last executing test programs:

34.036736775s ago: executing program 2 (id=379):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read(0xffffffffffffffff, &(0x7f0000001a00)=""/177, 0xb1)
open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x101)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x330, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b24, &(0x7f0000000000)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x14, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000002400)={0x8, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x24}}}, {{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r4, 0x8b2a, &(0x7f0000000040))
r5 = syz_open_dev$dri(&(0x7f0000000a40), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r5, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000a80)='a', 0x1, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r5, 0xc01064ac, &(0x7f0000000200)={r6, 0x0, 0x0})
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0xc0040, 0x0)

32.55843666s ago: executing program 2 (id=381):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read(0xffffffffffffffff, &(0x7f0000001a00)=""/177, 0xb1)
open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x101)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x330, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b24, &(0x7f0000000000)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x14, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000002400)={0x8, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x24}}}, {{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r4, 0x8b2a, &(0x7f0000000040))
r5 = syz_open_dev$dri(&(0x7f0000000a40), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r5, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000a80)='a', 0x1, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r5, 0xc01064ac, &(0x7f0000000200)={r6, 0x0, 0x0})
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0xc0040, 0x0)

29.424458281s ago: executing program 2 (id=387):
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x5, &(0x7f0000000180)=0x7, 0x4)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(0xffffffffffffffff, 0xc0385720, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
r3 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
ioctl$SIOCAX25ADDUID(r3, 0x89e1, &(0x7f0000000240)={0x3, @null, 0xee00})
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r5, 0x40045532, &(0x7f0000000040))
r6 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
r7 = dup3(r6, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r7, 0xc0984124, 0x0)
bind$bt_hci(r4, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000004000000000000040000000000950000001b6da2a8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

28.472400823s ago: executing program 2 (id=389):
r0 = socket$netlink(0x10, 0x3, 0xf)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'nicvf0\x00'})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000200000c50000000700000045000000a00002"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x7, 0x0, &(0x7f00000002c0)="b9ff0307600300", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x6, 0xb, &(0x7f0000000400)="00a529c270e5e483833d04a04012dca0e789b6ac4aeb59da7123b7b880de000000000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0xfffffffffffffcd9, 0x0, 0x0, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_open_dev$sndpcmc(&(0x7f0000000180), 0x7fff, 0x180c0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$inet6_udplite(0x11, 0x2, 0x88)
ioctl$KVM_SET_CLOCK(r3, 0x4188aec6, &(0x7f0000000040))

26.133456976s ago: executing program 2 (id=393):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x0, <r4=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140)=r4, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x5, 0xa, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT_TO={0x6}]}]}, 0x4c}}, 0x0)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x14, 0x9, 0x6, 0x5, 0xa}, 0x14}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
ioctl$sock_SIOCDELDLCI(r5, 0x8981, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000009500100000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='9p_protocol_dump\x00', r7}, 0x10)

24.530474232s ago: executing program 2 (id=394):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x20020084, 0x0, 0x0)
pipe2$9p(0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
writev(0xffffffffffffffff, &(0x7f0000000140)=[{0x0}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20000010)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e2910000ef0f29902cbb0000c4e2b1ba8c88d90000000f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x41}], 0x1, 0x4a, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f00000004c0)={0xc5, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x200004, 0x0, 0x0, 0x0, 0x0, 0x7})
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, &(0x7f0000000680)="66420f3841c5b9f60200000f3266baf80cb870047a85ef66bafc0c66ed66b80c008ee80fe9b300000100b9220000400f322e0f211c26460fc7b0003000000f78e2b8010000000f01c1", 0x49}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
open(&(0x7f00000000c0)='./bus\x00', 0xce942, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xd, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

14.261924045s ago: executing program 1 (id=411):
r0 = socket$netlink(0x10, 0x3, 0xf)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'nicvf0\x00'})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000200000c50000000700000045000000a00002"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x7, 0x0, &(0x7f00000002c0)="b9ff0307600300", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x6, 0xb, &(0x7f0000000400)="00a529c270e5e483833d04a04012dca0e789b6ac4aeb59da7123b7b880de000000000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0xfffffffffffffcd9, 0x0, 0x0, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000180), 0x7fff, 0x180c0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_udplite(0x11, 0x2, 0x88)
ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r4, 0x40184150, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)=ANY=[@ANYBLOB="300000401000"/19, @ANYBLOB="8c920cf9863b7c315ff4a2f028312d82fe0f2ebfba9e27c0f5820396d48e5d6141142a05c37cc6fdc26df51bd59e791efdcdfbd1b47451dd9f8b9ad5f39bfabe035cf7263d6aa9da6f433db2e2e350d273ed8969f13000453f173d71662fe3a9a1e14d7bbedad04543ea207addbea3c7beee15bb0701038b3c41e062a9d226613e53bf69868664a9f05b0055dd78a350b12a3b51ae5ad7ee92424f21ba1333a4479270ea7b30cf459079196a4a91dd99920d614bdf96d712733a95373286670ce7a7ddfdcaefff4782f039e7e3d1db9132c4c04253ac1b8f0e2f0ef87b5be608f18d756490c93be42fcb6115d0ee01701f690797fae0611c3463eea4e42355e2ebe3e6c7c739dfba97b49f1f05051e0b8293cedbe3b41812698305f39e5967daaa605bacd6009b6b5bc06c013661a97722bc680c96ae33e2c36f8e891ca57b5374f85617a30d290a668eadf9303e89d4617dd50b560ff0f791565c3476109479b9ae6370694266b363ed8c45aff552c3c0c059aded5e9fcd7642d192b98e9294", @ANYRESHEX=r2], 0x30}, 0x1, 0x0, 0x0, 0x4800}, 0x0)
ioctl$KVM_SET_CLOCK(r3, 0x4188aec6, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0xa0882, 0x0)

12.813416928s ago: executing program 0 (id=415):
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x5, &(0x7f0000000180)=0x7, 0x4)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(0xffffffffffffffff, 0xc0385720, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
r3 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
ioctl$SIOCAX25ADDUID(r3, 0x89e1, &(0x7f0000000240)={0x3, @null, 0xee00})
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000040))
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r6 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
r7 = dup3(r6, r5, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r7, 0xc0984124, 0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000004000000000000040000000000950000001b6da2a8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

11.734319864s ago: executing program 0 (id=417):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x6908, &(0x7f0000000440)={0x0, 0xfffffffe, 0x10100, 0x3, 0xb5}, &(0x7f0000000080), &(0x7f0000000100)=<r5=>0x0)
syz_io_uring_setup(0x1864, &(0x7f00000003c0), &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x40, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1})
io_uring_enter(r4, 0x184c, 0x0, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, &(0x7f00000006c0)=[{0x0}, {0x0}], 0x2})
io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0)
r10 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r10, &(0x7f0000000100)=ANY=[@ANYBLOB='VOLUME\nSYNTH \'Synth Capture\' 004'], 0x32)
r11 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x280, 0x0)
dup3(r11, r10, 0x0)
ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, 0x0)

11.509369283s ago: executing program 3 (id=418):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read(0xffffffffffffffff, &(0x7f0000001a00)=""/177, 0xb1)
open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x101)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x330, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b24, &(0x7f0000000000)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x14, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000002400)={0x8, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x24}}}, {{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r4, 0x8b2a, &(0x7f0000000040))
r5 = syz_open_dev$dri(&(0x7f0000000a40), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r5, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000a80)='a', 0x1, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r5, 0xc01064ac, &(0x7f0000000200)={r6, 0x0, 0x0})
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0xc0040, 0x0)

10.225147753s ago: executing program 0 (id=419):
open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x0, 0x0, 0x10001, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)=ANY=[@ANYBLOB="34000000000703000000000000000000000000000c00064000000000000000000900010073797a30000000000800054000"], 0x34}}, 0x0)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./bus\x00', 0x0, 0x1001, 0x0)
r2 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0)
r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000001580)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512\x00'}, 0x58)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000300)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000003c0)='7', 0x1}, {&(0x7f0000000100)=',', 0x1}], 0x2}], 0x1, 0x0)
r4 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)={{0x12, 0x1, 0x0, 0x6, 0xc0, 0x55, 0x8, 0x110a, 0x1450, 0x62cb, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xfe, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xa7, 0x0, 0x0, 0x67, 0xa0, 0x29}}]}}]}}, 0x0)
ioctl$EVIOCRMFF(r3, 0x550c, 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
syz_usb_control_io$uac1(r4, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
setxattr$security_selinux(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180), &(0x7f0000000240)='system_u:object_r:file_context_t:s0\x00', 0x24, 0x1)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='exfat\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_DEFRAG(r2, 0x1261, 0x3)

9.72114647s ago: executing program 3 (id=421):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x8402, 0x0)
pwritev2(r0, &(0x7f0000000000)=[{&(0x7f0000000240)}], 0x1, 0x80, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x4000000400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$setperm(0x5, 0x0, 0x0)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x42a400, 0x0)
ioctl$UI_SET_LEDBIT(r2, 0x40045569, 0x0)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x11)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
quotactl_fd$Q_SETINFO(r3, 0xffffffff80000601, 0x0, &(0x7f0000000340)={0x0, 0x1, 0x0, 0x8})
preadv(r3, &(0x7f0000000340)=[{&(0x7f00000002c0)=""/82, 0x52}, {&(0x7f00000005c0)=""/77, 0x4d}], 0x2, 0x3, 0x3)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x12)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000100)={{}, 'syz0\x00'})
ioctl$UI_DEV_CREATE(r2, 0x5501)
ioctl$UI_DEV_DESTROY(r2, 0x5502)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180), 0x8802, 0x0)
add_key$keyring(0x0, &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
getpid()
syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_mr_cache\x00')
mount(0x0, &(0x7f0000000080)='.\x00', 0x0, 0x0, 0x0)
inotify_init1(0x0)
syz_emit_ethernet(0x4e, &(0x7f00000002c0)={@random="cf702e8cf675", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x18, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2, {[], @mld={0x83, 0x0, 0x0, 0xfffe, 0x0, @mcast2}}}}}}, 0x0)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xe3245f80f97ca130}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @multicast1}, @GTPA_I_TEI={0x8, 0x8, 0x1}, @GTPA_O_TEI={0x8, 0x9, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x20008884)

9.718928411s ago: executing program 1 (id=430):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read(0xffffffffffffffff, &(0x7f0000001a00)=""/177, 0xb1)
open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x101)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x330, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b24, &(0x7f0000000000)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x14, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000002400)={0x8, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x24}}}, {{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r4, 0x8b2a, &(0x7f0000000040))
r5 = syz_open_dev$dri(&(0x7f0000000a40), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r5, 0xc01064ac, &(0x7f0000000200)={0x0, 0x0, 0x0})
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0xc0040, 0x0)

8.120949741s ago: executing program 3 (id=423):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
fsopen(&(0x7f0000000340)='afs\x00', 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x0, <r4=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140)=r4, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x5, 0xa, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT_TO={0x6}]}]}, 0x4c}}, 0x0)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, 0x0)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x14, 0x9, 0x6, 0x5, 0xa}, 0x14}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
ioctl$sock_SIOCDELDLCI(r5, 0x8981, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000009500100000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='9p_protocol_dump\x00', r7}, 0x10)

7.858005325s ago: executing program 1 (id=424):
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x5, &(0x7f0000000180)=0x7, 0x4)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(0xffffffffffffffff, 0xc0385720, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
syz_init_net_socket$ax25(0x3, 0x5, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000040))
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r6 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
r7 = dup3(r6, r5, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r7, 0xc0984124, 0x0)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000004000000000000040000000000950000001b6da2a8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

6.875026791s ago: executing program 3 (id=426):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read(0xffffffffffffffff, &(0x7f0000001a00)=""/177, 0xb1)
open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x101)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x330, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b24, &(0x7f0000000000)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x14, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000002400)={0x8, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x24}}}, {{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r4, 0x8b2a, &(0x7f0000000040))
r5 = syz_open_dev$dri(&(0x7f0000000a40), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r5, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000a80)='a', 0x1})
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0xc0040, 0x0)

6.833858217s ago: executing program 4 (id=427):
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x5, &(0x7f0000000180)=0x7, 0x4)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(0xffffffffffffffff, 0xc0385720, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
r3 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
ioctl$SIOCAX25ADDUID(r3, 0x89e1, &(0x7f0000000240)={0x3, @null, 0xee00})
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000040))
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r6 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
r7 = dup3(r6, r5, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r7, 0xc0984124, 0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000004000000000000040000000000950000001b6da2a8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

5.787368987s ago: executing program 4 (id=428):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x6908, &(0x7f0000000440)={0x0, 0xfffffffe, 0x10100, 0x3, 0xb5}, &(0x7f0000000080), &(0x7f0000000100)=<r5=>0x0)
syz_io_uring_setup(0x1864, &(0x7f00000003c0), &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x40, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1})
io_uring_enter(r4, 0x184c, 0x0, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, &(0x7f00000006c0)=[{0x0}, {0x0}], 0x2})
io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0)
r10 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r10, &(0x7f0000000100)=ANY=[@ANYBLOB='VOLUME\nSYNTH \'Synth Capture\' 004'], 0x32)
r11 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x280, 0x0)
dup3(r11, r10, 0x0)
ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, 0x0)

4.773191639s ago: executing program 4 (id=429):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x20020084, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
writev(0xffffffffffffffff, &(0x7f0000000140)=[{0x0}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20000010)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e2910000ef0f29902cbb0000c4e2b1ba8c88d90000000f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x41}], 0x1, 0x4a, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f00000004c0)={0xc5, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x200004, 0x0, 0x0, 0x0, 0x0, 0x7})
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, &(0x7f0000000680)="66420f3841c5b9f60200000f3266baf80cb870047a85ef66bafc0c66ed66b80c008ee80fe9b300000100b9220000400f322e0f211c26460fc7b0003000000f78e2b8010000000f01c1", 0x49}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
open(&(0x7f00000000c0)='./bus\x00', 0xce942, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xd, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4.681164513s ago: executing program 0 (id=431):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'netdevsim0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x1f}}}}]}, 0x48}}, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x5, 0x401d031, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x30)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='xfs\x00', 0x0, 0x0)
r7 = openat$ppp(0xffffff9c, &(0x7f0000000000), 0xc4040, 0x0)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000000, 0x812, r7, 0xf7863000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000300)={0x220, r9, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_FRAME={0x202, 0x33, @action={{{}, {}, @device_b}, @measure_req={0x0, 0x0, {0x2, [{0x26, 0xe5, {0x35, 0x0, 0x7, "86042bee16b13f672d4960151b07acd0859fa49e06f162e659db438d4151c0920fa6f1d324ac6abd8e45c4d5e098fa899975fa4198ff0f9688b721f28ea8a676d47656e32b9876060e24ebe3034c7bcfc1189636abafae700ed13c626ebe5abcbae210f40f1222eab90dcb63467b8d91931e7a77d7ef57199e67a4a9d2995716aa5f3769a1bd1aaa31e1eefcd380e7acb225a9e6c0e201d79a3ebc32b130df108391c739744d4246ef00a11ca92a1a8579a9478e6f70377d8a480113e02f336fa0664617964a9ad53e4715c84c6b78e51ef1374c59af754897e2f26da705e7f1481a"}}, {0x26, 0x10, {0x9, 0x5, 0x5, "a8cae85a02808ba37e95f832c1"}}, {0x26, 0xe8, {0x2, 0x0, 0xb, "4b0696d2f801db16ac7afbaa5cd7491ccba387d00653c0f277175edf06ec99893ac12f145e76357e524a5e42e48801c5bbfa5b58b1796953f9e51f9bc4fff4d556de9daa3a0caa93dd5803909e854d9b8a3d87de38dda8e2c0b1dd3f40d5b3a142210b7335ce2172473d700d74d178b38bad251eaa4f4d60487fdf6d0a53d117f92e167382f7b1d2c9738dd55afb4a1338fe5b9e8ebd1c1b3f8a54e8ed1bd741d5e9229cb9b67a2e0cb6b997945c950512d54f3f9eada35157938e72a4176fb46b78507003c5122b33a94a5418368475f74bf4bd0ca04f6e6e7db01cb691f0edf83ca6b439"}}]}}}}]}, 0x220}}, 0x0)

3.54261285s ago: executing program 1 (id=432):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read(0xffffffffffffffff, &(0x7f0000001a00)=""/177, 0xb1)
open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x101)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x330, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b24, &(0x7f0000000000)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x14, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000002400)={0x8, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x24}}}, {{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r4, 0x8b2a, &(0x7f0000000040))
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000a80)='a', 0x1, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(0xffffffffffffffff, 0xc01064ac, &(0x7f0000000200)={r5, 0x0, 0x0})
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0xc0040, 0x0)

