last executing test programs:

2m4.089708152s ago: executing program 1 (id=450):
r0 = syz_open_dev$dmmidi(&(0x7f0000000300), 0x2, 0x40041)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = epoll_create(0x5)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r3, &(0x7f0000000a00))
write(r2, &(0x7f0000001100)="94", 0x1)
tee(r1, r4, 0x81, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x4)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000000c0)={'vcan0\x00', &(0x7f0000000000)=@ethtool_link_settings={0x4d, 0xd42, 0xd8, 0x2, 0x3, 0x1, 0x3, 0xd1, 0x6, 0x8, [0x1000, 0x5, 0x7, 0xa7a, 0x100, 0x8, 0x2129, 0x8], [0xfffeffff]}})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x2})
ioctl$TUNSETLINK(r7, 0x400454cd, 0x339)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})
close(r7)
r9 = dup2(r0, r0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r10 = io_uring_setup(0x1694, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r10, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r9, 0xc0305710, &(0x7f0000000080)={0x0, 0x7ffffffffffffe, 0x3})

2m1.074459088s ago: executing program 1 (id=456):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_DIRTYFB(r1, 0xc01864b1, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
socket$igmp(0x2, 0x3, 0x2)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
fstat(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setreuid(0xee00, r3)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="64000000020605000a0000000000000000000000100003006269746d61703a706f72740005000400000000000900020073797a3000000000050005000000000005000100060000001c00078008000840000000200600044000000000060005"], 0x64}}, 0x0)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c)
listen(r4, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
close_range(r5, r2, 0x0)
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000200)='./bus/file0\x00', 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mkdir(&(0x7f0000000240)='./file0/file0\x00', 0x0)

1m58.583246458s ago: executing program 1 (id=461):
r0 = getpid()
process_vm_readv(r0, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000140)="ad76b6c5", 0x4)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000000540)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="e4e32dd2b696733552eca3e954943a18709f72fbd259a936c67ebe806ab21823f4a0c47bff45323c2b30982dfc67b46cc9a5a07c33fc", 0x36}, {&(0x7f0000000100)="3a10bd003aba0c7026336b", 0xb}], 0x2, &(0x7f0000000440)=ANY=[@ANYBLOB="300000000000000017e2ffff01000000180000000100000002f4596a8034a9ab3e395939422ffab456dd833a00000000180000000000000017c70f000400000006020000000000001800000000000000"], 0x60}], 0x1, 0x8001)
recvmsg(r2, &(0x7f0000001e80)={0x0, 0x4010, &(0x7f0000001e00)=[{&(0x7f0000001c80)=""/103, 0xff78}], 0x1, 0x0, 0x3000000}, 0x0)

1m56.867868342s ago: executing program 1 (id=465):
r0 = syz_open_dev$video4linux(0x0, 0x7, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r0, 0xc0905664, &(0x7f0000000000))
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x7, 0x4, 0x18, 0xae5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48)
r1 = io_uring_setup(0x65d8, &(0x7f0000000000)={0x0, 0x0, 0x2604, 0xfffffffc, 0x80})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x13, 0x0, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
pipe(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000009f40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newtaction={0x60, 0x30, 0x400, 0xfffffffc, 0x0, {}, [{0x4c, 0x1, [@m_skbedit={0x48, 0x1, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc, 0x9, {0xffffffe4}}, {0xc}}}]}]}, 0x60}}, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000380)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$binfmt_misc(r3, &(0x7f0000000140)=ANY=[], 0x4240a2ca)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x84ffe0, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x2)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TIOCVHANGUP(r7, 0x5437, 0x0)
r8 = syz_open_dev$video4linux(&(0x7f0000001140), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r8, 0xc0085666, &(0x7f0000000040))
r9 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)

1m55.429772912s ago: executing program 1 (id=468):
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000001c0)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x9)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
chdir(0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(r4, &(0x7f0000000080), 0x12)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x19, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SET(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)={0x44, r7, 0x1, 0x0, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x6}}]}, 0x44}}, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(r5, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0x5c, r7, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x1}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000800}, 0x8000)
write(r5, &(0x7f0000000040)="240000001e005f031400ff01000000f80700b3586ff606c2e553797c080008e467dc0000", 0x24)

1m51.898552307s ago: executing program 3 (id=471):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r5}, 0x10)
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ppoll(&(0x7f0000000200)=[{r3, 0x1}], 0x1, 0x0, 0x0, 0x3)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000080)="48000000150081fb7059ae08060c04000aff0f11000048040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703", 0x44}, {&(0x7f0000000840)='C11O', 0x4}], 0x2}, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
read(0xffffffffffffffff, &(0x7f0000000000)=""/9, 0x67)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup/syz0\x00', 0x200002, 0x0)
r8 = openat$cgroup_subtree(r7, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000380)=ANY=[@ANYRES32=r7, @ANYBLOB="09342a43dcb80727cf8d813e94993a756da727b9b2f24be30eec8f092eb4f88fab427ab4f92ff617bfaf15f56ef251a0527419de39ca5d3575fe3f98bfab3705f599f89eea40ede5c8bcdead619f5c5b7e39c6b075491fd1d423e562ceef2a33d9f13ac7e8e26dd8b43d0269d7fed56ef037e206e99403e8fc750b8db544d5ad53055ddad82654eb7576677a2abc0b36e12717903673f58c9b71ec8fb67efaf3dfaa687233aa610f0da30b336bb05c64ec29fa5e6e4b7d941c8e982fa00878ed4146ea149b011506cc8a10affb979d43144725de08bf201b3cf09d8aae69fd82b50b886a3990a08db4c58c64", @ANYRES16=r8, @ANYRES32], 0x6)

1m45.942654655s ago: executing program 1 (id=481):
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
dup(r2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

1m44.522490896s ago: executing program 3 (id=485):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
socket$nl_netfilter(0x10, 0x3, 0xc)
io_setup(0xff, &(0x7f0000000000))
openat$capi20(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
socket$packet(0x11, 0x3, 0x300)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r2, 0x2285, 0x0)
writev(r2, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484e24000a000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9d85e447511703d", 0x31}], 0x2)
bind$alg(0xffffffffffffffff, &(0x7f0000000580)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-generic\x00'}, 0x58)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, &(0x7f00000001c0)={0x0, [[0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x100001], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000]], '\x00', [{}, {}, {}, {}, {0x0, 0x6}, {}, {0x0, 0x10000}]})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(0xffffffffffffffff, 0xc0505510, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)={{0x14}, [@NFT_MSG_NEWRULE={0x78, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x10, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}, {0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa0}}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x80001, 0x0)

1m36.442151376s ago: executing program 3 (id=491):
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000001c0)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x9)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
chdir(0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(r4, &(0x7f0000000080), 0x12)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x19, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SET(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)={0x44, r7, 0x1, 0x0, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x6}}]}, 0x44}}, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(r5, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0x5c, r7, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x1}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000800}, 0x8000)
write(r5, &(0x7f0000000040)="240000001e005f031400ff01000000f80700b3586ff606c2e553797c080008e467dc0000", 0x24)

1m29.214653603s ago: executing program 3 (id=502):
r0 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0xfffffffffffffffb)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00'})
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
creat(&(0x7f0000000100)='./file0/file0\x00', 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r5}, 0x10)
r6 = socket$kcm(0x23, 0x5, 0x0)
sendmsg$kcm(r6, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
close(r6)
syz_io_uring_setup(0x1e45, &(0x7f0000000780), 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x10003, &(0x7f0000000040)={<r7=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @mcast2}, r7}}, 0x48)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000140))

1m26.775013731s ago: executing program 3 (id=505):
openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = getpid()
r4 = getpid()
rt_tgsigqueueinfo(r3, r4, 0x0, &(0x7f0000000340)={0x0, 0x0, 0xfffffffa})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d00)=@delchain={0x24, 0x65, 0x0, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff2}, {0xb}}}, 0x24}}, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendto(r6, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r6, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x1a2}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x600}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

1m25.471960088s ago: executing program 3 (id=507):
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=@framed={{}, [@jmp={0x6, 0x0, 0x3}]}, &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_AIE_OFF(r4, 0x7002)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000001c0)=<r6=>0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r7)
sendmsg$NFC_CMD_DEV_UP(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r6], 0x1c}}, 0x0)
r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4d8, 0xdd, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r9, 0x0, 0x0)
syz_usb_control_io$hid(r9, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="002205000000277b8c5c5c"], 0x0}, 0x0)
write$nci(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="85050102"], 0x4)

14.431616391s ago: executing program 0 (id=587):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'gre0\x00', &(0x7f0000000380)={'sit0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x20, 0x4, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @rand_addr, {[@timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x0, [{@multicast2}, {@empty}, {@broadcast}, {@empty}, {@multicast2}, {@private}]}, @rr={0x7, 0x1b, 0x0, [@remote, @empty, @empty, @multicast1, @remote, @dev]}]}}}}})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x0, 0x0, @private0}]}, 0x0)
r3 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[@ANYBLOB='2'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x2004, @fd, 0x0, 0xfffffffffffffffc, 0x0, 0x4, 0x0, {0x1}})
io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r7 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r8 = dup(r7)
ioctl$KVM_SET_CPUID2(r8, 0x4008ae90, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000000000001000080"])
ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYRESOCT=r8, @ANYRES16=r1])

11.64182591s ago: executing program 2 (id=591):
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000001c0)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x9)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
chdir(0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(r2, &(0x7f0000000080), 0x12)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x19, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SET(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)={0x44, r5, 0x1, 0x0, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x6}}]}, 0x44}}, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0x5c, r5, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x1}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000800}, 0x8000)
write(r3, &(0x7f0000000040)="240000001e005f031400ff01000000f80700b3586ff606c2e553797c080008e467dc0000", 0x24)

11.639990888s ago: executing program 0 (id=592):
socket$unix(0x1, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000a80)='uid_map\x00')
socket$alg(0x26, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000495"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
semget(0xffffffffffffffff, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x0, 0x0)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r3, &(0x7f0000000400)={'#! ', './file0', [], 0xa, "1f411d2552ad52cb07410969e814977e4f2c4a80522094786c8673fb61cf8b86bda4de504f5a3c7c04055f1f70e4064d46b2bb9e5100d446bb6a"}, 0x2)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000040)=ANY=[@ANYBLOB='\t'], 0x28)
close(r3)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f00000001c0)='.log\x00', 0xc41, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000013140), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x40001, 0x0, 0x2, 0x0)
process_vm_readv(0x0, &(0x7f0000000140)=[{&(0x7f0000000180)=""/55, 0x37}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000000340)=[{&(0x7f00000002c0)=""/55, 0x37}], 0x1, 0x0)

11.204225141s ago: executing program 4 (id=593):
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

10.206584561s ago: executing program 0 (id=594):
r0 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\x1b\x00m\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000022000000000000000000000f01"], 0x0, 0x26}, 0x20)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$cgroup_ro(r1, &(0x7f0000000380)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r3, 0x0)
r4 = dup(r2)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r5, 0xae9a)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70)
r8 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000280), 0x200001, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000002c0)=<r9=>0x0)
write$cgroup_pid(r8, &(0x7f0000000340)=r9, 0x12)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r6, r7, 0x2, 0x2}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@cgroup=r6, r7, 0x2, 0x0, 0x4000, @prog_id}, 0x20)
ftruncate(r0, 0xffff)
fcntl$addseals(r0, 0x409, 0x7)
r10 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000000040d62017cb00000000000109022400010000000009040000020300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r10, 0x0, 0x0)
syz_usb_control_io$hid(r10, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x7, {[@local=@item_4={0x3, 0x2, 0xa, "86f70837"}, @local=@item_012={0x1, 0x2, 0x0, 'U'}]}}, 0x0}, 0x0)
r11 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
ioctl$UDMABUF_CREATE(r11, 0x40187542, &(0x7f0000000300)={r0, 0x0, 0x0, 0x4000})

9.958307188s ago: executing program 2 (id=595):
r0 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0xfffffffffffffffb)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x24, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_VFINFO_LIST={0x4}]}, 0x24}}, 0x0)
creat(&(0x7f0000000100)='./file0/file0\x00', 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r6}, 0x10)
r7 = socket$kcm(0x23, 0x5, 0x0)
sendmsg$kcm(r7, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
close(r7)
syz_io_uring_setup(0x1e45, &(0x7f0000000780), 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x10003, &(0x7f0000000040)={<r8=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @mcast2}, r8}}, 0x48)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000140))

8.897900145s ago: executing program 2 (id=596):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000002c0)={'wg2\x00', <r3=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000f40)={0x4d8, r2, 0x5, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_PEERS={0x490, 0x8, 0x0, 0x1, [{0xf4, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_ALLOWEDIPS={0xcc, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x12}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x2e}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}]}]}]}, {0x40, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x3}]}, {0x7c, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x1}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e21, 0xd1, @remote, 0x513}}]}, {0x2dc, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x258, 0x9, 0x0, 0x1, [{0x88, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}]}, {0x58, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @broadcast}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}]}, {0xdc, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}]}, {0x7c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x12}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2d}}, {0x5, 0x3, 0x3}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_ALLOWEDIPS={0x54, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast2}}, {0x5, 0x3, 0x3}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5, 0x3, 0x1}}]}]}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r3}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a}]}, 0x4d8}, 0x1, 0x0, 0x0, 0x4000}, 0x80)

8.498151208s ago: executing program 2 (id=597):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='fsi_master_acf_send_request\x00', r0}, 0x10)
setxattr$incfs_size(&(0x7f0000000000)='./cgroup.cpu/cpuset.cpus\x00', &(0x7f0000000100), 0x0, 0x0, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000100)='dctcp\x00', 0x6)
r5 = getpid()
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r6}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000001500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="d74d4156a221296a665e18aa4c7a0acfd92aa9fb57dbd7cb2c9a9d1cd00b40d432e82bebeb0c176990de4eceb7f41b16a0543f95240979fdcd68b7db60965ca8232034538be7d93df76fead7bddf574c70e3a9724a6614c371b405d4a8126f90990422f978e5e7eb2eb9448d419377df69a9d9635429f06fabcb6655d5dda77848c25b97f87151d9c21709000257580be9edd4f3041fcf2473042c8f55c0aa71ef035f5b89b0d2e4b322ec9787a321450d1c164e8cfaacca90a9773e6b877e38e4237eb5da067a85c2c25a89aeeea93c278cab807f725d6b2077c101c709797a9fa0a0d082", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)

8.266958323s ago: executing program 4 (id=598):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x14, 0x0, 0x8, 0x301, 0x0, 0x0, {0x0, 0x0, 0x4}}, 0x14}}, 0x0)
recvmmsg(r3, &(0x7f0000000040), 0x400000000000284, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x40, 0x4)
sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r5}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="0443f5513c57"], 0x6)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0xfffc, @dev}], 0x10)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0xfffc, @empty}], 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)

6.956524852s ago: executing program 2 (id=599):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)={{0x14}, [@NFT_MSG_DELTABLE={0x1b4, 0x2, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_USERDATA={0x75, 0x6, "7315b3b1a27f969bf0232d06782e7720d6b2c38d3daabd99d7cc6ec2ad5865eb05d7f32a54a1a3b71e3249dbb635847372c482580354e58b82e019813144bca6ef32f5768d281e06254f87fec701fd4684222424d27c51071b572aa1e8268937197f1c4557bc754f2d3edc77d080010daa"}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x5}, @NFTA_TABLE_USERDATA={0x104, 0x6, "4e205292b94318436fc7eca566bddcdede2b4a9cda5a67c881857dde2702da7dd6e3b0e2a1fc71e5cc9a8f614033c078cc680498ef2636e9e8fd0ada248a92b4bd3ff43114c30d14f694a19988c821694a46aaf0a77d88331f7ecba188599728f8d4ac75f1e683a1ee3063b8d99b43eae987a44e30788eb0ab4d0fd645c4c93f5d25c9b7f7a33af3fcd9356792e605b0e02bd8ea7fbc20be2ca9a80f00055b361d68f5b7ba5c675b476125706b38ff447a5f9cb1db091aa379da173f72c4030e2aa693bbfa80142e0545e4ccf60e167688803a946b11aa66bf0bad02a4f5861badbe340d4a4a9b279282101083e1905bb20de51ea993cb0f21f5e4fc41cbb789"}, @NFTA_TABLE_FLAGS={0x8}]}, @NFT_MSG_NEWSETELEM={0x24, 0xc, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x4}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x200}}, 0x0)
io_setup(0xff, &(0x7f0000000000))
openat$capi20(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
socket$packet(0x11, 0x3, 0x300)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r2, 0x2285, 0x0)
writev(r2, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484e24000a000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9d85e447511703d", 0x31}], 0x2)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, &(0x7f00000001c0)={0x0, [[0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x100001], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000]], '\x00', [{}, {}, {}, {}, {0x0, 0x6}, {}, {0x0, 0x10000}]})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(0xffffffffffffffff, 0xc0505510, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)={{0x14}, [@NFT_MSG_NEWRULE={0x78, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x10, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}, {0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa0}}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x80001, 0x0)

6.454259853s ago: executing program 0 (id=600):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x9)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102370, 0x18fe2}], 0x1, 0x0, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0xfff00002}, {0x16}]}, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000006600000008000300", @ANYRES32=r6, @ANYBLOB="08ee25008f090024ae52e200241f38cdead2ddf14ff300020000dbc2ae000000"], 0x2c}}, 0x0)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x40000)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000180))
setsockopt$inet_int(r0, 0x0, 0x15, &(0x7f0000000140)=0x100, 0x4)
mlock2(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x1)
accept4$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x0)
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
mlock(&(0x7f0000ffa000/0x3000)=nil, 0x3000)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/image_size', 0x20202, 0x0)
sendmsg$NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, &(0x7f0000000c40)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000025bd7000fbdbdf25280000000e009900001000002e0000000a003400010101c7440101010000"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000700)={&(0x7f0000000680)=ANY=[@ANYBLOB='l\x00', @ANYBLOB="000202000000fedbdf250200000058000180060004004e2400000c000700060000002600000008000900340000000800080000000000060004004e2200000600f0ff0c000000180007000600000000005f1214000300fe8000003738920c9c97775f"], 0x6c}, 0x1, 0x0, 0x0, 0x1}, 0x20008090)

6.170346077s ago: executing program 4 (id=601):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000c00)=0x17, 0x6, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
getresuid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000140))

