usb 3-1: Manufacturer: syz
[  244.113742][ T5883] usb 3-1: SerialNumber: syz
[  244.114142][ T1041] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  244.130538][ T5883] usb 3-1: config 0 descriptor??
[  244.137363][ T1041] bond0 (unregistering): Released all slaves
[  244.137756][ T5883] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  244.799928][ T8826] syz.6.533: attempt to access beyond end of device
[  244.799928][ T8826] nbd6: rw=0, sector=0, nr_sectors = 1 limit=0
[  244.812748][ T8826] (syz.6.533,8826,0):ocfs2_get_sector:1769 ERROR: status = -5
[  244.820336][ T8826] (syz.6.533,8826,0):ocfs2_sb_probe:749 ERROR: status = -5
[  244.827632][ T8826] (syz.6.533,8826,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  244.836242][ T8826] (syz.6.533,8826,0):ocfs2_fill_super:1178 ERROR: status = -5
[  244.898635][   T29] audit: type=1400 audit(1730143601.049:460): avc:  denied  { ioctl } for  pid=8811 comm="syz.2.531" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  244.901212][    T8] usb 10-1: USB disconnect, device number 6
[  245.588752][ T5883] gspca_sunplus: reg_r err -110
[  245.853095][ T5881] usb 5-1: USB disconnect, device number 6
[  245.863788][   T29] audit: type=1400 audit(1730143602.019:461): avc:  denied  { setopt } for  pid=8811 comm="syz.2.531" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  246.052776][ T8847] kAFS: unparsable volume name
[  246.934932][ T6637] udevd[6637]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  247.459371][ T8864] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  247.560899][ T8872] binder: 8868:8872 ioctl c018620c 20000240 returned -22
[  248.452811][ T8888] netlink: 8 bytes leftover after parsing attributes in process `syz.9.543'.
[  248.468215][ T8890] netlink: 20 bytes leftover after parsing attributes in process `syz.4.544'.
[  248.538737][ T1041] hsr_slave_0: left promiscuous mode
[  248.547163][ T5959] usb 3-1: USB disconnect, device number 8
[  248.556329][ T1041] hsr_slave_1: left promiscuous mode
[  248.586710][ T1041] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  248.623874][ T1041] batman_adv: batadv0: Removing interface: batadv_slave_0
[  248.686794][ T1041] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  248.727502][ T1041] batman_adv: batadv0: Removing interface: batadv_slave_1
[  248.814197][ T1041] veth1_macvtap: left promiscuous mode
[  248.826565][   T29] audit: type=1400 audit(1730143604.979:462): avc:  denied  { write } for  pid=8902 comm="syz.2.545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  249.163590][ T8913] syz.4.547: attempt to access beyond end of device
[  249.163590][ T8913] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[  249.176445][ T8913] (syz.4.547,8913,1):ocfs2_get_sector:1769 ERROR: status = -5
[  249.184402][ T8913] (syz.4.547,8913,1):ocfs2_sb_probe:749 ERROR: status = -5
[  249.192042][ T8913] (syz.4.547,8913,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  249.200610][ T8913] (syz.4.547,8913,1):ocfs2_fill_super:1178 ERROR: status = -5
[  249.479666][ T1041] veth0_macvtap: left promiscuous mode
[  249.485254][ T1041] veth1_vlan: left promiscuous mode
[  249.502169][ T1041] veth0_vlan: left promiscuous mode
[  249.554736][ T8917] FAULT_INJECTION: forcing a failure.