2.873550965s ago: executing program 4 (id=433):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read(0xffffffffffffffff, &(0x7f0000001a00)=""/177, 0xb1)
open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x101)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x330, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b24, &(0x7f0000000000)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x14, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000002400)={0x8, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x24}}}, {{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r4, 0x8b2a, &(0x7f0000000040))
r5 = syz_open_dev$dri(&(0x7f0000000a40), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r5, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000a80)='a', 0x1})
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0xc0040, 0x0)

2.135115455s ago: executing program 0 (id=434):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x8402, 0x0)
pwritev2(r0, &(0x7f0000000000)=[{&(0x7f0000000240)}], 0x1, 0x80, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x4000000400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$setperm(0x5, 0x0, 0x0)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x42a400, 0x0)
ioctl$UI_SET_LEDBIT(r2, 0x40045569, 0x0)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x11)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
quotactl_fd$Q_SETINFO(r3, 0xffffffff80000601, 0x0, &(0x7f0000000340)={0x0, 0x1, 0x0, 0x8})
preadv(r3, &(0x7f0000000340)=[{&(0x7f00000002c0)=""/82, 0x52}, {&(0x7f00000005c0)=""/77, 0x4d}], 0x2, 0x3, 0x3)
ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x12)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000100)={{}, 'syz0\x00'})
ioctl$UI_DEV_CREATE(r2, 0x5501)
ioctl$UI_DEV_DESTROY(r2, 0x5502)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180), 0x8802, 0x0)
add_key$keyring(0x0, &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
getpid()
syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_mr_cache\x00')
mount(0x0, &(0x7f0000000080)='.\x00', 0x0, 0x0, 0x0)
inotify_init1(0x0)
syz_emit_ethernet(0x4e, &(0x7f00000002c0)={@random="cf702e8cf675", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x18, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2, {[], @mld={0x83, 0x0, 0x0, 0xfffe, 0x0, @mcast2}}}}}}, 0x0)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xe3245f80f97ca130}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @multicast1}, @GTPA_I_TEI={0x8, 0x8, 0x1}, @GTPA_O_TEI={0x8, 0x9, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x20008884)

2.10624937s ago: executing program 1 (id=435):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x20020084, 0x0, 0x0)
pipe2$9p(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
writev(0xffffffffffffffff, &(0x7f0000000140)=[{0x0}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20000010)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e2910000ef0f29902cbb0000c4e2b1ba8c88d90000000f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x41}], 0x1, 0x4a, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f00000004c0)={0xc5, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x200004, 0x0, 0x0, 0x0, 0x0, 0x7})
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, &(0x7f0000000680)="66420f3841c5b9f60200000f3266baf80cb870047a85ef66bafc0c66ed66b80c008ee80fe9b300000100b9220000400f322e0f211c26460fc7b0003000000f78e2b8010000000f01c1", 0x49}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
open(&(0x7f00000000c0)='./bus\x00', 0xce942, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xd, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.088827836s ago: executing program 3 (id=436):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read(0xffffffffffffffff, &(0x7f0000001a00)=""/177, 0xb1)
open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x101)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x330, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b24, &(0x7f0000000000)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x14, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000002400)={0x8, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x24}}}, {{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
socket$nl_route(0x10, 0x3, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000a40), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r4, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000a80)='a', 0x1, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r4, 0xc01064ac, &(0x7f0000000200)={r5, 0x0, 0x0})
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0xc0040, 0x0)

925.809606ms ago: executing program 0 (id=437):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
pipe2$9p(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
writev(0xffffffffffffffff, &(0x7f0000000140)=[{0x0}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20000010)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e2910000ef0f29902cbb0000c4e2b1ba8c88d90000000f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x41}], 0x1, 0x4a, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f00000004c0)={0xc5, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x200004, 0x0, 0x0, 0x0, 0x0, 0x7})
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, &(0x7f0000000680)="66420f3841c5b9f60200000f3266baf80cb870047a85ef66bafc0c66ed66b80c008ee80fe9b300000100b9220000400f322e0f211c26460fc7b0003000000f78e2b8010000000f01c1", 0x49}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
open(&(0x7f00000000c0)='./bus\x00', 0xce942, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xd, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

714.907533ms ago: executing program 4 (id=438):
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0)
socket$inet6(0xa, 0x3, 0xff)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300))
epoll_create(0x5)
syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
socket$rds(0x15, 0x5, 0x0)
syz_io_uring_setup(0xaa, &(0x7f0000000200)={0x0, 0x3a7d, 0x80}, 0x0, 0x0)
syz_io_uring_setup(0x4, &(0x7f0000000340), 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[@ANYRES64=r4], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SPLICE)
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

542.464153ms ago: executing program 3 (id=439):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x6908, &(0x7f0000000440)={0x0, 0xfffffffe, 0x10100, 0x3, 0xb5}, &(0x7f0000000080), &(0x7f0000000100)=<r5=>0x0)
syz_io_uring_setup(0x1864, &(0x7f00000003c0), &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x40, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1})
io_uring_enter(r4, 0x184c, 0x0, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, &(0x7f00000006c0)=[{0x0}, {0x0}], 0x2})
io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0)
r10 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r10, &(0x7f0000000100)=ANY=[@ANYBLOB='VOLUME\nSYNTH \'Synth Capture\' 004'], 0x32)
r11 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x280, 0x0)
dup3(r11, r10, 0x0)
ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, 0x0)

228.057137ms ago: executing program 1 (id=440):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read(0xffffffffffffffff, &(0x7f0000001a00)=""/177, 0xb1)
open(0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x101)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x330, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b24, &(0x7f0000000000)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x14, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000002400)={0x8, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x24}}}, {{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r4, 0x8b2a, &(0x7f0000000040))
r5 = syz_open_dev$dri(&(0x7f0000000a40), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r5, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000a80)='a', 0x1, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r5, 0xc01064ac, &(0x7f0000000200)={r6, 0x0, 0x0})
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0xc0040, 0x0)

0s ago: executing program 4 (id=441):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="272eee862efeda61316ceff1a08b1730", 0x10)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x6, @dev={0xac, 0x14, 0x14, 0x15}, 0x15, 0x0, 'lblcr\x00'}, 0x2c)
setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000e00)={@cgroup, r3, 0x2f, 0x80ffff, 0x4, @void, @void, @value}, 0x20)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wg2\x00', <r5=>0x0})
r6 = socket$kcm(0x2, 0x5, 0x0)
sendmsg$inet(r6, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000011c0)=[{&(0x7f0000000040)='#', 0x1}], 0x1}, 0x0)
recvmsg$kcm(r6, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r6, 0x1, 0x7, &(0x7f0000000180), 0x43)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x10, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x3b9aca00}]}}]}, 0x40}}, 0x0)
socket(0x200000000000011, 0x2, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r7, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="14000000000000001001000002000000010000000000000014000000000000001001000002"], 0x30}, 0xc0)

kernel console output (not intermixed with test programs):