5.893479989s ago: executing program 4 (id=602):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
close(r0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
close(0xffffffffffffffff)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
syz_genetlink_get_family_id$smc(0x0, r1)
sendmmsg$inet(r1, &(0x7f0000000a80)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000027c0)="45f9e8e5af9f7e488a1619ea0cd4902570249f1e29b175dfa0d3ae9be1933b972b8376966d432045a33e064403006bdb8ef95b90e76baae34f74778049ff8fa4a59adf7623aaddb922b32dbbfda740b88a07e87eb2cd97c0393db1036a1ec8a376c919cdd0b40dbb899c07f1349c7a1113f57495c795bc7e38166a7bdef463457189549f4b13279fffd050bdfea3477a62d3edea8321a2e98c65330fe7199ca6bee7202aa5a5d56c4ed4c22dbb28cebcaec033c75eb78820ad1d8ceb6f90b569e165002e702e1a206666d3c9d903ce78c73f778eae82d58317c634016a3e01ae29607f7b5ff253c607e4f60c0aa49021205073cdd574a3d4c25fbf79cc8ac99ff149ae54aa56286204e628dc2dfe4384ef74c8dac04ace6c5762d03f9e19942e4b6bbbb41fefc569cc23b3319d4ebc55551fecf8f936221e9787e744f2e1422baaa25b2f5bf59205190b7fe52f0641f149c5e00b764c493afadeaa04324783c268f48772b1c532d52d211865704db5fbafc3193385adc9855a1ad9ea0c05479329efd6c08ed22c5656eab2ea050f53bf441a9dfb4157d14b99214fa59b8b0e53200795762145a63d61c5c526edb03429e1e14072e1d7dff102fdb9801234bbbb8e0274a861dd60f3a21f129326b2f6fee61f690fa3967cdc5f6f9519282c48e28d6aa7d1b0ed07bdd72ebf1dd97b46f24ffde352095f4bffd6fdd0b9f0d60f16746f1c1ec46656cf94ae2237540c558c1863fb2ffd4619e5ee5b7aa5757e252b821e003fcef57f33cd70f19ec0b5f8098c030741147e8e4319109892fd56b22d261800b7107a393b9a7d835383e3504f5f2794f30914c4f8145ed446a06e3787eb32ab90abf595d45013c8b6d9c26cf4e60812b02427a4d2a8dcbdfaf8ace4e17f0f598676a5f26dc3615eddea77e1d68c857fbe2b39b67ccacd6afcea94b4f9592490c1a51e11f4ffc6dd4d4cdc44995b09864743b906e07a12c93045b654abf2faaf1127ee92698e09efee1d8d45ceb103973c3d1d5c98090d9af08789f867873bbeb522cb367bacaf2d94bc6fa7aab57b542af353d693230a3da636762204d96f2889f7decc9ad3992a8be2be92bdd6a7367bd64c8604ec219a92c80a7536f218926b5d18677f4bc22454a843f7ec6bfaadaec1a47896f902725cddc264226a0c7f673468459528101da2368d77d37d9ae6d52cb44efb9b5af74fdd4c8341980d7b3f4a3176c8de3c3a0144e3f327fcb30c6bda7a62ec37215367d06ef1b85fa2bc329fe99071f65b0d5a48b50139016b0753bc99c389f4aba551bf2da38b78e7b4dbb3be3ecf8749b39a022c86febf3a30070def590bd2a9cb0f95d09eac8de27c370d758e340193773a7dfbb2046e0b2e34bef073ed8368f4fbf464205fbac66fbe88c3260f6974b383bcf8a000db483d822536000df416d09dfc55c920cbc3c8b24af1757099903759e9312b576b9f04e61ae20a60d7d0ce978d193dbf9e7a20c04b4f985936402823feb4c045be085b565c283602d9f4c7efe1db4d81f126855712cb5d9cc86250c4b81f4cd823b4b3204d5e88c77f671b93f8ca0d7846a4eb429ab9aa3c8283e3aabe", 0x46d}, {&(0x7f0000000140)}, {&(0x7f0000000840)="8dd02c84b2879cda3ac86e4f8b37cd5bb2ded969c7af1fda16fd993357272aa0ac47d2bdf61023ade89fc6ae83aafa658a710a37450d827cdb74ada27cf88dfaa710f4ee42dd29fb198b336aa346b8be041032258e696475f498a50ae6fd61b1acf1b0a464439080427910", 0x6b}, {&(0x7f0000000a00)="db3b78b033f751a8941fa50a6ce5a89f135f4a7c133dc59e69c47b031089a0bc903090ea485d000000000000ce255c18ba1a4a00afabdaa3c94e6c7ec214024f4762e3f789a9f23495", 0x49}], 0x4}}, {{&(0x7f0000000000), 0x10, &(0x7f0000000300)=[{&(0x7f0000000d80)="613201d1675af5bcb966bebb6077c8d78a80288000269f8642476ed85da5083c2076cad3f4dab3f44293face33631cba077763b3642a6c51600f173ad6a1fb27e8a9c4f9b5cdd22c1eb23bf832b7489ac611fe7fc35a14d8c0acae688db090a93e6763f95fb606af9bc2ff5e8400006e5f071e184c4f46a2a40cc636d72324cfc0c97c9f59296dc4c5c4e3e36d0f5b391870a9aca1a129cf7eb376bc8e9712de2551c452057a330d59c5a066d2d10e7018c60f58cfbcef205c5f10e705b5b7ba34fdf1da7b71ac8774f3a4a7ba6db82241a80ab7bac2edd1beb065d757e0507af7b6b357c423a9602177b9cfc6bc5f", 0xef}, {&(0x7f0000000f80)="328c5cd2be8227d3cee6123c045af9cbd1bb590a751c00c14060e38b9b4812c7d1feeca788d9be1d2787d72264bce402f9f33614d7678da2007a4f0168dc73d718b543b4e7a5c956a6bc03b79ca20b452eec29d53ad1290f6ead18bdf0b3b7a95f7974948d65b55876c56052ed51ac45ed60d15c3f93feaa154a9950d2a3d0dadabc65d12fcccec7d9b0af67be", 0x8d}], 0x2}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000009c0)="f8318c5400"/16, 0x10}, {&(0x7f0000000180)="819eb7578a35e734a89ec80c62ad11d2ae7c20c21805daba5b2c24e1955ca3e803fb711791ae18c2c47207521d27078194f946eb72d3c0bdcf2b45604891a4f4c97943f1bc471322b64e19ae69a0db0ade5f4fe526b7c53c54d5035122a1ba6a39429d103dbde06ea01c3ac2c0f10c9a5f4352674164ff82c3426e08f17c7f6e6d1c428c52b6975e9a809adb99a233e5d594f3dd0644393b66bab7082076c2b82143f0de2593a8c8c93a7ec423c9de9876", 0xb1}, {&(0x7f0000000240)="07cad9a2bbd10000e1cf164875e149ca", 0x10}, {&(0x7f0000000280)="0329018aa7ffac8036393cab909e0cf574e5627200f26872a5b2f7035050a7790c79fd18ee42d98d46b1049e9ba8de8d3368fe6bf6dcca433bab06e2af50bda0c7c6ef922258f43b874a6b229f0fce001a42854cd359", 0x56}, {&(0x7f00000004c0)="9b9db56562609eb8138ea5d9bb6f25d12a36bc8b411275e87edfda5f32db7870e9c275dbad29d186e55b88f7d3ae69bdc364c5191094ae08d29a76a5c1b97f172a96082bb89a", 0x46}, {&(0x7f00000017c0)="23883a0888bc4a4c60c8cffed70571bc80e4af4e4bc88add1ad97b101abbcc23c9c138b983b1c810466165c3608cfdf54fb0ac214ec97affb629108f1845981fd8e25bb980e1b67798c3318810b1cdedabb1f7c195fd7d161f1ec0cfbd1c1ea7d5603bb4eb67c8e55dbe93d52bfe309c60dc07a6fe9d5296bcf57b4f4a38bca0107d4d04d2a369442c3caf4a6c3976051d819f9a3e835abbcbed88c085217f0d696e5a43b02c219a1d5a8e31520fc100a7f96904127ddd2abc25dbcad13e46d0872f61ff3352c07497451d46930aead6a1367023978fd7916001b4d0dd3163d2119c8e1a0610b15c8a9cb70d397e3b8096dd26ae2b399ea5f70c64e21df75c1aa448f2c584d284f2e4f1354f9930129f952784ab20196b630f253ad751f52d793d15ddf639be9b4a9bea04c071624c7117933a7bab3ff8db32fcaf7f72ca2cd8ff2e0ffc0775803f3b0bff13e03be752891124f9cabd9f96e538df6c4bd1a2da880af54a29d7627d99e2612ed7ae999d16437c7e403e1e5f44f73f2eb1c5a064813671fb8405e18cd223b032586aae7f5932c13ee3f737110cf5772d0e9003549e93b94bab464d335e86bf89c166f09656de4fa40e4f977c9d475c19d851bc4136e0361594b08ad39fa1874dcbc4a1b9753a26655084fa3a810b423534d6e3771c523a0f77f4b5d901e6b537c6b9fca60ebcbd71ca56ce5224508c4a2f91737707e149484e3a079fbf3a91b1b57766c6c1ece15b3bca6d22a74a5395ed5244a1446ee2f4d1f244a21f9b674d4d39730c539d47b86fa9a75dc077982e92f747a8f90e67e9e568035da14c0d442e7b9cc64fa5efc97c1e9f174867c499c9dce80bdbc41aadb6150a005fb537b772bc8d23be38584012b4b47d5614f37beaa4d1635e4ffdff30084e65c1a9bba0bbafbbf0142e58c0c5fe0498b5e2b3c978f08a8661b5eb4120996ed0d53e7e88dfdb7eae0695554e49295d6c521e557ca6df0ec6f792923b0cd634f43b301c871709ed1d1e3e8634b2e74746c91af1d1868865b236c33ef908b9c827773055af6fabdc01f9bced7992d2b080c78aa73a5946c7651468ff6d9debf0ebacb281de59f0921a7071e55cc62b65c3c49b0563effc48eef523ec15aefb3f0568c490e79fd728e5d7b5927983a883a4a3d46b447eb00c84a9e2b74dc8210631fa7884d2adcd77de8620bd9222840efa69062f2b3c8a95410e426b749b011084097db65dcadc7b7e325f703bc7217919259a8c88ad9f36cb399c2e92feadff50685bd565de3616e8f699cba83f29e4806170292d6ae788bb1f242a5f35453e40a4b5f694056043149885aeb6ffbf305408b5abc95a81b606b9fbdf7f26aba6f64fb44d2d2a407c240a7411d3792b3679eb7a5fce4cb86d6f538f390b3994731a6a794d493c3507bee4f70122f040cbd51dee5e643f73007a94b20798bfe0060e07861369a14add1e44640d0dbc35688d3208cb59301632c9faa7867a0d50fe04654ce9d02790b5be281c883d99a836c011abfac5be824e453711c40a6e3881848b590c32fd7b561a40665382a497732a8287c2b36320447fbfd0680bcd2a23ce35fbb7e4a3a250562df09ea63e0823b8ce5c13a4af0e7dc0ed1553422d0bc498b48ce7d9c220ac896881559e3ba60abfc7008a675c25df0ff75d82b111428686cd6fb457a806aed8600eeda67ed55d87a7684ec070ee6b1ed9b23364cc09bf8f09406c1d86e8a5753e123cf233db29fd0b433037d1fca3db74077441dcc790f723a71a1a7d08a9829dab50fe0a3d2d29fc1d43c63ac7bc6873d03921bb5f10a0149b773d40be220610ea0151c11c4d582c5c02ba48af10d5b1d69f1ae4f12aa3be4f90e3621e33500781db38615497c71e561d6f598c42ec81671591f662cfadf1675a6a709a834801258a56dc1eb8480f32946579c5e06b8340d4f06d948220dd04661ba4f63ab5f0a42c2f3632eee8693a5fa6e1eb9146791a054ca27d0e8c7c5f44b27bd8f35575808fd7eab1af676d20d0668acea5556b20ce1ebf42d805374bd23734d4046530b4efa5351f3df08cfc9bf0e13d47bd1acb8388a78f5a66045ec6199cec6c9e7e4aeefa854522e42a96c919bcbcb3de116da43b9f322b9159e0a80e6de7e499743fb0b36ac148f2674cd4840206c3c8a7c80b8544487ed1def3b248267ddb54ee228638e0ecb31955bf64d1bff6c4db02f06927fd68139c0c798a2dfac5d41b49c2aa18451a6b161d1d1edd9bd08d87e0418c14cdd56f01416ca05aa4604b26e4828906d1c238ec9c4fcb9add701418fa09bd4a37e22cc0cf229c35b056e324cf904e9125d522b529a85e9631d7bf345c771f397f35375334520a873697a9b96301579ff4d83e1f3777240235ca1e2b673a8afd0f6c353ac17952cee1e0e9e6bcbea273b5336c5a8cfaff36577954c33598c0bdd059ed72ec44e13e93329375adb872c191cb4729c3170276271aad5ab3d28c1b054addd77112708b3a69461c5f660be0e1aaf2f391e44805344cf7dcf7f7f0c2f6f04715611ca37c8bb0de23d6956f8a5ba1cf25392db32336929cb50721865341a07bbc59c2dcebb9656b02ee3fe29c0326661ee03cb15b299da14822bd0386e0d5118ebd38389ce545532b3331409652fafe6b1f8532da2260c9bff61da44565e2624c88148d0c58ff772503fc5b7f66843b591dd2dde4e4c02b94fb6faa32834f79e104b98cc0b56528c7b637b0808e17fd56aa52c2641479832a2079934d02c4862f8792e1959cb9121f50f291671cc8b5446d55dfcc94c24b6c2691af100837534a5ef316a42d922f446861c8f7efbe4257ac4beac22924790d8fb305143fa058c48807ca7e4e1a6f22da42a976ccb4b14bf84278fa5adfbeb13c2e84ca23b9af2a3e641b7dda38b22791e79d26e133e1d411fc0c85b9d26ef9ef5a1e1719b507d48300464f0fa3301bfff51c0c986485a65322dc99a76d437d70937a82cf2eb8bfff894b1f430e371687d3706e4828c779da91bc3aa2a80dfaf33eb785dfd0cbdd5fd1cd5858fdb5b8e17d55853118fbb80cece54c021cda7a166c2458e8792148d3a700d8aab8db7556a688f04dee6596ff2297289142ec0808424c7d55fd183ec24aad67c4609f67adaa7f640f3ab1227f532cbe05b1d20d290e3cc84a49888467098a8f2277e71bfd7523d5e62bed7cf2bc89487becc78bbb879b482c271276aab7d32159d2dddd0fe653f9ed7dbf8f3cac0a00486c46d75c6440b9e302ef73c44b115ada43c57b70dfa239fd8f143c243e9b73f62efbe7c051a46e7fcfa6cd18f23aa0b84d481cb1611bafe361decaec85766e6abcfde4ed8b102156763cf6b8c3ae1602ed89a3e37b745b2cc12149a3478e7f6b3aeb2e0e7895665f8f3e29957e0d47eb80cce49063c81226aff6050a12f404ebf4b3bcd967d09625add5557ae9d79fb16e1fc9b9f909277f4e980185840229764b01fe325a2d68c55e7d22ce37bf7d6de56e1f3a49d99f77546938c3f425cfc88e1f968452efe547728739360c5f84be7dd7d50a848da34c86a2a55745ee6f504e0ce38ba8a8a6245f0cf2367f7d3fada3b37dc36b08295f297dbdc96c1be79bddfdfe56a23455be73ad47211d41a7b95b8c96c9edcc5c8298475cc8a417a51c26b0ec0c20efaa7151da732f3ae2c805267363498848932cc127521803b564c4325bd7cfb6765a4f3b2667d2b603c589dadfd7279702ddd608c1343931bd08f6c19fc6d268469715dcec60aebfc569b71e627c16ab9e779a40645026a103c71a5979bb3eae7ae2c82e837905516204a71b0fb2b2f67469fbaa53287757827f0df5eb905c337bd955370d988ad0a34538ad6189d2a3c875918dd757b38b7261257ae0625df1ceb86f4331c809914d7dcd7d460014dad721fd422a93261c5961a199f7ee422edd751d6dce764d571d98282cc363891398f5958af60b15cea70f8199acbcc010e95d277868400776d3e0473b44aba9d60744906f962c9a4edc47598b69b6a405b517a50b1daf6653333a1c0442ae622ff5d5d55ecdcc30b9835eb4ccb12febe4d075bb3f38d109eb240e37a20f6abe22b063d80fca6214ddb64c31cfb13c3c6751e5dfc57b857f4a8b984cbc3c10a574a244272a18109e4933bc97b30522cdba1a1d47400d7c436141bc1463752b1d595e5d44a7f96fff7cc0ccc1a500fd3dc217cadf37a10ceb266e856d9699cf0bd08ea79b7781b1e0194f0f8023dc700167092805cfb66cd6c1d35de2f25e70c52604f46765483cdafe953871803a2068e570fdced297a57cfebc0bd0c162b0e74c555cc4b56e54fb4f8193e4292af6bdb67c5e5412adc543d44b14f4f0b9e60599af60b290b02b342c469c6e67d1c9fd99bb4eb617a9cc39f9d39ac53161733a32a8029d48b074f454c3838928e7ce560ad61a35e150044caef83001684a759bf30e309f38fc013e25d3bfec34a1660df2786ed68557ec80558470a8be667a2a09c4d37e2622442996efa8bffda94930951e1395019d484b811138e20b164fab164e47df6e922680f8c506ee6f3a45e293b4ad996a0ecb26034149a6a07d279440a0eed3a06bdb3da92e64460c5c6c375167a48387d72f71a582072ee29ff21b9fdfa4686920dc0eda88eeb75cad9c1e3f09cc23ebdf4e8e3d023d548133ec16dd4e6ba822fb0ffdff7dc901bc51bfe36225ab93d14ef9249e95b94146b2fd99862b0deb2b6a6150b535718ed45217d8d3521fa3e459babd82a91319b568e6a3d4bab991e1abcfe9935b7534bc1fa3a117a8c56f6cbefdcc12edecaf4d8c70e1ef006ca42bed66d2f3bd7acaae240a86845135a80778047811051bfa30e04a3d143608de6db2f13a5d9ddefc12740b80e0206ade9bd589975dd10cac02ab0b79266af47263cecd02cedfc605943a02347c8c0986173f9c11a507fda9fedaf86893f68cbd64cd22a9dd50731958dcba8ee5257fb44e26eb25c8427b21831d02e0da958fce9c987679a4611aba33056dac35bd26e475e6633e50969d512c87caf67c9d4d741c5bdeca4e09c3e3547e70af2ea72da3492ee6356b85eb609b8b5d8f720ac12315832e1274ae16dd1eb6b464a3ae30dda298412224131763ed44173ddcc8ba84ec2134b852bb1b9453d6d0cb14d1888c288728cda59e2c36966c06f0f7746c7bddc0b94d4da6d215da4349265d4d547f51f1313a1d08b26a83952aa335e403c65833ad31bead7482ccfadde3f963ec208739ebeb0df8620f5d85af3d28e2beb28f10cadd5be15a3593d002154f40a0d6c3671a7bfbffe12e5009d5f542ac2c4183197dc2e564f3314a65e7ebe001cd1214504e782e4df8317fd207c353b9a4a6d792508215710178cacc4e97ffed2b906ce5e4f88adc4325d183b184fb7d9d94779b665b0356850c8c716a5eaa2a36b782e882e10c98b064607b13b14f1c7bce0e256b9064d0ccf8bc07c3aff7178e48fb44f4d3957bdcf87d11d2534447179afd7fa71baa12ca73108a635747a8eba5633baf71bb900f9dc740edad1a8079ab873884274b6fa0e88855506916a3083ec9d6e458e307e819c8d7ddd0526b3880eab242e76f8f9786bc9a6dfdf55488e81f12f130dad1c729eab29db19db2f4cecb57237e47832c1e2e0127c7e6ee512a718ddcdccb4791a7c104b1f115bce4ccc4293a0d3976c98f535a8f5947785534ba87918fc7005f241195a2fc21e8e03ac4068bab160c4a0aa68a52e7e4bd973f7c602aad53221d0423d5467402f4608e5e3ae8b2d750e2d760d3b7", 0x1000}, {&(0x7f0000000340)="03b5d414", 0x4}, {&(0x7f0000000540)="00ff84e685dafd5437e89a85a5915f317fb109411a0af9d6cfd0c9f5fa4a34d2dff14f15bee89d4487e62be071be9835af3510feebbe08116a2c8c8160bdf7b24764f7fbdb80e0f4941d08014206fe7b7e73641c38ef1b554723c3da6e6defac37cf3b", 0x63}], 0x8, &(0x7f00000008c0)=[@ip_ttl={{0x14}}, @ip_retopts={{0x5c, 0x0, 0x7, {[@lsrr={0x83, 0xf, 0xd0, [@loopback, @broadcast, @local]}, @rr={0x7, 0x13, 0x11, [@broadcast, @multicast2, @remote, @rand_addr=0x64010100]}, @generic={0x86, 0x7, "17dc2ed6dc"}, @cipso={0x86, 0x20, 0x0, [{0x5, 0x8, "ea39057103a8"}, {0x7, 0x12, "6e1a66f94d21315b614ac0b716bfe3d4"}]}]}}}], 0x78}}, {{&(0x7f0000000440)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000980)=[{&(0x7f00000005c0)="d11632e845fed2bf792f8c433695ddda011fc262b6cc7ed4e4f26118a2d080c8961e4659c0467f79c5fb030e2f2b1ff2b1553db1b8c586d4", 0x38}, {&(0x7f0000000940)}], 0x2, &(0x7f0000000d00)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0xda}}, @ip_ttl={{0x14}}, @ip_retopts={{0x10}}, @ip_retopts={{0x2c, 0x0, 0x7, {[@ssrr={0x89, 0x13, 0x0, [@empty, @rand_addr, @multicast1, @broadcast]}, @ra={0x94, 0x4}, @ra={0x94, 0x4}]}}}], 0x70}}], 0x4, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
sendto$inet(r1, &(0x7f0000000700)="09028a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f9111a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
fcntl$setstatus(r5, 0x4, 0x2000)
r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r6, 0x29, 0x41, &(0x7f0000000e80)=ANY=[@ANYBLOB="7261770000010000000000000000000000000000000000000000000000000000ab0000000fa5751125b5ee920a8393a0af921b4faf2f27af55afe073f0bbeb10392f114079aa5b8589d1c925822634c45ca464378fb34c642db3adb362ecde9c8fbc0a0900000000000000cf4d2e7ce51150b89202cfe298e4c3538804bdf53d82b9b16206f5d1013e31bb5dbd49346a6c8334724b067a9938434bd2acbfeb5dc7ea61c27328d3c1782dd32e6934726e28850c95acbcedeae3a210824747f288c08cd4d5cccc9f740c78da478f97ac8d7a12ab7148b1e45a60a5b92bafdd1480f8b2ce09051b9e5647709d46"], &(0x7f0000000100)=0xcf)
ioctl$SIOCSIFHWADDR(r0, 0x8b14, &(0x7f0000000040)={'virt_wifi0\x00', @broadcast})