[  249.554736][ T8917] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  249.567962][ T8917] CPU: 1 UID: 0 PID: 8917 Comm: syz.6.549 Not tainted 6.12.0-rc5-syzkaller #0
[  249.576823][ T8917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  249.586874][ T8917] Call Trace:
[  249.590147][ T8917]  <TASK>
[  249.593077][ T8917]  dump_stack_lvl+0x16c/0x1f0
[  249.597766][ T8917]  should_fail_ex+0x497/0x5b0
[  249.602448][ T8917]  _copy_from_user+0x32/0x100
[  249.607134][ T8917]  get_timespec64+0x8c/0x240
[  249.611731][ T8917]  ? __pfx_get_timespec64+0x10/0x10
[  249.616934][ T8917]  __x64_sys_clock_nanosleep+0x1ce/0x4a0
[  249.622568][ T8917]  ? __pfx___x64_sys_clock_nanosleep+0x10/0x10
[  249.628735][ T8917]  do_syscall_64+0xcd/0x250
[  249.633252][ T8917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.639154][ T8917] RIP: 0033:0x7f8ac7f7e719
[  249.643565][ T8917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.663158][ T8917] RSP: 002b:00007f8ac8d3c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
[  249.671554][ T8917] RAX: ffffffffffffffda RBX: 00007f8ac8135f80 RCX: 00007f8ac7f7e719
[  249.679506][ T8917] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000009
[  249.687459][ T8917] RBP: 00007f8ac8d3c090 R08: 0000000000000000 R09: 0000000000000000
[  249.695411][ T8917] R10: 00000000200001c0 R11: 0000000000000246 R12: 0000000000000001
[  249.703365][ T8917] R13: 0000000000000001 R14: 00007f8ac8135f80 R15: 00007ffd72324b48
[  249.711328][ T8917]  </TASK>
[  249.956310][ T8919] xt_CT: You must specify a L4 protocol and not use inversions on it
[  250.406195][ T8929] netlink: 165 bytes leftover after parsing attributes in process `syz.6.552'.
[  250.555586][ T8936] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  252.873426][ T8965] netlink: 4 bytes leftover after parsing attributes in process `syz.4.558'.
[  252.932887][ T1041] team0 (unregistering): Port device team_slave_1 removed
[  252.962213][ T1041] team0 (unregistering): Port device team_slave_0 removed
[  253.161002][ T5883] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  253.255127][ T8962] netlink: 'syz.9.557': attribute type 29 has an invalid length.
[  253.329633][ T5883] usb 5-1: Using ep0 maxpacket: 8
[  253.342274][ T5883] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  253.373222][ T5883] usb 5-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  253.401584][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.571703][ T5883] usb 5-1: config 0 descriptor??
[  253.579828][ T5883] usb 5-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  253.587938][ T5883] usb 5-1: No valid video chain found.
[  253.627180][   T29] audit: type=1400 audit(1730143609.779:463): avc:  denied  { create } for  pid=8979 comm="syz.2.563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  253.686741][ T8982] FAULT_INJECTION: forcing a failure.
[  253.686741][ T8982] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.687425][ T8982] 
[  253.687438][ T8982] ======================================================
[  253.687444][ T8982] WARNING: possible circular locking dependency detected
[  253.687450][ T8982] 6.12.0-rc5-syzkaller #0 Not tainted
[  253.687459][ T8982] ------------------------------------------------------
[  253.687463][ T8982] syz.2.563/8982 is trying to acquire lock:
[  253.687472][ T8982] ffffffff8e0c5600 (console_owner){..-.}-{0:0}, at: console_lock_spinning_enable+0x9f/0xd0
[  253.687515][ T8982] 
[  253.687515][ T8982] but task is already holding lock:
[  253.687520][ T8982] ffff8880b873ee98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[  253.687556][ T8982] 
[  253.687556][ T8982] which lock already depends on the new lock.
