last executing test programs:

1m11.775805593s ago: executing program 3 (id=87):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='squashfs\x00', 0x0, 0x0)

1m10.615586471s ago: executing program 3 (id=89):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x4, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
socket$inet_udplite(0x2, 0x2, 0x88)
close(0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r3 = userfaultfd(0x80801)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xf0ffffff)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000600))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000})
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
lseek(0xffffffffffffffff, 0x9, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r4, 0x1, 0x19, &(0x7f00000003c0)='wg1\x00', 0x4)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e23, @rand_addr=0x64010103}, 0x10)
socket$nl_sock_diag(0x10, 0x3, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000006000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bc0900000000000055090100000000009500000000000000bf91000000000000b702000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x2, 0x100b, &(0x7f0000001e40)=""/4107}, 0x94)

1m9.504716203s ago: executing program 3 (id=91):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
syz_emit_ethernet(0x42, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$sndpcmc(0x0, 0x1, 0x100)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000380), 0x4)
syz_emit_ethernet(0x6a, &(0x7f0000000040)={@link_local, @dev, @val={@void, {0x8100, 0x0, 0x0, 0x4}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x30, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @mcast1={0xff, 0x0, '\x00', 0x0}}}}}}}}, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f000015bffc)='nfs\x00', 0x0, 0x0)

1m5.866986324s ago: executing program 3 (id=97):
getpid()
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[], 0x50)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0585609, 0x0)

1m2.761137873s ago: executing program 3 (id=102):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x4, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
socket$inet_udplite(0x2, 0x2, 0x88)
close(0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r3 = userfaultfd(0x80801)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xf0ffffff)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000600))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000})
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
lseek(0xffffffffffffffff, 0x9, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r4, 0x1, 0x19, &(0x7f00000003c0)='wg1\x00', 0x4)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e23, @rand_addr=0x64010103}, 0x10)
socket$nl_sock_diag(0x10, 0x3, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000006000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bc0900000000000055090100000000009500000000000000bf91000000000000b702000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x2, 0x100b, &(0x7f0000001e40)=""/4107}, 0x94)

1m1.568872871s ago: executing program 3 (id=105):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, &(0x7f0000000280)=@tcp6, 0x1}, 0x20)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wg2\x00'})
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xe3d08660d3cd4684})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)

46.176847113s ago: executing program 32 (id=105):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, &(0x7f0000000280)=@tcp6, 0x1}, 0x20)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wg2\x00'})
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xe3d08660d3cd4684})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)

19.552261921s ago: executing program 2 (id=206):
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r3, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800000003030102000000000000000000000002080003400000000008000340"], 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x4)
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x64)