.141" name="file0" dev="tmpfs" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:file_context_t:s0"
[  305.210753][ T6526] syz.1.141: attempt to access beyond end of device
[  305.210753][ T6526] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[  305.251646][   T29] audit: type=1400 audit(1728374616.344:330): avc:  denied  { associate } for  pid=6503 comm="syz.1.141" name="file0" dev="tmpfs" ino=112 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:file_context_t:s0"
[  305.405483][ T6526] exFAT-fs (nbd1): unable to read boot sector
[  305.411609][ T6526] exFAT-fs (nbd1): failed to read boot sector
[  305.568992][ T6533] xt_CT: You must specify a L4 protocol and not use inversions on it
[  306.160981][ T6526] exFAT-fs (nbd1): failed to recognize exfat type
[  306.167796][ T5220] Bluetooth: hci0: command tx timeout
[  306.202593][   T29] audit: type=1400 audit(1728374616.684:331): avc:  denied  { bind } for  pid=6525 comm="syz.2.145" lport=9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  306.385282][ T6423] hsr_slave_0: entered promiscuous mode
[  306.391450][ T6423] hsr_slave_1: entered promiscuous mode
[  306.434394][   T29] audit: type=1400 audit(1728374616.684:332): avc:  denied  { name_bind } for  pid=6525 comm="syz.2.145" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  306.692711][ T5220] Bluetooth: hci2: command tx timeout
[  306.701715][   T29] audit: type=1400 audit(1728374616.684:333): avc:  denied  { node_bind } for  pid=6525 comm="syz.2.145" saddr=172.20.20.170 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  306.733245][   T29] audit: type=1400 audit(1728374616.774:334): avc:  denied  { ioctl } for  pid=6525 comm="syz.2.145" path="/dev/binderfs/binder0" dev="binder" ino=13 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  306.898592][ T6540] kvm: pic: non byte write
[  307.061476][   T29] audit: type=1400 audit(1728374616.774:335): avc:  denied  { set_context_mgr } for  pid=6525 comm="syz.2.145" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  307.400294][ T1064] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.595849][ T1064] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.377569][ T5220] Bluetooth: hci0: command tx timeout
[  308.679769][ T1064] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.698166][ T5220] Bluetooth: hci2: command tx timeout
[  310.191421][ T1064] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.631839][   T29] audit: type=1400 audit(1728374621.744:336): avc:  denied  { read } for  pid=6566 comm="syz.1.149" name="ptp0" dev="devtmpfs" ino=1073 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  311.705233][   T29] audit: type=1400 audit(1728374621.754:337): avc:  denied  { open } for  pid=6566 comm="syz.1.149" path="/dev/ptp0" dev="devtmpfs" ino=1073 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  311.753130][ T5926] Bluetooth: hci2: command tx timeout
[  311.829893][ T6468] chnl_net:caif_netlink_parms(): no params data found
[  311.868637][ T5220] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  311.878576][ T5220] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  311.887371][ T5220] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  311.895617][ T5220] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  311.903741][ T5220] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  311.910946][ T5220] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  312.447362][ T6592] kvm: pic: non byte write
[  313.788135][ T6468] bridge0: port 1(bridge_slave_0) entered blocking state
[  313.809906][ T6468] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.829842][ T6468] bridge_slave_0: entered allmulticast mode
[  313.870369][ T6468] bridge_slave_0: entered promiscuous mode
[  314.053808][ T5220] Bluetooth: hci3: command tx timeout
[  314.074609][   T29] audit: type=1400 audit(1728374625.244:338): avc:  denied  { write } for  pid=6611 comm="syz.1.156" name="raw-gadget" dev="devtmpfs" ino=732 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  314.117361][ T6468] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.407814][ T6468] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.433781][ T6468] bridge_slave_1: entered allmulticast mode
[  314.442708][ T5267] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  314.460218][ T6468] bridge_slave_1: entered promiscuous mode
[  314.613015][ T5267] usb 2-1: Using ep0 maxpacket: 32
[  314.631661][ T5267] usb 2-1: New USB device found, idVendor=0572, idProduct=1329, bcdDevice=56.c1
[  314.652597][ T5267] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.660638][ T5267] usb 2-1: Product: syz
[  314.677642][ T5267] usb 2-1: Manufacturer: syz
[  314.692749][ T5267] usb 2-1: SerialNumber: syz
[  314.718096][ T6468] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  314.724181][ T5267] usb 2-1: config 0 descriptor??
[  314.843616][ T1064] bridge_slave_1: left allmulticast mode
[  314.849299][ T1064] bridge_slave_1: left promiscuous mode
[  314.855902][ T1064] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.109353][ T1064] bridge_slave_0: left allmulticast mode
[  315.185885][ T1064] bridge_slave_0: left promiscuous mode
[  315.256494][ T1064] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.682786][   T29] audit: type=1400 audit(1728374626.824:339): avc:  denied  { shutdown } for  pid=6611 comm="syz.1.156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  315.749434][ T6625] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  315.817946][ T6625] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  316.132829][ T5220] Bluetooth: hci3: command tx timeout
[  316.235458][ T1064] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  316.270432][ T1064] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  316.287718][ T1064] bond0 (unregistering): Released all slaves
[  316.335256][ T6468] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  316.541073][ T6468] team0: Port device team_slave_0 added
[  316.709332][ T6468] team0: Port device team_slave_1 added
[  316.874593][ T6468] batman_adv: batadv0: Adding interface: batadv_slave_0
[  316.891488][ T6468] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.930068][ T6468] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  316.958136][    T8] usb 2-1: USB disconnect, device number 9
[  317.023655][ T1064] hsr_slave_0: left promiscuous mode
[  317.034106][ T1064] hsr_slave_1: left promiscuous mode
[  317.050584][ T1064] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  317.067224][ T1064] batman_adv: batadv0: Removing interface: batadv_slave_0
[  317.081341][ T1064] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  317.094914][ T1064] batman_adv: batadv0: Removing interface: batadv_slave_1
[  317.140278][ T1064] veth1_macvtap: left promiscuous mode
[  317.152328][ T1064] veth0_macvtap: left promiscuous mode
[  317.161763][ T1064] veth1_vlan: left promiscuous mode
[  317.180819][ T1064] veth0_vlan: left promiscuous mode
[  317.335684][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  317.342054][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  318.213215][ T5220] Bluetooth: hci3: command tx timeout
[  318.363115][   T29] audit: type=1400 audit(1728374629.424:340): avc:  denied  { ioctl } for  pid=6636 comm="syz.1.160" path="socket:[18291]" dev="sockfs" ino=18291 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  320.305788][ T5220] Bluetooth: hci3: command tx timeout
[  320.374424][ T6647] kvm: pic: non byte write
[  320.469232][ T1064] team0 (unregistering): Port device team_slave_1 removed
[  320.587137][ T1064] team0 (unregistering): Port device team_slave_0 removed
[  322.758690][   T29] audit: type=1400 audit(1728374633.174:341): avc:  denied  { bind } for  pid=6658 comm="syz.1.165" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  323.246660][ T6664] syz.1.166: attempt to access beyond end of device
[  323.246660][ T6664] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[  323.342961][ T6664] exFAT-fs (nbd1): unable to read boot sector
[  323.410370][ T6664] exFAT-fs (nbd1): failed to read boot sector
[  323.460240][ T6664] exFAT-fs (nbd1): failed to recognize exfat type
[  324.143689][ T6669] kvm: pic: non byte write
[  324.579307][ T6468] batman_adv: batadv0: Adding interface: batadv_slave_1
[  324.586560][ T6468] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  324.613350][ T6468] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  324.897472][ T6423] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  324.953805][ T6468] hsr_slave_0: entered promiscuous mode
[  324.963719][ T6468] hsr_slave_1: entered promiscuous mode
[  324.990592][ T6468] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  325.007355][ T6468] Cannot create hsr debugfs directory
[  325.027445][ T6423] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  325.051203][ T6584] chnl_net:caif_netlink_parms(): no params data found
[  325.083401][ T6423] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  325.099010][ T5269] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  325.356067][ T5269] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  325.457301][ T5269] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  325.568271][ T5269] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  325.623039][ T6423] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  325.719339][ T5269] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  325.750857][ T5269] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  325.809389][ T5269] usb 3-1: config 0 descriptor??
[  325.831590][ T6673] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  326.145974][ T6423] 8021q: adding VLAN 0 to HW filter on device bond0
[  326.178401][ T6584] bridge0: port 1(bridge_slave_0) entered blocking state
[  326.209701][ T6584] bridge0: port 1(bridge_slave_0) entered disabled state
[  326.231733][ T6584] bridge_slave_0: entered allmulticast mode
[  326.247405][ T6584] bridge_slave_0: entered promiscuous mode
[  326.308650][ T6584] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.319421][ T6584] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.336350][ T6584] bridge_slave_1: entered allmulticast mode
[  326.349632][ T6584] bridge_slave_1: entered promiscuous mode
[  326.383845][ T5269] plantronics 0003:047F:FFFF.0002: unknown main item tag 0xd
[  326.406333][ T5269] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  326.437074][ T5269] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  326.519238][ T1064] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.547792][ T6584] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  326.563852][ T6584] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  326.622281][ T6468] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.657964][ T6423] 8021q: adding VLAN 0 to HW filter on device team0
[  326.716054][ T1064] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.780294][ T6584] team0: Port device team_slave_0 added
[  326.950860][ T6468] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.975017][  T961] bridge0: port 1(bridge_slave_0) entered blocking state
[  326.982127][  T961] bridge0: port 1(bridge_slave_0) entered forwarding state
[  326.992395][  T961] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.999579][  T961] bridge0: port 2(bridge_slave_1) entered forwarding state
[  327.508084][   T29] audit: type=1326 audit(1728374638.654:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecfdd7dff9 code=0x7ffc0000
[  327.604162][ T1064] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.784552][   T29] audit: type=1326 audit(1728374638.654:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecfdd7dff9 code=0x7ffc0000
[  327.808232][   T29] audit: type=1326 audit(1728374638.664:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fecfdd7dff9 code=0x7ffc0000
[  327.831854][   T29] audit: type=1326 audit(1728374638.664:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecfdd7dff9 code=0x7ffc0000
[  327.855495][   T29] audit: type=1326 audit(1728374638.664:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecfdd7dff9 code=0x7ffc0000
[  327.878939][   T29] audit: type=1326 audit(1728374638.664:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fecfdd7dff9 code=0x7ffc0000
[  327.902348][   T29] audit: type=1326 audit(1728374638.664:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecfdd7dff9 code=0x7ffc0000
[  327.925865][   T29] audit: type=1326 audit(1728374638.664:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecfdd7dff9 code=0x7ffc0000
[  327.952903][   T29] audit: type=1326 audit(1728374638.744:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fecfdd7dff9 code=0x7ffc0000
[  328.004703][   T29] audit: type=1326 audit(1728374638.744:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecfdd7dff9 code=0x7ffc0000
[  328.037633][   T29] audit: type=1326 audit(1728374638.744:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6672 comm="syz.2.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fecfdd7dff9 code=0x7ffc0000
[  328.085357][ T6584] team0: Port device team_slave_1 added
[  328.114795][ T6423] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  328.152777][ T6423] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  328.202274][ T6468] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.294233][ T1064] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.340083][ T6468] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.358417][ T6584] batman_adv: batadv0: Adding interface: batadv_slave_0
[  328.366077][ T6584] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  328.400874][ T6584] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  328.428652][ T6584] batman_adv: batadv0: Adding interface: batadv_slave_1
[  328.442270][ T6584] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  328.486878][ T6584] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  328.643091][ T5254] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  328.679467][ T6584] hsr_slave_0: entered promiscuous mode
[  328.700814][ T6584] hsr_slave_1: entered promiscuous mode
[  328.728344][ T6584] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  328.743148][ T6584] Cannot create hsr debugfs directory
[  328.805425][ T5254] usb 2-1: too many configurations: 65, using maximum allowed: 8
[  328.828275][ T6423] 8021q: adding VLAN 0 to HW filter on device batadv0
[  328.838617][ T5254] usb 2-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config
[  328.854197][ T5254] usb 2-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config
[  328.875263][ T5298] usb 3-1: USB disconnect, device number 2
[  328.916817][ T5254] usb 2-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config
[  328.949476][ T5254] usb 2-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config
[  329.002202][ T5254] usb 2-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config
[  329.037509][ T5254] usb 2-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config
[  329.050941][ T5254] usb 2-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config
[  329.063336][ T1064] bridge_slave_1: left allmulticast mode
[  329.065468][ T5254] usb 2-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config
[  329.079674][ T1064] bridge_slave_1: left promiscuous mode
[  329.079744][ T5254] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  329.095528][ T5254] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.096329][ T1064] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.114743][ T5254] usb 2-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  329.130612][ T1064] bridge_slave_0: left allmulticast mode
[  329.133936][ T5254] usb 2-1: No valid video chain found.
[  329.153426][ T1064] bridge_slave_0: left promiscuous mode
[  329.172907][ T1064] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.187621][ T1064] bridge_slave_1: left allmulticast mode
[  329.195050][ T1064] bridge_slave_1: left promiscuous mode
[  329.200759][ T1064] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.210583][ T1064] bridge_slave_0: left allmulticast mode
[  329.216908][ T1064] bridge_slave_0: left promiscuous mode
[  329.225411][ T1064] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.419051][ T5324] usb 2-1: USB disconnect, device number 10
[  330.676195][ T1064] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  330.698595][ T1064] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  331.591002][ T1064] bond0 (unregistering): Released all slaves
[  332.161595][ T1064] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  332.322369][ T1064] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  332.652099][ T1064] bond0 (unregistering): Released all slaves
[  332.811277][ T6468] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  332.874926][ T6468] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  333.960538][ T6768] kvm: pic: non byte write
[  333.977114][ T6468] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  334.019730][ T6468] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  334.230170][ T6423] veth0_vlan: entered promiscuous mode
[  334.546532][ T6423] veth1_vlan: entered promiscuous mode
[  334.692770][ T5324] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  334.869984][ T5324] usb 3-1: Using ep0 maxpacket: 8
[  334.885437][ T5324] usb 3-1: config 254 has an invalid interface number: 167 but max is 0
[  334.934684][ T5324] usb 3-1: config 254 has no interface number 0
[  334.959675][ T5324] usb 3-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  334.987781][ T5324] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.006209][ T5324] usb 3-1: Product: syz
[  335.016303][ T5324] usb 3-1: Manufacturer: syz
[  335.031168][ T5324] usb 3-1: SerialNumber: syz
[  335.237165][ T6423] veth0_macvtap: entered promiscuous mode
[  336.269328][ T1064] hsr_slave_0: left promiscuous mode
[  336.277326][ T1064] hsr_slave_1: left promiscuous mode
[  336.283978][ T1064] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  336.291437][ T1064] batman_adv: batadv0: Removing interface: batadv_slave_0
[  336.299796][ T1064] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  336.307677][ T1064] batman_adv: batadv0: Removing interface: batadv_slave_1
[  336.436972][ T1064] hsr_slave_0: left promiscuous mode
[  336.462349][ T1064] hsr_slave_1: left promiscuous mode
[  337.179963][ T5324] mxuport 3-1:254.167: mxuport_recv_ctrl_urb - usb_control_msg failed (-32)
[  337.189619][ T5324] mxuport 3-1:254.167: probe with driver mxuport failed with error -5
[  337.240998][ T6776] syz.2.181: attempt to access beyond end of device
[  337.240998][ T6776] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  337.261111][ T1064] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  337.271037][ T6776] exFAT-fs (nbd2): unable to read boot sector
[  337.273178][ T1064] batman_adv: batadv0: Removing interface: batadv_slave_0
[  337.282552][ T6776] exFAT-fs (nbd2): failed to read boot sector
[  337.292242][ T1064] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  337.300412][ T1064] batman_adv: batadv0: Removing interface: batadv_slave_1
[  337.311177][ T6776] exFAT-fs (nbd2): failed to recognize exfat type
[  337.341629][   T25] usb 3-1: USB disconnect, device number 3
[  337.344869][ T1064] veth1_macvtap: left promiscuous mode
[  337.359941][ T1064] veth0_macvtap: left promiscuous mode
[  338.193758][ T1064] veth1_vlan: left promiscuous mode
[  338.199119][ T1064] veth0_vlan: left promiscuous mode
[  338.220845][ T1064] veth1_macvtap: left promiscuous mode
[  338.227069][ T1064] veth0_macvtap: left promiscuous mode
[  338.233640][ T1064] veth1_vlan: left promiscuous mode
[  338.239030][ T1064] veth0_vlan: left promiscuous mode
[  338.355189][ T6802] xt_policy: too many policy elements
[  339.631747][ T6806] kvm: pic: non byte write
[  342.993610][ T1064] team0 (unregistering): Port device team_slave_1 removed
[  343.069395][ T1064] team0 (unregistering): Port device team_slave_0 removed
[  343.192869][ T5298] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  343.362592][ T5298] usb 3-1: Using ep0 maxpacket: 8
[  343.369628][ T5298] usb 3-1: config 254 has an invalid interface number: 167 but max is 0
[  343.378984][ T5298] usb 3-1: config 254 has no interface number 0
[  343.388115][ T5298] usb 3-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  343.398595][ T5298] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  343.407016][ T5298] usb 3-1: Product: syz
[  343.411317][ T5298] usb 3-1: Manufacturer: syz
[  343.416844][ T5298] usb 3-1: SerialNumber: syz
[  343.869923][ T5298] mxuport 3-1:254.167: mxuport_recv_ctrl_urb - usb_control_msg failed (-32)
[  343.880024][ T6833] syz.2.191: attempt to access beyond end of device
[  343.880024][ T6833] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  343.894747][ T6833] exFAT-fs (nbd2): unable to read boot sector
[  343.900814][ T6833] exFAT-fs (nbd2): failed to read boot sector
[  343.907630][ T5298] mxuport 3-1:254.167: probe with driver mxuport failed with error -5
[  343.923498][ T6833] exFAT-fs (nbd2): failed to recognize exfat type
[  343.980779][ T5298] usb 3-1: USB disconnect, device number 4