[  253.687556][ T8982] 
[  253.687561][ T8982] 
[  253.687561][ T8982] the existing dependency chain (in reverse order) is:
[  253.687566][ T8982] 
[  253.687566][ T8982] -> #4 (&rq->__lock){-.-.}-{2:2}:
[  253.687587][ T8982]        _raw_spin_lock_nested+0x31/0x40
[  253.687609][ T8982]        raw_spin_rq_lock_nested+0x29/0x130
[  253.687624][ T8982]        task_rq_lock+0xcf/0x3b0
[  253.687639][ T8982]        cgroup_move_task+0x82/0x250
[  253.687662][ T8982]        css_set_move_task+0x288/0x5f0
[  253.687684][ T8982]        cgroup_post_fork+0x1c6/0x910
[  253.687700][ T8982]        copy_process+0x51a5/0x8cb0
[  253.687720][ T8982]        kernel_clone+0xfd/0x960
[  253.687740][ T8982]        user_mode_thread+0xb4/0xf0
[  253.687759][ T8982]        rest_init+0x23/0x2b0
[  253.687776][ T8982]        start_kernel+0x3e4/0x4d0
[  253.687800][ T8982]        x86_64_start_reservations+0x18/0x30
[  253.687825][ T8982]        x86_64_start_kernel+0xb2/0xc0
[  253.687849][ T8982]        common_startup_64+0x13e/0x148
[  253.687868][ T8982] 
[  253.687868][ T8982] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[  253.687890][ T8982]        _raw_spin_lock_irqsave+0x3a/0x60
[  253.687910][ T8982]        try_to_wake_up+0xa1/0x14f0
[  253.687924][ T8982]        __wake_up_common+0x131/0x1e0
[  253.687943][ T8982]        __wake_up+0x31/0x60
[  253.687965][ T8982]        tty_port_default_wakeup+0x2a/0x40
[  253.687982][ T8982]        serial8250_tx_chars+0x68e/0x860
[  253.687999][ T8982]        serial8250_handle_irq+0x74d/0xc80
[  253.688017][ T8982]        serial8250_default_handle_irq+0x9a/0x210
[  253.688036][ T8982]        serial8250_interrupt+0x103/0x210
[  253.688056][ T8982]        __handle_irq_event_percpu+0x229/0x7c0
[  253.688075][ T8982]        handle_irq_event+0xab/0x1e0
[  253.688093][ T8982]        handle_edge_irq+0x263/0xd10
[  253.688111][ T8982]        __common_interrupt+0xdf/0x250
[  253.688133][ T8982]        common_interrupt+0xba/0xe0
[  253.688150][ T8982]        asm_common_interrupt+0x26/0x40
[  253.688173][ T8982]        acpi_safe_halt+0x1a/0x20
[  253.688187][ T8982]        acpi_idle_enter+0xc5/0x160
[  253.688203][ T8982]        cpuidle_enter_state+0xaa/0x4f0
[  253.688217][ T8982]        cpuidle_enter+0x4e/0xa0
[  253.688239][ T8982]        do_idle+0x313/0x3f0
[  253.688261][ T8982]        cpu_startup_entry+0x4f/0x60
[  253.688284][ T8982]        start_secondary+0x222/0x2b0
[  253.688307][ T8982]        common_startup_64+0x13e/0x148
[  253.688325][ T8982] 
[  253.688325][ T8982] -> #2 (&tty->write_wait){-.-.}-{2:2}:
[  253.688347][ T8982]        _raw_spin_lock_irqsave+0x3a/0x60
[  253.688367][ T8982]        __wake_up+0x1c/0x60
[  253.688389][ T8982]        tty_port_default_wakeup+0x2a/0x40
[  253.688406][ T8982]        serial8250_tx_chars+0x68e/0x860
[  253.688423][ T8982]        serial8250_handle_irq+0x74d/0xc80
[  253.688443][ T8982]        serial8250_default_handle_irq+0x9a/0x210
[  253.688463][ T8982]        serial8250_interrupt+0x103/0x210
[  253.688482][ T8982]        __handle_irq_event_percpu+0x229/0x7c0
[  253.688501][ T8982]        handle_irq_event+0xab/0x1e0
[  253.688520][ T8982]        handle_edge_irq+0x263/0xd10
[  253.688537][ T8982]        __common_interrupt+0xdf/0x250
[  253.688559][ T8982]        common_interrupt+0xba/0xe0