16.656581756s ago: executing program 4 (id=213):
socket$inet6(0xa, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
socket$inet_tcp(0x2, 0x1, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000000203010200000000000000000000000008000340000000000900020000000000020000000800010001"], 0x30}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c000000020301"], 0x1c}}, 0x0)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f00000002c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000100)={@my=0x1})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r5, 0x7b1, &(0x7f00000001c0)={&(0x7f0000001180)=[0xf, 0x7, 0x3, 0x3, 0x4, 0x9af, 0x1, 0x6, 0x5, 0x5, 0x6e776bc4, 0x10000, 0x7f, 0x7, 0x3, 0x101, 0xff, 0x4, 0x1, 0x9, 0x5, 0xb4, 0x5, 0x81, 0x2, 0x2, 0x0, 0x0, 0x2ba, 0x800, 0x8, 0xfd, 0xd, 0x0, 0x9, 0x9, 0x3, 0xb6, 0x7, 0x348, 0x7, 0x7fff, 0x2, 0x15f9, 0x1, 0x8, 0x2, 0x79e, 0x4, 0x0, 0x300, 0x8, 0x5, 0x53f, 0x6, 0x2, 0xd, 0x8000, 0x630, 0x4, 0x2, 0x6, 0x8, 0x0, 0x6, 0x5ec, 0x6, 0x0, 0x7, 0x4a5c3d98, 0xfffffff0, 0x8000, 0x809, 0x200, 0x9, 0xd, 0x9, 0x80, 0x4, 0xee, 0x4, 0xbfee, 0x7, 0x7ff, 0x2, 0x1, 0x5, 0x80000001, 0x4, 0x37a, 0xc, 0x8000, 0x678c, 0x3, 0x8001, 0x7, 0x3893, 0xfffffff8, 0x8, 0x6, 0x5, 0x200, 0x4, 0x10001, 0x80000001, 0x4, 0x7, 0x9, 0xcde, 0xfffeffff, 0x9, 0x0, 0x94, 0x0, 0x200, 0x5, 0x0, 0x7f, 0x0, 0xfffff910, 0x7, 0x629, 0x7, 0x10001, 0x1000, 0xfffffffb, 0xfffffff7, 0x16, 0x3, 0x8, 0x21533b78, 0x4, 0x1, 0x1000, 0x7, 0x4, 0x7f, 0x2, 0x80, 0x8, 0x4, 0x2, 0x6, 0x1000, 0x9, 0x9, 0x88a, 0x7fff, 0xff, 0x65, 0x7, 0x7, 0xff, 0x1, 0x3, 0x1, 0x80000000, 0x1a3b, 0x800, 0x0, 0x7, 0x4, 0xbc7, 0x9a7, 0x6, 0x4, 0xe, 0x1a, 0x1, 0x401, 0x9, 0xcc, 0x96, 0x9, 0x0, 0x0, 0x20000, 0x6, 0x3, 0xa19, 0x1, 0x7fff, 0x80000000, 0x1b3, 0x80, 0xfffffffa, 0x0, 0x10000, 0x2, 0x6, 0xe48, 0x0, 0x1f78, 0x3, 0x800, 0x5, 0x8c3, 0x3, 0x9, 0x7b35, 0x10, 0x5a, 0x1, 0xd, 0x8, 0x2, 0x64, 0x4, 0xb09, 0x10001, 0x0, 0x3, 0x1, 0x5, 0x9, 0xfffffc01, 0x6, 0x40, 0xffff, 0x8fb, 0x6, 0x2, 0x81, 0x785, 0x4, 0xd, 0x6, 0xff, 0x10001, 0x5c40, 0x7, 0x6, 0xb7, 0xc, 0x7, 0x7, 0xb, 0x2, 0xfffff671, 0x7, 0x6, 0x2, 0xb93, 0x3, 0xc4df, 0x8, 0x9, 0x8000, 0x5, 0x9, 0x8, 0x3, 0x2, 0x7, 0x162, 0x2, 0x7, 0x7, 0x40, 0x8, 0x65, 0x3, 0xd71, 0x4, 0x8, 0x333a, 0x3, 0xa8, 0xe, 0xfffffff6, 0x8000, 0x69ed, 0x2, 0x9, 0x6, 