[  344.111703][ T1064] team0 (unregistering): Port device team_slave_1 removed
[  344.151799][ T1064] team0 (unregistering): Port device team_slave_0 removed
[  344.538421][ T6423] veth1_macvtap: entered promiscuous mode
[  344.627649][ T6584] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  344.716120][ T6584] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  344.753568][ T6584] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  344.806606][ T6584] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  345.211668][ T6468] 8021q: adding VLAN 0 to HW filter on device bond0
[  345.581526][ T6468] 8021q: adding VLAN 0 to HW filter on device team0
[  345.653734][ T6423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  345.672183][ T6423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.682440][ T6423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  345.693876][ T6423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.751563][ T6423] batman_adv: batadv0: Interface activated: batadv_slave_0
[  345.776963][ T6423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  345.787676][ T6423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.797686][ T6423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  345.812237][ T6423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.846955][ T6423] batman_adv: batadv0: Interface activated: batadv_slave_1
[  345.916665][   T29] kauditd_printk_skb: 7 callbacks suppressed
[  345.916714][   T29] audit: type=1400 audit(1728374657.084:360): avc:  denied  { bind } for  pid=6839 comm="syz.2.193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  346.328214][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  346.335398][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  346.431133][ T6423] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  346.441187][ T6423] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  346.450066][ T6423] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  346.459259][ T6423] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  346.488928][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  346.496192][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  346.804481][ T6584] 8021q: adding VLAN 0 to HW filter on device bond0
[  347.718244][ T6584] 8021q: adding VLAN 0 to HW filter on device team0
[  347.789352][ T6468] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  347.824783][ T6468] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  348.856058][ T2582] bridge0: port 1(bridge_slave_0) entered blocking state
[  348.863227][ T2582] bridge0: port 1(bridge_slave_0) entered forwarding state
[  348.906566][ T2582] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  348.924095][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  348.931226][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  348.954736][ T2582] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  349.220981][ T1064] IPVS: stop unused estimator thread 0...
[  349.235578][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  349.278602][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  349.460866][ T6468] 8021q: adding VLAN 0 to HW filter on device batadv0
[  350.509309][ T6468] veth0_vlan: entered promiscuous mode
[  350.606474][ T6468] veth1_vlan: entered promiscuous mode
[  350.630955][ T6468] veth0_macvtap: entered promiscuous mode
[  350.684414][ T6584] 8021q: adding VLAN 0 to HW filter on device batadv0
[  350.729935][ T6468] veth1_macvtap: entered promiscuous mode
[  350.748396][ T6468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  350.758959][ T6468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.769240][ T6468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  350.780433][ T6468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.790473][ T6468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  350.801049][ T6468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.812419][ T6468] batman_adv: batadv0: Interface activated: batadv_slave_0
[  350.882447][ T6468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  350.893426][ T6468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.959967][ T6468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  350.979691][ T6468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.020363][ T6468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  351.051918][ T6468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.067693][ T6468] batman_adv: batadv0: Interface activated: batadv_slave_1
[  351.985477][ T6468] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  352.012587][ T6468] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  352.021338][ T6468] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  352.077230][ T6468] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  353.413745][  T961] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  353.421725][  T961] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  353.574470][ T5551] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  353.582304][ T5551] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  353.687172][ T6584] veth0_vlan: entered promiscuous mode
[  353.733702][ T6584] veth1_vlan: entered promiscuous mode
[  353.844490][ T6916] netlink: 8 bytes leftover after parsing attributes in process `syz.1.203'.
[  353.916944][ T6584] veth0_macvtap: entered promiscuous mode
[  353.930490][ T6584] veth1_macvtap: entered promiscuous mode
[  353.969090][ T6584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.980242][ T6584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.990384][ T6584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  354.001066][ T6584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.052381][ T6584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  354.070011][ T6584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.080989][ T6584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  354.098381][ T6584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.110794][ T6584] batman_adv: batadv0: Interface activated: batadv_slave_0
[  354.149245][ T6584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  354.172019][ T6584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.189483][ T6584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  354.200467][ T6584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.217638][ T6584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  354.236065][ T6584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.247997][ T6584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  354.259274][ T6584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.271729][ T6584] batman_adv: batadv0: Interface activated: batadv_slave_1
[  355.163854][ T6584] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  355.192564][ T6584] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  355.201316][ T6584] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  355.229429][ T6584] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  357.871738][ T5557] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  357.881149][ T5557] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  358.049930][ T1064] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  358.064539][ T1064] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  360.146101][ T6957] syz.3.211: attempt to access beyond end of device
[  360.146101][ T6957] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[  360.167441][ T6957] syz.3.211: attempt to access beyond end of device
[  360.167441][ T6957] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0
[  360.181041][ T6957] Mount JFS Failure: -5
[  360.187214][ T6957] jfs_mount failed w/return code = -5
[  362.324367][ T6972] netlink: 8 bytes leftover after parsing attributes in process `syz.1.214'.
[  362.961216][ T5551] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.004015][ T5926] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  363.027744][ T5926] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  363.037215][ T5926] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  363.085507][ T5926] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  363.963003][ T5926] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  363.970396][ T5926] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  364.054368][ T5551] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.185710][ T5551] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.579780][ T5220] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  364.622742][ T5254] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  364.632950][ T5220] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  364.688731][ T6992] netlink: 'syz.4.221': attribute type 3 has an invalid length.
[  365.203576][ T5220] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  365.239507][   T29] audit: type=1400 audit(1728374675.854:361): avc:  denied  { write } for  pid=6987 comm="syz.4.221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  365.322360][ T5220] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  365.330916][ T5220] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  365.339642][ T5220] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  365.369220][ T5551] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.495234][ T6975] chnl_net:caif_netlink_parms(): no params data found
[  365.589175][ T5254] usb 2-1: Using ep0 maxpacket: 8
[  366.251486][ T5926] Bluetooth: hci0: command tx timeout
[  366.645198][ T5254] usb 2-1: unable to read config index 0 descriptor/start: -71
[  366.659949][ T5254] usb 2-1: can't read configurations, error -71
[  366.872552][ T6990] chnl_net:caif_netlink_parms(): no params data found
[  367.512056][ T5926] Bluetooth: hci1: command tx timeout
[  367.570808][ T5551] bridge_slave_1: left allmulticast mode
[  367.576684][ T5551] bridge_slave_1: left promiscuous mode
[  367.582445][ T5551] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.730585][ T5551] bridge_slave_0: left allmulticast mode
[  367.736454][ T5551] bridge_slave_0: left promiscuous mode
[  367.742180][ T5551] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.294335][ T5926] Bluetooth: hci0: command tx timeout
[  369.040537][ T7026] netlink: 8 bytes leftover after parsing attributes in process `syz.1.227'.
[  369.862951][ T5926] Bluetooth: hci1: command tx timeout
[  370.372644][ T5926] Bluetooth: hci0: command tx timeout
[  370.521428][   T29] audit: type=1400 audit(1728374681.684:362): avc:  denied  { read append } for  pid=7033 comm="syz.1.231" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  370.612666][ T5926] Bluetooth: hci4: command 0x0406 tx timeout
[  370.615977][ T4612] Bluetooth: hci5: command 0x0406 tx timeout
[  370.655808][   T29] audit: type=1400 audit(1728374681.684:363): avc:  denied  { open } for  pid=7033 comm="syz.1.231" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  370.662334][ T7035] input: syz0 as /devices/virtual/input/input8
[  371.322468][ T5224] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  371.333552][ T5224] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  371.350637][ T5224] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  371.363961][ T5224] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  371.373221][ T5224] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  371.380486][ T5224] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  371.893962][ T5224] Bluetooth: hci1: command tx timeout
[  371.902935][ T7047] syz.1.232: attempt to access beyond end of device
[  371.902935][ T7047] nbd1: rw=4096, sector=0, nr_sectors = 1 limit=0
[  371.917572][ T7047] XFS (nbd1): SB validate failed with error -5.
[  371.992742][ T5551] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  372.255771][ T5551] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  372.314354][ T5324] IPVS: starting estimator thread 0...
[  372.314935][ T5551] bond0 (unregistering): Released all slaves
[  372.412667][ T7056] IPVS: using max 18 ests per chain, 43200 per kthread
[  372.462686][ T5224] Bluetooth: hci0: command tx timeout
[  372.646635][ T6975] bridge0: port 1(bridge_slave_0) entered blocking state
[  372.654152][ T6975] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.661386][ T6975] bridge_slave_0: entered allmulticast mode
[  372.669010][ T6975] bridge_slave_0: entered promiscuous mode
[  372.783401][ T6975] bridge0: port 2(bridge_slave_1) entered blocking state
[  372.802992][ T6975] bridge0: port 2(bridge_slave_1) entered disabled state
[  372.810227][ T6975] bridge_slave_1: entered allmulticast mode
[  372.834807][ T6975] bridge_slave_1: entered promiscuous mode
[  372.911663][ T7070] xt_policy: too many policy elements
[  373.543729][ T5224] Bluetooth: hci6: command tx timeout
[  373.941993][ T6990] bridge0: port 1(bridge_slave_0) entered blocking state
[  373.958689][ T6990] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.973381][ T5224] Bluetooth: hci1: command tx timeout
[  373.989557][ T6990] bridge_slave_0: entered allmulticast mode
[  374.124631][ T6990] bridge_slave_0: entered promiscuous mode
[  374.449126][ T6975] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  374.566306][ T6975] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  374.616242][ T6990] bridge0: port 2(bridge_slave_1) entered blocking state
[  374.666684][ T6990] bridge0: port 2(bridge_slave_1) entered disabled state
[  374.675021][ T6990] bridge_slave_1: entered allmulticast mode
[  374.682128][ T6990] bridge_slave_1: entered promiscuous mode
[  374.877862][ T5551] hsr_slave_0: left promiscuous mode
[  374.886665][ T5551] hsr_slave_1: left promiscuous mode
[  374.942818][ T5551] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  374.969552][ T5551] batman_adv: batadv0: Removing interface: batadv_slave_0
[  375.004735][ T5551] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  375.034465][ T5551] batman_adv: batadv0: Removing interface: batadv_slave_1
[  375.199979][ T5551] veth1_macvtap: left promiscuous mode
[  375.206138][ T5551] veth0_macvtap: left promiscuous mode
[  375.212354][ T5551] veth1_vlan: left promiscuous mode
[  375.220045][ T5551] veth0_vlan: left promiscuous mode
[  375.254618][ T7095] syz.4.236: attempt to access beyond end of device
[  375.254618][ T7095] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[  375.268201][ T7095] syz.4.236: attempt to access beyond end of device
[  375.268201][ T7095] nbd4: rw=0, sector=120, nr_sectors = 8 limit=0
[  375.281793][ T7095] Mount JFS Failure: -5
[  375.286254][ T7095] jfs_mount failed w/return code = -5
[  375.574547][ T5224] Bluetooth: hci6: command tx timeout
[  375.938423][ T7099] netlink: 8 bytes leftover after parsing attributes in process `syz.1.237'.
[  377.236216][ T5551] team0 (unregistering): Port device team_slave_1 removed
[  377.292153][ T5551] team0 (unregistering): Port device team_slave_0 removed
[  377.653896][ T5224] Bluetooth: hci6: command tx timeout
[  378.104190][ T5269] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  378.216287][ T6990] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  378.269132][ T6990] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  378.372716][ T5269] usb 2-1: Using ep0 maxpacket: 8
[  378.393445][ T5269] usb 2-1: config 254 has an invalid interface number: 167 but max is 0
[  378.411701][ T5269] usb 2-1: config 254 has no interface number 0
[  378.432846][ T5269] usb 2-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  378.445326][ T5269] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  378.454100][ T5269] usb 2-1: Product: syz
[  378.458730][ T5269] usb 2-1: Manufacturer: syz
[  378.464341][ T5269] usb 2-1: SerialNumber: syz
[  378.464417][ T6975] team0: Port device team_slave_0 added
[  378.523250][ T6990] team0: Port device team_slave_0 added
[  378.531572][ T6975] team0: Port device team_slave_1 added
[  378.576319][ T6990] team0: Port device team_slave_1 added
[  378.679383][ T6990] batman_adv: batadv0: Adding interface: batadv_slave_0
[  378.699426][ T6990] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.739767][ T6990] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  378.826725][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  378.833131][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  378.864442][ T6975] batman_adv: batadv0: Adding interface: batadv_slave_0
[  378.873665][ T6975] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.965324][ T7111] netlink: 'syz.4.240': attribute type 3 has an invalid length.
[  379.622548][ T6975] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  379.666093][ T6990] batman_adv: batadv0: Adding interface: batadv_slave_1
[  379.681557][ T6990] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  379.715716][ T6990] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  379.732809][ T5224] Bluetooth: hci6: command tx timeout
[  379.758389][ T6975] batman_adv: batadv0: Adding interface: batadv_slave_1
[  379.772580][ T6975] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  379.798609][ T6975] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  379.815353][ T7105] syz.1.239: attempt to access beyond end of device
[  379.815353][ T7105] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[  379.831053][ T5269] mxuport 2-1:254.167: mxuport_recv_ctrl_urb - usb_control_msg failed (-32)
[  379.857058][ T7105] exFAT-fs (nbd1): unable to read boot sector
[  379.867924][ T5269] mxuport 2-1:254.167: probe with driver mxuport failed with error -5
[  379.876418][ T7105] exFAT-fs (nbd1): failed to read boot sector
[  379.900855][ T6990] hsr_slave_0: entered promiscuous mode
[  379.907497][ T7105] exFAT-fs (nbd1): failed to recognize exfat type
[  379.917809][ T6990] hsr_slave_1: entered promiscuous mode
[  380.016796][ T5269] usb 2-1: USB disconnect, device number 13
[  380.050740][ T6975] hsr_slave_0: entered promiscuous mode
[  380.078040][ T6975] hsr_slave_1: entered promiscuous mode
[  380.085406][ T6975] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  380.102561][ T6975] Cannot create hsr debugfs directory
[  380.182603][ T5267] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  380.372594][ T5267] usb 5-1: Using ep0 maxpacket: 8
[  380.385096][ T5267] usb 5-1: config 254 has an invalid interface number: 167 but max is 0
[  380.402593][ T5267] usb 5-1: config 254 has no interface number 0
[  380.418889][ T5267] usb 5-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  380.442647][ T5267] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  380.450754][ T5267] usb 5-1: Product: syz
[  380.466041][ T5267] usb 5-1: Manufacturer: syz
[  380.470699][ T5267] usb 5-1: SerialNumber: syz
[  380.496393][ T5551] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.535238][ T7040] chnl_net:caif_netlink_parms(): no params data found
[  380.744619][ T5551] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  381.604202][ T5267] mxuport 5-1:254.167: mxuport_recv_ctrl_urb - usb_control_msg failed (-32)
[  381.614595][ T5267] mxuport 5-1:254.167: probe with driver mxuport failed with error -5
[  381.625958][ T7113] syz.4.241: attempt to access beyond end of device
[  381.625958][ T7113] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[  381.691120][ T7113] exFAT-fs (nbd4): unable to read boot sector
[  381.723045][ T7113] exFAT-fs (nbd4): failed to read boot sector
[  381.733538][ T7113] exFAT-fs (nbd4): failed to recognize exfat type
[  381.770765][ T5267] usb 5-1: USB disconnect, device number 4
[  381.805497][ T5551] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.720697][ T7040] bridge0: port 1(bridge_slave_0) entered blocking state
[  382.728388][ T7040] bridge0: port 1(bridge_slave_0) entered disabled state
[  382.739399][ T7040] bridge_slave_0: entered allmulticast mode
[  382.749346][ T7040] bridge_slave_0: entered promiscuous mode
[  382.771866][ T5551] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.895519][ T7040] bridge0: port 2(bridge_slave_1) entered blocking state
[  382.902797][ T7040] bridge0: port 2(bridge_slave_1) entered disabled state
[  382.942702][ T7040] bridge_slave_1: entered allmulticast mode
[  382.950002][ T7040] bridge_slave_1: entered promiscuous mode
[  383.151711][ T6990] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.200306][ T7040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  383.248833][ T6990] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.267985][ T7040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  383.376067][ T6990] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.473775][ T7040] team0: Port device team_slave_0 added
[  383.500970][ T7040] team0: Port device team_slave_1 added
[  383.634286][ T6990] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.846529][ T7160] netlink: 8 bytes leftover after parsing attributes in process `syz.4.245'.
[  385.013264][ T7169] xt_policy: too many policy elements
[  385.150781][ T7040] batman_adv: batadv0: Adding interface: batadv_slave_0
[  385.169520][ T7040] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  385.208765][ T7040] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  385.221661][ T7040] batman_adv: batadv0: Adding interface: batadv_slave_1