[  253.688575][ T8982]        asm_common_interrupt+0x26/0x40
[  253.688596][ T8982]        acpi_safe_halt+0x1a/0x20
[  253.688612][ T8982]        acpi_idle_enter+0xc5/0x160
[  253.688627][ T8982]        cpuidle_enter_state+0xaa/0x4f0
[  253.688641][ T8982]        cpuidle_enter+0x4e/0xa0
[  253.688662][ T8982]        do_idle+0x313/0x3f0
[  253.688684][ T8982]        cpu_startup_entry+0x4f/0x60
[  253.688706][ T8982]        start_secondary+0x222/0x2b0
[  253.688728][ T8982]        common_startup_64+0x13e/0x148
[  253.688746][ T8982] 
[  253.688746][ T8982] -> #1 (&port_lock_key){-.-.}-{2:2}:
[  253.688767][ T8982]        _raw_spin_lock_irqsave+0x3a/0x60
[  253.688787][ T8982]        serial8250_console_write+0xb56/0x17c0
[  253.688806][ T8982]        console_flush_all+0x803/0xc60
[  253.688825][ T8982]        console_unlock+0xd9/0x210
[  253.688843][ T8982]        vprintk_emit+0x424/0x6f0
[  253.688861][ T8982]        vprintk+0x7f/0xa0
[  253.688879][ T8982]        _printk+0xc8/0x100
[  253.688893][ T8982]        register_console+0xbfd/0x1170
[  253.688914][ T8982]        univ8250_console_init+0x5f/0x90
[  253.688932][ T8982]        console_init+0xcc/0x680
[  253.688955][ T8982]        start_kernel+0x29a/0x4d0
[  253.688978][ T8982]        x86_64_start_reservations+0x18/0x30
[  253.689001][ T8982]        x86_64_start_kernel+0xb2/0xc0
[  253.689024][ T8982]        common_startup_64+0x13e/0x148
[  253.689042][ T8982] 
[  253.689042][ T8982] -> #0 (console_owner){..-.}-{0:0}:
[  253.689062][ T8982]        __lock_acquire+0x250b/0x3ce0
[  253.689076][ T8982]        lock_acquire.part.0+0x11b/0x380
[  253.689091][ T8982]        console_lock_spinning_enable+0xb0/0xd0
[  253.689109][ T8982]        console_flush_all+0x7ac/0xc60
[  253.689127][ T8982]        console_unlock+0xd9/0x210
[  253.689145][ T8982]        vprintk_emit+0x424/0x6f0
[  253.689163][ T8982]        vprintk+0x7f/0xa0
[  253.689182][ T8982]        _printk+0xc8/0x100
[  253.689195][ T8982]        should_fail_ex+0x46c/0x5b0
[  253.689212][ T8982]        strncpy_from_user+0x3b/0x2c0
[  253.689235][ T8982]        strncpy_from_user_nofault+0x7f/0x180
[  253.689255][ T8982]        bpf_probe_read_compat_str+0xf1/0x170
[  253.689277][ T8982]        bpf_prog_c1796171ffc7efef+0x3e/0x40
[  253.689290][ T8982]        bpf_trace_run4+0x245/0x5a0
[  253.689311][ T8982]        __bpf_trace_sched_switch+0x13e/0x190
[  253.689327][ T8982]        __traceiter_sched_switch+0x6c/0xc0
[  253.689351][ T8982]        __schedule+0x19b0/0x5730
[  253.689371][ T8982]        schedule+0xe7/0x350
[  253.689389][ T8982]        syscall_exit_to_user_mode+0xf5/0x2a0
[  253.689412][ T8982]        do_syscall_64+0xda/0x250
[  253.689439][ T8982]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.689460][ T8982] 
[  253.689460][ T8982] other info that might help us debug this:
[  253.689460][ T8982] 
[  253.689465][ T8982] Chain exists of:
[  253.689465][ T8982]   console_owner --> &p->pi_lock --> &rq->__lock
[  253.689465][ T8982] 
[  253.689488][ T8982]  Possible unsafe locking scenario:
[  253.689488][ T8982] 
[  253.689493][ T8982]        CPU0                    CPU1
[  253.689497][ T8982]        ----                    ----
[  253.689501][ T8982]   lock(&rq->__lock);
[  253.689510][ T8982]                                lock(&p->pi_lock);