4.839955267s ago: executing program 0 (id=603):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x18, &(0x7f0000000340)={r2}, 0x8)

4.795442855s ago: executing program 2 (id=604):
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000001c0)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x9)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
chdir(0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(r2, &(0x7f0000000080), 0x12)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x19, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SET(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)={0x44, r5, 0x1, 0x0, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x6}}]}, 0x44}}, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0x5c, r5, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [{@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x1}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000800}, 0x8000)
write(r3, &(0x7f0000000040)="240000001e005f031400ff01000000f80700b3586ff606c2e553797c080008e467dc0000", 0x24)

4.595463332s ago: executing program 4 (id=605):
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setscheduler(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x96dca55c25fb4027, &(0x7f0000000180)=0x40000000010001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
close(r1)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)
r2 = io_uring_setup(0x5, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x34e})
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000280)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f0000000080)={0x48, 0x5, r4})
ioctl$IOMMU_HWPT_ALLOC$NONE(r3, 0x3b89, &(0x7f0000000380)={0x28, 0x0, r5, r4, 0x0, 0x0, 0x0, 0x0, 0x0})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket$inet_udp(0x2, 0x2, 0x0)
close(r7)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r8, 0x84, 0xa, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x20)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e22, @private}}, 0x0, 0xfffc, 0x3f8, 0x0, 0x31, 0xbb}, 0x9c)
bind$inet6(r8, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback, 0x30c2}, 0x1c)
sendto$inet6(r8, &(0x7f00000003c0)="6b2035c49d6aa2e8d3f8d0553b4b1b0bf2cd93d227c8b3588ce789acbe55538784b52fdded6681e4cfeabdd904c6c6e67ae9bf9d745a1a58c7fc8a64daf4e5f9b74709b288cfd0e95435becb62f63a184269e1db22b46b06794191c2539556bda0d4aeed13293dafad8c070555bb10b00e576c4a077ed294a23fb0eb6b16ca682d7e94af67458b2e0d57bd19ba9bcf54f32345ff746eb1b1908cba785dd4", 0x9e, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
write$binfmt_misc(r6, &(0x7f0000000000)=ANY=[], 0xfffffecc)
close_range(r2, 0xffffffffffffffff, 0x0)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r9, 0x5423, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

4.402235329s ago: executing program 0 (id=606):
r0 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$inet_int(r0, 0x0, 0x2a, 0x0, 0x0)
sendto$inet(r0, 0x0, 0xfffffffffffffe45, 0x0, &(0x7f0000000000)={0x2, 0x4e24, @multicast1}, 0x10)

0s ago: executing program 4 (id=607):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IEEE802154_SCAN_REQ(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r1, 0x203, 0x70bd27, 0x25dfdbfe, {}, [@IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1e}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x1e}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x10}, @IEEE802154_ATTR_CHANNELS={0x8, 0x14, 0x17}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000000}, 0x8000000)
r2 = syz_usb_connect$hid(0x0, 0x6c, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x27b8, 0x1ed, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000000b80)={0x24, 0x0, 0x0, &(0x7f0000000b00)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x0, "feb9ce47"}]}}, 0x0}, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, &(0x7f0000000500)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000400), 0x0})

kernel console output (not intermixed with test programs):