[  385.228963][ T7040] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  385.255266][ T7040] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  385.360301][ T5551] bridge_slave_1: left allmulticast mode
[  385.366339][ T5551] bridge_slave_1: left promiscuous mode
[  385.372179][ T5551] bridge0: port 2(bridge_slave_1) entered disabled state
[  385.431593][ T5551] bridge_slave_0: left allmulticast mode
[  385.439036][ T5551] bridge_slave_0: left promiscuous mode
[  385.483651][ T5551] bridge0: port 1(bridge_slave_0) entered disabled state
[  385.544902][ T7174] netlink: 'syz.4.247': attribute type 3 has an invalid length.
[  386.646082][ T7182] kvm: pic: non byte write
[  388.031743][ T5551] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  388.044622][ T5551] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  388.057699][ T5551] bond0 (unregistering): Released all slaves
[  388.071949][ T7040] hsr_slave_0: entered promiscuous mode
[  388.082269][ T7040] hsr_slave_1: entered promiscuous mode
[  388.110350][ T7040] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  388.140835][ T7040] Cannot create hsr debugfs directory
[  388.620796][ T6990] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  388.762357][ T7217] netlink: 'syz.4.252': attribute type 3 has an invalid length.
[  389.493079][ T5551] hsr_slave_0: left promiscuous mode
[  389.519746][ T5551] hsr_slave_1: left promiscuous mode
[  389.529700][ T5551] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  389.571962][ T5551] batman_adv: batadv0: Removing interface: batadv_slave_0
[  389.612140][ T5551] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  389.619795][ T5551] batman_adv: batadv0: Removing interface: batadv_slave_1
[  389.644466][   T29] audit: type=1400 audit(1728374700.804:364): avc:  denied  { map } for  pid=7220 comm="syz.4.254" path="/dev/nullb0" dev="devtmpfs" ino=680 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  389.698102][ T5551] veth1_macvtap: left promiscuous mode
[  389.717135][   T29] audit: type=1400 audit(1728374700.804:365): avc:  denied  { execute } for  pid=7220 comm="syz.4.254" path="/dev/nullb0" dev="devtmpfs" ino=680 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  389.751022][ T5551] veth0_macvtap: left promiscuous mode
[  389.759180][ T5551] veth1_vlan: left promiscuous mode
[  389.797680][ T5551] veth0_vlan: left promiscuous mode
[  390.640939][ T7238] syz.1.255: attempt to access beyond end of device
[  390.640939][ T7238] nbd1: rw=4096, sector=0, nr_sectors = 1 limit=0
[  390.654624][ T7238] XFS (nbd1): SB validate failed with error -5.
[  391.299065][ T7246] syz.4.256: attempt to access beyond end of device
[  391.299065][ T7246] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[  391.311980][ T7246] syz.4.256: attempt to access beyond end of device
[  391.311980][ T7246] nbd4: rw=0, sector=120, nr_sectors = 8 limit=0
[  391.325260][ T7246] Mount JFS Failure: -5
[  391.329409][ T7246] jfs_mount failed w/return code = -5
[  391.627025][ T5551] team0 (unregistering): Port device team_slave_1 removed
[  391.666553][ T5551] team0 (unregistering): Port device team_slave_0 removed
[  392.039535][ T6990] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  392.161778][ T6990] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  392.309021][ T7253] xt_policy: too many policy elements
[  392.326875][ T6990] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  392.882745][ T6182] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  392.939903][ T6990] 8021q: adding VLAN 0 to HW filter on device bond0
[  393.065819][ T6990] 8021q: adding VLAN 0 to HW filter on device team0
[  393.072697][ T6182] usb 5-1: Using ep0 maxpacket: 8
[  393.095025][ T6182] usb 5-1: config 254 has an invalid interface number: 167 but max is 0
[  393.120219][ T6182] usb 5-1: config 254 has no interface number 0
[  393.148780][ T6182] usb 5-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  393.168652][ T6182] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.181250][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  393.188405][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  393.190202][ T6182] usb 5-1: Product: syz
[  393.206460][ T6182] usb 5-1: Manufacturer: syz
[  393.221332][ T6182] usb 5-1: SerialNumber: syz
[  393.240882][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  393.248049][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  393.390698][ T6990] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  393.643017][ T6975] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  393.660338][ T6975] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  393.757791][ T7255] syz.4.259: attempt to access beyond end of device
[  393.757791][ T7255] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[  393.787251][ T6182] mxuport 5-1:254.167: mxuport_recv_ctrl_urb - usb_control_msg failed (-32)
[  393.793005][ T6975] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  393.796141][ T6182] mxuport 5-1:254.167: probe with driver mxuport failed with error -5
[  393.860263][ T6975] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  393.896993][ T7255] exFAT-fs (nbd4): unable to read boot sector
[  393.920520][ T7040] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  393.949599][ T7255] exFAT-fs (nbd4): failed to read boot sector
[  393.956957][ T7255] exFAT-fs (nbd4): failed to recognize exfat type
[  394.000694][ T5298] usb 5-1: USB disconnect, device number 5
[  394.013238][ T7040] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  394.047000][ T7040] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  394.076086][ T7040] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  394.144419][ T6990] 8021q: adding VLAN 0 to HW filter on device batadv0
[  394.299262][ T7040] 8021q: adding VLAN 0 to HW filter on device bond0
[  394.397315][ T6975] 8021q: adding VLAN 0 to HW filter on device bond0
[  394.480069][ T6990] veth0_vlan: entered promiscuous mode
[  394.498224][ T7040] 8021q: adding VLAN 0 to HW filter on device team0
[  394.516530][ T1064] bridge0: port 1(bridge_slave_0) entered blocking state
[  394.523657][ T1064] bridge0: port 1(bridge_slave_0) entered forwarding state
[  394.537641][ T1064] bridge0: port 2(bridge_slave_1) entered blocking state
[  394.544796][ T1064] bridge0: port 2(bridge_slave_1) entered forwarding state
[  394.572828][ T5254] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  394.590547][ T6990] veth1_vlan: entered promiscuous mode
[  394.623144][ T6975] 8021q: adding VLAN 0 to HW filter on device team0
[  394.728208][ T5254] usb 2-1: Using ep0 maxpacket: 8
[  394.735291][ T5254] usb 2-1: config 254 has an invalid interface number: 167 but max is 0
[  394.744409][ T5254] usb 2-1: config 254 has no interface number 0
[  394.781163][ T5557] bridge0: port 1(bridge_slave_0) entered blocking state
[  394.788264][ T5557] bridge0: port 1(bridge_slave_0) entered forwarding state
[  394.808601][ T5254] usb 2-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  394.818092][ T5254] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.860206][ T5557] bridge0: port 2(bridge_slave_1) entered blocking state
[  394.867394][ T5557] bridge0: port 2(bridge_slave_1) entered forwarding state
[  394.872777][ T5254] usb 2-1: Product: syz
[  394.883629][ T5254] usb 2-1: Manufacturer: syz
[  394.888266][ T5254] usb 2-1: SerialNumber: syz
[  394.964694][ T6990] veth0_macvtap: entered promiscuous mode
[  394.985950][ T6990] veth1_macvtap: entered promiscuous mode
[  396.005810][ T6990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  396.028367][ T6990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  396.042305][ T6990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  396.056728][ T6990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  396.069549][ T6990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  396.091548][ T6990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  396.110064][ T6990] batman_adv: batadv0: Interface activated: batadv_slave_0
[  396.156149][ T6990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  396.190352][ T6990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  396.236231][ T5254] mxuport 2-1:254.167: mxuport_recv_ctrl_urb - usb_control_msg failed (-32)
[  396.260412][ T6990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  396.271601][ T5254] mxuport 2-1:254.167: probe with driver mxuport failed with error -5
[  396.281453][ T6990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  396.320776][ T6990] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  396.338737][ T6990] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  396.354293][ T6990] batman_adv: batadv0: Interface activated: batadv_slave_1
[  396.355450][ T5324] usb 2-1: USB disconnect, device number 14
[  396.384851][ T6975] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  396.414564][ T6975] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  396.475233][ T7040] 8021q: adding VLAN 0 to HW filter on device batadv0
[  396.494911][ T6990] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  396.505094][ T6990] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  396.514986][ T6990] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  396.524091][ T6990] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  396.665098][ T7040] veth0_vlan: entered promiscuous mode
[  396.701384][ T7040] veth1_vlan: entered promiscuous mode
[  396.855686][ T5551] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  396.869790][ T5551] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  396.945828][ T5557] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  396.954514][ T5557] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  396.966428][ T7040] veth0_macvtap: entered promiscuous mode
[  397.051409][ T6975] 8021q: adding VLAN 0 to HW filter on device batadv0
[  397.073820][ T7040] veth1_macvtap: entered promiscuous mode
[  397.201703][ T7040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  397.232038][ T7040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.290712][ T7040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  397.313115][ T7040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.363423][ T7040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  397.499804][ T7040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  398.223853][ T7040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  398.247230][ T7330] fuse: Bad value for 'fd'
[  398.272645][ T7040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  398.322165][ T7040] batman_adv: batadv0: Interface activated: batadv_slave_0
[  398.356949][ T7040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  398.408094][ T7040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  398.471825][ T7040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  399.107229][ T7335] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/nbd2": -EINTR
[  399.168520][ T7040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.205447][ T7040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  399.232886][ T7040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.256899][ T7040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  399.285944][ T7040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.328032][ T7040] batman_adv: batadv0: Interface activated: batadv_slave_1
[  399.424879][ T7040] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  399.467324][ T7040] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  399.492773][ T7040] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  399.512611][ T7040] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  399.698685][ T6975] veth0_vlan: entered promiscuous mode
[  400.862637][ T7355] kvm: pic: non byte write
[  400.989343][ T6975] veth1_vlan: entered promiscuous mode
[  401.011918][ T6975] veth0_macvtap: entered promiscuous mode
[  401.021867][ T6975] veth1_macvtap: entered promiscuous mode
[  401.120356][ T2582] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  401.139095][ T2582] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  401.233480][ T6975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  401.244157][ T6975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  401.276327][ T6975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  401.330799][ T6975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  401.376404][ T7363] xt_policy: too many policy elements
[  401.390123][ T6975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  401.482894][ T6975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  401.526893][ T6975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  401.582168][ T6975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  401.650248][ T6975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  401.696199][ T6975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  401.734156][ T6975] batman_adv: batadv0: Interface activated: batadv_slave_0
[  401.911936][ T6975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  401.952819][ T6975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  401.963452][ T6975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  401.974502][ T6975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  401.984476][ T6975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  401.994977][ T6975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  402.004884][ T6975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  402.015477][ T6975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  402.025412][ T6975] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  402.036129][ T6975] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  402.054215][ T6975] batman_adv: batadv0: Interface activated: batadv_slave_1
[  402.069050][ T6975] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  402.079120][ T6975] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  402.088389][ T6975] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  402.093738][  T961] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  402.097355][ T6975] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  402.180016][  T961] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  402.432910][  T961] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  402.460700][  T961] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  402.571676][  T961] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  402.614068][  T961] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  402.782869][ T7393] xt_policy: too many policy elements
[  403.619281][   T29] audit: type=1400 audit(1728374714.744:366): avc:  denied  { ioctl } for  pid=7370 comm="syz.2.268" path="/dev/nullb0" dev="devtmpfs" ino=680 ioctlcmd=0x127f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  404.404354][ T7408] netlink: 'syz.1.270': attribute type 3 has an invalid length.
[  415.381345][ T7542] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/nbd4": -EINTR
[  416.053326][ T7551] xt_policy: too many policy elements
[  417.113520][ T7569] syz.1.297: attempt to access beyond end of device
[  417.113520][ T7569] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[  417.126870][ T7569] syz.1.297: attempt to access beyond end of device
[  417.126870][ T7569] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0
[  417.140562][ T7569] Mount JFS Failure: -5
[  417.144744][ T7569] jfs_mount failed w/return code = -5
[  418.571520][ T7575] kvm: pic: non byte write
[  421.326879][ T5220] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  421.335652][ T5220] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  421.344496][ T5220] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  421.353817][ T5220] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  421.363501][ T5220] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  421.370965][ T5220] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  422.039371][ T7600] chnl_net:caif_netlink_parms(): no params data found
[  422.308638][ T7600] bridge0: port 1(bridge_slave_0) entered blocking state
[  422.321928][ T7600] bridge0: port 1(bridge_slave_0) entered disabled state
[  422.341374][ T7600] bridge_slave_0: entered allmulticast mode
[  422.386507][ T7600] bridge_slave_0: entered promiscuous mode
[  422.484669][ T7600] bridge0: port 2(bridge_slave_1) entered blocking state
[  422.491831][ T7600] bridge0: port 2(bridge_slave_1) entered disabled state
[  422.509704][ T7600] bridge_slave_1: entered allmulticast mode
[  422.567876][ T7600] bridge_slave_1: entered promiscuous mode
[  424.193758][ T5220] Bluetooth: hci2: command tx timeout
[  424.290549][ T7636] netlink: 'syz.1.309': attribute type 3 has an invalid length.
[  425.328095][ T7600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  425.344279][ T7600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  426.218548][ T5220] Bluetooth: hci2: command tx timeout
[  427.502650][   T29] audit: type=1400 audit(1728374738.424:367): avc:  denied  { recv } for  pid=7655 comm="syz.0.317" saddr=10.128.0.169 src=30006 daddr=10.128.1.177 dest=33766 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  428.544401][ T5220] Bluetooth: hci2: command tx timeout
[  428.544418][   T29] audit: type=1400 audit(1728374739.224:368): avc:  denied  { egress } for  pid=7660 comm="syz.0.318" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  428.544486][   T29] audit: type=1400 audit(1728374739.224:369): avc:  denied  { sendto } for  pid=7660 comm="syz.0.318" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  430.167653][ T7600] team0: Port device team_slave_0 added
[  430.174981][ T7600] team0: Port device team_slave_1 added
[  430.648170][ T7600] batman_adv: batadv0: Adding interface: batadv_slave_0
[  430.673360][ T7600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  430.699389][    C0] vkms_vblank_simulate: vblank timer overrun
[  430.773784][ T5220] Bluetooth: hci2: command tx timeout
[  430.798678][ T7678] kvm: pic: non byte write
[  430.820139][ T7600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  431.703287][  T961] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.803551][ T7600] batman_adv: batadv0: Adding interface: batadv_slave_1
[  431.810539][ T7600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  431.836492][    C0] vkms_vblank_simulate: vblank timer overrun
[  431.843173][ T7600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  431.896291][ T7600] hsr_slave_0: entered promiscuous mode
[  431.909894][ T7600] hsr_slave_1: entered promiscuous mode
[  431.930800][ T7600] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  431.938820][ T7600] Cannot create hsr debugfs directory
[  432.021110][  T961] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  432.249498][  T961] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  432.406991][  T961] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  432.938449][ T7701] kvm: pic: non byte write
[  433.382985][  T961] bridge_slave_1: left allmulticast mode
[  433.388938][  T961] bridge_slave_1: left promiscuous mode
[  433.404321][  T961] bridge0: port 2(bridge_slave_1) entered disabled state
[  433.422324][  T961] bridge_slave_0: left allmulticast mode
[  433.430647][  T961] bridge_slave_0: left promiscuous mode
[  433.445198][  T961] bridge0: port 1(bridge_slave_0) entered disabled state
[  436.012686][ T5254] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  436.144088][  T961] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  436.183380][ T5254] usb 3-1: Using ep0 maxpacket: 8
[  436.207662][  T961] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  436.237763][ T5254] usb 3-1: config 254 has an invalid interface number: 167 but max is 0
[  436.250995][ T7740] program syz.0.334 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  436.260529][ T7740] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  436.318017][  T961] bond0 (unregistering): Released all slaves
[  436.397845][ T5254] usb 3-1: config 254 has no interface number 0
[  436.606984][ T5254] usb 3-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  437.392796][ T7747] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/nbd0": -EINTR
[  437.394169][ T5254] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.411121][ T5254] usb 3-1: Product: syz
[  437.415390][ T5254] usb 3-1: Manufacturer: syz
[  437.418832][ T5224] Bluetooth: hci3: command 0x0406 tx timeout
[  437.419987][ T5254] usb 3-1: SerialNumber: syz
[  439.046660][  T961] hsr_slave_0: left promiscuous mode
[  439.075463][  T961] hsr_slave_1: left promiscuous mode
[  439.118390][  T961] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  439.149048][  T961] batman_adv: batadv0: Removing interface: batadv_slave_0
[  439.190251][  T961] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  439.228606][  T961] batman_adv: batadv0: Removing interface: batadv_slave_1
[  439.308103][  T961] veth1_macvtap: left promiscuous mode
[  439.333490][  T961] veth0_macvtap: left promiscuous mode
[  439.369953][  T961] veth1_vlan: left promiscuous mode
[  439.398484][  T961] veth0_vlan: left promiscuous mode