[  253.689521][ T8982]                                lock(&rq->__lock);
[  253.689532][ T8982]   lock(console_owner);
[  253.689541][ T8982] 
[  253.689541][ T8982]  *** DEADLOCK ***
[  253.689541][ T8982] 
[  253.689545][ T8982] 4 locks held by syz.2.563/8982:
[  253.689554][ T8982]  #0: ffff8880b873ee98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[  253.689592][ T8982]  #1: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x1d6/0x5a0
[  253.689635][ T8982]  #2: ffffffff8e1a5a40 (console_lock){+.+.}-{0:0}, at: vprintk+0x7f/0xa0
[  253.689676][ T8982]  #3: ffffffff8e1a5ab0 (console_srcu){....}-{0:0}, at: console_flush_all+0x159/0xc60
[  253.689716][ T8982] 
[  253.689716][ T8982] stack backtrace:
[  253.689722][ T8982] CPU: 1 UID: 0 PID: 8982 Comm: syz.2.563 Not tainted 6.12.0-rc5-syzkaller #0
[  253.689740][ T8982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  253.689750][ T8982] Call Trace:
[  253.689755][ T8982]  <TASK>
[  253.689762][ T8982]  dump_stack_lvl+0x116/0x1f0
[  253.689788][ T8982]  print_circular_bug+0x41c/0x610
[  253.689814][ T8982]  check_noncircular+0x31a/0x400
[  253.689840][ T8982]  ? __pfx_check_noncircular+0x10/0x10
[  253.689867][ T8982]  ? lockdep_lock+0xc6/0x200
[  253.689888][ T8982]  ? __pfx_lockdep_lock+0x10/0x10
[  253.689910][ T8982]  __lock_acquire+0x250b/0x3ce0
[  253.689930][ T8982]  ? __pfx___lock_acquire+0x10/0x10
[  253.689949][ T8982]  lock_acquire.part.0+0x11b/0x380
[  253.689965][ T8982]  ? console_lock_spinning_enable+0x9f/0xd0
[  253.689986][ T8982]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  253.690003][ T8982]  ? rcu_is_watching+0x12/0xc0
[  253.690023][ T8982]  ? trace_lock_acquire+0x14a/0x1d0
[  253.690044][ T8982]  ? console_lock_spinning_enable+0x9f/0xd0
[  253.690065][ T8982]  ? lock_acquire+0x2f/0xb0
[  253.690080][ T8982]  ? console_lock_spinning_enable+0x9f/0xd0
[  253.690101][ T8982]  console_lock_spinning_enable+0xb0/0xd0
[  253.690121][ T8982]  ? console_lock_spinning_enable+0x9f/0xd0
[  253.690141][ T8982]  console_flush_all+0x7ac/0xc60
[  253.690164][ T8982]  ? __pfx_console_flush_all+0x10/0x10
[  253.690186][ T8982]  ? printk_percpu_data_ready+0x9/0x20
[  253.690205][ T8982]  ? nbcon_get_cpu_emergency_nesting+0x3b/0x50
[  253.690226][ T8982]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  253.690253][ T8982]  console_unlock+0xd9/0x210
[  253.690273][ T8982]  ? __pfx_console_unlock+0x10/0x10
[  253.690292][ T8982]  ? lock_acquire+0x2f/0xb0
[  253.690308][ T8982]  ? vprintk+0x7f/0xa0
[  253.690329][ T8982]  ? __down_trylock_console_sem+0xb0/0x140
[  253.690348][ T8982]  vprintk_emit+0x424/0x6f0
[  253.690368][ T8982]  ? __pfx_vprintk_emit+0x10/0x10
[  253.690389][ T8982]  ? hlock_class+0x4e/0x130
[  253.690409][ T8982]  ? __lock_acquire+0xbdd/0x3ce0
[  253.690427][ T8982]  vprintk+0x7f/0xa0
[  253.690452][ T8982]  _printk+0xc8/0x100
[  253.690467][ T8982]  ? __pfx__printk+0x10/0x10
[  253.690484][ T8982]  ? ___ratelimit+0x24c/0x570
[  253.690507][ T8982]  ? __pfx_mark_lock+0x10/0x10
[  253.690521][ T8982]  ? __pfx____ratelimit+0x10/0x10
[  253.690546][ T8982]  should_fail_ex+0x46c/0x5b0
[  253.690565][ T8982]  strncpy_from_user+0x3b/0x2c0
[  253.690589][ T8982]  ? rcu_is_watching+0x12/0xc0
[  253.690610][ T8982]  strncpy_from_user_nofault+0x7f/0x180