364.419110][ T7053] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0
[  364.436229][ T7053] Mount JFS Failure: -5
[  364.441270][ T7053] jfs_mount failed w/return code = -5
[  365.006802][   T64] bridge_slave_1: left allmulticast mode
[  365.020075][   T64] bridge_slave_1: left promiscuous mode
[  365.037702][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.060260][   T64] bridge_slave_0: left allmulticast mode
[  365.067107][   T64] bridge_slave_0: left promiscuous mode
[  365.076203][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.245897][ T5238] Bluetooth: hci0: command tx timeout
[  365.443557][ T7062] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  365.443557][ T7062]    program syz.3.272 not setting count and/or reply_len properly
[  366.238320][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  366.316238][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  366.353029][   T64] bond0 (unregistering): Released all slaves
[  368.750493][ T7075] syz.3.273 (7075): drop_caches: 2
[  368.821806][ T7075] syz.3.273 (7075): drop_caches: 2
[  369.214624][ T5238] Bluetooth: hci0: command tx timeout
[  369.317413][ T5236] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  369.327277][ T5236] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  369.340677][ T5236] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  369.354561][ T5236] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  369.372283][ T5236] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  369.398803][   T56] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  369.446303][   T56] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  369.473427][   T56] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  369.485814][   T56] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  369.515692][   T56] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  369.530334][   T56] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  369.545780][   T56] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  369.941915][ T7089] netlink: 8 bytes leftover after parsing attributes in process `syz.3.276'.
[  371.242878][ T5236] Bluetooth: hci0: command tx timeout
[  371.505130][ T5236] Bluetooth: hci4: command tx timeout
[  371.711274][ T5236] Bluetooth: hci5: command tx timeout
[  373.736640][   T56] Bluetooth: hci4: command tx timeout
[  373.742132][ T5238] Bluetooth: hci5: command tx timeout
[  373.747646][ T5236] Bluetooth: hci0: command tx timeout
[  374.625635][   T64] hsr_slave_0: left promiscuous mode
[  374.653312][   T64] hsr_slave_1: left promiscuous mode
[  374.668912][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  374.695244][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[  374.735051][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  374.757770][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[  374.918148][   T64] veth1_macvtap: left promiscuous mode
[  374.931598][   T64] veth0_macvtap: left promiscuous mode
[  374.942867][   T64] veth1_vlan: left promiscuous mode
[  374.957981][   T64] veth0_vlan: left promiscuous mode
[  375.290613][ T5228] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  375.494686][ T5228] usb 4-1: config 0 interface 0 has no altsetting 0
[  375.509783][ T5228] usb 4-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  375.519654][ T5228] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  375.531196][ T5228] usb 4-1: config 0 descriptor??
[  375.617463][ T5274] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  375.726747][   T64] team0 (unregistering): Port device team_slave_1 removed
[  375.811802][   T56] Bluetooth: hci4: command tx timeout
[  375.817251][   T56] Bluetooth: hci5: command tx timeout
[  375.833693][ T5274] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[  375.843649][   T64] team0 (unregistering): Port device team_slave_0 removed
[  375.847700][ T5274] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  375.885925][ T5274] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  375.899817][ T5274] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  375.924175][ T5274] usb 1-1: Manufacturer: syz
[  375.936370][ T5274] usb 1-1: config 0 descriptor??
[  375.971210][ T7110] netlink: 4 bytes leftover after parsing attributes in process `syz.3.280'.
[  376.008392][ T7110] netlink: 4 bytes leftover after parsing attributes in process `syz.3.280'.
[  376.018298][ T7110] netlink: 36 bytes leftover after parsing attributes in process `syz.3.280'.
[  376.030614][ T5274] rc_core: IR keymap rc-hauppauge not found
[  376.036551][ T5274] Registered IR keymap rc-empty
[  376.053321][ T5274] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  376.089395][ T5274] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input9
[  376.119907][ T5228]  (null): keene_cmd_main failed (-110)
[  376.157980][ T5228] video4linux radio32: keene_cmd_main failed (-32)
[  376.177363][ T5228] radio-keene 4-1:0.0: V4L2 device registered as radio32
[  377.546140][ T5274] usb 4-1: USB disconnect, device number 2
[  377.898982][   T56] Bluetooth: hci5: command tx timeout
[  377.910156][ T5236] Bluetooth: hci4: command tx timeout
[  379.186213][ T5274] usb 1-1: USB disconnect, device number 6
[  379.254866][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  379.261357][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  379.622120][ T7032] chnl_net:caif_netlink_parms(): no params data found
[  381.203472][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  381.203493][   T29] audit: type=1400 audit(1723417939.313:279): avc:  denied  { create } for  pid=7123 comm="syz.0.286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  381.580253][   T29] audit: type=1400 audit(1723417939.693:280): avc:  denied  { connect } for  pid=7123 comm="syz.0.286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  381.686397][   T29] audit: type=1400 audit(1723417939.793:281): avc:  denied  { write } for  pid=7123 comm="syz.0.286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  381.756450][ T7032] bridge0: port 1(bridge_slave_0) entered blocking state
[  381.775660][ T7032] bridge0: port 1(bridge_slave_0) entered disabled state
[  381.830059][ T7032] bridge_slave_0: entered allmulticast mode
[  381.878628][ T7032] bridge_slave_0: entered promiscuous mode
[  381.974526][   T29] audit: type=1326 audit(1723417940.083:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7137 comm="syz.3.288" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f511d1779f9 code=0x0
[  382.224732][ T7032] bridge0: port 2(bridge_slave_1) entered blocking state
[  382.238939][ T7032] bridge0: port 2(bridge_slave_1) entered disabled state
[  382.247492][ T7032] bridge_slave_1: entered allmulticast mode
[  382.257757][ T7032] bridge_slave_1: entered promiscuous mode
[  382.271939][ T7077] chnl_net:caif_netlink_parms(): no params data found
[  382.546017][ T7032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  382.579857][ T7032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  382.720544][   T53] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  382.794010][ T7070] chnl_net:caif_netlink_parms(): no params data found
[  383.464976][ T7032] team0: Port device team_slave_0 added
[  383.505289][ T7032] team0: Port device team_slave_1 added
[  383.856420][ T7032] batman_adv: batadv0: Adding interface: batadv_slave_0
[  383.872909][ T7032] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  383.914040][ T7032] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  384.036246][   T64] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.057121][   T53] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  384.074503][   T53] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  384.093688][ T7032] batman_adv: batadv0: Adding interface: batadv_slave_1
[  384.111930][ T7032] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  384.148484][ T7032] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  384.149666][   T53] usb 1-1: config 0 descriptor??
[  384.162779][ T7077] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.177011][ T7077] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.188954][   T53] cp210x 1-1:0.0: cp210x converter detected
[  384.195696][ T7077] bridge_slave_0: entered allmulticast mode
[  384.206203][ T7077] bridge_slave_0: entered promiscuous mode
[  384.226686][   T64] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.338223][ T7077] bridge0: port 2(bridge_slave_1) entered blocking state
[  384.361249][ T7077] bridge0: port 2(bridge_slave_1) entered disabled state
[  384.370063][ T7077] bridge_slave_1: entered allmulticast mode
[  384.383996][ T7077] bridge_slave_1: entered promiscuous mode
[  384.489942][   T64] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.669033][ T7032] hsr_slave_0: entered promiscuous mode
[  384.693368][ T7155] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  384.729442][ T7032] hsr_slave_1: entered promiscuous mode
[  384.735876][ T7155] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  384.768753][ T7032] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  384.784879][   T53] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[  384.795896][ T7032] Cannot create hsr debugfs directory
[  384.984078][   T64] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.077174][   T29] audit: type=1400 audit(1723417943.173:283): avc:  denied  { write } for  pid=7154 comm="syz.0.289" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  385.165241][ T7077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  385.177437][   T29] audit: type=1400 audit(1723417943.173:284): avc:  denied  { open } for  pid=7154 comm="syz.0.289" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  385.242423][ T7077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  385.260573][   T29] audit: type=1400 audit(1723417943.193:285): avc:  denied  { ioctl } for  pid=7154 comm="syz.0.289" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x937b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  385.492388][ T7070] bridge0: port 1(bridge_slave_0) entered blocking state
[  385.534490][ T7070] bridge0: port 1(bridge_slave_0) entered disabled state
[  385.551652][ T7070] bridge_slave_0: entered allmulticast mode
[  385.567576][ T7070] bridge_slave_0: entered promiscuous mode
[  385.592716][ T7166] mmap: syz.3.291 (7166) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  385.743494][ T7077] team0: Port device team_slave_0 added
[  385.754680][ T7070] bridge0: port 2(bridge_slave_1) entered blocking state
[  385.788374][ T7070] bridge0: port 2(bridge_slave_1) entered disabled state
[  385.809788][ T7070] bridge_slave_1: entered allmulticast mode
[  385.844902][ T7070] bridge_slave_1: entered promiscuous mode
[  385.973436][ T7077] team0: Port device team_slave_1 added
[  386.145019][ T7070] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  386.312835][ T7077] batman_adv: batadv0: Adding interface: batadv_slave_0
[  386.320808][ T7077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  386.404217][ T7077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  386.500899][ T7070] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  386.586111][ T7077] batman_adv: batadv0: Adding interface: batadv_slave_1
[  386.601176][ T7077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  386.634144][ T7077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  388.070222][ T7070] team0: Port device team_slave_0 added
[  388.083518][ T7070] team0: Port device team_slave_1 added
[  388.154586][   T53] cp210x 1-1:0.0: failed to get vendor val 0x370c size 15: -71
[  388.177920][   T53] cp210x 1-1:0.0: GPIO initialisation failed: -71
[  388.242040][   T53] usb 1-1: cp210x converter now attached to ttyUSB0
[  388.275891][   T53] usb 1-1: USB disconnect, device number 7
[  388.338579][   T53] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  388.372743][   T53] cp210x 1-1:0.0: device disconnected
[  388.762052][   T64] bridge_slave_1: left allmulticast mode
[  388.779027][   T64] bridge_slave_1: left promiscuous mode
[  388.842599][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.957013][   T64] bridge_slave_0: left allmulticast mode
[  389.042161][   T64] bridge_slave_0: left promiscuous mode
[  389.073969][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.161735][   T64] bridge_slave_1: left allmulticast mode
[  389.180899][ T5274] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  389.204844][   T64] bridge_slave_1: left promiscuous mode
[  389.210766][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[  389.246972][   T64] bridge_slave_0: left allmulticast mode
[  389.258916][   T64] bridge_slave_0: left promiscuous mode
[  389.270075][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.429585][ T5274] usb 4-1: Using ep0 maxpacket: 32
[  389.439850][ T5274] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  389.472504][ T5274] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  389.514839][ T5274] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00
[  389.540822][ T5274] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.574164][ T5274] usb 4-1: config 0 descriptor??
[  390.077387][ T5274] lua 0003:1E7D:2C2E.0001: global environment stack underflow
[  390.114147][ T5274] lua 0003:1E7D:2C2E.0001: item 0 0 1 11 parsing failed
[  390.125415][ T5274] lua 0003:1E7D:2C2E.0001: parse failed
[  390.131307][ T5274] lua 0003:1E7D:2C2E.0001: probe with driver lua failed with error -22
[  390.277021][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  390.306964][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  390.325971][   T64] bond0 (unregistering): Released all slaves
[  390.389009][   T53] usb 4-1: USB disconnect, device number 3
[  390.472408][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  390.484729][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  390.496832][   T64] bond0 (unregistering): Released all slaves
[  390.526557][ T7070] batman_adv: batadv0: Adding interface: batadv_slave_0
[  390.534197][ T7070] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  390.563762][ T7070] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  390.703760][ T7077] hsr_slave_0: entered promiscuous mode
[  390.725487][ T7077] hsr_slave_1: entered promiscuous mode
[  390.779224][ T7077] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  390.787022][ T7077] Cannot create hsr debugfs directory
[  390.804064][ T7070] batman_adv: batadv0: Adding interface: batadv_slave_1
[  390.814560][ T7070] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  390.844129][ T7070] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  390.917997][ T7070] hsr_slave_0: entered promiscuous mode
[  390.939929][ T7070] hsr_slave_1: entered promiscuous mode
[  390.960961][ T7070] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  390.978045][ T7070] Cannot create hsr debugfs directory
[  391.183821][ T7197] syz.0.297 (7197): drop_caches: 2
[  391.193463][ T7197] syz.0.297 (7197): drop_caches: 2
[  391.420562][ T7201] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  391.420562][ T7201]    program syz.3.298 not setting count and/or reply_len properly
[  391.570774][   T56] Bluetooth: hci6: command 0x0406 tx timeout
[  391.960162][   T64] hsr_slave_0: left promiscuous mode
[  391.972219][   T64] hsr_slave_1: left promiscuous mode
[  391.980664][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[  391.999330][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[  392.026298][   T64] hsr_slave_0: left promiscuous mode
[  392.036146][   T64] hsr_slave_1: left promiscuous mode
[  392.045437][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  392.053926][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[  392.063234][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  392.080851][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[  392.149252][   T64] veth1_macvtap: left promiscuous mode
[  392.156734][   T64] veth0_macvtap: left promiscuous mode
[  392.170880][   T64] veth1_vlan: left promiscuous mode
[  392.180768][   T64] veth0_vlan: left promiscuous mode
[  392.576283][   T29] audit: type=1326 audit(1723417950.693:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7205 comm="syz.0.299" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f09b51779f9 code=0x0
[  392.617016][ T7211] syz.3.300 (7211): drop_caches: 2
[  392.627952][ T7211] syz.3.300 (7211): drop_caches: 2
[  393.205963][   T64] team0 (unregistering): Port device team_slave_1 removed
[  393.400743][   T64] team0 (unregistering): Port device team_slave_0 removed
[  394.450895][ T7222] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  394.450895][ T7222]    program syz.0.303 not setting count and/or reply_len properly
[  394.943772][ T7227] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  394.962102][   T29] audit: type=1400 audit(1723417953.063:287): avc:  denied  { ioctl } for  pid=7226 comm="syz.0.305" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  395.216657][   T29] audit: type=1400 audit(1723417953.323:288): avc:  denied  { write } for  pid=7226 comm="syz.0.305" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  395.245417][ T7230] FAULT_INJECTION: forcing a failure.
[  395.245417][ T7230] name failslab, interval 1, probability 0, space 0, times 0
[  395.266181][ T7230] CPU: 1 UID: 0 PID: 7230 Comm: syz.0.305 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0
[  395.276820][ T7230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  395.286911][ T7230] Call Trace:
[  395.290183][ T7230]  <TASK>
[  395.293127][ T7230]  dump_stack_lvl+0x16c/0x1f0
[  395.297815][ T7230]  should_fail_ex+0x497/0x5b0
[  395.302501][ T7230]  ? fs_reclaim_acquire+0xae/0x160
[  395.307601][ T7230]  should_failslab+0xc2/0x120
[  395.312389][ T7230]  __kmalloc_noprof+0xcb/0x400
[  395.317166][ T7230]  tomoyo_encode2+0x100/0x3e0
[  395.321862][ T7230]  tomoyo_encode+0x29/0x50
[  395.326312][ T7230]  tomoyo_realpath_from_path+0x19d/0x720
[  395.332033][ T7230]  ? tomoyo_profile+0x47/0x60
[  395.336702][ T7230]  tomoyo_path_number_perm+0x245/0x590
[  395.342198][ T7230]  ? tomoyo_path_number_perm+0x232/0x590
[  395.347846][ T7230]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  395.353840][ T7230]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  395.360014][ T7230]  ? __fget_files+0x256/0x400
[  395.364716][ T7230]  security_file_ioctl+0x75/0xc0
[  395.369666][ T7230]  __x64_sys_ioctl+0xbb/0x220
[  395.374351][ T7230]  do_syscall_64+0xcd/0x250
[  395.378863][ T7230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.384765][ T7230] RIP: 0033:0x7f09b51779f9
[  395.389196][ T7230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  395.408809][ T7230] RSP: 002b:00007f09b5e65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  395.417487][ T7230] RAX: ffffffffffffffda RBX: 00007f09b5306130 RCX: 00007f09b51779f9
[  395.425459][ T7230] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  395.433430][ T7230] RBP: 00007f09b5e65090 R08: 0000000000000000 R09: 0000000000000000
[  395.441401][ T7230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  395.449373][ T7230] R13: 0000000000000001 R14: 00007f09b5306130 R15: 00007ffef65625e8
[  395.457348][ T7230]  </TASK>
[  395.472899][ T7230] ERROR: Out of memory at tomoyo_realpath_from_path.
[  395.534674][   T64] team0 (unregistering): Port device team_slave_1 removed
[  395.590031][   T64] team0 (unregistering): Port device team_slave_0 removed
[  396.389498][ T7233] syz.0.306 (7233): drop_caches: 2
[  396.409970][ T7233] syz.0.306 (7233): drop_caches: 2
[  396.730156][ T7070] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  396.797915][ T7070] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  396.827002][ T7070] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  397.018026][ T7070] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  397.110908][ T5228] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  397.185367][ T7032] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  397.243917][ T7032] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  397.269000][ T7032] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  397.332992][ T5228] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  397.343533][ T5228] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  397.359463][ T7032] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  397.379353][ T5228] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  397.399084][ T5228] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  397.428330][ T5228] usb 4-1: SerialNumber: syz
[  397.763069][ T7077] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  397.767792][ T5228] usb 4-1: 0:2 : does not exist
[  397.834170][ T5228] usb 4-1: USB disconnect, device number 4
[  397.851098][ T7077] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  397.905567][ T7077] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  397.977037][ T7077] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  398.008630][ T7084] udevd[7084]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  398.277804][   T64] bridge_slave_1: left allmulticast mode
[  398.296487][   T64] bridge_slave_1: left promiscuous mode
[  398.314458][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[  398.338345][   T64] bridge_slave_0: left allmulticast mode
[  398.346998][   T64] bridge_slave_0: left promiscuous mode
[  398.355436][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[  398.431075][   T29] audit: type=1326 audit(1723417956.533:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7264 comm="syz.0.312" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f09b51779f9 code=0x0
[  398.676187][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  398.699179][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  398.730835][   T64] bond0 (unregistering): Released all slaves
[  398.954904][   T64] hsr_slave_0: left promiscuous mode
[  398.967845][   T64] hsr_slave_1: left promiscuous mode
[  398.981890][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[  398.990099][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[  399.548066][   T64] team0 (unregistering): Port device team_slave_1 removed
[  399.657044][ T7298] syz.0.314: attempt to access beyond end of device
[  399.657044][ T7298] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[  399.699117][ T7298] syz.0.314: attempt to access beyond end of device
[  399.699117][ T7298] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0
[  399.722574][ T7298] Mount JFS Failure: -5
[  399.727488][ T7298] jfs_mount failed w/return code = -5
[  399.906931][   T64] team0 (unregistering): Port device team_slave_0 removed
[  400.554052][ T7283] netlink: 32 bytes leftover after parsing attributes in process `syz.3.313'.
[  400.579386][ T7032] 8021q: adding VLAN 0 to HW filter on device bond0
[  400.610927][ T7304] syz.0.315 (7304): drop_caches: 2
[  400.622078][ T7304] syz.0.315 (7304): drop_caches: 2
[  400.856134][ T7070] 8021q: adding VLAN 0 to HW filter on device bond0
[  400.910788][ T7070] 8021q: adding VLAN 0 to HW filter on device team0
[  400.935795][ T7032] 8021q: adding VLAN 0 to HW filter on device team0
[  401.123013][ T7311] syz.3.316 (7311): drop_caches: 2
[  401.128779][ T7311] syz.3.316 (7311): drop_caches: 2
[  401.139733][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[  401.146997][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[  401.163818][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[  401.171117][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[  401.208413][   T54] bridge0: port 2(bridge_slave_1) entered blocking state
[  401.215697][   T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[  401.308355][   T54] bridge0: port 2(bridge_slave_1) entered blocking state
[  401.315625][   T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[  401.498070][ T7077] 8021q: adding VLAN 0 to HW filter on device bond0
[  401.820277][ T7070] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  401.891873][ T7070] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  401.981941][ T7077] 8021q: adding VLAN 0 to HW filter on device team0
[  402.065937][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[  402.073113][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[  402.092648][ T7328] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  402.092648][ T7328]    program syz.3.319 not setting count and/or reply_len properly
[  402.164145][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[  402.171423][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[  402.529132][ T7032] 8021q: adding VLAN 0 to HW filter on device batadv0
[  402.854851][ T7032] veth0_vlan: entered promiscuous mode
[  402.894343][ T7070] 8021q: adding VLAN 0 to HW filter on device batadv0
[  402.977523][ T7032] veth1_vlan: entered promiscuous mode