[  439.890850][  T961] team0 (unregistering): Port device team_slave_1 removed
[  439.955768][  T961] team0 (unregistering): Port device team_slave_0 removed
[  440.219490][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  440.226091][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  440.588258][ T7600] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  440.617448][ T7600] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  440.634421][ T7600] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  440.650590][ T7600] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  440.781016][ T7600] 8021q: adding VLAN 0 to HW filter on device bond0
[  440.824480][ T7600] 8021q: adding VLAN 0 to HW filter on device team0
[  440.850150][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  440.857293][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  440.912182][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  440.919320][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  441.215267][ T7600] 8021q: adding VLAN 0 to HW filter on device batadv0
[  441.303129][ T7600] veth0_vlan: entered promiscuous mode
[  441.327252][ T7600] veth1_vlan: entered promiscuous mode
[  441.389328][ T7600] veth0_macvtap: entered promiscuous mode
[  441.415333][ T7600] veth1_macvtap: entered promiscuous mode
[  441.453275][ T7600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.483811][ T7600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.517255][ T7600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.542659][ T7600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.573031][ T7600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.606929][ T7600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.638486][ T7600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.661494][ T7600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.692698][ T7600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  441.718051][ T7600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.749120][ T7600] batman_adv: batadv0: Interface activated: batadv_slave_0
[  441.816147][ T7600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.840933][ T7600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.874671][ T7600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.916567][ T7600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  441.954932][ T7600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  441.989209][ T7600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.033961][ T7600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  442.072547][ T7600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.122570][ T7600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  442.167228][ T7600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  442.198459][ T7600] batman_adv: batadv0: Interface activated: batadv_slave_1
[  442.240256][ T7600] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  442.254400][ T7600] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  442.277188][ T7600] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  442.319040][ T7600] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  442.443297][ T5224] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  442.453973][ T5224] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  442.461897][ T5224] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  442.473528][ T5224] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  442.481001][ T5224] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  442.490108][ T5224] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  442.545893][ T5254] mxuport 3-1:254.167: mxuport_recv_ctrl_urb - usb_control_msg failed (-71)
[  442.556761][ T2582] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  442.573086][ T5254] mxuport 3-1:254.167: probe with driver mxuport failed with error -5
[  442.610305][ T2582] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  442.730672][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  442.855189][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  443.012163][ T5254] usb 3-1: USB disconnect, device number 5
[  444.447235][ T7823] kvm: pic: non byte write
[  444.517359][ T7838] syz.3.301: attempt to access beyond end of device
[  444.517359][ T7838] nbd3: rw=4096, sector=0, nr_sectors = 2 limit=0
[  444.530567][ T7838] XFS (nbd3): SB validate failed with error -5.
[  444.536191][ T5224] Bluetooth: hci6: command tx timeout
[  444.629782][   T10] block nbd3: Attempted send on invalid socket
[  444.638606][   T10] I/O error, dev nbd3, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[  444.786099][ T7819] chnl_net:caif_netlink_parms(): no params data found
[  445.540015][ T5220] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  445.682646][ T5220] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  445.779155][ T5220] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  445.787605][ T5220] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  445.796938][ T5220] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  445.804663][ T5220] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  446.595710][   T29] audit: type=1400 audit(1728374757.754:370): avc:  denied  { getopt } for  pid=7861 comm="syz.3.346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  446.632881][   T29] audit: type=1400 audit(1728374757.774:371): avc:  denied  { write } for  pid=7861 comm="syz.3.346" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  446.657106][ T5224] Bluetooth: hci6: command tx timeout
[  446.949618][ T7819] bridge0: port 1(bridge_slave_0) entered blocking state
[  446.962905][ T7819] bridge0: port 1(bridge_slave_0) entered disabled state
[  446.970461][ T7819] bridge_slave_0: entered allmulticast mode
[  446.981434][ T7819] bridge_slave_0: entered promiscuous mode
[  447.058438][ T7819] bridge0: port 2(bridge_slave_1) entered blocking state
[  447.107515][ T7819] bridge0: port 2(bridge_slave_1) entered disabled state
[  447.130491][ T7819] bridge_slave_1: entered allmulticast mode
[  447.138160][ T7819] bridge_slave_1: entered promiscuous mode
[  447.309911][   T35] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  447.352710][ T5254] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  447.390844][ T7819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  447.449898][   T35] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  447.502029][ T7819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  447.542117][ T5254] usb 4-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[  447.562604][ T5254] usb 4-1: config 9 has 1 interface, different from the descriptor's value: 3
[  447.572759][ T5254] usb 4-1: config 9 has no interface number 0
[  447.578896][ T5254] usb 4-1: config 9 interface 1 altsetting 13 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  447.592055][ T5254] usb 4-1: config 9 interface 1 has no altsetting 0
[  447.748122][   T35] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  447.816451][ T7819] team0: Port device team_slave_0 added
[  447.832188][ T7819] team0: Port device team_slave_1 added
[  447.891489][   T35] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  447.936204][ T7853] chnl_net:caif_netlink_parms(): no params data found
[  448.025850][ T5254] usb 4-1: New USB device found, idVendor=058b, idProduct=0028, bcdDevice=f1.bf
[  448.052984][ T5224] Bluetooth: hci7: command tx timeout
[  448.122826][ T7819] batman_adv: batadv0: Adding interface: batadv_slave_0
[  448.153422][ T7819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  448.221890][ T5254] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.222425][ T7819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  448.249060][ T5254] usb 4-1: Product: 竅ꙵ庠ಝ苼帔喈ﴘᄀ擫ࡖ硟꾲슟쫜⌓ᎭᲘ봔炡욼ᥔ퉛Ɨ쒹饩耮ﷳ틩Ꟊ項ﮠ뛛웓茮극Ὣﭚﱻ㲄曐벶ⷾ푆꣋訫蹋깼⦽㤠葙裏녛ᑓ횠㶴䘁ꖯ莈ౣ┗렍⵶㽠䇪偲铼逑싎렦韪캄迸柋ꢼ䚐ꤏ욽ၾ絭뀰㭀鈢海ꗝ겆핸㕱㕳韛Ὠ훓ᛚ봲蓖꩖藦
[  448.258093][ T7819] batman_adv: batadv0: Adding interface: batadv_slave_1
[  448.392530][ T5254] usb 4-1: Manufacturer: 롚伄ꎷ뜂힗鼭嚵嬵汴푁㚧↷웙㳘㪑嵏₽ᅼ곙ڵ檻騛芪ồ蓼
[  448.401613][ T7819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  448.450790][ T5254] usb 4-1: SerialNumber: Ⰹ
[  448.468297][ T7819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  448.794103][ T5224] Bluetooth: hci6: command tx timeout
[  449.365653][ T7819] hsr_slave_0: entered promiscuous mode
[  449.382048][ T7819] hsr_slave_1: entered promiscuous mode
[  449.392101][ T7819] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  449.411850][ T7819] Cannot create hsr debugfs directory
[  450.429349][ T5224] Bluetooth: hci7: command tx timeout
[  450.557880][   T35] bridge_slave_1: left allmulticast mode
[  450.563753][   T35] bridge_slave_1: left promiscuous mode
[  450.569474][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  450.856812][ T5224] Bluetooth: hci6: command tx timeout
[  450.989803][ T7897] netlink: 'syz.2.350': attribute type 3 has an invalid length.
[  451.594987][   T35] bridge_slave_0: left allmulticast mode
[  451.613795][   T35] bridge_slave_0: left promiscuous mode
[  451.619638][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  452.464363][ T5224] Bluetooth: hci7: command tx timeout
[  452.954378][    T8] IPVS: starting estimator thread 0...
[  453.073631][ T7915] IPVS: using max 22 ests per chain, 52800 per kthread
[  453.606352][ T5220] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  453.629524][ T5220] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  453.668442][ T5254] ftdi_sio 4-1:9.1: FTDI USB Serial Device converter detected
[  453.684356][ T5254] ftdi_sio ttyUSB0: unknown device type: 0xf1bf
[  453.692890][ T5220] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  453.807489][ T5220] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  453.819743][ T5220] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  453.826955][ T5220] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  454.120998][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  454.150437][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  454.166136][   T35] bond0 (unregistering): Released all slaves
[  454.187762][ T7853] bridge0: port 1(bridge_slave_0) entered blocking state
[  454.197445][ T7853] bridge0: port 1(bridge_slave_0) entered disabled state
[  454.207574][ T7853] bridge_slave_0: entered allmulticast mode
[  454.218105][ T7853] bridge_slave_0: entered promiscuous mode
[  454.228944][ T7853] bridge0: port 2(bridge_slave_1) entered blocking state
[  454.238982][ T7853] bridge0: port 2(bridge_slave_1) entered disabled state
[  454.249066][ T7853] bridge_slave_1: entered allmulticast mode
[  454.258470][ T7853] bridge_slave_1: entered promiscuous mode
[  454.326991][ T7853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  454.345752][ T7853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  454.378891][ T7853] team0: Port device team_slave_0 added
[  454.387629][ T7853] team0: Port device team_slave_1 added
[  454.411324][ T7853] batman_adv: batadv0: Adding interface: batadv_slave_0
[  454.422317][ T7853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  454.456297][ T7853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  454.470994][ T7853] batman_adv: batadv0: Adding interface: batadv_slave_1
[  454.485901][ T7853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  454.518490][ T7853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  454.537983][ T5220] Bluetooth: hci7: command tx timeout
[  454.564700][ T7853] hsr_slave_0: entered promiscuous mode
[  454.570773][ T7853] hsr_slave_1: entered promiscuous mode
[  454.582045][ T7853] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  454.590080][ T7853] Cannot create hsr debugfs directory
[  454.691006][ T7853] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  454.907900][ T7853] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.118757][ T7853] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.228388][   T35] hsr_slave_0: left promiscuous mode
[  455.243681][   T35] hsr_slave_1: left promiscuous mode
[  455.275735][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  455.302984][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  455.334537][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  455.363060][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  455.424916][   T35] veth1_macvtap: left promiscuous mode
[  455.430428][   T35] veth0_macvtap: left promiscuous mode
[  455.440881][   T35] veth1_vlan: left promiscuous mode
[  455.448741][   T35] veth0_vlan: left promiscuous mode
[  455.901227][ T5220] Bluetooth: hci3: command tx timeout
[  456.845826][ T7947] kvm: pic: non byte write
[  457.054478][ T5224] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  457.065568][ T5224] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  457.093964][ T5224] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  457.104648][ T5224] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  457.112243][ T5224] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  457.119938][ T5224] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  457.489204][   T29] audit: type=1400 audit(1728374768.654:372): avc:  denied  { append } for  pid=7951 comm="syz.2.357" name="event3" dev="devtmpfs" ino=906 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  457.636632][   T29] audit: type=1400 audit(1728374768.744:373): avc:  denied  { read } for  pid=7951 comm="syz.2.357" name="mice" dev="devtmpfs" ino=831 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  457.668551][   T29] audit: type=1400 audit(1728374768.744:374): avc:  denied  { open } for  pid=7951 comm="syz.2.357" path="/dev/input/mice" dev="devtmpfs" ino=831 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  457.975839][ T5224] Bluetooth: hci3: command tx timeout
[  458.058660][   T35] team0 (unregistering): Port device team_slave_1 removed
[  458.103783][   T35] team0 (unregistering): Port device team_slave_0 removed
[  458.500991][ T7853] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.784588][ T5266] usb 4-1: USB disconnect, device number 3
[  458.790987][ T5266] ftdi_sio 4-1:9.1: device disconnected
[  459.631729][ T5224] Bluetooth: hci0: command tx timeout
[  459.764876][ T7922] chnl_net:caif_netlink_parms(): no params data found
[  460.091185][ T5220] Bluetooth: hci3: command tx timeout
[  460.595723][   T35] IPVS: stop unused estimator thread 0...
[  461.566191][   T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  461.626947][ T7922] bridge0: port 1(bridge_slave_0) entered blocking state
[  461.638837][ T7922] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.649398][ T7922] bridge_slave_0: entered allmulticast mode
[  461.691076][ T7922] bridge_slave_0: entered promiscuous mode
[  461.697646][ T5220] Bluetooth: hci0: command tx timeout
[  462.133107][ T5220] Bluetooth: hci3: command tx timeout
[  462.306861][   T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  462.322852][ T7922] bridge0: port 2(bridge_slave_1) entered blocking state
[  462.332665][ T7922] bridge0: port 2(bridge_slave_1) entered disabled state
[  462.339882][ T7922] bridge_slave_1: entered allmulticast mode
[  462.347862][ T7922] bridge_slave_1: entered promiscuous mode
[  462.390574][   T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  462.420642][ T7948] chnl_net:caif_netlink_parms(): no params data found
[  462.448225][ T7922] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  462.520063][ T7922] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  462.549950][ T7819] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  462.559012][ T7819] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  462.589614][   T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  463.424204][ T7819] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  463.440449][ T7819] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  463.500357][ T7922] team0: Port device team_slave_0 added
[  463.511940][ T7922] team0: Port device team_slave_1 added
[  463.732829][ T5220] Bluetooth: hci0: command tx timeout
[  464.067285][ T7987] warning: `syz.2.363' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  464.154811][ T7948] bridge0: port 1(bridge_slave_0) entered blocking state
[  464.163543][ T7948] bridge0: port 1(bridge_slave_0) entered disabled state
[  464.170743][ T7948] bridge_slave_0: entered allmulticast mode
[  464.178111][ T7948] bridge_slave_0: entered promiscuous mode
[  464.193835][ T7948] bridge0: port 2(bridge_slave_1) entered blocking state
[  464.204337][ T7948] bridge0: port 2(bridge_slave_1) entered disabled state
[  464.214340][ T7948] bridge_slave_1: entered allmulticast mode
[  464.223456][ T7948] bridge_slave_1: entered promiscuous mode
[  464.230920][ T7922] batman_adv: batadv0: Adding interface: batadv_slave_0
[  464.242536][ T7922] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  464.279834][ T7922] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  464.293712][ T7922] batman_adv: batadv0: Adding interface: batadv_slave_1
[  464.300688][ T7922] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  464.331692][ T7922] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  464.358973][ T7853] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  464.860771][ T7853] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  464.893618][ T7948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  464.909534][ T7948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  464.925895][ T7922] hsr_slave_0: entered promiscuous mode
[  464.932323][ T7922] hsr_slave_1: entered promiscuous mode
[  464.940165][ T7922] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  464.947938][ T7922] Cannot create hsr debugfs directory
[  464.962607][ T7853] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  465.105376][ T7853] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  465.140007][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  465.539749][ T7948] team0: Port device team_slave_0 added
[  465.815253][ T5220] Bluetooth: hci0: command tx timeout
[  465.825890][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  465.899193][ T7948] team0: Port device team_slave_1 added
[  466.046675][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.083695][ T7948] batman_adv: batadv0: Adding interface: batadv_slave_0
[  466.093079][ T7948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  466.139323][ T7948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  466.153307][ T7948] batman_adv: batadv0: Adding interface: batadv_slave_1
[  466.160375][ T7948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  466.219645][ T7948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  466.329586][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.498179][ T7948] hsr_slave_0: entered promiscuous mode
[  466.510344][ T7948] hsr_slave_1: entered promiscuous mode
[  466.512738][ T5268] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  466.525840][ T7948] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  466.553081][ T7948] Cannot create hsr debugfs directory
[  466.698345][ T5268] usb 3-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[  466.722940][ T5268] usb 3-1: config 9 has 1 interface, different from the descriptor's value: 3
[  466.764555][ T5268] usb 3-1: config 9 has no interface number 0
[  466.793569][ T5268] usb 3-1: config 9 interface 1 altsetting 13 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  466.820960][ T7819] 8021q: adding VLAN 0 to HW filter on device bond0
[  466.826858][ T5268] usb 3-1: config 9 interface 1 has no altsetting 0
[  466.844990][ T5268] usb 3-1: New USB device found, idVendor=058b, idProduct=0028, bcdDevice=f1.bf
[  466.855380][ T5268] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  466.863516][ T5268] usb 3-1: Product: 竅ꙵ庠ಝ苼帔喈ﴘᄀ擫ࡖ硟꾲슟쫜⌓ᎭᲘ봔炡욼ᥔ퉛Ɨ쒹饩耮ﷳ틩Ꟊ項ﮠ뛛웓茮극Ὣﭚﱻ㲄曐벶ⷾ푆꣋訫蹋깼⦽㤠葙裏녛ᑓ횠㶴䘁ꖯ莈ౣ┗렍⵶㽠䇪偲铼逑싎렦韪캄迸柋ꢼ䚐ꤏ욽ၾ絭뀰㭀鈢海ꗝ겆핸㕱㕳韛Ὠ훓ᛚ봲蓖꩖藦
[  466.902668][ T5268] usb 3-1: Manufacturer: 롚伄ꎷ뜂힗鼭嚵嬵汴푁㚧↷웙㳘㪑嵏₽ᅼ곙ڵ檻騛芪ồ蓼
[  466.919737][ T5268] usb 3-1: SerialNumber: Ⰹ
[  467.020681][   T35] bridge_slave_1: left allmulticast mode
[  467.040919][   T35] bridge_slave_1: left promiscuous mode
[  467.057711][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  467.096891][   T35] bridge_slave_0: left allmulticast mode
[  467.123029][   T35] bridge_slave_0: left promiscuous mode
[  467.149152][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  467.174008][   T35] bridge_slave_1: left allmulticast mode
[  467.186852][   T35] bridge_slave_1: left promiscuous mode
[  467.233433][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  467.295770][   T35] bridge_slave_0: left allmulticast mode
[  467.302062][   T35] bridge_slave_0: left promiscuous mode
[  467.308747][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  467.327163][   T35] bridge_slave_1: left allmulticast mode
[  467.347212][   T35] bridge_slave_1: left promiscuous mode
[  467.371621][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  467.407487][   T35] bridge_slave_0: left allmulticast mode
[  467.421947][   T35] bridge_slave_0: left promiscuous mode