[  253.690632][ T8982]  bpf_probe_read_compat_str+0xf1/0x170
[  253.690655][ T8982]  bpf_prog_c1796171ffc7efef+0x3e/0x40
[  253.690669][ T8982]  bpf_trace_run4+0x245/0x5a0
[  253.690692][ T8982]  ? __pfx_bpf_trace_run4+0x10/0x10
[  253.690717][ T8982]  ? __pfx_lock_release+0x10/0x10
[  253.690732][ T8982]  ? trace_lock_acquire+0x14a/0x1d0
[  253.690756][ T8982]  __bpf_trace_sched_switch+0x13e/0x190
[  253.690773][ T8982]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  253.690792][ T8982]  ? psi_group_change+0x6dc/0xd20
[  253.690811][ T8982]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  253.690840][ T8982]  __traceiter_sched_switch+0x6c/0xc0
[  253.690867][ T8982]  __schedule+0x19b0/0x5730
[  253.690892][ T8982]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  253.690917][ T8982]  ? __pfx___schedule+0x10/0x10
[  253.690937][ T8982]  ? __fget_files+0x244/0x3f0
[  253.690963][ T8982]  ? fput+0x30/0x390
[  253.690982][ T8982]  ? ksys_write+0x1ad/0x260
[  253.691008][ T8982]  schedule+0xe7/0x350
[  253.691030][ T8982]  syscall_exit_to_user_mode+0xf5/0x2a0
[  253.691054][ T8982]  do_syscall_64+0xda/0x250
[  253.691079][ T8982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.691101][ T8982] RIP: 0033:0x7fd734b7d1ff
[  253.691114][ T8982] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  253.691130][ T8982] RSP: 002b:00007fd735a45030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  253.691146][ T8982] RAX: 0000000000000001 RBX: 0000000000000005 RCX: 00007fd734b7d1ff
[  253.691157][ T8982] RDX: 0000000000000001 RSI: 00007fd735a45090 RDI: 0000000000000005
[  253.691168][ T8982] RBP: 00007fd735a45090 R08: 0000000000000000 R09: 00007fd735a44df7
[  253.691179][ T8982] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  253.691188][ T8982] R13: 0000000000000000 R14: 00007fd734d35f80 R15: 00007ffcdfa28458
[  253.691204][ T8982]  </TASK>
[  254.854608][ T8982] CPU: 1 UID: 0 PID: 8982 Comm: syz.2.563 Not tainted 6.12.0-rc5-syzkaller #0
[  254.863422][ T8982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  254.873454][ T8982] Call Trace:
[  254.876702][ T8982]  <TASK>
[  254.879604][ T8982]  dump_stack_lvl+0x116/0x1f0
[  254.884258][ T8982]  should_fail_ex+0x497/0x5b0
[  254.888905][ T8982]  strncpy_from_user+0x3b/0x2c0
[  254.893726][ T8982]  ? rcu_is_watching+0x12/0xc0
[  254.898469][ T8982]  strncpy_from_user_nofault+0x7f/0x180
[  254.903986][ T8982]  bpf_probe_read_compat_str+0xf1/0x170
[  254.909500][ T8982]  bpf_prog_c1796171ffc7efef+0x3e/0x40
[  254.914922][ T8982]  bpf_trace_run4+0x245/0x5a0
[  254.919575][ T8982]  ? __pfx_bpf_trace_run4+0x10/0x10
[  254.924751][ T8982]  ? __pfx_lock_release+0x10/0x10
[  254.929742][ T8982]  ? trace_lock_acquire+0x14a/0x1d0
[  254.934910][ T8982]  __bpf_trace_sched_switch+0x13e/0x190
[  254.940422][ T8982]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  254.946454][ T8982]  ? psi_group_change+0x6dc/0xd20
[  254.951444][ T8982]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  254.958090][ T8982]  __traceiter_sched_switch+0x6c/0xc0
[  254.963433][ T8982]  __schedule+0x19b0/0x5730
[  254.967906][ T8982]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  254.973855][ T8982]  ? __pfx___schedule+0x10/0x10
[  254.978675][ T8982]  ? __fget_files+0x244/0x3f0
[  254.983322][ T8982]  ? fput+0x30/0x390