[  403.030067][ T7077] 8021q: adding VLAN 0 to HW filter on device batadv0
[  403.257006][ T7070] veth0_vlan: entered promiscuous mode
[  403.289216][ T7032] veth0_macvtap: entered promiscuous mode
[  403.354338][ T7032] veth1_macvtap: entered promiscuous mode
[  403.415286][ T7070] veth1_vlan: entered promiscuous mode
[  403.505086][ T7032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  403.519405][ T7032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  403.537410][ T7032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  403.548379][ T7032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  403.588952][ T7032] batman_adv: batadv0: Interface activated: batadv_slave_0
[  403.677058][ T7032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  403.711034][ T7032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  403.728131][ T7032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  403.750443][ T7032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  403.768694][ T7032] batman_adv: batadv0: Interface activated: batadv_slave_1
[  403.865050][ T7070] veth0_macvtap: entered promiscuous mode
[  403.899482][ T7032] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  403.917775][ T7032] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  403.945908][ T7032] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  403.964002][ T7032] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  404.042678][ T7070] veth1_macvtap: entered promiscuous mode
[  404.749957][ T7070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.852039][ T7070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.937157][ T7070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  404.980944][ T7070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  404.992917][ T7070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  405.003834][ T7070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  405.015913][ T7070] batman_adv: batadv0: Interface activated: batadv_slave_0
[  405.048325][ T7077] veth0_vlan: entered promiscuous mode
[  405.067716][ T7070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  405.085389][ T7070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  405.096792][ T7070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  405.107791][ T7070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  405.119505][ T7070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  405.130656][ T7070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  405.142976][ T7070] batman_adv: batadv0: Interface activated: batadv_slave_1
[  405.235059][ T7077] veth1_vlan: entered promiscuous mode
[  405.277558][ T6379] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  405.305803][ T6379] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  405.323914][ T7070] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  405.338355][ T7070] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  405.348789][ T7070] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  405.364608][ T7070] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  405.637234][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  405.667687][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  405.701870][ T7077] veth0_macvtap: entered promiscuous mode
[  405.804401][ T7384] syz.0.323: attempt to access beyond end of device
[  405.804401][ T7384] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[  405.818838][ T7384] syz.0.323: attempt to access beyond end of device
[  405.818838][ T7384] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0
[  405.834507][ T7384] Mount JFS Failure: -5
[  405.838856][ T7384] jfs_mount failed w/return code = -5
[  406.204536][ T7077] veth1_macvtap: entered promiscuous mode
[  406.491882][ T7077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  406.526020][ T7077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  406.539858][ T7077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  406.557656][ T7077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  406.567710][ T7077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  406.581574][ T7077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  406.594775][ T7077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  407.400587][ T7077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  407.415351][ T7077] batman_adv: batadv0: Interface activated: batadv_slave_0
[  407.438677][ T7077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  407.452247][ T7077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  407.462600][ T7077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  407.486359][ T7077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  407.510361][ T7077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  407.525084][ T7077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  407.540725][ T7077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  407.556197][ T7077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  407.580678][ T7077] batman_adv: batadv0: Interface activated: batadv_slave_1
[  407.598730][ T2989] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.619793][ T7392] : entered promiscuous mode
[  407.704902][ T2989] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.752986][ T7077] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  407.779952][ T7077] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  407.790516][ T7077] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  407.799349][ T7077] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  407.916958][ T2989] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.936346][ T2989] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.983938][ T7400] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  407.983938][ T7400]    program syz.1.327 not setting count and/or reply_len properly
[  408.151050][ T5228] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  408.306687][ T2989] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  408.410704][ T2989] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  408.577733][ T7406] syz.2.210 (7406): drop_caches: 2
[  408.583665][ T7406] syz.2.210 (7406): drop_caches: 2
[  408.693048][ T5228] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  408.709605][   T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  408.719642][ T5228] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.745950][   T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  408.786066][ T5228] usb 1-1: config 0 descriptor??
[  408.793693][ T5228] cp210x 1-1:0.0: cp210x converter detected
[  409.398764][ T7416] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  409.466698][    T8] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  409.532451][ T7416] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  409.562885][ T7409] syz.3.328: attempt to access beyond end of device
[  409.562885][ T7409] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[  409.576126][ T7409] syz.3.328: attempt to access beyond end of device
[  409.576126][ T7409] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0
[  409.589113][ T7409] Mount JFS Failure: -5
[  409.594910][ T7409] jfs_mount failed w/return code = -5
[  409.601913][ T5228] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[  409.703286][    T8] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  409.712302][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  409.759070][    T8] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  409.776035][    T8] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  409.799530][    T8] usb 5-1: Manufacturer: syz
[  409.858585][    T8] usb 5-1: config 0 descriptor??
[  410.998831][    T8] rc_core: IR keymap rc-hauppauge not found
[  412.287159][    T8] Registered IR keymap rc-empty
[  412.309809][    T8] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  412.777127][    T8] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input10
[  414.009238][    T8] usb 5-1: USB disconnect, device number 7
[  414.137773][ T7440] syz.1.333: attempt to access beyond end of device
[  414.137773][ T7440] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[  414.159161][ T7440] syz.1.333: attempt to access beyond end of device
[  414.159161][ T7440] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0
[  414.198580][ T7440] Mount JFS Failure: -5
[  414.206804][ T7440] jfs_mount failed w/return code = -5
[  414.851608][ T5228] cp210x 1-1:0.0: failed to get vendor val 0x370c size 15: -110
[  414.859362][ T5228] cp210x 1-1:0.0: GPIO initialisation failed: -110
[  414.885082][ T5228] usb 1-1: cp210x converter now attached to ttyUSB0
[  415.740610][   T29] audit: type=1400 audit(1723417973.143:290): avc:  denied  { setopt } for  pid=7447 comm="syz.3.337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  415.825517][   T29] audit: type=1400 audit(1723417973.843:291): avc:  denied  { read } for  pid=7445 comm="syz.1.336" name="usbmon6" dev="devtmpfs" ino=725 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  415.868015][   T29] audit: type=1400 audit(1723417973.843:292): avc:  denied  { open } for  pid=7445 comm="syz.1.336" path="/dev/usbmon6" dev="devtmpfs" ino=725 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  415.898729][   T29] audit: type=1400 audit(1723417973.863:293): avc:  denied  { read write } for  pid=7445 comm="syz.1.336" name="raw-gadget" dev="devtmpfs" ino=734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  415.964027][   T29] audit: type=1400 audit(1723417973.863:294): avc:  denied  { open } for  pid=7445 comm="syz.1.336" path="/dev/raw-gadget" dev="devtmpfs" ino=734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  415.990839][   T29] audit: type=1400 audit(1723417973.863:295): avc:  denied  { ioctl } for  pid=7445 comm="syz.1.336" path="/dev/raw-gadget" dev="devtmpfs" ino=734 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  416.015748][ T5296] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  416.161473][ T7458] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  416.161473][ T7458]    program syz.3.339 not setting count and/or reply_len properly
[  416.216458][ T5296] usb 2-1: Using ep0 maxpacket: 8
[  416.242495][ T5296] usb 2-1: config 0 has an invalid interface number: 165 but max is 0
[  416.261070][ T6671] usb 1-1: USB disconnect, device number 8
[  416.266002][ T5296] usb 2-1: config 0 has an invalid descriptor of length 139, skipping remainder of the config
[  416.300075][ T6671] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  416.336132][ T5296] usb 2-1: config 0 has no interface number 0
[  416.346988][ T6671] cp210x 1-1:0.0: device disconnected
[  416.385539][ T5296] usb 2-1: config 0 interface 165 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  416.682472][ T5296] usb 2-1: New USB device found, idVendor=ce40, idProduct=2497, bcdDevice=26.6b
[  416.952471][ T5296] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.984871][ T7460] netlink: 6 bytes leftover after parsing attributes in process `syz.4.340'.
[  417.010262][ T5296] usb 2-1: config 0 descriptor??
[  417.027010][ T5296] hub 2-1:0.165: bad descriptor, ignoring hub
[  417.034944][ T5296] hub 2-1:0.165: probe with driver hub failed with error -5
[  417.308349][ T7468] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  417.308349][ T7468]    program syz.3.342 not setting count and/or reply_len properly
[  417.485730][ T7472] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  417.485730][ T7472]    program syz.4.343 not setting count and/or reply_len properly
[  418.540127][ T7483] syz.3.345: attempt to access beyond end of device
[  418.540127][ T7483] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[  418.554598][ T7483] syz.3.345: attempt to access beyond end of device
[  418.554598][ T7483] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0
[  418.576206][ T7483] Mount JFS Failure: -5
[  418.596630][ T7483] jfs_mount failed w/return code = -5
[  419.368252][ T7489] syz.2.347: attempt to access beyond end of device
[  419.368252][ T7489] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  419.382258][ T7489] syz.2.347: attempt to access beyond end of device
[  419.382258][ T7489] nbd2: rw=0, sector=120, nr_sectors = 8 limit=0
[  419.396937][ T7489] Mount JFS Failure: -5
[  419.401561][ T7489] jfs_mount failed w/return code = -5
[  419.514733][ T6671] usb 2-1: USB disconnect, device number 2
[  420.332324][   T29] audit: type=1326 audit(1723417978.443:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7478 comm="syz.4.346" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4a495779f9 code=0x0
[  420.530496][   T47] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  420.668158][ T7508] Bluetooth: MGMT ver 1.23
[  420.674636][   T29] audit: type=1400 audit(1723417978.783:297): avc:  denied  { write } for  pid=7495 comm="syz.1.349" path="socket:[22060]" dev="sockfs" ino=22060 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  420.788554][   T47] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  420.817056][   T47] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  420.839068][   T47] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  420.878506][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  420.890275][   T29] audit: type=1400 audit(1723417978.983:298): avc:  denied  { create } for  pid=7495 comm="syz.1.349" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  420.979816][   T47] usb 3-1: SerialNumber: syz
[  421.227827][   T47] usb 3-1: 0:2 : does not exist
[  421.289568][   T47] usb 3-1: USB disconnect, device number 4
[  421.431566][ T7084] udevd[7084]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  422.226214][ T7516] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  422.226214][ T7516]    program syz.4.353 not setting count and/or reply_len properly
[  422.460816][ T7525] netlink: 8 bytes leftover after parsing attributes in process `syz.2.355'.
[  423.425680][ T7527] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  423.425680][ T7527]    program syz.3.356 not setting count and/or reply_len properly
[  423.572340][   T29] audit: type=1400 audit(1723417981.653:299): avc:  denied  { open } for  pid=7528 comm="syz.1.357" path="/dev/ptyq6" dev="devtmpfs" ino=127 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  423.672096][   T29] audit: type=1400 audit(1723417981.653:300): avc:  denied  { ioctl } for  pid=7528 comm="syz.1.357" path="/dev/ptyq6" dev="devtmpfs" ino=127 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  424.170427][ T7543] syz.0.360: attempt to access beyond end of device
[  424.170427][ T7543] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[  424.194905][ T7543] syz.0.360: attempt to access beyond end of device
[  424.194905][ T7543] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0
[  424.211097][ T7543] Mount JFS Failure: -5
[  424.216191][ T7543] jfs_mount failed w/return code = -5
[  424.614845][ T7552] syz.1.361: attempt to access beyond end of device
[  424.614845][ T7552] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[  424.683004][ T7552] syz.1.361: attempt to access beyond end of device
[  424.683004][ T7552] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0
[  424.757934][ T7552] Mount JFS Failure: -5
[  426.294824][ T7556] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64
[  427.520591][ T7556] audit: out of memory in audit_log_start
[  427.526314][ T7552] jfs_mount failed w/return code = -5
[  429.483607][ T7585] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  429.483607][ T7585]    program syz.3.369 not setting count and/or reply_len properly
[  429.590719][ T5271] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  429.781525][ T5271] usb 1-1: Using ep0 maxpacket: 32
[  429.808249][ T5271] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  429.848748][ T5271] usb 1-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[  429.886314][ T5271] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  429.928044][ T5271] usb 1-1: config 0 descriptor??
[  430.363108][ T5271] hid-rmi 0003:0461:4E72.0002: unknown main item tag 0x0
[  430.413214][ T5271] hid-rmi 0003:0461:4E72.0002: unknown main item tag 0x0
[  430.457116][   T47] IPVS: starting estimator thread 0...
[  430.465853][ T5271] hid-rmi 0003:0461:4E72.0002: unknown main item tag 0x0
[  430.490327][ T5271] hid-rmi 0003:0461:4E72.0002: unknown main item tag 0x0
[  430.516305][ T5271] hid-rmi 0003:0461:4E72.0002: unknown main item tag 0x0
[  430.570562][ T7602] IPVS: using max 21 ests per chain, 50400 per kthread
[  430.627454][ T5271] hid-rmi 0003:0461:4E72.0002: hidraw0: USB HID v0.00 Device [HID 0461:4e72] on usb-dummy_hcd.0-1/input0
[  430.767890][ T5271] usb 1-1: USB disconnect, device number 9
[  431.999490][ T7616] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  431.999490][ T7616]    program syz.0.373 not setting count and/or reply_len properly
[  437.205466][ T7633] syz.4.378 (7633): drop_caches: 2
[  437.211060][ T7633] syz.4.378 (7633): drop_caches: 2
[  437.491223][ T7635] syz.2.377: attempt to access beyond end of device
[  437.491223][ T7635] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  437.618787][ T7635] syz.2.377: attempt to access beyond end of device
[  437.618787][ T7635] nbd2: rw=0, sector=120, nr_sectors = 8 limit=0
[  437.662050][ T7635] Mount JFS Failure: -5
[  438.688514][ T7635] jfs_mount failed w/return code = -5
[  438.748666][   T29] audit: type=1400 audit(1723417996.823:301): avc:  denied  { read } for  pid=7639 comm="syz.1.380" name="nvram" dev="devtmpfs" ino=625 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  438.898157][   T29] audit: type=1400 audit(1723417996.823:302): avc:  denied  { open } for  pid=7639 comm="syz.1.380" path="/dev/nvram" dev="devtmpfs" ino=625 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  439.149457][   T29] audit: type=1400 audit(1723417997.263:303): avc:  denied  { ioctl } for  pid=7639 comm="syz.1.380" path="/dev/nvram" dev="devtmpfs" ino=625 ioctlcmd=0x7041 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  439.442320][ T7659] syz.4.381 uses obsolete (PF_INET,SOCK_PACKET)
[  440.109783][ T7665] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=7665 comm=syz.1.385
[  440.686956][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  440.693654][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  441.692304][ T7675] syz.1.387: attempt to access beyond end of device
[  441.692304][ T7675] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[  441.705999][ T7675] syz.1.387: attempt to access beyond end of device
[  441.705999][ T7675] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0
[  441.773565][ T7675] Mount JFS Failure: -5
[  441.778354][ T7675] jfs_mount failed w/return code = -5
[  442.183348][   T29] audit: type=1400 audit(1723418000.223:304): avc:  denied  { create } for  pid=7672 comm="syz.2.388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  442.311890][   T29] audit: type=1400 audit(1723418000.223:305): avc:  denied  { write } for  pid=7672 comm="syz.2.388" name="tcp6" dev="proc" ino=4026533804 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  442.415046][   T29] audit: type=1400 audit(1723418000.233:306): avc:  denied  { create } for  pid=7672 comm="syz.2.388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  442.466434][   T29] audit: type=1400 audit(1723418000.233:307): avc:  denied  { bind } for  pid=7672 comm="syz.2.388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  445.541427][   T47] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  445.853703][   T47] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  445.866389][   T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.911605][   T47] usb 4-1: config 0 descriptor??
[  446.104667][ T7697] syz.2.395 (7697): drop_caches: 2
[  446.117253][ T7697] syz.2.395 (7697): drop_caches: 2
[  446.224228][   T47] cp210x 4-1:0.0: cp210x converter detected
[  448.497787][   T47] cp210x 4-1:0.0: failed to get vendor val 0x370b size 1: -71
[  448.736574][   T47] cp210x 4-1:0.0: querying part number failed
[  449.524315][   T47] usb 4-1: cp210x converter now attached to ttyUSB0
[  449.608555][   T47] usb 4-1: USB disconnect, device number 5
[  449.684018][   T47] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  449.745505][   T47] cp210x 4-1:0.0: device disconnected
[  450.803004][ T7713] syz.2.398: attempt to access beyond end of device
[  450.803004][ T7713] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  450.816085][ T7713] syz.2.398: attempt to access beyond end of device
[  450.816085][ T7713] nbd2: rw=0, sector=120, nr_sectors = 8 limit=0
[  450.837421][ T7713] Mount JFS Failure: -5
[  450.841973][ T7713] jfs_mount failed w/return code = -5
[  452.058365][ T7719] syz.1.402: attempt to access beyond end of device
[  452.058365][ T7719] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[  452.100755][ T7719] syz.1.402: attempt to access beyond end of device
[  452.100755][ T7719] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0
[  452.232965][ T7719] Mount JFS Failure: -5
[  452.267944][ T7719] jfs_mount failed w/return code = -5
[  452.422840][   T29] audit: type=1400 audit(1723418010.533:308): avc:  denied  { name_connect } for  pid=7725 comm="syz.3.403" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  452.664456][   T29] audit: type=1400 audit(1723418010.783:309): avc:  denied  { connect } for  pid=7725 comm="syz.3.403" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  452.772230][ T7728] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  452.790552][   T29] audit: type=1400 audit(1723418010.893:310): avc:  denied  { ioctl } for  pid=7725 comm="syz.3.403" path="socket:[22462]" dev="sockfs" ino=22462 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  452.882566][   T56] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  452.923075][   T56] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  452.939063][   T56] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  452.962557][   T56] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  452.974276][   T56] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  452.982460][   T56] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  455.229518][ T5236] Bluetooth: hci1: command tx timeout
[  456.261451][ T5238] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  456.272108][ T5238] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  456.291203][ T5238] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  456.310612][ T5238] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  456.347712][ T5238] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  456.361106][ T5238] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  457.240625][ T5236] Bluetooth: hci1: command tx timeout
[  457.634577][   T54] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.378393][ T7730] chnl_net:caif_netlink_parms(): no params data found
[  458.428210][   T54] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.460491][ T5236] Bluetooth: hci2: command tx timeout
[  459.511777][ T5236] Bluetooth: hci1: command tx timeout
[  459.663925][   T54] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  461.315991][ T7776] sched: RT throttling activated
[  461.561913][ T5238] Bluetooth: hci1: command tx timeout
[  461.569565][ T5238] Bluetooth: hci2: command tx timeout
[  461.827701][   T54] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  462.548181][ T7787] syz.2.416: attempt to access beyond end of device
[  462.548181][ T7787] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  462.660758][ T7787] syz.2.416: attempt to access beyond end of device
[  462.660758][ T7787] nbd2: rw=0, sector=120, nr_sectors = 8 limit=0
[  462.686651][ T7787] Mount JFS Failure: -5
[  462.710651][ T7787] jfs_mount failed w/return code = -5
[  462.803454][ T7730] bridge0: port 1(bridge_slave_0) entered blocking state
[  462.818445][ T7730] bridge0: port 1(bridge_slave_0) entered disabled state
[  462.827597][ T7730] bridge_slave_0: entered allmulticast mode
[  462.848370][ T7730] bridge_slave_0: entered promiscuous mode
[  462.866099][ T7730] bridge0: port 2(bridge_slave_1) entered blocking state
[  462.883792][ T7730] bridge0: port 2(bridge_slave_1) entered disabled state
[  462.894516][ T7730] bridge_slave_1: entered allmulticast mode
[  462.913306][ T7730] bridge_slave_1: entered promiscuous mode
[  463.333066][ T7730] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  463.691638][ T5228] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  469.450781][ T5238] Bluetooth: hci2: command tx timeout
[  469.450982][ T7804] raw-gadget.0 gadget.3: fail, usb_ep_queue returned -108
[  469.558012][ T7730] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  469.590546][ T5228] usb 4-1: device descriptor read/64, error -110