0xd, 0x1, 0x7, 0x0, 0xe, 0x6547, 0xe0000000, 0xd89e, 0x6, 0x0, 0x9, 0x3, 0xbd79, 0x1c7, 0x81, 0x9, 0x9, 0x4, 0x35c8, 0x35, 0x2, 0x4, 0xa6, 0xf, 0x1, 0x1000, 0x3, 0x6, 0x7, 0x8, 0x8, 0x7, 0x3a622ced, 0x6620, 0x5, 0x9, 0x8, 0x8, 0x9, 0xfffffffe, 0x9, 0x6, 0x3, 0x10, 0xa9, 0x8, 0xffff9762, 0x6, 0x1ff, 0x5, 0xfffffe85, 0x10001, 0x200, 0xff, 0x0, 0x0, 0x9, 0x7f, 0x7, 0x7fffffff, 0xf3, 0x2, 0x7a, 0x49be568, 0x3, 0x3, 0x8, 0x6, 0xda75, 0x5, 0x8, 0x6, 0x5, 0x7fff, 0x9, 0xbc, 0x1, 0x4, 0x7, 0x8, 0xfa7, 0x8, 0xfff, 0x6, 0x5, 0xffff, 0xfffffffa, 0xf, 0x8b09, 0x3, 0x5, 0x7, 0x0, 0x3ff, 0x4, 0x80000000, 0x9, 0x690, 0x800, 0xf, 0x7, 0xfffffffb, 0xf96, 0xfffffffd, 0x5, 0xe6, 0x8, 0x5, 0x5b, 0x976, 0xdc3f, 0x401, 0x0, 0x7e, 0xaa3, 0x7, 0x5, 0xfee, 0x3, 0x5, 0x7fff, 0x3, 0x2, 0x1, 0x0, 0x9, 0x80, 0xdd6f77c8, 0x8, 0x400, 0xc, 0x100, 0x3fa, 0xff, 0x4, 0x6, 0x6, 0x8, 0x9, 0x9, 0x7, 0x1, 0x9, 0xffff, 0x7f, 0x0, 0x101, 0x4800, 0x5, 0x7, 0x9, 0x7fff, 0x81, 0x8, 0x46, 0x5, 0x8, 0x1, 0x7fffffff, 0x1, 0x3, 0x9, 0x2, 0x1, 0x9, 0x4, 0x629c0ef0, 0x3, 0x9742, 0x3, 0x4b, 0xc09d, 0xe, 0x42e0, 0x2, 0x2, 0xa, 0x5, 0x9, 0x0, 0xffff, 0x8, 0x0, 0x0, 0x0, 0x2, 0x5, 0xa, 0x7, 0x6, 0x6, 0x867, 0x0, 0x9, 0x5, 0x0, 0x3, 0x3, 0x2, 0x4, 0x2, 0x9, 0x3, 0x8001, 0x10000, 0xff, 0x4, 0x3, 0x80000001, 0xff, 0x5, 0x2, 0x2, 0x4, 0xfffffffe, 0x8, 0x5, 0x9, 0x6, 0x3f, 0x0, 0x6, 0x9, 0xffffffff, 0x1, 0x138, 0x3, 0x5, 0x69bf, 0x9c, 0xe, 0x112, 0x289e, 0x3, 0x7ff, 0x2, 0x538, 0x8, 0x7, 0x4, 0x9, 0x3, 0x8, 0x4, 0x1000, 0x8, 0x0, 0x1ff, 0x5, 0x2, 0x0, 0x3, 0x8, 0x3, 0xfffffff8, 0xe, 0x5, 0x1, 0x3, 0x1, 0x9, 0xa9a0574c, 0xa565, 0x3, 0x7f, 0x6, 0x2, 0x10000, 0xffffffff, 0x10001, 0x10001, 0x8, 0x1, 0x3, 0x396136b0, 0x7fff, 0x6, 0xc6b, 0x7, 0x3, 0x2cbc2423, 0xfffffff7, 0x2, 0x4, 0x5, 0x69, 0x9, 0x7, 0x3, 0x8, 0x302a, 0x3ff, 0x9, 0xffff, 0x5, 0x4, 0x9, 0x4, 0x8, 0xa, 0x7, 0x8, 0x0, 0x80000, 0x5, 0xa, 0x9, 0x8, 0x40, 0x60, 0x9, 0x1, 0x9, 0x2, 0x5, 0x4ff0, 0x200, 0xe, 0x3, 0x80000000, 0x9, 0x9, 0x0, 0xae, 0x3, 0xe8, 0x200, 0x0, 0x6, 0x0, 0x3, 0x5, 0x9, 0x0, 0x4, 0x0, 0x0, 0x6, 0xbfb3, 0x4, 0x2, 0x417a4c16, 0x1, 0x6, 0x8dc, 0x2, 0x9, 0x166, 0x0, 0xc, 0x9, 0x9, 0x9, 0xb842, 0x0, 0x4c5, 0x1ff, 0x9, 0x286, 0xa, 0x8, 0x7fff, 0x9, 0x8001, 0x4, 0x5, 0x6, 0x4, 0x800, 0x7fff, 0xc, 0x5, 0x9, 0x862, 0xf0, 0x4, 0x3, 0x9, 0xfff, 0x9, 