[  467.440200][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  468.799683][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  468.816641][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  468.830781][   T35] bond0 (unregistering): Released all slaves
[  468.952512][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  468.965710][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  468.977339][   T35] bond0 (unregistering): Released all slaves
[  469.089553][ T5268] ftdi_sio 3-1:9.1: FTDI USB Serial Device converter detected
[  469.125339][ T5268] ftdi_sio ttyUSB0: unknown device type: 0xf1bf
[  469.155488][ T5268] usb 3-1: USB disconnect, device number 6
[  469.173442][ T5268] ftdi_sio 3-1:9.1: device disconnected
[  469.230371][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  469.248772][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  469.259303][   T35] bond0 (unregistering): Released all slaves
[  469.339779][ T8052] program syz.2.367 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  469.350728][ T8052] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  470.477635][ T7819] 8021q: adding VLAN 0 to HW filter on device team0
[  471.505779][ T5532] bridge0: port 1(bridge_slave_0) entered blocking state
[  471.512941][ T5532] bridge0: port 1(bridge_slave_0) entered forwarding state
[  471.563310][ T5532] bridge0: port 2(bridge_slave_1) entered blocking state
[  471.570489][ T5532] bridge0: port 2(bridge_slave_1) entered forwarding state
[  471.736605][ T7853] 8021q: adding VLAN 0 to HW filter on device bond0
[  471.862229][ T7853] 8021q: adding VLAN 0 to HW filter on device team0
[  471.911608][ T7922] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  472.019756][ T7922] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  472.244338][ T7922] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  472.323198][ T7922] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  472.367348][ T5267] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  472.397146][   T35] hsr_slave_0: left promiscuous mode
[  472.436035][   T35] hsr_slave_1: left promiscuous mode
[  472.447976][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  472.456292][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  472.468484][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  472.476411][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  472.488386][   T35] hsr_slave_0: left promiscuous mode
[  472.498073][   T35] hsr_slave_1: left promiscuous mode
[  472.517647][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  472.528729][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  472.544453][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  472.551969][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  472.559432][ T5267] usb 3-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[  472.581343][ T5267] usb 3-1: config 9 has 1 interface, different from the descriptor's value: 3
[  472.599471][   T35] hsr_slave_0: left promiscuous mode
[  472.600191][ T5267] usb 3-1: config 9 has no interface number 0
[  472.620034][   T35] hsr_slave_1: left promiscuous mode
[  472.622591][ T5267] usb 3-1: config 9 interface 1 altsetting 13 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  472.638550][ T5267] usb 3-1: config 9 interface 1 has no altsetting 0
[  472.642597][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  472.659927][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  472.669821][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  472.670099][ T5267] usb 3-1: New USB device found, idVendor=058b, idProduct=0028, bcdDevice=f1.bf
[  472.690849][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  472.709666][ T5267] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  472.719440][ T5267] usb 3-1: Product: 竅ꙵ庠ಝ苼帔喈ﴘᄀ擫ࡖ硟꾲슟쫜⌓ᎭᲘ봔炡욼ᥔ퉛Ɨ쒹饩耮ﷳ틩Ꟊ項ﮠ뛛웓茮극Ὣﭚﱻ㲄曐벶ⷾ푆꣋訫蹋깼⦽㤠葙裏녛ᑓ횠㶴䘁ꖯ莈ౣ┗렍⵶㽠䇪偲铼逑싎렦韪캄迸柋ꢼ䚐ꤏ욽ၾ絭뀰㭀鈢海ꗝ겆핸㕱㕳韛Ὠ훓ᛚ봲蓖꩖藦
[  472.758168][ T5267] usb 3-1: Manufacturer: 롚伄ꎷ뜂힗鼭嚵嬵汴푁㚧↷웙㳘㪑嵏₽ᅼ곙ڵ檻騛芪ồ蓼
[  472.769878][ T5267] usb 3-1: SerialNumber: Ⰹ
[  472.811842][   T35] veth1_macvtap: left promiscuous mode
[  472.818031][   T35] veth0_macvtap: left promiscuous mode
[  472.825198][   T35] veth1_vlan: left promiscuous mode
[  472.830685][   T35] veth0_vlan: left promiscuous mode
[  472.839561][   T35] veth1_macvtap: left promiscuous mode
[  472.849505][   T35] veth0_macvtap: left promiscuous mode
[  472.862838][   T35] veth1_vlan: left promiscuous mode
[  472.878311][   T35] veth0_vlan: left promiscuous mode
[  472.908051][   T35] veth1_macvtap: left promiscuous mode
[  472.914244][   T35] veth0_macvtap: left promiscuous mode
[  472.919894][   T35] veth1_vlan: left promiscuous mode
[  472.926298][   T35] veth0_vlan: left promiscuous mode
[  473.982062][   T35] team0 (unregistering): Port device team_slave_1 removed
[  474.035475][   T35] team0 (unregistering): Port device team_slave_0 removed
[  474.742816][ T5267] ftdi_sio 3-1:9.1: FTDI USB Serial Device converter detected
[  474.751112][ T5267] ftdi_sio ttyUSB0: unknown device type: 0xf1bf
[  474.764618][ T5267] usb 3-1: USB disconnect, device number 7
[  474.772058][ T5267] ftdi_sio 3-1:9.1: device disconnected
[  475.075693][ T8087] kvm: pic: non byte write
[  475.541586][   T35] team0 (unregistering): Port device team_slave_1 removed
[  475.609627][   T35] team0 (unregistering): Port device team_slave_0 removed
[  476.809565][   T35] team0 (unregistering): Port device team_slave_1 removed
[  476.861857][   T35] team0 (unregistering): Port device team_slave_0 removed
[  477.484972][ T2489] bridge0: port 1(bridge_slave_0) entered blocking state
[  477.492052][ T2489] bridge0: port 1(bridge_slave_0) entered forwarding state
[  477.531357][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  477.538486][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  477.750404][ T7819] 8021q: adding VLAN 0 to HW filter on device batadv0
[  477.872160][ T7853] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  478.246890][ T7922] 8021q: adding VLAN 0 to HW filter on device bond0
[  478.271305][ T7948] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  478.297345][ T7819] veth0_vlan: entered promiscuous mode
[  478.320678][ T7948] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  478.366348][ T7922] 8021q: adding VLAN 0 to HW filter on device team0
[  478.378642][ T7819] veth1_vlan: entered promiscuous mode
[  478.403494][ T7948] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  478.462535][ T7948] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  478.486869][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  478.494020][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  478.558640][ T7819] veth0_macvtap: entered promiscuous mode
[  478.583637][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  478.590754][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  478.628766][ T7853] 8021q: adding VLAN 0 to HW filter on device batadv0
[  478.649769][ T7819] veth1_macvtap: entered promiscuous mode
[  478.740459][ T7819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  478.752978][ T7819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  478.773868][ T7819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  478.784938][ T7819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  478.804279][ T7819] batman_adv: batadv0: Interface activated: batadv_slave_0
[  478.869086][ T7819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  478.887242][ T7819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  478.901072][ T7819] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  478.916864][ T7819] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  478.943522][ T7819] batman_adv: batadv0: Interface activated: batadv_slave_1
[  479.028303][ T7819] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  479.071346][   T35] IPVS: stop unused estimator thread 0...
[  479.081916][ T7819] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  479.099001][ T7819] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  479.130993][ T7819] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  479.420335][ T7948] 8021q: adding VLAN 0 to HW filter on device bond0
[  479.776476][ T7948] 8021q: adding VLAN 0 to HW filter on device team0
[  479.811975][ T7853] veth0_vlan: entered promiscuous mode
[  479.892378][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.899532][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  479.934142][ T7853] veth1_vlan: entered promiscuous mode
[  479.948913][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  479.972579][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  480.027532][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  480.034707][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  480.369314][ T7853] veth0_macvtap: entered promiscuous mode
[  480.387099][ T7922] 8021q: adding VLAN 0 to HW filter on device batadv0
[  480.572045][ T2489] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  480.598916][ T7853] veth1_macvtap: entered promiscuous mode
[  480.614213][ T2489] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  480.676250][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  480.690926][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  480.702289][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  480.718771][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  480.729814][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  480.740637][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  480.754791][ T7853] batman_adv: batadv0: Interface activated: batadv_slave_0
[  480.823901][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  480.843790][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  480.863078][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  480.885465][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  480.900841][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  480.919487][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  480.931749][ T7853] batman_adv: batadv0: Interface activated: batadv_slave_1
[  480.981939][ T7853] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  481.001173][ T7853] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  481.010485][ T7853] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  481.035130][ T7853] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  481.670819][ T7948] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  482.000473][ T7948] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  482.200324][ T5532] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  482.209915][ T5532] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  482.261340][ T7922] veth0_vlan: entered promiscuous mode
[  482.401149][ T2489] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  482.424851][ T7922] veth1_vlan: entered promiscuous mode
[  482.433938][ T2489] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  482.855463][ T7922] veth0_macvtap: entered promiscuous mode
[  482.970119][ T7922] veth1_macvtap: entered promiscuous mode
[  483.020842][ T7948] 8021q: adding VLAN 0 to HW filter on device batadv0
[  483.072590][ T7922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  483.083254][ T7922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.093723][ T7922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  483.104255][ T7922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.114443][ T7922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  483.129021][ T7922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.139224][ T7922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  483.149887][ T7922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.162651][ T7922] batman_adv: batadv0: Interface activated: batadv_slave_0
[  483.224495][ T7922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  483.325203][ T7922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.340784][ T7922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  483.472813][ T7922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.592701][ T7922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  483.612499][ T7922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.622934][ T7922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  483.712692][ T7922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.725719][ T7922] batman_adv: batadv0: Interface activated: batadv_slave_1
[  483.845279][ T7922] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  483.912565][ T7922] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  483.921350][ T7922] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  484.404494][ T7922] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  485.145072][ T7948] veth0_vlan: entered promiscuous mode
[  486.959267][ T7948] veth1_vlan: entered promiscuous mode
[  487.637891][ T7948] veth0_macvtap: entered promiscuous mode
[  487.666440][ T7948] veth1_macvtap: entered promiscuous mode
[  487.692373][ T2489] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  487.700545][ T7948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  487.710252][ T2489] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  487.719632][ T7948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  487.729578][ T7948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  487.740997][ T7948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  487.750960][ T7948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  487.761521][ T7948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  487.771437][ T7948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  487.783915][ T7948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  487.793930][ T7948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  487.806099][ T7948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  487.817632][ T7948] batman_adv: batadv0: Interface activated: batadv_slave_0
[  487.853926][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  487.855034][ T7948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  487.861856][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  487.980903][ T7948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  487.991278][ T7948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  488.014957][ T7948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  488.182283][ T7948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  488.203377][ T7948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  488.880851][ T8217] tty tty1: ldisc open failed (-12), clearing slot 0
[  488.889138][ T7948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  488.967212][ T5224] Bluetooth: hci1: command 0x0406 tx timeout
[  488.975548][ T7948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.047694][ T7948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.065524][ T7948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.250440][ T7948] batman_adv: batadv0: Interface activated: batadv_slave_1
[  490.009262][ T7948] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  490.018109][ T7948] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  490.027020][ T7948] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  490.035938][ T7948] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  491.085463][ T2489] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  491.326905][ T2489] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  491.811303][ T1064] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  491.859599][ T1064] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  493.893796][ T5270] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  494.069109][ T5270] usb 1-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[  494.095268][ T5270] usb 1-1: config 9 has 1 interface, different from the descriptor's value: 3
[  494.109897][ T5270] usb 1-1: config 9 has no interface number 0
[  494.119896][ T5270] usb 1-1: config 9 interface 1 altsetting 13 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  494.161310][ T5270] usb 1-1: config 9 interface 1 has no altsetting 0
[  494.499916][ T5270] usb 1-1: New USB device found, idVendor=058b, idProduct=0028, bcdDevice=f1.bf
[  494.509548][ T5270] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  494.519625][ T5270] usb 1-1: Product: 竅ꙵ庠ಝ苼帔喈ﴘᄀ擫ࡖ硟꾲슟쫜⌓ᎭᲘ봔炡욼ᥔ퉛Ɨ쒹饩耮ﷳ틩Ꟊ項ﮠ뛛웓茮극Ὣﭚﱻ㲄曐벶ⷾ푆꣋訫蹋깼⦽㤠葙裏녛ᑓ횠㶴䘁ꖯ莈ౣ┗렍⵶㽠䇪偲铼逑싎렦韪캄迸柋ꢼ䚐ꤏ욽ၾ絭뀰㭀鈢海ꗝ겆핸㕱㕳韛Ὠ훓ᛚ봲蓖꩖藦
[  494.624195][ T5270] usb 1-1: Manufacturer: 롚伄ꎷ뜂힗鼭嚵嬵汴푁㚧↷웙㳘㪑嵏₽ᅼ곙ڵ檻騛芪ồ蓼
[  494.662729][ T5270] usb 1-1: SerialNumber: Ⰹ
[  495.428915][ T8271] syz.1.398: attempt to access beyond end of device
[  495.428915][ T8271] nbd1: rw=4096, sector=0, nr_sectors = 1 limit=0
[  495.442730][ T8271] XFS (nbd1): SB validate failed with error -5.
[  497.097609][ T5270] usb 1-1: can't set config #9, error -71
[  497.107239][ T5270] usb 1-1: USB disconnect, device number 5
[  498.045162][ T8296] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/nbd1": -EINTR
[  500.164239][ T8318] kvm: pic: non byte write
[  500.372835][ T5298] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  501.653885][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  501.660240][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  501.850636][ T8330] kvm: pic: non byte write
[  502.261353][ T8329] syz.3.410: attempt to access beyond end of device
[  502.261353][ T8329] nbd3: rw=4096, sector=0, nr_sectors = 2 limit=0
[  502.276335][ T8329] XFS (nbd3): SB validate failed with error -5.
[  502.333785][   T10] block nbd3: Attempted send on invalid socket
[  502.340380][   T10] I/O error, dev nbd3, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[  503.400355][ T5224] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  503.446781][ T5224] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  503.482942][ T5224] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  503.499753][ T5224] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  503.508589][ T5224] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  503.521007][ T5224] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  503.771310][ T5298] usb 5-1: device descriptor read/all, error -71
[  505.643383][ T5224] Bluetooth: hci2: command tx timeout
[  505.713007][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  506.542802][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  506.555175][ T8382] netlink: 'syz.4.420': attribute type 3 has an invalid length.
[  506.750016][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  506.972801][ T5298] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  507.383755][ T8387] input: syz0 as /devices/virtual/input/input9
[  507.452882][ T5298] usb 1-1: Using ep0 maxpacket: 8
[  507.519419][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.901533][ T5224] Bluetooth: hci2: command tx timeout
[  507.901618][ T5298] usb 1-1: config 254 has an invalid interface number: 167 but max is 0
[  507.915708][ T5298] usb 1-1: config 254 has no interface number 0
[  508.054912][ T5298] usb 1-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  508.066425][ T5298] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.093169][ T5298] usb 1-1: Product: syz
[  508.107683][ T5298] usb 1-1: Manufacturer: syz
[  508.120315][ T5298] usb 1-1: SerialNumber: syz
[  508.449186][ T8353] chnl_net:caif_netlink_parms(): no params data found
[  508.639407][ T8381] syz.0.419: attempt to access beyond end of device
[  508.639407][ T8381] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[  508.652318][ T5298] mxuport 1-1:254.167: mxuport_recv_ctrl_urb - usb_control_msg failed (-32)
[  508.672599][   T29] audit: type=1400 audit(1728374819.804:375): avc:  denied  { associate } for  pid=8380 comm="syz.0.419" name="file0" dev="tmpfs" ino=61 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:file_context_t:s0"
[  508.710594][ T5298] mxuport 1-1:254.167: probe with driver mxuport failed with error -5
[  508.719298][ T8381] exFAT-fs (nbd0): unable to read boot sector
[  508.737273][ T8381] exFAT-fs (nbd0): failed to read boot sector
[  508.804884][ T8353] bridge0: port 1(bridge_slave_0) entered blocking state
[  508.919027][ T8353] bridge0: port 1(bridge_slave_0) entered disabled state
[  509.060694][ T8381] exFAT-fs (nbd0): failed to recognize exfat type
[  509.166663][ T8353] bridge_slave_0: entered allmulticast mode
[  509.355372][ T8353] bridge_slave_0: entered promiscuous mode
[  509.471674][ T8353] bridge0: port 2(bridge_slave_1) entered blocking state
[  509.481265][ T8353] bridge0: port 2(bridge_slave_1) entered disabled state
[  509.490455][ T8353] bridge_slave_1: entered allmulticast mode
[  509.567229][ T8353] bridge_slave_1: entered promiscuous mode
[  509.697362][    T8] usb 1-1: USB disconnect, device number 6
[  509.992755][ T5224] Bluetooth: hci2: command tx timeout
[  510.542858][   T11] bridge_slave_1: left allmulticast mode
[  510.562527][   T11] bridge_slave_1: left promiscuous mode
[  510.654832][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  510.858007][   T11] bridge_slave_0: left allmulticast mode
[  510.872597][   T11] bridge_slave_0: left promiscuous mode
[  510.891255][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  512.715322][ T8441] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/nbd0": -EINTR
[  512.740344][ T5224] Bluetooth: hci2: command tx timeout