[  254.987186][ T8982]  ? ksys_write+0x1ad/0x260
[  254.991660][ T8982]  schedule+0xe7/0x350
[  254.995696][ T8982]  syscall_exit_to_user_mode+0xf5/0x2a0
[  255.001213][ T8982]  do_syscall_64+0xda/0x250
[  255.005689][ T8982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.011553][ T8982] RIP: 0033:0x7fd734b7d1ff
[  255.015933][ T8982] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  255.035505][ T8982] RSP: 002b:00007fd735a45030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  255.043881][ T8982] RAX: 0000000000000001 RBX: 0000000000000005 RCX: 00007fd734b7d1ff
[  255.051817][ T8982] RDX: 0000000000000001 RSI: 00007fd735a45090 RDI: 0000000000000005
[  255.059764][ T8982] RBP: 00007fd735a45090 R08: 0000000000000000 R09: 00007fd735a44df7
[  255.067701][ T8982] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  255.075636][ T8982] R13: 0000000000000000 R14: 00007fd734d35f80 R15: 00007ffcdfa28458
[  255.083576][ T8982]  </TASK>
[  255.111896][   T29] audit: type=1400 audit(1730143611.249:464): avc:  denied  { connect } for  pid=8979 comm="syz.2.563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  255.181161][ T5883] usb 5-1: USB disconnect, device number 7
[  255.194261][ T8990] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  255.266159][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  255.272940][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  255.492276][ T1041] bridge_slave_1: left allmulticast mode
[  255.497940][ T1041] bridge_slave_1: left promiscuous mode
[  255.505519][ T1041] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.513643][ T1041] bridge_slave_0: left allmulticast mode
[  255.519269][ T1041] bridge_slave_0: left promiscuous mode
[  255.526085][ T1041] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.598567][ T1041] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  255.609630][ T1041] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  255.619111][ T1041] bond0 (unregistering): Released all slaves
[  255.775177][ T1041] hsr_slave_0: left promiscuous mode
[  255.788082][ T1041] hsr_slave_1: left promiscuous mode
[  255.798424][ T1041] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  255.806910][ T1041] batman_adv: batadv0: Removing interface: batadv_slave_0
[  255.823336][ T1041] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  255.830775][ T1041] batman_adv: batadv0: Removing interface: batadv_slave_1
[  255.845083][ T1041] veth1_macvtap: left promiscuous mode
[  255.850661][ T1041] veth0_macvtap: left promiscuous mode
[  255.856163][ T1041] veth1_vlan: left promiscuous mode
[  255.861744][ T1041] veth0_vlan: left promiscuous mode
[  255.947110][ T1041] team0 (unregistering): Port device team_slave_1 removed
[  255.964336][ T1041] team0 (unregistering): Port device team_slave_0 removed
[  258.650882][   T29] audit: type=1400 audit(1730143614.809:465): avc:  denied  { sys_chroot } for  pid=9382 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  258.672505][   T29] audit: type=1400 audit(1730143614.809:466): avc:  denied  { setgid } for  pid=9382 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  258.707538][   T29] audit: type=1400 audit(1730143614.809:467): avc:  denied  { setrlimit } for  pid=9382 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1