[  469.769782][   T29] audit: type=1326 audit(1723418027.883:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7810 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f408b5779f9 code=0x7ffc0000
[  469.809686][   T29] audit: type=1326 audit(1723418027.923:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7810 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f408b5779f9 code=0x7ffc0000
[  469.920510][ T5228] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  470.138723][ T7730] team0: Port device team_slave_0 added
[  470.884331][ T7730] team0: Port device team_slave_1 added
[  471.054660][ T7748] chnl_net:caif_netlink_parms(): no params data found
[  471.086746][   T54] bridge_slave_1: left allmulticast mode
[  471.092810][   T54] bridge_slave_1: left promiscuous mode
[  471.108872][   T54] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.121579][   T54] bridge_slave_0: left allmulticast mode
[  471.127268][   T54] bridge_slave_0: left promiscuous mode
[  471.152490][   T54] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.402908][ T5228] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  471.480565][ T5236] Bluetooth: hci2: command tx timeout
[  471.600473][ T5228] usb 4-1: Using ep0 maxpacket: 8
[  471.620045][ T5228] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  471.640837][ T5228] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  471.678243][ T5228] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  471.711613][ T5228] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  471.740522][ T5228] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  471.763874][ T5228] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  472.021089][ T5228] usb 4-1: GET_CAPABILITIES returned 0
[  472.026656][ T5228] usbtmc 4-1:16.0: can't read capabilities
[  472.234851][   T29] audit: type=1400 audit(1723418030.343:313): avc:  denied  { write } for  pid=7827 comm="syz.3.425" name="usbtmc0" dev="devtmpfs" ino=2438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  472.314623][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.358993][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.368132][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.400988][   T54] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  472.403897][    C0] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.418611][    C0] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.427709][    C0] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.483216][   T54] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  472.493555][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.504039][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.553022][   T54] bond0 (unregistering): Released all slaves
[  472.562344][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.571462][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.591725][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.600856][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.610136][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.620037][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.629154][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.638375][    C1] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  472.683972][   T53] usb 4-1: USB disconnect, device number 8
[  472.749333][ T7730] batman_adv: batadv0: Adding interface: batadv_slave_0
[  472.769875][ T7730] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  472.809248][ T7730] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  472.946256][ T7730] batman_adv: batadv0: Adding interface: batadv_slave_1
[  472.964642][ T7730] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  473.008015][   T29] audit: type=1400 audit(1723418031.123:314): avc:  denied  { search } for  pid=4652 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  473.020404][ T7730] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  474.470636][ T7834] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  474.536611][ T7730] hsr_slave_0: entered promiscuous mode
[  474.575892][ T7730] hsr_slave_1: entered promiscuous mode
[  474.620910][ T7730] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  474.628662][ T7730] Cannot create hsr debugfs directory
[  474.762639][ T7847] syz.2.429: attempt to access beyond end of device
[  474.762639][ T7847] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  474.775701][ T7847] syz.2.429: attempt to access beyond end of device
[  474.775701][ T7847] nbd2: rw=0, sector=120, nr_sectors = 8 limit=0
[  474.789621][ T7847] Mount JFS Failure: -5
[  474.794134][ T7847] jfs_mount failed w/return code = -5
[  474.868580][   T54] hsr_slave_0: left promiscuous mode
[  474.875291][   T54] hsr_slave_1: left promiscuous mode
[  474.882736][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  474.902591][   T54] batman_adv: batadv0: Removing interface: batadv_slave_0
[  474.935982][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  474.964601][   T54] batman_adv: batadv0: Removing interface: batadv_slave_1
[  475.045008][   T54] veth1_macvtap: left promiscuous mode
[  475.051617][   T54] veth0_macvtap: left promiscuous mode
[  475.057338][   T54] veth1_vlan: left promiscuous mode
[  475.063155][   T54] veth0_vlan: left promiscuous mode
[  475.431315][   T47] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  475.704045][   T47] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  475.753831][   T47] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  476.038861][   T47] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  476.642240][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  476.660464][   T47] usb 3-1: SerialNumber: syz
[  477.153839][   T47] usb 3-1: 0:2 : does not exist
[  477.202194][   T47] usb 3-1: USB disconnect, device number 6
[  477.274224][ T7813] udevd[7813]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  477.604467][   T54] team0 (unregistering): Port device team_slave_1 removed
[  477.656953][   T54] team0 (unregistering): Port device team_slave_0 removed
[  478.523234][ T7869] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7869 comm=syz.2.435
[  479.066335][ T7748] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.075844][ T7748] bridge0: port 1(bridge_slave_0) entered disabled state
[  479.086026][ T7748] bridge_slave_0: entered allmulticast mode
[  479.101545][ T7748] bridge_slave_0: entered promiscuous mode
[  479.123475][ T7748] bridge0: port 2(bridge_slave_1) entered blocking state
[  479.132556][ T7748] bridge0: port 2(bridge_slave_1) entered disabled state
[  479.139902][ T7748] bridge_slave_1: entered allmulticast mode
[  479.147362][ T7748] bridge_slave_1: entered promiscuous mode
[  480.544037][ T7748] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  480.690670][ T7748] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  480.735899][   T29] audit: type=1326 audit(1723418038.853:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7881 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67beb779f9 code=0x7ffc0000
[  480.856718][   T29] audit: type=1326 audit(1723418038.883:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7881 comm="syz.2.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f67beb779f9 code=0x7ffc0000
[  480.962577][   T29] audit: type=1326 audit(1723418039.083:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7872 comm="syz.1.436" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f408b5779f9 code=0x0
[  480.989421][ T7895] syz.3.439: attempt to access beyond end of device
[  480.989421][ T7895] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[  481.029885][ T7748] team0: Port device team_slave_0 added
[  481.103105][ T7895] syz.3.439: attempt to access beyond end of device
[  481.103105][ T7895] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0
[  481.135729][ T7895] Mount JFS Failure: -5
[  481.140182][ T7895] jfs_mount failed w/return code = -5
[  481.223092][ T7748] team0: Port device team_slave_1 added
[  481.555553][ T7730] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  481.598845][ T7748] batman_adv: batadv0: Adding interface: batadv_slave_0
[  481.623692][ T7748] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  481.730808][ T7748] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  481.773423][ T7748] batman_adv: batadv0: Adding interface: batadv_slave_1
[  481.799051][ T7748] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  481.877270][ T7748] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  481.940247][ T7730] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.138464][ T7730] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.216453][ T7748] hsr_slave_0: entered promiscuous mode
[  483.255654][ T7748] hsr_slave_1: entered promiscuous mode
[  483.297787][ T7748] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  483.315835][ T7748] Cannot create hsr debugfs directory
[  483.432073][ T7730] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  484.320610][ T7918] IPVS: sync thread started: state = BACKUP, mcast_ifn = team0, syncid = 2, id = 0
[  484.398811][   T29] audit: type=1400 audit(1723418042.513:318): avc:  denied  { ioctl } for  pid=7913 comm="syz.2.443" path="socket:[23035]" dev="sockfs" ino=23035 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  486.375546][ T7730] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  486.460991][ T7730] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  487.123998][ T7730] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  487.245392][ T7730] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  487.251280][ T7946] syz.3.448 (7946): drop_caches: 2
[  487.260875][ T7946] syz.3.448 (7946): drop_caches: 2
[  487.521324][ T7952] syz.1.449: attempt to access beyond end of device
[  487.521324][ T7952] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[  487.576567][ T7952] syz.1.449: attempt to access beyond end of device
[  487.576567][ T7952] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0
[  487.695555][ T7952] Mount JFS Failure: -5
[  487.714002][ T7952] jfs_mount failed w/return code = -5
[  488.248406][ T7730] 8021q: adding VLAN 0 to HW filter on device bond0
[  488.308166][ T7748] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  488.349341][ T7748] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  488.381971][ T7748] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  488.416053][ T7748] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  488.456621][ T7730] 8021q: adding VLAN 0 to HW filter on device team0
[  488.489428][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[  488.496677][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[  488.569175][ T7959] pim6reg1: entered promiscuous mode
[  488.607262][ T7959] pim6reg1: entered allmulticast mode
[  488.652281][   T54] bridge0: port 2(bridge_slave_1) entered blocking state
[  488.659770][   T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[  488.844165][ T5238] Bluetooth: hci0: command 0x0406 tx timeout
[  490.259360][ T7748] 8021q: adding VLAN 0 to HW filter on device bond0
[  490.303985][ T7748] 8021q: adding VLAN 0 to HW filter on device team0
[  490.649483][ T2922] bridge0: port 1(bridge_slave_0) entered blocking state
[  490.656894][ T2922] bridge0: port 1(bridge_slave_0) entered forwarding state
[  491.151000][ T2922] bridge0: port 2(bridge_slave_1) entered blocking state
[  491.158217][ T2922] bridge0: port 2(bridge_slave_1) entered forwarding state
[  491.521145][ T7986] syz.3.454: attempt to access beyond end of device
[  491.521145][ T7986] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[  491.537292][ T7986] syz.3.454: attempt to access beyond end of device
[  491.537292][ T7986] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0
[  491.550527][ T7986] Mount JFS Failure: -5
[  491.555074][ T7986] jfs_mount failed w/return code = -5
[  491.846251][ T7992] syz.2.455: attempt to access beyond end of device
[  491.846251][ T7992] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  491.863280][ T7992] syz.2.455: attempt to access beyond end of device
[  491.863280][ T7992] nbd2: rw=0, sector=120, nr_sectors = 8 limit=0
[  491.876455][ T7992] Mount JFS Failure: -5
[  491.882814][ T7992] jfs_mount failed w/return code = -5
[  492.679114][ T7730] 8021q: adding VLAN 0 to HW filter on device batadv0
[  492.743963][ T8004] IPVS: sync thread started: state = BACKUP, mcast_ifn = team0, syncid = 2, id = 0
[  492.750573][ T8002] IPVS: stopping backup sync thread 8004 ...
[  492.781914][ T8001] syz.2.458: attempt to access beyond end of device
[  492.781914][ T8001] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  492.853024][ T8001] syz.2.458: attempt to access beyond end of device
[  492.853024][ T8001] nbd2: rw=0, sector=120, nr_sectors = 8 limit=0
[  492.886128][ T8001] Mount JFS Failure: -5
[  492.892456][ T8001] jfs_mount failed w/return code = -5
[  493.030187][ T7730] veth0_vlan: entered promiscuous mode
[  493.083919][ T7730] veth1_vlan: entered promiscuous mode
[  493.376354][ T7730] veth0_macvtap: entered promiscuous mode
[  493.451123][ T7748] 8021q: adding VLAN 0 to HW filter on device batadv0
[  493.504535][ T7730] veth1_macvtap: entered promiscuous mode
[  493.642412][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  493.727742][   T29] audit: type=1326 audit(1723418051.843:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8015 comm="syz.2.460" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f67beb779f9 code=0x0
[  493.756417][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  493.832483][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  493.844507][   T29] audit: type=1326 audit(1723418051.953:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8013 comm="syz.3.459" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f511d1779f9 code=0x0
[  493.908180][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  493.934018][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  493.947162][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  493.958538][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  493.978121][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  494.013954][ T7730] batman_adv: batadv0: Interface activated: batadv_slave_0
[  494.041779][ T5236] Bluetooth: hci4: command 0x0406 tx timeout
[  494.087979][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  494.116922][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  494.131269][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  494.142863][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  494.153228][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  494.164333][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  494.215498][ T7730] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  494.284708][ T7730] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  494.342664][ T7730] batman_adv: batadv0: Interface activated: batadv_slave_1
[  494.416700][ T7730] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  494.500468][ T7730] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  494.525169][ T7730] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  494.553063][ T7730] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  496.027050][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  496.097304][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  496.190313][ T7748] veth0_vlan: entered promiscuous mode
[  496.259311][ T8065] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  496.274095][   T29] audit: type=1400 audit(1723418054.393:321): avc:  denied  { getopt } for  pid=8054 comm="syz.1.465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  496.312394][   T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  496.328184][   T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  496.348462][ T7748] veth1_vlan: entered promiscuous mode
[  496.526253][ T7748] veth0_macvtap: entered promiscuous mode
[  496.644330][ T7748] veth1_macvtap: entered promiscuous mode
[  496.713322][   T53] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  496.811601][ T7748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  496.876912][ T7748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  496.886844][ T7748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  496.897446][ T7748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  496.907754][ T7748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  496.918630][ T7748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  496.948129][   T53] usb 3-1: config 0 interface 0 has no altsetting 0
[  496.958695][ T7748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  496.968538][   T53] usb 3-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  496.988137][ T7748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.009734][ T7748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  497.025052][   T53] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  497.038254][ T7748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.072505][   T53] usb 3-1: config 0 descriptor??
[  497.089703][ T7748] batman_adv: batadv0: Interface activated: batadv_slave_0
[  497.150673][ T7748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  497.178256][ T7748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.209576][ T7748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  497.239552][ T7748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.266698][ T7748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  497.289012][ T7748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.310208][ T7748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  497.352342][ T7748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.378258][ T7748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  497.442563][ T7748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  497.501855][ T7748] batman_adv: batadv0: Interface activated: batadv_slave_1
[  497.562445][ T7748] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  497.578815][ T7748] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  497.620395][ T7748] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  497.654594][ T7748] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  497.663374][   T53]  (null): keene_cmd_main failed (-110)
[  497.693139][   T53] video4linux radio32: keene_cmd_main failed (-32)
[  497.699710][   T53] radio-keene 3-1:0.0: V4L2 device registered as radio32
[  498.172877][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  498.234947][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  498.410894][   T29] audit: type=1326 audit(1723418056.523:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8086 comm="syz.0.469" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcf5b9779f9 code=0x0
[  498.472989][ T8095] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=8095 comm=syz.1.468
[  498.514639][ T2499] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  498.544370][ T2499] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  498.632696][ T8088] netlink: 4 bytes leftover after parsing attributes in process `syz.2.467'.
[  498.643894][ T8088] netlink: 4 bytes leftover after parsing attributes in process `syz.2.467'.
[  498.655978][ T8088] netlink: 36 bytes leftover after parsing attributes in process `syz.2.467'.
[  500.505487][ T5271] usb 3-1: USB disconnect, device number 7
[  502.128416][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  502.139583][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  503.360778][   T29] audit: type=1326 audit(1723418061.473:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8112 comm="syz.3.471" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f511d1779f9 code=0x0
[  503.954347][ T5236] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  505.984922][ T8140] netlink: 6 bytes leftover after parsing attributes in process `syz.4.478'.
[  507.291281][ T8159] rdma_op ffff88805e2ba1f0 conn xmit_rdma 0000000000000000
[  507.592135][ T8148] sctp: failed to load transform for md5: -2
[  507.737347][   T29] audit: type=1400 audit(1723418065.833:324): avc:  denied  { read } for  pid=8163 comm="syz.4.483" name="nullb0" dev="devtmpfs" ino=682 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  507.809305][   T29] audit: type=1400 audit(1723418065.833:325): avc:  denied  { open } for  pid=8163 comm="syz.4.483" path="/dev/nullb0" dev="devtmpfs" ino=682 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  507.847951][   T29] audit: type=1400 audit(1723418065.843:326): avc:  denied  { ioctl } for  pid=8163 comm="syz.4.483" path="/dev/nullb0" dev="devtmpfs" ino=682 ioctlcmd=0x1269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  508.858504][ T8175] syz.2.486: attempt to access beyond end of device
[  508.858504][ T8175] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  508.877673][ T8175] syz.2.486: attempt to access beyond end of device
[  508.877673][ T8175] nbd2: rw=0, sector=120, nr_sectors = 8 limit=0
[  508.891941][ T8175] Mount JFS Failure: -5
[  508.896227][ T8175] jfs_mount failed w/return code = -5
[  509.961114][ T8183] netlink: 6 bytes leftover after parsing attributes in process `syz.0.488'.
[  516.178419][ T8200] netlink: 8 bytes leftover after parsing attributes in process `syz.0.490'.
[  516.561121][ T8201] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  516.561121][ T8201]    program syz.2.489 not setting count and/or reply_len properly
[  517.211797][ T8207] syz.0.494: attempt to access beyond end of device
[  517.211797][ T8207] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[  517.253195][ T5296] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  517.304118][ T8207] syz.0.494: attempt to access beyond end of device
[  517.304118][ T8207] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0
[  517.472367][ T8207] Mount JFS Failure: -5
[  517.579774][ T8207] jfs_mount failed w/return code = -5
[  517.650117][ T5296] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  517.670521][ T5296] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  517.695933][ T5296] usb 5-1: config 0 descriptor??
[  517.764175][ T5296] cp210x 5-1:0.0: cp210x converter detected
[  518.105615][ T8215] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=8215 comm=syz.3.491
[  518.210585][ T5238] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  518.223411][ T5238] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  518.232458][ T5238] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  518.246385][ T5238] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  518.256644][ T5238] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  518.263648][ T8203] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  518.279769][ T5238] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  518.287899][ T8203] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  518.302023][ T6671] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  518.403752][ T5296] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32
[  518.502974][   T29] audit: type=1326 audit(1723418076.613:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8213 comm="syz.0.496" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcf5b9779f9 code=0x0
[  518.534672][ T6671] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[  518.552198][ T6671] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  518.582098][ T6671] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  518.597222][ T6671] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  518.610438][ T6671] usb 3-1: Manufacturer: syz
[  518.618878][ T6671] usb 3-1: config 0 descriptor??
[  518.937531][   T54] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  519.166066][ T6671] rc_core: IR keymap rc-hauppauge not found
[  519.174267][ T6671] Registered IR keymap rc-empty
[  519.181925][ T6671] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  519.206857][ T6671] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input11
[  520.360683][ T5238] Bluetooth: hci0: command tx timeout
[  521.223439][   T54] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  521.287434][ T5271] usb 3-1: USB disconnect, device number 8
[  521.439424][ T8221] chnl_net:caif_netlink_parms(): no params data found
[  521.677187][ T5296] cp210x 5-1:0.0: failed to get vendor val 0x370c size 15: -71
[  521.750459][ T5296] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  521.975673][ T5296] usb 5-1: cp210x converter now attached to ttyUSB0
[  522.207371][   T54] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  522.373132][ T5296] usb 5-1: USB disconnect, device number 8
[  522.481555][ T5238] Bluetooth: hci0: command tx timeout
[  522.517846][ T5296] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  522.562597][ T5296] cp210x 5-1:0.0: device disconnected