0x6, 0x2, 0x3, 0x9, 0x4, 0x7fffffff, 0x7, 0x7e, 0x774, 0x7, 0x5, 0x8, 0xffffffff, 0x9, 0x10001, 0x10, 0x5, 0x5, 0x1, 0x6, 0x6, 0x8270, 0x4, 0xaae, 0x44f6, 0x3, 0x0, 0x6, 0x4, 0x0, 0x6, 0x4, 0x9, 0xe, 0xe, 0x7, 0x1, 0x3d, 0xfffffffc, 0x40, 0x3, 0x3, 0x0, 0x10, 0x9, 0x3, 0x8, 0x9d, 0xfffff001, 0x0, 0xfffffff9, 0x1, 0xfffffff7, 0x8, 0x34, 0x0, 0x9, 0x569, 0x5, 0x0, 0xb, 0xc900000, 0x3, 0x4, 0x40, 0x6, 0x5, 0x0, 0x86, 0xe517, 0x0, 0x5, 0x4, 0xa0000, 0xffffffff, 0x0, 0x5, 0x466, 0x5, 0x0, 0x0, 0x7fff, 0x1, 0x9, 0x3, 0x2, 0x6, 0x9, 0x94c6, 0x1cc, 0xfffffffc, 0x5, 0x1023, 0xe1, 0x100, 0xea, 0x5, 0x4, 0x3, 0x5, 0x3, 0xe01, 0x7, 0x5, 0x3, 0xad4, 0x400, 0x80000000, 0x1, 0x9, 0x46, 0x28000000, 0x1, 0x0, 0x4, 0x1, 0xab, 0x8, 0xb, 0x3, 0x9, 0x9, 0x7, 0x6, 0x1, 0x4bc, 0x7, 0x373, 0x9, 0x9, 0xb42, 0x2, 0x7fff, 0xfffffff9, 0xfffffffa, 0x1, 0x400, 0x5, 0x6d, 0x9, 0x3ff, 0x7f, 0x9, 0x101, 0xb, 0x348, 0x8, 0x6, 0x3ff, 0x4, 0x6, 0x8, 0x2, 0xff, 0x2, 0xfffffff9, 0x3, 0xfffff155, 0x1000, 0x101, 0x6, 0x7, 0x9, 0x2d9, 0x400, 0x7, 0x9, 0xffffff7a, 0xb2, 0xffffffff, 0xd34, 0x1, 0x6c, 0xb6b, 0x9, 0xa8, 0x5, 0x0, 0x3, 0x9, 0x1, 0x9, 0x9, 0x4, 0x100, 0x64, 0x3, 0x2, 0xa3, 0x8, 0x3, 0x5, 0x7, 0x7fffffff, 0x2, 0x5, 0xfffffff9, 0x3, 0xc5, 0xffffffff, 0x1ff, 0x9, 0x5, 0x4, 0xc30, 0x4, 0x6, 0xa, 0xd, 0x100, 0x6, 0x1c00, 0x81, 0xb6, 0x2, 0x2, 0xed, 0x6e0, 0xe335, 0x7, 0x6, 0xfff, 0x7fff, 0xffffffff, 0x2, 0x2, 0x7fffffff, 0x4, 0x40, 0x3, 0x36, 0xa82, 0xfffffffe, 0xfffff801, 0x72, 0x6000, 0x7, 0xe958, 0x2, 0xfc1ba46, 0x4, 0x4, 0x85, 0x0, 0x3, 0x5, 0xc1, 0x2, 0x2, 0x0, 0x9, 0x5, 0x8000, 0xc, 0x7, 0x4, 0xffffffff, 0x2, 0x101, 0xfffffffe, 0x80000000, 0x4, 0x5, 0x100, 0x8, 0x0, 0x0, 0x7fff, 0x8, 0x7, 0x8, 0x3, 0x5, 0x3, 0x51f5, 0x3, 0x9, 0x1, 0x899, 0x2, 0x6, 0x36175c2b, 0x2, 0x40, 0x3, 0xfffffffc, 0x1, 0x400, 0x5, 0xb8, 0x6, 0x309, 0x7fff, 0x7, 0x8001, 0x3ff, 0x2, 0x80000001, 0x3, 0x6, 0x7, 0x7fff, 0xa21a, 0x6, 0x5, 0x5c0f, 0x2, 0x2, 0x5c, 0x3, 0x9, 0x9, 0x8000, 0x0, 0xc1, 0x3, 0x7, 0x9, 0x63, 0x0, 0x99, 0x8, 0xfffffffc, 0x4, 0x100, 0x1, 0xf, 0x9b, 0x3, 0x6, 0x34cb, 0x4, 0x33, 0x0, 0x1, 0x5, 0x9, 0x4, 0x2, 0xb9d000, 0x8, 0x401, 0xfff, 0x8, 0x0, 0x6, 0x401, 0x8, 0xfffffffa, 0x5, 0xe9, 0xa2f, 0x0, 0x8, 0x0, 0x3, 0x5, 0x80, 0xe1, 0x1, 0x0, 0x0, 0xea, 0xa22, 0x100, 0x0, 0x6, 0x40, 0x1], 0x1, 0x400, 0x80})