[  513.958743][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  514.036635][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  514.066493][   T11] bond0 (unregistering): Released all slaves
[  514.171027][ T8353] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  514.189332][ T8353] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  514.600693][ T8464] input: syz0 as /devices/virtual/input/input10
[  515.333658][ T8353] team0: Port device team_slave_0 added
[  515.712663][ T8353] team0: Port device team_slave_1 added
[  515.811660][   T29] audit: type=1400 audit(1728374826.974:376): avc:  denied  { create } for  pid=8482 comm="syz.4.438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  516.268383][ T8480] kvm: pic: non byte write
[  516.374911][   T30] INFO: task syz.0.127:6885 blocked for more than 143 seconds.
[  516.401350][   T30]       Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  516.442519][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  516.451982][   T30] task:syz.0.127       state:D stack:25968 pid:6885  tgid:6883  ppid:6423   flags:0x00004002
[  516.463602][   T29] audit: type=1400 audit(1728374827.634:377): avc:  denied  { recv } for  pid=8489 comm="syz.1.440" saddr=10.128.0.169 src=46730 daddr=10.128.1.177 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  516.503296][   T30] Call Trace:
[  516.506621][   T30]  <TASK>
[  516.509574][   T30]  __schedule+0xef5/0x5750
[  517.569772][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  517.578286][   T30]  ? __pfx___schedule+0x10/0x10
[  517.738685][ T5268] IPVS: starting estimator thread 0...
[  517.772747][   T30]  ? schedule+0x298/0x350
[  517.779516][   T30]  ? __pfx_lock_release+0x10/0x10
[  517.784664][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  517.790648][   T30]  ? lock_acquire+0x2f/0xb0
[  517.795416][   T30]  ? schedule+0x1fd/0x350
[  517.802479][   T30]  schedule+0xe7/0x350
[  517.809473][   T30]  schedule_preempt_disabled+0x13/0x30
[  517.816305][   T30]  __mutex_lock+0x5b8/0x9c0
[  517.820937][   T30]  ? remove_inode_hugepages+0x30a/0xeb0
[  517.826896][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  517.832038][   T30]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  517.838986][   T30]  ? do_raw_spin_unlock+0x172/0x230
[  517.882559][ T8503] IPVS: using max 17 ests per chain, 40800 per kthread
[  517.924728][   T30]  ? remove_inode_hugepages+0x30a/0xeb0
[  517.930391][   T30]  remove_inode_hugepages+0x30a/0xeb0
[  517.967721][   T30]  ? __lock_acquire+0x163e/0x3ce0
[  517.992871][   T30]  ? __pfx_remove_inode_hugepages+0x10/0x10
[  517.998836][   T30]  ? lock_acquire+0x2f/0xb0
[  518.014160][   T30]  ? __pfx_hugetlbfs_evict_inode+0x10/0x10
[  518.020329][   T30]  hugetlbfs_evict_inode+0x22/0x70
[  518.028200][   T30]  evict+0x409/0x970
[  518.032137][   T30]  ? __pfx_evict+0x10/0x10
[  518.037689][   T30]  iput+0x530/0x890
[  518.041540][   T30]  dentry_unlink_inode+0x29c/0x480
[  518.055778][   T30]  __dentry_kill+0x1d0/0x600
[  518.060422][   T30]  dput.part.0+0x4b1/0x9b0
[  518.069886][   T30]  dput+0x1f/0x30
[  518.074228][   T30]  __fput+0x513/0xb60
[  518.078257][   T30]  task_work_run+0x14e/0x250
[  518.092491][   T30]  ? __pfx_task_work_run+0x10/0x10
[  518.097657][   T30]  do_exit+0xadd/0x2d70
[  518.101847][   T30]  ? get_signal+0x8f2/0x2770
[  518.107063][   T30]  ? __pfx_do_exit+0x10/0x10
[  518.111692][   T30]  ? do_raw_spin_lock+0x12d/0x2c0
[  518.118490][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  518.124357][   T30]  do_group_exit+0xd3/0x2a0
[  518.128912][   T30]  get_signal+0x25fb/0x2770
[  518.134379][   T30]  ? __pfx_get_signal+0x10/0x10
[  518.139269][   T30]  ? task_work_add+0x1d6/0x370
[  518.144464][   T30]  arch_do_signal_or_restart+0x90/0x7e0
[  518.150045][   T30]  ? __fget_files+0x244/0x3f0
[  518.155202][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  518.161402][   T30]  ? ksys_read+0x1ad/0x260
[  518.173407][   T30]  ? __pfx_ksys_read+0x10/0x10
[  518.178230][   T30]  syscall_exit_to_user_mode+0x150/0x2a0
[  518.195817][   T30]  do_syscall_64+0xda/0x250
[  518.200369][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.212507][   T30] RIP: 0033:0x7fe9a017dff9
[  518.216956][   T30] RSP: 002b:00007fe9a0f2c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  518.234717][   T30] RAX: 0000000000018ff8 RBX: 00007fe9a0335f80 RCX: 00007fe9a017dff9
[  518.250425][   T30] RDX: 0000000000018ff8 RSI: 0000000020019680 RDI: 0000000000000003
[  518.260628][   T30] RBP: 00007fe9a01f0296 R08: 0000000000000000 R09: 0000000000000000
[  518.272738][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  518.280744][   T30] R13: 0000000000000000 R14: 00007fe9a0335f80 R15: 00007ffe4f33a5f8
[  518.290463][   T30]  </TASK>
[  518.294882][   T30] INFO: task syz.2.202:6906 blocked for more than 145 seconds.
[  518.306634][   T30]       Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0
[  518.320132][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  518.332465][   T30] task:syz.2.202       state:D stack:25824 pid:6906  tgid:6906  ppid:5918   flags:0x00000004
[  518.352778][   T30] Call Trace:
[  518.356091][   T30]  <TASK>
[  518.359044][   T30]  __schedule+0xef5/0x5750
[  518.372651][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  518.377914][   T30]  ? __pfx___schedule+0x10/0x10
[  518.392906][   T30]  ? schedule+0x298/0x350
[  518.397294][   T30]  ? __pfx_lock_release+0x10/0x10
[  518.402338][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  518.417042][   T30]  ? lock_acquire+0x2f/0xb0
[  518.421590][   T30]  ? schedule+0x1fd/0x350
[  518.430045][   T30]  schedule+0xe7/0x350
[  518.434611][   T30]  io_schedule+0xbf/0x130
[  518.439070][   T30]  folio_wait_bit_common+0x3d8/0x9b0
[  518.444936][   T30]  ? folio_wait_bit_common+0x13c/0x9b0
[  518.450454][   T30]  ? __pfx_folio_wait_bit_common+0x10/0x10
[  518.457547][   T30]  ? __pfx_wake_page_function+0x10/0x10
[  518.464155][   T30]  ? __pfx___might_resched+0x10/0x10
[  518.469485][   T30]  ? _raw_spin_unlock+0x28/0x50
[  518.474767][   T30]  ? __vma_reservation_common+0x270/0x740
[  518.480528][   T30]  __filemap_get_folio+0x6a4/0xaf0
[  518.486114][   T30]  ? huge_pte_alloc+0x22e/0x3a0
[  518.491010][   T30]  hugetlb_fault+0x16ff/0x2fa0
[  518.497250][   T30]  ? __pfx_hugetlb_fault+0x10/0x10
[  518.502380][   T30]  handle_mm_fault+0x930/0xaa0
[  518.507255][   T30]  do_user_addr_fault+0x60d/0x13f0
[  518.512390][   T30]  exc_page_fault+0x5c/0xc0
[  518.516954][   T30]  asm_exc_page_fault+0x26/0x30
[  518.521804][   T30] RIP: 0033:0x7fecfdc51629
[  518.530449][   T30] RSP: 002b:00007fff2683ecb0 EFLAGS: 00010246
[  518.536588][   T30] RAX: 0000000000000000 RBX: 0000000000000002 RCX: ffffffffff7fffff
[  518.544732][   T30] RDX: 87f12ffe3dec6d72 RSI: 0000000020800000 RDI: 000055557a60a3c8
[  518.554931][   T30] RBP: 00007fecfdf37a80 R08: 00007fecfdc00000 R09: 0000000000000008
[  518.563148][   T30] R10: 0000000000000000 R11: 0000000000000003 R12: 00000000000564fb
[  518.571132][   T30] R13: 00007fff2683edb0 R14: 0000000000000032 R15: fffffffffffffffe
[  518.579563][   T30]  </TASK>
[  518.582921][   T30] INFO: task syz.2.202:6907 blocked for more than 146 seconds.
[  518.590498][   T30]       Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0
[  518.646852][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  518.660385][   T30] task:syz.2.202       state:D stack:27752 pid:6907  tgid:6906  ppid:5918   flags:0x00004004
[  518.679249][   T30] Call Trace:
[  518.685070][   T30]  <TASK>
[  518.688037][   T30]  __schedule+0xef5/0x5750
[  518.703146][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  518.708404][   T30]  ? __pfx___schedule+0x10/0x10
[  518.713800][   T30]  ? schedule+0x298/0x350
[  518.718169][   T30]  ? __pfx_lock_release+0x10/0x10
[  518.723700][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  518.728961][   T30]  ? lock_acquire+0x2f/0xb0
[  518.733776][   T30]  ? schedule+0x1fd/0x350
[  518.738146][   T30]  schedule+0xe7/0x350
[  518.742226][   T30]  schedule_preempt_disabled+0x13/0x30
[  518.747823][   T30]  __mutex_lock+0x5b8/0x9c0
[  518.752363][   T30]  ? hugetlb_wp+0x1b4a/0x3320
[  518.757109][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  518.762183][   T30]  ? hugetlb_wp+0x1b4a/0x3320
[  518.767015][   T30]  hugetlb_wp+0x1b4a/0x3320
[  518.771569][   T30]  ? __pfx_hugetlb_wp+0x10/0x10
[  518.776588][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  518.781992][   T30]  ? lock_acquire+0x2f/0xb0
[  518.786926][   T30]  ? hugetlb_fault+0x1141/0x2fa0
[  518.791898][   T30]  hugetlb_fault+0x2248/0x2fa0
[  518.797109][   T30]  ? __pfx_hugetlb_fault+0x10/0x10
[  518.803826][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  518.809059][   T30]  handle_mm_fault+0x930/0xaa0
[  518.814240][   T30]  do_user_addr_fault+0x7a3/0x13f0
[  518.819382][   T30]  exc_page_fault+0x5c/0xc0
[  518.824330][   T30]  asm_exc_page_fault+0x26/0x30
[  518.829222][   T30] RIP: 0010:rep_movs_alternative+0x33/0x70
[  518.835827][   T30] Code: 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb
[  518.855752][   T30] RSP: 0018:ffffc900043e7c48 EFLAGS: 00050246
[  518.861834][   T30] RAX: 0000000000000000 RBX: 0000000000000008 RCX: 0000000000000008
[  518.869933][   T30] RDX: fffff5200087cf98 RSI: ffffc900043e7cb8 RDI: 000000002001af80
[  518.878023][   T30] RBP: 000000002001af80 R08: 0000000000000000 R09: fffff5200087cf97
[  518.886314][   T30] R10: ffffc900043e7cbf R11: 0000000000000000 R12: ffffc900043e7cb8
[  518.895012][   T30] R13: 000000002001af88 R14: 0000000000000000 R15: 0000000020019680
[  518.909284][   T30]  _copy_to_user+0xac/0xc0
[  518.913845][   T30]  msr_read+0x14f/0x250
[  518.918026][   T30]  ? __pfx_msr_read+0x10/0x10
[  518.922760][   T30]  ? bpf_lsm_file_permission+0x9/0x10
[  518.928156][   T30]  ? security_file_permission+0x71/0x210
[  518.934158][   T30]  ? __pfx_msr_read+0x10/0x10
[  518.938874][   T30]  vfs_read+0x1ce/0xbd0
[  518.943787][   T30]  ? __fget_files+0x23a/0x3f0
[  518.948502][   T30]  ? __pfx_lock_release+0x10/0x10
[  518.953688][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  518.958911][   T30]  ? __pfx_vfs_read+0x10/0x10
[  518.963673][   T30]  ? lock_acquire+0x2f/0xb0
[  518.968209][   T30]  ? __fget_files+0x40/0x3f0
[  518.972938][   T30]  ? __fget_files+0x244/0x3f0
[  518.977646][   T30]  ksys_read+0x12f/0x260
[  518.981888][   T30]  ? __pfx_ksys_read+0x10/0x10
[  518.986736][   T30]  do_syscall_64+0xcd/0x250
[  518.991262][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.997271][   T30] RIP: 0033:0x7fecfdd7dff9
[  519.001729][   T30] RSP: 002b:00007fecfec19038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  519.012177][   T30] RAX: ffffffffffffffda RBX: 00007fecfdf35f80 RCX: 00007fecfdd7dff9
[  519.020437][   T30] RDX: 0000000000018ff8 RSI: 0000000020019680 RDI: 0000000000000004
[  519.028452][   T30] RBP: 00007fecfddf0296 R08: 0000000000000000 R09: 0000000000000000
[  519.036574][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  519.044608][   T30] R13: 0000000000000000 R14: 00007fecfdf35f80 R15: 00007fff2683eb48
[  519.053453][   T30]  </TASK>
[  519.078622][   T30] 
[  519.078622][   T30] Showing all locks held in the system:
[  519.089742][ T8353] batman_adv: batadv0: Adding interface: batadv_slave_0
[  519.097370][   T30] 4 locks held by kworker/u8:0/11:
[  519.102597][ T8353] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  519.130251][   T30]  #0: ffff88801beeb148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0
[  519.169659][   T30]  #1: ffffc90000107d80 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  519.179999][   T30]  #2: ffffffff8fecb810 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xbb/0xb40
[  519.205540][ T8353] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  519.217853][   T30]  #3: ffffffff8e1c3b00 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x48/0x700
[  519.258145][   T30] 1 lock held by khungtaskd/30:
[  519.277040][   T30]  #0: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x7f/0x390
[  519.310979][   T30] 2 locks held by dhcpcd/4889:
[  519.316958][   T30]  #0: ffff88805deee6c8 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0x154/0x970
[  519.332631][   T30]  #1: ffffffff8fee11a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x18f/0x1f0
[  519.348388][   T30] 2 locks held by getty/4981:
[  519.353207][   T30]  #0: ffff888033a3a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  519.363078][   T30]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfba/0x1480
[  519.373363][   T30] 1 lock held by syz.0.127/6885:
[  519.378306][   T30]  #0: ffff888020e9e698 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: remove_inode_hugepages+0x30a/0xeb0
[  519.391043][   T30] 3 locks held by syz.2.202/6906:
[  519.396171][   T30]  #0: ffff88802dfd88e0 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x13e/0x980
[  519.406582][   T30]  #1: ffff888020e9e698 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: hugetlb_fault+0x307/0x2fa0
[  519.418950][   T30]  #2: ffff8880323c38e8 (&resv_map->rw_sema){++++}-{3:3}, at: hugetlb_vma_lock_read+0x105/0x140
[  519.429583][   T30] 2 locks held by syz.2.202/6907:
[  519.434727][   T30]  #0: ffff888030d83a98 (&mm->mmap_lock){++++}-{3:3}, at: lock_mm_and_find_vma+0x3a9/0x6a0
[  519.444833][   T30]  #1: ffff888020e9e698 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: hugetlb_wp+0x1b4a/0x3320
[  519.455637][   T30] 1 lock held by syz-executor/7948:
[  519.460842][   T30]  #0: ffffffff8fee11a8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x38/0x230
[  519.469893][   T30] 1 lock held by syz.0.437/8474:
[  519.474964][   T30]  #0: ffffffff8e1c3c38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock+0x1a4/0x3b0
[  519.485085][   T30] 3 locks held by syz.4.441/8500:
[  519.490115][   T30]  #0: ffff88805ccdcd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x26/0x90
[  519.500017][   T30]  #1: ffff88805ccdc078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x346/0x1110
[  519.510582][   T30]  #2: ffffffff90149928 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xc4/0x260
[  519.522288][   T30] 
[  519.524779][   T30] =============================================
[  519.524779][   T30] 
[  519.580236][   T30] NMI backtrace for cpu 0
[  519.584620][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0
[  519.595236][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  519.605311][   T30] Call Trace:
[  519.608607][   T30]  <TASK>
[  519.611554][   T30]  dump_stack_lvl+0x116/0x1f0
[  519.616273][   T30]  nmi_cpu_backtrace+0x27b/0x390
[  519.621236][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  519.627252][   T30]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  519.633265][   T30]  watchdog+0xf0c/0x1240
[  519.637539][   T30]  ? __pfx_watchdog+0x10/0x10
[  519.642235][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  519.647462][   T30]  ? __kthread_parkme+0x148/0x220
[  519.652514][   T30]  ? __pfx_watchdog+0x10/0x10
[  519.657209][   T30]  kthread+0x2c1/0x3a0
[  519.661301][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  519.666519][   T30]  ? __pfx_kthread+0x10/0x10
[  519.671115][   T30]  ret_from_fork+0x45/0x80
[  519.675529][   T30]  ? __pfx_kthread+0x10/0x10
[  519.680123][   T30]  ret_from_fork_asm+0x1a/0x30
[  519.684904][   T30]  </TASK>
[  519.687988][    C0] vkms_vblank_simulate: vblank timer overrun
[  519.694691][   T30] Sending NMI from CPU 0 to CPUs 1:
[  519.700243][    C1] NMI backtrace for cpu 1
[  519.700256][    C1] CPU: 1 UID: 0 PID: 8474 Comm: syz.0.437 Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0
[  519.700282][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  519.700294][    C1] RIP: 0010:debug_check_no_obj_freed+0x22c/0x600
[  519.700324][    C1] Code: 00 ad de 48 c1 ea 03 4d 89 fc 80 3c 1a 00 0f 85 dc 00 00 00 48 8d 78 18 41 83 c6 01 4c 8b 38 48 89 fa 48 c1 ea 03 80 3c 1a 00 <0f> 85 fa 02 00 00 48 8b 50 18 4c 39 e2 0f 82 ca 00 00 00 48 8b 74
[  519.700344][    C1] RSP: 0018:ffffc900043078a0 EFLAGS: 00000046
[  519.700362][    C1] RAX: ffff888021bd5b60 RBX: dffffc0000000000 RCX: ffffffff816b1d7d
[  519.700377][    C1] RDX: 1ffff1100437ab6f RSI: ffff888012154000 RDI: ffff888021bd5b78
[  519.700392][    C1] RBP: ffffc900043079d8 R08: 0000000000000001 R09: fffff52000860f02
[  519.700407][    C1] R10: 0000000000000003 R11: 0000000000000000 R12: ffff888012153000
[  519.700421][    C1] R13: dead000000000122 R14: 000000000000000b R15: 0000000000000000
[  519.700435][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  519.700457][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  519.700473][    C1] CR2: 00007f18af78e440 CR3: 000000000df7c000 CR4: 00000000003526f0
[  519.700487][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  519.700500][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  519.700513][    C1] Call Trace:
[  519.700519][    C1]  <NMI>
[  519.700527][    C1]  ? nmi_cpu_backtrace+0x1d8/0x390
[  519.700551][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  519.700580][    C1]  ? nmi_handle+0x1a9/0x5c0
[  519.700602][    C1]  ? debug_check_no_obj_freed+0x22c/0x600
[  519.700627][    C1]  ? default_do_nmi+0x6a/0x160
[  519.700657][    C1]  ? exc_nmi+0x170/0x1e0
[  519.700685][    C1]  ? end_repeat_nmi+0xf/0x53
[  519.700712][    C1]  ? do_raw_spin_lock+0x12d/0x2c0
[  519.700737][    C1]  ? debug_check_no_obj_freed+0x22c/0x600
[  519.700762][    C1]  ? debug_check_no_obj_freed+0x22c/0x600
[  519.700787][    C1]  ? debug_check_no_obj_freed+0x22c/0x600
[  519.700812][    C1]  </NMI>
[  519.700819][    C1]  <TASK>
[  519.700831][    C1]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  519.700864][    C1]  ? page_ext_put+0x48/0xd0
[  519.700887][    C1]  free_unref_page+0x21a/0xdc0
[  519.700914][    C1]  vfree+0x17a/0x890
[  519.700935][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  519.700960][    C1]  ? __pfx_kcov_close+0x10/0x10
[  519.700988][    C1]  kcov_put+0x2a/0x40
[  519.701013][    C1]  kcov_close+0xd/0x20
[  519.701039][    C1]  __fput+0x3f6/0xb60
[  519.701063][    C1]  ? cleanup_mnt+0x266/0x450
[  519.701089][    C1]  task_work_run+0x14e/0x250
[  519.701109][    C1]  ? __pfx_task_work_run+0x10/0x10
[  519.701133][    C1]  do_exit+0xadd/0x2d70
[  519.701161][    C1]  ? get_signal+0x8f2/0x2770
[  519.701184][    C1]  ? __pfx_do_exit+0x10/0x10
[  519.701210][    C1]  ? do_raw_spin_lock+0x12d/0x2c0
[  519.701234][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  519.701259][    C1]  do_group_exit+0xd3/0x2a0
[  519.701287][    C1]  get_signal+0x25fb/0x2770
[  519.701314][    C1]  ? __pfx_get_signal+0x10/0x10
[  519.701342][    C1]  arch_do_signal_or_restart+0x90/0x7e0
[  519.701369][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  519.701405][    C1]  syscall_exit_to_user_mode+0x150/0x2a0
[  519.701431][    C1]  do_syscall_64+0xda/0x250
[  519.701456][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  519.701479][    C1] RIP: 0033:0x7efe69d7dff9
[  519.701495][    C1] Code: Unable to access opcode bytes at 0x7efe69d7dfcf.
[  519.701504][    C1] RSP: 002b:00007ffff1c26de8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  519.701523][    C1] RAX: 0000000000000000 RBX: 00007efe69f37a80 RCX: 00007efe69d7dff9
[  519.701538][    C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  519.701551][    C1] RBP: 00007efe69f37a80 R08: 0000000000000006 R09: 00007ffff1c270df
[  519.701565][    C1] R10: 00000000005cd320 R11: 0000000000000246 R12: 000000000007e0f3
[  519.701579][    C1] R13: 00007ffff1c26ef0 R14: 0000000000000032 R15: ffffffffffffffff
[  519.701601][    C1]  </TASK>
[  520.090015][    C0] vkms_vblank_simulate: vblank timer overrun
[  520.148118][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  520.155005][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0
[  520.165526][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  520.175616][   T30] Call Trace:
[  520.178907][   T30]  <TASK>
[  520.181850][   T30]  dump_stack_lvl+0x3d/0x1f0
[  520.186475][   T30]  panic+0x71d/0x800
[  520.190398][   T30]  ? __pfx_panic+0x10/0x10
[  520.194844][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  520.200241][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  520.206247][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  520.211630][   T30]  ? watchdog+0xd76/0x1240
[  520.216044][   T30]  ? watchdog+0xd69/0x1240
[  520.220462][   T30]  watchdog+0xd87/0x1240
[  520.224706][   T30]  ? __pfx_watchdog+0x10/0x10
[  520.229377][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  520.234593][   T30]  ? __kthread_parkme+0x148/0x220
[  520.239638][   T30]  ? __pfx_watchdog+0x10/0x10
[  520.244319][   T30]  kthread+0x2c1/0x3a0
[  520.248393][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  520.253613][   T30]  ? __pfx_kthread+0x10/0x10
[  520.258212][   T30]  ret_from_fork+0x45/0x80
[  520.262633][   T30]  ? __pfx_kthread+0x10/0x10
[  520.267232][   T30]  ret_from_fork_asm+0x1a/0x30
[  520.272020][   T30]  </TASK>
[  520.275262][   T30] Kernel Offset: disabled
[  520.279600][   T30] Rebooting in 86400 seconds..