[  522.806884][   T29] audit: type=1400 audit(1723418080.923:328): avc:  denied  { ioctl } for  pid=8244 comm="syz.4.500" path="socket:[25058]" dev="sockfs" ino=25058 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  522.933757][   T54] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  522.944213][   T29] audit: type=1400 audit(1723418081.063:329): avc:  denied  { write } for  pid=8244 comm="syz.4.500" name="uinput" dev="devtmpfs" ino=837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  523.011228][   T29] audit: type=1400 audit(1723418081.093:330): avc:  denied  { ioctl } for  pid=8244 comm="syz.4.500" path="/dev/uinput" dev="devtmpfs" ino=837 ioctlcmd=0x5564 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  523.042275][ T8249] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  523.042275][ T8249]    program syz.0.499 not setting count and/or reply_len properly
[  523.048919][ T8255] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  523.048919][ T8255]    program syz.2.501 not setting count and/or reply_len properly
[  523.431081][ T8221] bridge0: port 1(bridge_slave_0) entered blocking state
[  523.570869][ T8221] bridge0: port 1(bridge_slave_0) entered disabled state
[  523.578474][ T8221] bridge_slave_0: entered allmulticast mode
[  524.524649][ T5238] Bluetooth: hci0: command tx timeout
[  525.272475][ T8221] bridge_slave_0: entered promiscuous mode
[  525.308883][ T8221] bridge0: port 2(bridge_slave_1) entered blocking state
[  525.328546][ T8221] bridge0: port 2(bridge_slave_1) entered disabled state
[  525.360564][ T8221] bridge_slave_1: entered allmulticast mode
[  525.397393][ T8221] bridge_slave_1: entered promiscuous mode
[  526.600553][ T5238] Bluetooth: hci0: command tx timeout
[  526.612503][ T8221] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  526.683927][   T29] audit: type=1400 audit(1723418084.793:331): avc:  denied  { ioctl } for  pid=8266 comm="syz.0.504" path="/dev/vhost-net" dev="devtmpfs" ino=1085 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  526.730959][ T8221] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  526.879773][   T29] audit: type=1400 audit(1723418084.803:332): avc:  denied  { create } for  pid=8266 comm="syz.0.504" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  528.210954][   T54] bridge_slave_1: left allmulticast mode
[  528.220037][   T54] bridge_slave_1: left promiscuous mode
[  528.226839][   T54] bridge0: port 2(bridge_slave_1) entered disabled state
[  528.295242][   T29] audit: type=1400 audit(1723418086.413:333): avc:  denied  { ioctl } for  pid=8283 comm="syz.3.507" path="/dev/rtc0" dev="devtmpfs" ino=838 ioctlcmd=0x7002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  528.379703][   T54] bridge_slave_0: left allmulticast mode
[  528.410824][   T54] bridge_slave_0: left promiscuous mode
[  528.443689][   T54] bridge0: port 1(bridge_slave_0) entered disabled state
[  530.788622][ T8291] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  530.860708][   T53] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  531.932976][   T54] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  531.981142][   T54] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  532.022552][   T54] bond0 (unregistering): Released all slaves
[  532.086066][ T8221] team0: Port device team_slave_0 added
[  532.187277][ T8221] team0: Port device team_slave_1 added
[  532.510631][ T8314] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=8314 comm=syz.0.511
[  532.555099][ T8221] batman_adv: batadv0: Adding interface: batadv_slave_0
[  532.604340][ T8221] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  532.666308][ T8318] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  532.666308][ T8318]    program syz.4.512 not setting count and/or reply_len properly
[  532.734384][ T8221] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  532.956807][ T8221] batman_adv: batadv0: Adding interface: batadv_slave_1
[  533.638253][ T8221] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  537.257674][ T8221] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  539.477174][   T54] hsr_slave_0: left promiscuous mode
[  539.630551][   T54] hsr_slave_1: left promiscuous mode
[  539.660169][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  539.708758][   T54] batman_adv: batadv0: Removing interface: batadv_slave_0
[  539.761764][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  539.805261][   T54] batman_adv: batadv0: Removing interface: batadv_slave_1
[  539.848323][ T8353] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  539.848323][ T8353]    program syz.4.519 not setting count and/or reply_len properly
[  539.984113][   T54] veth1_macvtap: left promiscuous mode
[  539.989719][   T54] veth0_macvtap: left promiscuous mode
[  540.031217][   T54] veth1_vlan: left promiscuous mode
[  540.036626][   T54] veth0_vlan: left promiscuous mode
[  540.147442][ T5236] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  540.159155][ T5236] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  540.167191][ T5236] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  540.186606][ T5236] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  540.196154][ T5236] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  540.229680][ T5236] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  542.286396][ T5238] Bluetooth: hci3: command tx timeout
[  542.593851][   T54] team0 (unregistering): Port device team_slave_1 removed
[  542.655483][   T54] team0 (unregistering): Port device team_slave_0 removed
[  544.363966][ T5238] Bluetooth: hci3: command tx timeout
[  546.459633][ T5238] Bluetooth: hci3: command tx timeout
[  546.513782][ T8221] hsr_slave_0: entered promiscuous mode
[  546.583361][ T8221] hsr_slave_1: entered promiscuous mode
[  546.619052][ T8221] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  546.670954][ T8221] Cannot create hsr debugfs directory
[  546.778067][ T8384] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  550.950421][ T5238] Bluetooth: hci3: command tx timeout
[  551.894889][ T5238] Bluetooth: hci4: Malformed LE Event: 0x0d
[  552.695447][   T29] audit: type=1400 audit(1723418110.813:334): avc:  denied  { setattr } for  pid=8391 comm="syz.2.528" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  552.730785][ T8398] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  552.730785][ T8398]    program syz.4.529 not setting count and/or reply_len properly
[  552.927672][   T29] audit: type=1400 audit(1723418111.043:335): avc:  denied  { setopt } for  pid=8391 comm="syz.2.528" laddr=224.0.0.1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  554.148407][   T54] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  554.253777][ T8355] chnl_net:caif_netlink_parms(): no params data found
[  554.427139][   T54] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  554.721538][   T54] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  556.022952][ T8438] FAULT_INJECTION: forcing a failure.
[  556.022952][ T8438] name failslab, interval 1, probability 0, space 0, times 0
[  556.061918][ T8438] CPU: 1 UID: 0 PID: 8438 Comm: syz.2.534 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0
[  556.072560][ T8438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  556.082643][ T8438] Call Trace:
[  556.085937][ T8438]  <TASK>
[  556.088878][ T8438]  dump_stack_lvl+0x16c/0x1f0
[  556.093597][ T8438]  should_fail_ex+0x497/0x5b0
[  556.098400][ T8438]  ? fs_reclaim_acquire+0xae/0x160
[  556.103534][ T8438]  should_failslab+0xc2/0x120
[  556.108240][ T8438]  __kmalloc_noprof+0xcb/0x400
[  556.113029][ T8438]  ? __pfx_lock_acquire+0x10/0x10
[  556.118094][ T8438]  tomoyo_realpath_from_path+0xb9/0x720
[  556.123681][ T8438]  ? tomoyo_profile+0x47/0x60
[  556.128388][ T8438]  tomoyo_path_number_perm+0x245/0x590
[  556.133883][ T8438]  ? tomoyo_path_number_perm+0x232/0x590
[  556.139539][ T8438]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  556.145557][ T8438]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  556.151570][ T8438]  ? __fget_files+0x256/0x400
[  556.156279][ T8438]  security_file_ioctl+0x75/0xc0
[  556.161246][ T8438]  __x64_sys_ioctl+0xbb/0x220
[  556.165953][ T8438]  do_syscall_64+0xcd/0x250
[  556.170486][ T8438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.176415][ T8438] RIP: 0033:0x7f67beb779f9
[  556.180848][ T8438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  556.200488][ T8438] RSP: 002b:00007f67bf9f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  556.208933][ T8438] RAX: ffffffffffffffda RBX: 00007f67bed05f80 RCX: 00007f67beb779f9
[  556.216928][ T8438] RDX: 0000000020000300 RSI: 0000000040305828 RDI: 0000000000000003
[  556.224920][ T8438] RBP: 00007f67bf9f0090 R08: 0000000000000000 R09: 0000000000000000
[  556.232916][ T8438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  556.240910][ T8438] R13: 0000000000000000 R14: 00007f67bed05f80 R15: 00007fffdb15c9a8
[  556.248907][ T8438]  </TASK>
[  556.270646][ T8221] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  556.281685][ T8438] ERROR: Out of memory at tomoyo_realpath_from_path.
[  556.315435][ T8221] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  556.357585][ T8221] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  556.424756][ T8221] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  556.458060][ T8355] bridge0: port 1(bridge_slave_0) entered blocking state
[  556.483921][ T8355] bridge0: port 1(bridge_slave_0) entered disabled state
[  556.503994][ T8355] bridge_slave_0: entered allmulticast mode
[  556.534008][ T8355] bridge_slave_0: entered promiscuous mode
[  556.772657][ T8355] bridge0: port 2(bridge_slave_1) entered blocking state
[  557.674584][ T8355] bridge0: port 2(bridge_slave_1) entered disabled state
[  557.733451][ T8355] bridge_slave_1: entered allmulticast mode
[  557.952045][ T8355] bridge_slave_1: entered promiscuous mode
[  557.997352][   T29] audit: type=1400 audit(1723418116.113:336): avc:  denied  { ioctl } for  pid=8448 comm="syz.2.537" path="socket:[25471]" dev="sockfs" ino=25471 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  558.036665][ T8449] rdma_op ffff88807d6639f0 conn xmit_rdma 0000000000000000
[  558.077958][   T29] audit: type=1400 audit(1723418116.153:337): avc:  denied  { connect } for  pid=8448 comm="syz.2.537" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  558.161536][   T29] audit: type=1400 audit(1723418116.153:338): avc:  denied  { write } for  pid=8448 comm="syz.2.537" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  558.292274][   T29] audit: type=1400 audit(1723418116.313:339): avc:  denied  { setopt } for  pid=8450 comm="syz.4.538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  558.397139][ T8462] netlink: 8 bytes leftover after parsing attributes in process `syz.0.539'.
[  558.466544][   T29] audit: type=1400 audit(1723418116.323:340): avc:  denied  { create } for  pid=8450 comm="syz.4.538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  559.083979][   T54] bridge_slave_1: left allmulticast mode
[  559.089688][   T54] bridge_slave_1: left promiscuous mode
[  559.098995][ T5274] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  559.122184][   T29] audit: type=1400 audit(1723418116.323:341): avc:  denied  { ioctl } for  pid=8450 comm="syz.4.538" path="socket:[25541]" dev="sockfs" ino=25541 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  559.161068][   T54] bridge0: port 2(bridge_slave_1) entered disabled state
[  559.193578][   T54] bridge_slave_0: left allmulticast mode
[  559.212903][   T54] bridge_slave_0: left promiscuous mode
[  559.227495][   T54] bridge0: port 1(bridge_slave_0) entered disabled state
[  559.312716][ T5274] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  559.344510][ T5274] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  559.385993][ T5274] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  559.408459][ T5274] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  559.430453][ T5274] usb 3-1: Product: syz
[  559.434671][ T5274] usb 3-1: Manufacturer: 抡֨顼쐼⃉ꝫ㧨㙘ܓ슪ꀥ⚃⶟墔蓼༣鴾Ꚑ儧홳ڋ쪗鸎
[  559.453051][ T5274] usb 3-1: SerialNumber: syz
[  559.675414][ T8475] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  559.675414][ T8475]    program syz.4.540 not setting count and/or reply_len properly
[  560.421075][   T54] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  560.459737][   T54] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  560.488064][   T54] bond0 (unregistering): Released all slaves
[  560.528640][ T8355] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  560.667264][ T8355] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  560.799959][ T5274] usb 3-1: 0:2 : does not exist
[  561.416814][ T5274] usb 3-1: USB disconnect, device number 9
[  561.718376][   T29] audit: type=1326 audit(1723418119.833:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8488 comm="syz.4.541" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f76427779f9 code=0x0
[  561.803475][ T8447] udevd[8447]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  562.050749][ T8355] team0: Port device team_slave_0 added
[  562.069809][ T8355] team0: Port device team_slave_1 added
[  562.543990][ T8355] batman_adv: batadv0: Adding interface: batadv_slave_0
[  562.572416][ T8355] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  562.647445][ T8355] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  562.690238][ T8355] batman_adv: batadv0: Adding interface: batadv_slave_1
[  563.076736][ T8355] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  563.576770][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[  563.583308][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[  563.835827][ T8355] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  563.982012][   T54] hsr_slave_0: left promiscuous mode
[  563.999136][   T54] hsr_slave_1: left promiscuous mode
[  564.038911][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  564.084928][   T54] batman_adv: batadv0: Removing interface: batadv_slave_0
[  564.122666][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  564.142831][   T54] batman_adv: batadv0: Removing interface: batadv_slave_1
[  564.257603][   T54] veth1_macvtap: left promiscuous mode
[  564.288840][   T54] veth0_macvtap: left promiscuous mode
[  564.330272][   T54] veth1_vlan: left promiscuous mode
[  564.343473][   T54] veth0_vlan: left promiscuous mode
[  570.782558][   T54] team0 (unregistering): Port device team_slave_1 removed
[  570.834376][   T54] team0 (unregistering): Port device team_slave_0 removed
[  571.657899][ T8355] hsr_slave_0: entered promiscuous mode
[  571.681933][ T8355] hsr_slave_1: entered promiscuous mode
[  571.710490][ T8355] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  571.733809][ T8355] Cannot create hsr debugfs directory
[  571.978119][ T8546] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  571.978119][ T8546]    program syz.4.549 not setting count and/or reply_len properly
[  573.211654][ T8221] 8021q: adding VLAN 0 to HW filter on device bond0
[  573.405869][ T8565] rdma_op ffff88805da201f0 conn xmit_rdma 0000000000000000
[  573.682820][ T8558] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  573.682820][ T8558]    program syz.2.551 not setting count and/or reply_len properly
[  573.794988][ T8221] 8021q: adding VLAN 0 to HW filter on device team0
[  573.903271][   T54] IPVS: stop unused estimator thread 0...
[  573.950066][ T1100] bridge0: port 1(bridge_slave_0) entered blocking state
[  573.957263][ T1100] bridge0: port 1(bridge_slave_0) entered forwarding state
[  574.053906][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state
[  574.061169][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state
[  575.881125][ T8589] syz.0.555: attempt to access beyond end of device
[  575.881125][ T8589] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[  575.905370][ T8589] syz.0.555: attempt to access beyond end of device
[  575.905370][ T8589] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0
[  575.919408][ T8589] Mount JFS Failure: -5
[  575.923791][ T8589] jfs_mount failed w/return code = -5
[  576.003961][ T5238] Bluetooth: hci1: command 0x0406 tx timeout
[  576.749242][ T8600] ceph: separator ':' missing in source
[  576.827123][ T5271] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  577.043993][ T5271] usb 3-1: config 1 has an invalid descriptor of length 134, skipping remainder of the config
[  577.069313][ T5271] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  577.111390][ T5271] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  577.181521][ T5271] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  577.211967][ T5271] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  577.250650][ T5271] usb 3-1: Product: syz
[  577.269736][ T5271] usb 3-1: Manufacturer: syz
[  577.291799][ T5271] usb 3-1: SerialNumber: syz
[  577.326406][ T8355] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  577.332431][ T5271] cdc_ncm 3-1:1.0: skipping garbage
[  577.361281][ T5271] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[  577.368161][ T5271] cdc_ncm 3-1:1.0: bind() failure
[  577.405623][ T8355] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  577.473490][ T8355] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  577.561722][ T8355] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  577.767897][ T8616] ceph: separator ':' missing in source
[  577.903054][ T8595] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  577.936302][ T8595] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  578.054121][ T8595] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  578.110780][ T8595] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  578.211957][ T8355] 8021q: adding VLAN 0 to HW filter on device bond0
[  578.228283][ T5238] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  578.240575][ T5238] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  578.251718][ T5238] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  578.262772][ T5238] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  578.271195][ T5238] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  578.278946][ T5238] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  578.689451][ T8355] 8021q: adding VLAN 0 to HW filter on device team0
[  580.361821][ T5236] Bluetooth: hci0: command tx timeout
[  581.000938][ T5236] Bluetooth: hci2: command 0x0406 tx timeout
[  582.440802][ T5236] Bluetooth: hci0: command tx timeout
[  583.294359][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[  583.301536][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[  583.330968][   T53] usb 3-1: USB disconnect, device number 10
[  583.797879][ T2499] bridge0: port 2(bridge_slave_1) entered blocking state
[  583.805066][ T2499] bridge0: port 2(bridge_slave_1) entered forwarding state
[  583.874697][ T8639] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  583.874697][ T8639]    program syz.0.561 not setting count and/or reply_len properly
[  583.944501][ T8641] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  583.944501][ T8641]    program syz.4.563 not setting count and/or reply_len properly
[  584.520988][ T5238] Bluetooth: hci0: command tx timeout
[  584.737625][ T8643] syz.2.562 (8643): drop_caches: 2
[  584.772612][ T1100] bridge_slave_1: left allmulticast mode
[  584.778299][ T1100] bridge_slave_1: left promiscuous mode
[  584.820399][ T1100] bridge0: port 2(bridge_slave_1) entered disabled state
[  584.922854][ T1100] bridge_slave_0: left allmulticast mode
[  584.928549][ T1100] bridge_slave_0: left promiscuous mode
[  584.946324][ T1100] bridge0: port 1(bridge_slave_0) entered disabled state
[  585.323444][   T29] audit: type=1326 audit(1723418143.443:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8650 comm="syz.0.564" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcf5b9779f9 code=0x0
[  585.430438][ T5304] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  585.678195][ T5304] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  585.688609][ T5304] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  585.705353][ T5304] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  585.730485][ T5304] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  585.749743][ T5304] usb 5-1: SerialNumber: syz
[  585.997243][ T5304] usb 5-1: 0:2 : does not exist
[  586.036858][ T5304] usb 5-1: USB disconnect, device number 9
[  586.195983][ T8631] udevd[8631]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  586.424979][ T1100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  586.492451][ T1100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  586.519117][ T1100] bond0 (unregistering): Released all slaves
[  586.590525][ T5276] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[  586.600809][ T5238] Bluetooth: hci0: command tx timeout
[  587.217495][ T1100] hsr_slave_0: left promiscuous mode
[  587.224924][ T5276] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  587.246626][ T5276] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  587.287651][ T5276] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  587.300898][ T1100] hsr_slave_1: left promiscuous mode
[  587.312135][ T5276] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  587.327614][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_0
[  587.341960][ T5276] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  587.353248][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_1
[  587.377269][ T8674] syz.4.568: attempt to access beyond end of device
[  587.377269][ T8674] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[  587.438940][ T5276] usb 3-1: config 0 descriptor??
[  587.452202][ T8674] syz.4.568: attempt to access beyond end of device
[  587.452202][ T8674] nbd4: rw=0, sector=120, nr_sectors = 8 limit=0
[  587.472957][ T8665] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  587.518851][ T8674] Mount JFS Failure: -5
[  587.524397][ T8674] jfs_mount failed w/return code = -5
[  588.503777][ T5276] usbhid 3-1:0.0: can't add hid device: -71
[  588.509776][ T5276] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  588.528400][ T1100] team0 (unregistering): Port device team_slave_1 removed
[  588.574935][ T5276] usb 3-1: USB disconnect, device number 11
[  588.703119][ T1100] team0 (unregistering): Port device team_slave_0 removed
[  589.471728][ T8682] syz.4.569: attempt to access beyond end of device
[  589.471728][ T8682] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[  589.504760][ T8682] syz.4.569: attempt to access beyond end of device
[  589.504760][ T8682] nbd4: rw=0, sector=120, nr_sectors = 8 limit=0
[  589.526773][ T8682] Mount JFS Failure: -5
[  589.532503][ T8682] jfs_mount failed w/return code = -5
[  590.334567][ T8621] chnl_net:caif_netlink_parms(): no params data found
[  590.378501][ T8668] netlink: 6 bytes leftover after parsing attributes in process `syz.0.567'.
[  590.404351][ T8355] 8021q: adding VLAN 0 to HW filter on device batadv0
[  590.649773][ T8691] FAULT_INJECTION: forcing a failure.
[  590.649773][ T8691] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  590.666026][   T29] audit: type=1400 audit(1723418148.763:344): avc:  denied  { bind } for  pid=8690 comm="syz.2.573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  590.688719][ T8691] CPU: 0 UID: 0 PID: 8691 Comm: syz.2.573 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0
[  590.699361][ T8691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  590.709444][ T8691] Call Trace:
[  590.712735][ T8691]  <TASK>
[  590.715670][ T8691]  dump_stack_lvl+0x16c/0x1f0
[  590.720362][ T8691]  should_fail_ex+0x497/0x5b0
[  590.725048][ T8691]  _copy_from_user+0x30/0xf0
[  590.729643][ T8691]  copy_msghdr_from_user+0x99/0x160
[  590.734845][ T8691]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  590.740664][ T8691]  ? find_held_lock+0x2d/0x110
[  590.745450][ T8691]  ? __pfx___lock_acquire+0x10/0x10
[  590.750659][ T8691]  ___sys_sendmsg+0xff/0x1e0
[  590.755252][ T8691]  ? __pfx____sys_sendmsg+0x10/0x10
[  590.760452][ T8691]  ? ksys_write+0x21c/0x260
[  590.764958][ T8691]  ? __fget_light+0x173/0x210
[  590.769643][ T8691]  __sys_sendmsg+0x117/0x1f0
[  590.774235][ T8691]  ? __pfx___sys_sendmsg+0x10/0x10
[  590.779351][ T8691]  do_syscall_64+0xcd/0x250
[  590.783865][ T8691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  590.789776][ T8691] RIP: 0033:0x7f67beb779f9
[  590.794193][ T8691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  590.813804][ T8691] RSP: 002b:00007f67bf9f0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  590.822221][ T8691] RAX: ffffffffffffffda RBX: 00007f67bed05f80 RCX: 00007f67beb779f9
[  590.830200][ T8691] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