15.705603545s ago: executing program 0 (id=215):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x3741, 0x0, 0x1, 0xc}]})
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000e00)={0x0, 0x0, 0x0}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$unix(0x1, 0x2, 0x0)
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x65)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0x0, 0x0)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
close(r3)
sendto$inet6(r2, &(0x7f0000847fff), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmsg$netlink(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000e80)={&(0x7f0000000cc0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x1, 0x101}, 0x28)
mkdir(&(0x7f0000000180)='./file0\x00', 0x30)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000140))
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)='jfs\x00', 0x0, &(0x7f00000000c0)='grpquota')

15.432507311s ago: executing program 4 (id=216):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$AUTOFS_IOC_PROTOVER(0xffffffffffffffff, 0x80049363, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
clock_adjtime(0x0, &(0x7f0000000380)={0x3ff, 0x3, 0x4100, 0xb, 0x40000000, 0x3, 0x400000000, 0x800000000009, 0x0, 0x100, 0x3, 0x0, 0x7, 0x20000, 0x4, 0x2, 0x0, 0x0, 0x300000000000, 0x9, 0x8001, 0x5, 0x0, 0x3, 0x0, 0x8})
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r1, &(0x7f0000000100)={'syz0\x00', {0x0, 0x1000, 0x80, 0xfffc}, 0x7, [0x0, 0x80000000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x3], [0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x3d, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x84, 0x1, 0x200, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x9], [0x0, 0x401, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20, 0x2, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffe, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3a, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x12d, 0x0, 0x0, 0x0, 0x0, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}, 0x45c)
ioctl$UI_DEV_SETUP(r1, 0x5501, 0x0)
readv(r1, &(0x7f0000000080)=[{&(0x7f0000001340)=""/104, 0x68}], 0x1)
write$input_event(r1, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r2, 0x400452c8, &(0x7f0000000100))
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000500)={0x0, 0x0, r5, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000200)={r6, 0x0, 0xfffffeff, 0xfffffffe, 0x1, [<r7=>0x0], [0x800, 0x0, 0x20], [0x1, 0x0, 0x0, 0x77], [0x10000, 0xa54, 0xd1, 0x3]})
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
connect$inet(r8, 0x0, 0x0)
sendto$inet(r8, &(0x7f00000002c0)="f0", 0x1, 0xe61e2840a55038c0, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, &(0x7f0000000040)={r7})
close_range(r3, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)

10.258539795s ago: executing program 0 (id=218):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000180), 0x2000000e9, 0x2)
ioctl$vim2m_VIDIOC_QUERYCAP(r4, 0x80685600, &(0x7f0000000100))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x120, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000c40)=@mangle={'mangle\x00', 0x2, 0x6, 0x520, 0x370, 0x370, 0x0, 0xd0, 0x370, 0x450, 0x450, 0x450, 0x450, 0x450, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000000000000}}, @HL={0x28}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [0xff, 0xff000000], [0x0, 0xff000000], 'syzkaller0\x00', 'pimreg0\x00', {0xff}, {}, 0x0, 0x2}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff}, {0xffffffffffffffff, 0x8, 0x7}, {}, 0x2}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x3ff}}}, {{@ipv6={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [0x0, 0xff], [], 'bond_slave_1\x00', 'pim6reg1\x00', {0xff}}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4, 0x0, 0x2b}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, [0xffffff00, 0xffffffff, 0xff000000], [0xffffffff, 0xffffffff, 0x0, 0xffffffff], 'geneve1\x00', 'team_slave_1\x00', {0xff}, {}, 0x32, 0x9, 0x1, 0x40}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x1, 0x24, 0x1}, {0x4, 0x4}, {0x2, 0x5, 0x5}, 0x4, 0x1}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x580)