[  590.838168][ T8691] RBP: 00007f67bf9f0090 R08: 0000000000000000 R09: 0000000000000000
[  590.846141][ T8691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  590.854115][ T8691] R13: 0000000000000000 R14: 00007f67bed05f80 R15: 00007fffdb15c9a8
[  590.862089][ T8691]  </TASK>
[  591.021077][ T8692] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  591.021077][ T8692]    program syz.4.572 not setting count and/or reply_len properly
[  591.395194][ T8621] bridge0: port 1(bridge_slave_0) entered blocking state
[  591.419177][ T8621] bridge0: port 1(bridge_slave_0) entered disabled state
[  591.563070][   T29] audit: type=1400 audit(1723418149.683:345): avc:  denied  { bind } for  pid=8708 comm="syz.0.576" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  592.235361][ T8621] bridge_slave_0: entered allmulticast mode
[  592.272577][ T8621] bridge_slave_0: entered promiscuous mode
[  592.407432][ T8621] bridge0: port 2(bridge_slave_1) entered blocking state
[  592.457103][ T8621] bridge0: port 2(bridge_slave_1) entered disabled state
[  592.489535][ T8621] bridge_slave_1: entered allmulticast mode
[  592.541910][ T8621] bridge_slave_1: entered promiscuous mode
[  592.738842][ T8621] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  592.812271][ T8621] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  593.622213][ T8355] veth0_vlan: entered promiscuous mode
[  593.745787][ T8621] team0: Port device team_slave_0 added
[  593.773394][ T8621] team0: Port device team_slave_1 added
[  593.800769][ T5276] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  593.837888][ T8355] veth1_vlan: entered promiscuous mode
[  593.917144][ T8621] batman_adv: batadv0: Adding interface: batadv_slave_0
[  593.930465][ T8621] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  593.987688][ T8621] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  594.018442][ T5276] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  594.091729][ T5276] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  594.123244][ T5276] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  594.176823][ T5276] usb 1-1: Product: syz
[  594.186594][ T8621] batman_adv: batadv0: Adding interface: batadv_slave_1
[  594.204128][ T5276] usb 1-1: Manufacturer: syz
[  594.208950][ T5276] usb 1-1: SerialNumber: syz
[  594.222244][ T8621] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  594.248752][ T8621] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  594.262230][ T5276] usb 1-1: config 0 descriptor??
[  594.275287][   T29] audit: type=1400 audit(1723418152.393:346): avc:  denied  { map } for  pid=8731 comm="syz.4.580" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  594.299637][ T8737] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=8737 comm=syz.2.581
[  594.387935][ T8621] hsr_slave_0: entered promiscuous mode
[  594.402769][ T8621] hsr_slave_1: entered promiscuous mode
[  594.409498][ T8621] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  594.428083][ T8621] Cannot create hsr debugfs directory
[  594.554313][ T8355] veth0_macvtap: entered promiscuous mode
[  594.577265][ T8355] veth1_macvtap: entered promiscuous mode
[  594.662087][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  594.682036][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  594.695547][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  594.707538][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  594.720408][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  594.739826][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  594.750841][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  594.769592][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  594.782777][ T8355] batman_adv: batadv0: Interface activated: batadv_slave_0
[  594.926019][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  594.980721][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  595.012349][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  595.024034][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  595.040371][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  595.063290][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  595.073301][ T8355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  595.113899][ T8355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  595.204519][ T8355] batman_adv: batadv0: Interface activated: batadv_slave_1
[  596.051524][ T8355] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  596.060465][ T8355] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  596.073743][ T8355] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  596.345402][ T8355] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  597.571504][ T6671] usb 1-1: USB disconnect, device number 10
[  598.093918][ T8775] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  598.093918][ T8775]    program syz.2.585 not setting count and/or reply_len properly
[  599.192226][ T5236] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  599.210956][ T5236] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  599.220110][ T5236] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  599.328892][ T5236] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  599.360720][ T5236] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  599.368306][ T5236] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  601.122512][ T8798] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=8798 comm=syz.2.591
[  601.491033][ T5238] Bluetooth: hci5: command tx timeout
[  602.517136][ T8809] kvm: emulating exchange as write
[  602.538638][ T2499] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  602.852761][   T53] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  603.203835][   T53] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  603.225272][   T53] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  603.241181][   T53] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  603.258739][   T53] usb 1-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00
[  603.268279][   T53] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  603.326496][   T53] usb 1-1: config 0 descriptor??
[  603.523151][ T2499] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  603.560594][ T5238] Bluetooth: hci5: command tx timeout
[  603.739225][ T2499] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  603.833892][   T53] hid-udraw 0003:20D6:CB17.0003: unbalanced delimiter at end of report description
[  603.903688][   T53] hid-udraw 0003:20D6:CB17.0003: parse failed
[  603.963497][   T53] hid-udraw 0003:20D6:CB17.0003: probe with driver hid-udraw failed with error -22
[  603.973242][ T8621] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  604.080878][   T53] usb 1-1: USB disconnect, device number 11
[  604.129021][ T8621] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  604.313749][ T2499] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  604.332055][   T29] audit: type=1400 audit(1723418162.453:347): avc:  denied  { create } for  pid=8824 comm="syz.4.598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  604.348082][ T8621] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  604.408622][ T8785] chnl_net:caif_netlink_parms(): no params data found
[  604.442444][ T8621] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  605.641019][ T5238] Bluetooth: hci5: command tx timeout
[  605.961870][   T29] audit: type=1400 audit(1723418164.073:348): avc:  denied  { ioctl } for  pid=8824 comm="syz.4.598" path="socket:[28538]" dev="sockfs" ino=28538 ioctlcmd=0x6611 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  606.006401][ T8832] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[  606.006401][ T8832]    program syz.2.599 not setting count and/or reply_len properly
[  606.088978][ T8836] netlink: 16 bytes leftover after parsing attributes in process `syz.0.600'.
[  606.497599][ T8785] bridge0: port 1(bridge_slave_0) entered blocking state
[  606.524706][ T8785] bridge0: port 1(bridge_slave_0) entered disabled state
[  606.545018][ T8785] bridge_slave_0: entered allmulticast mode
[  606.558738][ T8785] bridge_slave_0: entered promiscuous mode
[  607.424848][ T8785] bridge0: port 2(bridge_slave_1) entered blocking state
[  607.446388][ T8785] bridge0: port 2(bridge_slave_1) entered disabled state
[  607.454651][ T8785] bridge_slave_1: entered allmulticast mode
[  607.510940][ T8785] bridge_slave_1: entered promiscuous mode
[  607.592007][   T29] audit: type=1400 audit(1723418165.703:349): avc:  denied  { shutdown } for  pid=8856 comm="syz.0.603" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  607.742588][ T5238] Bluetooth: hci5: command tx timeout
[  607.926588][ T2499] bridge_slave_1: left allmulticast mode
[  607.937166][ T8860] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=8860 comm=syz.2.604
[  607.967476][ T2499] bridge_slave_1: left promiscuous mode
[  607.996622][ T2499] bridge0: port 2(bridge_slave_1) entered disabled state
[  608.343756][ T8868] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  608.352903][ T2499] bridge_slave_0: left allmulticast mode
[  608.353570][ T2499] bridge_slave_0: left promiscuous mode
[  608.355438][ T2499] bridge0: port 1(bridge_slave_0) entered disabled state
[  612.690749][ T5304] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  612.892698][ T5304] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  612.904775][ T5304] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  612.930593][ T5304] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  612.939839][ T5304] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.971317][ T5304] usb 5-1: config 0 descriptor??
[  612.991169][ T2499] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  613.020214][ T2499] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  613.036599][ T2499] bond0 (unregistering): Released all slaves
[  613.151444][ T8785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  613.232061][ T8866] 
[  613.234432][ T8866] ======================================================
[  613.241727][ T8866] WARNING: possible circular locking dependency detected
[  613.248752][ T8866] 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0 Not tainted
[  613.256044][ T8866] ------------------------------------------------------
[  613.263066][ T8866] syz.0.606/8866 is trying to acquire lock:
[  613.268963][ T8866] ffff88806bd80258 (sk_lock-AF_INET){+.+.}-{0:0}, at: sockopt_lock_sock+0x54/0x70
[  613.278228][ T8866] 
[  613.278228][ T8866] but task is already holding lock:
[  613.285599][ T8866] ffffffff8fa21de8 (rtnl_mutex){+.+.}-{3:3}, at: do_ip_setsockopt+0xf9/0x38b0
[  613.294526][ T8866] 
[  613.294526][ T8866] which lock already depends on the new lock.
[  613.294526][ T8866] 
[  613.304946][ T8866] 
[  613.304946][ T8866] the existing dependency chain (in reverse order) is:
[  613.313971][ T8866] 
[  613.313971][ T8866] -> #2 (rtnl_mutex){+.+.}-{3:3}:
[  613.321205][ T8866]        __mutex_lock+0x175/0x9c0
[  613.326259][ T8866]        ip_mc_drop_socket+0x9b/0x290
[  613.331668][ T8866]        inet_release+0xa3/0x280
[  613.336630][ T8866]        sock_release+0x8e/0x1d0
[  613.341599][ T8866]        stop_sync_thread+0x285/0x720
[  613.347002][ T8866]        do_ip_vs_set_ctl+0x4ec/0x11c0
[  613.352479][ T8866]        nf_setsockopt+0x8a/0xf0
[  613.357440][ T8866]        ip_setsockopt+0xcb/0xf0
[  613.362400][ T8866]        tcp_setsockopt+0xa4/0x100
[  613.367542][ T8866]        smc_setsockopt+0x1b4/0xa00
[  613.372771][ T8866]        do_sock_setsockopt+0x222/0x480
[  613.378341][ T8866]        __sys_setsockopt+0x1a4/0x270
[  613.383750][ T8866]        __x64_sys_setsockopt+0xbd/0x160
[  613.389401][ T8866]        do_syscall_64+0xcd/0x250
[  613.394457][ T8866]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  613.400917][ T8866] 
[  613.400917][ T8866] -> #1 (&smc->clcsock_release_lock){+.+.}-{3:3}:
[  613.409553][ T8866]        __mutex_lock+0x175/0x9c0
[  613.414608][ T8866]        smc_switch_to_fallback+0x2d/0xa00
[  613.420445][ T8866]        smc_sendmsg+0x13d/0x520
[  613.425417][ T8866]        __sys_sendto+0x47f/0x4e0
[  613.430483][ T8866]        __x64_sys_sendto+0xe0/0x1c0
[  613.435812][ T8866]        do_syscall_64+0xcd/0x250
[  613.440954][ T8866]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  613.447492][ T8866] 
[  613.447492][ T8866] -> #0 (sk_lock-AF_INET){+.+.}-{0:0}:
[  613.455176][ T8866]        __lock_acquire+0x24ed/0x3cb0
[  613.460557][ T8866]        lock_acquire+0x1b1/0x560
[  613.465587][ T8866]        lock_sock_nested+0x3a/0xf0
[  613.470791][ T8866]        sockopt_lock_sock+0x54/0x70
[  613.476083][ T8866]        do_ip_setsockopt+0x101/0x38b0
[  613.481545][ T8866]        ip_setsockopt+0x59/0xf0
[  613.486494][ T8866]        do_sock_setsockopt+0x222/0x480
[  613.492055][ T8866]        __sys_setsockopt+0x1a4/0x270
[  613.497447][ T8866]        __x64_sys_setsockopt+0xbd/0x160
[  613.503084][ T8866]        do_syscall_64+0xcd/0x250
[  613.508116][ T8866]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  613.514542][ T8866] 
[  613.514542][ T8866] other info that might help us debug this:
[  613.514542][ T8866] 
[  613.524760][ T8866] Chain exists of:
[  613.524760][ T8866]   sk_lock-AF_INET --> &smc->clcsock_release_lock --> rtnl_mutex
[  613.524760][ T8866] 
[  613.538320][ T8866]  Possible unsafe locking scenario:
[  613.538320][ T8866] 
[  613.545758][ T8866]        CPU0                    CPU1
[  613.551107][ T8866]        ----                    ----
[  613.556634][ T8866]   lock(rtnl_mutex);
[  613.560783][ T8866]                                lock(&smc->clcsock_release_lock);
[  613.568675][ T8866]                                lock(rtnl_mutex);
[  613.575174][ T8866]   lock(sk_lock-AF_INET);
[  613.579587][ T8866] 
[  613.579587][ T8866]  *** DEADLOCK ***
[  613.579587][ T8866] 
[  613.587720][ T8866] 1 lock held by syz.0.606/8866:
[  613.592650][ T8866]  #0: ffffffff8fa21de8 (rtnl_mutex){+.+.}-{3:3}, at: do_ip_setsockopt+0xf9/0x38b0
[  613.601970][ T8866] 
[  613.601970][ T8866] stack backtrace:
[  613.607846][ T8866] CPU: 0 UID: 0 PID: 8866 Comm: syz.0.606 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0
[  613.618430][ T8866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  613.628563][ T8866] Call Trace:
[  613.631842][ T8866]  <TASK>
[  613.634767][ T8866]  dump_stack_lvl+0x116/0x1f0
[  613.639453][ T8866]  check_noncircular+0x31a/0x400
[  613.644414][ T8866]  ? __pfx_check_noncircular+0x10/0x10
[  613.649873][ T8866]  ? lockdep_lock+0xc6/0x200
[  613.654456][ T8866]  ? __pfx_lockdep_lock+0x10/0x10
[  613.659486][ T8866]  __lock_acquire+0x24ed/0x3cb0
[  613.664338][ T8866]  ? __pfx___lock_acquire+0x10/0x10
[  613.669537][ T8866]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  613.674921][ T8866]  lock_acquire+0x1b1/0x560
[  613.679438][ T8866]  ? sockopt_lock_sock+0x54/0x70
[  613.684398][ T8866]  ? __pfx_lock_acquire+0x10/0x10
[  613.689434][ T8866]  ? __pfx___mutex_lock+0x10/0x10
[  613.694465][ T8866]  ? __pfx_avc_has_perm+0x10/0x10
[  613.699499][ T8866]  lock_sock_nested+0x3a/0xf0
[  613.704172][ T8866]  ? sockopt_lock_sock+0x54/0x70
[  613.709104][ T8866]  sockopt_lock_sock+0x54/0x70
[  613.713866][ T8866]  do_ip_setsockopt+0x101/0x38b0
[  613.718804][ T8866]  ? sock_has_perm+0x25a/0x2f0
[  613.723574][ T8866]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  613.728945][ T8866]  ? selinux_netlbl_socket_setsockopt+0x142/0x440
[  613.735366][ T8866]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  613.742139][ T8866]  ip_setsockopt+0x59/0xf0
[  613.746557][ T8866]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  613.752546][ T8866]  do_sock_setsockopt+0x222/0x480
[  613.757574][ T8866]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  613.763123][ T8866]  ? __fget_light+0x173/0x210
[  613.767808][ T8866]  __sys_setsockopt+0x1a4/0x270
[  613.772666][ T8866]  ? __pfx___sys_setsockopt+0x10/0x10
[  613.778051][ T8866]  ? xfd_validate_state+0x5d/0x180
[  613.783189][ T8866]  __x64_sys_setsockopt+0xbd/0x160
[  613.788298][ T8866]  ? do_syscall_64+0x91/0x250
[  613.793064][ T8866]  ? lockdep_hardirqs_on+0x7c/0x110
[  613.798262][ T8866]  do_syscall_64+0xcd/0x250
[  613.802769][ T8866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  613.808679][ T8866] RIP: 0033:0x7fcf5b9779f9
[  613.813089][ T8866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  613.832783][ T8866] RSP: 002b:00007fcf5c7c1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  613.841191][ T8866] RAX: ffffffffffffffda RBX: 00007fcf5bb05f80 RCX: 00007fcf5b9779f9
[  613.849157][ T8866] RDX: 000000000000002a RSI: 0000000000000000 RDI: 0000000000000003
[  613.857121][ T8866] RBP: 00007fcf5b9e58ee R08: 0000000000000000 R09: 0000000000000000
[  613.865093][ T8866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  613.873060][ T8866] R13: 0000000000000000 R14: 00007fcf5bb05f80 R15: 00007ffe2ec41338
[  613.881030][ T8866]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  613.961641][ T2499] hsr_slave_0: left promiscuous mode
[  614.028726][ T2499] hsr_slave_1: left promiscuous mode
[  614.080845][ T2499] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  614.103935][ T2499] batman_adv: batadv0: Removing interface: batadv_slave_0
[  614.159993][ T2499] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  614.172047][ T2499] batman_adv: batadv0: Removing interface: batadv_slave_1
[  614.240983][ T2499] veth1_macvtap: left promiscuous mode
[  614.246593][ T2499] veth0_macvtap: left promiscuous mode
[  614.264147][ T2499] veth1_vlan: left promiscuous mode
[  614.269610][ T2499] veth0_vlan: left promiscuous mode
[  614.646141][ T2499] team0 (unregistering): Port device team_slave_1 removed
[  614.662847][ T2499] team0 (unregistering): Port device team_slave_0 removed
[  614.855896][ T8785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  615.333789][ T5304] hid-led 0003:27B8:01ED.0004: probe with driver hid-led failed with error -71
[  615.425890][ T5304] usb 5-1: USB disconnect, device number 10
[  616.052442][ T2499] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.111977][ T2499] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.191036][ T2499] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.261113][ T2499] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.417052][ T2499] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.479996][ T2499] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.562576][ T2499] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.789488][ T2499] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.853706][ T2499] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.912670][ T2499] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.971544][ T2499] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  617.092917][ T2499] bridge_slave_1: left allmulticast mode
[  617.098619][ T2499] bridge_slave_1: left promiscuous mode
[  617.111959][ T2499] bridge0: port 2(bridge_slave_1) entered disabled state
[  617.123291][ T2499] bridge_slave_0: left allmulticast mode
[  617.128965][ T2499] bridge_slave_0: left promiscuous mode
[  617.135126][ T2499] bridge0: port 1(bridge_slave_0) entered disabled state
[  617.148809][ T2499] bridge_slave_1: left allmulticast mode
[  617.155118][ T2499] bridge_slave_1: left promiscuous mode
[  617.164154][ T2499] bridge0: port 2(bridge_slave_1) entered disabled state
[  617.175474][ T2499] bridge_slave_0: left allmulticast mode
[  617.181244][ T2499] bridge_slave_0: left promiscuous mode
[  617.186993][ T2499] bridge0: port 1(bridge_slave_0) entered disabled state
[  617.197574][ T2499] bridge_slave_1: left allmulticast mode
[  617.203425][ T2499] bridge_slave_1: left promiscuous mode
[  617.209177][ T2499] bridge0: port 2(bridge_slave_1) entered disabled state
[  617.219449][ T2499] bridge_slave_0: left allmulticast mode
[  617.226992][ T2499] bridge_slave_0: left promiscuous mode
[  617.232844][ T2499] bridge0: port 1(bridge_slave_0) entered disabled state
[  617.242526][ T2499] bridge_slave_1: left allmulticast mode
[  617.248159][ T2499] bridge_slave_1: left promiscuous mode
[  617.255604][ T2499] bridge0: port 2(bridge_slave_1) entered disabled state
[  617.265168][ T2499] bridge_slave_0: left allmulticast mode
[  617.271119][ T2499] bridge_slave_0: left promiscuous mode
[  617.276827][ T2499] bridge0: port 1(bridge_slave_0) entered disabled state
[  617.286617][ T2499] bridge_slave_1: left allmulticast mode
[  617.293062][ T2499] bridge_slave_1: left promiscuous mode
[  617.298742][ T2499] bridge0: port 2(bridge_slave_1) entered disabled state
[  617.307667][ T2499] bridge_slave_0: left allmulticast mode
[  617.313408][ T2499] bridge_slave_0: left promiscuous mode
[  617.319067][ T2499] bridge0: port 1(bridge_slave_0) entered disabled state
[  617.915912][ T2499] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  617.925916][ T2499] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  617.936965][ T2499] bond0 (unregistering): Released all slaves
[  617.948093][ T2499] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  617.958030][ T2499] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  617.969615][ T2499] bond0 (unregistering): Released all slaves
[  617.989321][ T2499] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  618.000228][ T2499] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  618.011146][ T2499] bond0 (unregistering): Released all slaves
[  618.026258][ T2499] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  618.036623][ T2499] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  618.047846][ T2499] bond0 (unregistering): Released all slaves
[  618.063867][ T2499] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  618.075419][ T2499] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  618.087184][ T2499] bond0 (unregistering): Released all slaves
[  618.437930][ T2499] IPVS: stopping backup sync thread 7918 ...
[  618.984627][ T2499] hsr_slave_0: left promiscuous mode
[  618.993081][ T2499] hsr_slave_1: left promiscuous mode
[  619.002255][ T2499] batman_adv: batadv0: Removing interface: batadv_slave_0
[  619.010058][ T2499] batman_adv: batadv0: Removing interface: batadv_slave_1
[  619.025478][ T2499] hsr_slave_0: left promiscuous mode
[  619.031580][ T2499] hsr_slave_1: left promiscuous mode
[  619.037822][ T2499] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  619.047883][ T2499] batman_adv: batadv0: Removing interface: batadv_slave_0
[  619.057519][ T2499] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  619.068247][ T2499] batman_adv: batadv0: Removing interface: batadv_slave_1
[  619.082651][ T2499] hsr_slave_0: left promiscuous mode
[  619.088736][ T2499] hsr_slave_1: left promiscuous mode
[  619.095639][ T2499] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  619.107569][ T2499] batman_adv: batadv0: Removing interface: batadv_slave_0
[  619.116193][ T2499] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  619.125968][ T2499] batman_adv: batadv0: Removing interface: batadv_slave_1
[  619.138603][ T2499] hsr_slave_0: left promiscuous mode
[  619.147469][ T2499] hsr_slave_1: left promiscuous mode
[  619.153993][ T2499] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  619.164570][ T2499] batman_adv: batadv0: Removing interface: batadv_slave_0
[  619.172929][ T2499] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  619.180877][ T2499] batman_adv: batadv0: Removing interface: batadv_slave_1
[  619.193100][ T2499] veth1_macvtap: left promiscuous mode
[  619.198612][ T2499] veth0_macvtap: left promiscuous mode
[  619.205151][ T2499] veth1_vlan: left promiscuous mode
[  619.210722][ T2499] veth0_vlan: left promiscuous mode
[  619.216817][ T2499] veth1_macvtap: left promiscuous mode
[  619.223011][ T2499] veth0_macvtap: left promiscuous mode
[  619.228695][ T2499] veth1_vlan: left promiscuous mode
[  619.234316][ T2499] veth0_vlan: left promiscuous mode
[  619.241280][ T2499] veth1_macvtap: left promiscuous mode
[  619.246800][ T2499] veth0_macvtap: left promiscuous mode
[  619.252902][ T2499] veth1_vlan: left promiscuous mode
[  619.258195][ T2499] veth0_vlan: left promiscuous mode
[  619.579357][ T2499] team0 (unregistering): Port device team_slave_1 removed
[  619.592948][ T2499] team0 (unregistering): Port device team_slave_0 removed
[  619.934482][ T2499] team0 (unregistering): Port device team_slave_1 removed
[  619.960946][ T2499] team0 (unregistering): Port device team_slave_0 removed
[  620.226706][ T2499] team0 (unregistering): Port device team_slave_1 removed
[  620.252461][ T2499] team0 (unregistering): Port device team_slave_0 removed
[  620.512372][ T2499] team0 (unregistering): Port device team_slave_1 removed
[  620.536719][ T2499] team0 (unregistering): Port device team_slave_0 removed