10.248875189s ago: executing program 4 (id=219):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x0, &(0x7f0000000280)={@fd={0x66642a85, 0x0, r2}, @ptr={0x70742a85, 0x0, &(0x7f0000000440)=""/220, 0xdc, 0x1, 0x29}, @fda={0x66646185, 0x5, 0x1, 0x18}}, 0x0}, 0x1000}], 0x0, 0x0, 0x0})

9.901234271s ago: executing program 1 (id=221):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(0x0, 0x0)
r1 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
r2 = socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)={0x1c, r7, 0x1, 0x0, 0x0, {{}, {0x0, 0x6}}}, 0x1c}}, 0x0)
sendmsg$TIPC_CMD_GET_NETID(r2, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8005000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000280)={0x1c, r7, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

9.832218835s ago: executing program 2 (id=222):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x4ee6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00', 0x6)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e21, @multicast2}}}, 0x84)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008}, 0x94)
r2 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r3 = fcntl$dupfd(r2, 0x0, r2)
write$binfmt_script(r3, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f0000", 0x12)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
fchdir(r4)
r5 = syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2)
ppoll(&(0x7f0000002ac0)=[{r5, 0x8050}], 0x1, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)

8.896964633s ago: executing program 1 (id=223):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000100001f5ff000000000000000000000a20000000000a03000000000000000000070000040900010073797a300000000048000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000210c0009800800014000000005600000000c0a010300000000000000000700fffe0900020073797a31000000000900010073797a300000000034000380300000802c000180250001002130404c6bfef3a31e2587ebd76200eb3ea056f39e3ab8a93c358099bf8cf3007d00000014000000110001"], 0xf0}}, 0x0)

8.773986607s ago: executing program 2 (id=224):
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80801)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000339000/0x1000)=nil, 0x800000})

7.694750065s ago: executing program 1 (id=225):
socket$inet6(0xa, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
socket$inet_tcp(0x2, 0x1, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000000203010200000000000000000000000008000340000000000900020000000000020000000800010001"], 0x30}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c000000020301"], 0x1c}}, 0x0)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f00000002c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000100)={@my=0x1})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r5, 0x7b1, &(0x7f00000001c0)={&(0x7f0000001180)=[0xf, 0x7, 0x3, 0x3, 0x4, 0x9af, 0x1, 0x6, 0x5, 0x5, 0x6e776bc4, 0x10000, 0x7f, 0x7, 0x3, 0x101, 0xff, 0x4, 0x1, 0x9, 0x5, 0xb4, 0x5, 0x81, 0x2, 0x2, 0x0, 0x0, 0x2ba, 0x800, 0x8, 0xfd, 0xd, 0x0, 0x9, 0x9, 0x3, 0xb6, 0x7, 0x348, 0x7, 0x7fff, 0x2, 0x15f9, 0x1, 0x8, 0x2, 0x79e, 0x4, 0x0, 0x300, 0x8, 0x5, 0x53f, 0x6, 0x2, 0xd, 0x8000, 0x630, 0x4, 0x2, 0x6, 0x8, 0x0, 0x6, 0x5ec, 0x6, 0x0, 0x7, 0x4a5c3d98, 0xfffffff0, 0x8000, 0x809, 0x200, 0x9, 0xd, 0x9, 0x80, 0x4, 0xee, 0x4, 0xbfee, 0x7, 0x7ff, 0x2, 0x1, 0x5, 0x80000001, 0x4, 0x37a, 0xc, 0x8000, 0x678c, 0x3, 0x8001, 0x7, 0x3893, 0xfffffff8, 0x8, 0x6, 0x5, 0x200, 0x4, 0x10001, 0x80000001, 0x4, 0x7, 0x9, 0xcde, 0xfffeffff, 0x9, 0x0, 0x94, 0x0, 0x200, 0x5, 0x0, 0x7f, 0x0, 0xfffff910, 0x7, 0x629, 0x7, 0x10001, 0x1000, 0xfffffffb, 0xfffffff7, 0x16, 0x3, 0x8, 0x21533b78, 0x4, 0x1, 0x1000, 0x7, 0x4, 0x7f, 0x2, 0x80, 0x8, 0x4, 0x2, 0x6, 0x1000, 0x9, 0x9, 0x88a, 0x7fff, 0xff, 0x65, 0x7, 0x7, 0xff, 0x1, 0x3, 0x1, 0x80000000, 0x1a3b, 0x800, 0x0, 0x7, 0x4, 0xbc7, 0x9a7, 0x6, 0x4, 0xe, 0x1a, 0x1, 0x401, 0x9, 0xcc, 0x96, 0x9, 0x0, 0x0, 0x20000, 0x6, 0x3, 0xa19, 0x1, 0x7fff, 0x80000000, 0x1b3, 0x80, 0xfffffffa, 0x0, 0x10000, 0x2, 0x6, 0xe48, 0x0, 0x1f78, 0x3, 0x800, 0x5, 0x8c3, 0x3, 0x9, 0x7b35, 0x10, 0x5a, 0x1, 0xd, 0x8, 0x2, 0x64, 0x4, 0xb09, 0x10001, 0x0, 0x3, 0x1, 0x5, 0x9, 0xfffffc01, 0x6, 0x40, 0xffff, 0x8fb, 0x6, 0x2, 0x81, 0x785, 0x4, 0xd, 0x6, 0xff, 0x10001, 0x5c40, 0x7, 0x6, 0xb7, 0xc, 0x7, 0x7, 0xb, 0x2, 0xfffff671, 0x7, 0x6, 0x2, 0xb93, 0x3, 0xc4df, 0x8, 0x9, 0x8000, 0x5, 0x9, 0x8, 0x3, 0x2, 0x7, 0x162, 0x2, 0x7, 0x7, 0x40, 0x8, 0x65, 0x3, 0xd71, 0x4, 0x8, 0x333a, 0x3, 0xa8, 0xe, 0xfffffff6, 0x8000, 0x69ed, 0x2, 0x9, 0x6, 0xd, 0x1, 0x7, 0x0, 0xe, 0x6547, 0xe0000000, 0xd89e, 0x6, 0x0, 0x9, 0x3, 0xbd79, 0x1c7, 0x81, 0x9, 0x9, 0x4, 0x35c8, 0x35, 0x2, 0x4, 0xa6, 0xf, 0x1, 0x1000, 0x3, 0x6, 0x7, 0x8, 0x8, 0x7, 0x3a622ced, 0x6620, 0x5, 0x9, 0x8, 0x8, 0x9, 0xfffffffe, 0x9, 0x6, 0x3, 0x10, 0xa9, 0x8, 0xffff9762, 0x6, 0x1ff, 0x5, 0xfffffe85, 0x10001, 0x200, 0xff, 0x0, 0x0, 0x9, 0x7f, 0x7, 0x7fffffff, 0xf3, 0x2, 0x7a, 0x49be568, 0x3, 0x3, 0x8, 0x6, 0xda75, 0x5, 0x8, 0x6, 0x5, 0x7fff, 0x9, 0xbc, 0x1, 0x4, 0x7, 0x8, 0xfa7, 0x8, 0xfff, 0x6, 0x5, 0xffff, 0xfffffffa, 0xf, 0x8b09, 0x3, 0x5, 0x7, 0x0, 0x3ff, 0x4, 0x80000000, 0x9, 0x690, 0x800, 0xf, 0x7, 0xfffffffb, 0xf96, 0xfffffffd, 0x5, 0xe6, 0x8, 0x5, 0x5b, 0x976, 0xdc3f, 0x401, 0x0, 0x7e, 0xaa3, 0x7, 0x5, 0xfee, 0x3, 0x5, 0x7fff, 0x3, 0x2, 0x1, 0x0, 0x9, 0x80, 0xdd6f77c8, 0x8, 0x400, 0xc, 0x100, 0x3fa, 0xff, 0x4, 0x6, 0x6, 0x8, 0x9, 0x9, 0x7, 0x1, 0x9, 0xffff, 0x7f, 0x0, 0x101, 0x4800, 0x5, 0x7, 0x9, 0x7fff, 0x81, 0x8, 0x46, 0x5, 0x8, 0x1, 0x7fffffff, 0x1, 0x3, 0x9, 0x2, 0x1, 0x9, 0x4, 0x629c0ef0, 0x3, 0x9742, 0x3, 0x4b, 0xc09d, 0xe, 0x42e0, 0x2, 0x2, 0xa, 0x5, 0x9, 0x0, 0xffff, 0x8, 0x0, 0x0, 0x0, 0x2, 0x5, 0xa, 0x7, 0x6, 0x6, 0x867, 0x0, 0x9, 0x5, 0x0, 0x3, 0x3, 0x2, 0x4, 0x2, 0x9, 0x3, 0x8001, 0x10000, 0xff, 0x4, 0x3, 0x80000001, 0xff, 0x5, 0x2, 0x2, 0x4, 0xfffffffe, 0x8, 0x5, 0x9, 0x6, 0x3f, 0x0, 0x6, 0x9, 0xffffffff, 0x1, 0x138, 0x3, 0x5, 0x69bf, 0x9c, 0xe, 0x112, 0x289e, 0x3, 0x7ff, 0x2, 0x538, 0x8, 0x7, 0x4, 0x9, 0x3, 0x8, 0x4, 0x1000, 0x8, 0x0, 0x1ff, 0x5, 0x2, 0x0, 0x3, 0x8, 0x3, 0xfffffff8, 0xe, 0x5, 0x1, 0x3, 0x1, 0x9, 0xa9a0574c, 0xa565, 0x3, 0x7f, 0x6, 0x2, 0x10000, 0xffffffff, 0x10001, 0x10001, 0x8, 0x1, 0x3, 0x396136b0, 0x7fff, 0x6, 0xc6b, 0x7, 0x3, 0x2cbc2423, 0xfffffff7, 0x2, 0x4, 0x5, 0x69, 0x9, 0x7, 0x3, 0x8, 0x302a, 0x3ff, 0x9, 0xffff, 0x5, 0x4, 0x9, 0x4, 0x8, 0xa, 0x7, 0x8, 0x0, 0x80000, 0x5, 0xa, 0x9, 0x8, 0x40, 0x60, 0x9, 0x1, 0x9, 0x2, 0x5, 0x4ff0, 0x200, 0xe, 0x3, 0x80000000, 0x9, 0x9, 0x0, 0xae, 0x3, 0xe8, 0x200, 0x0, 0x6, 0x0, 0x3, 0x5, 0x9, 0x0, 0x4, 0x0, 0x0, 0x6, 0xbfb3, 0x4, 0x2, 0x417a4c16, 0x1, 0x6, 0x8dc, 0x2, 0x9, 0x166, 0x0, 0xc, 0x9, 0x9, 0x9, 0xb842, 0x0, 0x4c5, 0x1ff, 0x9, 0x286, 0xa, 0x8, 0x7fff, 0x9, 0x8001, 0x4, 0x5, 0x6, 0x4, 0x800, 0x7fff, 0xc, 0x5, 0x9, 0x862, 0xf0, 0x4, 0x3, 0x9, 0xfff, 0x9, 0x6, 0x2, 0x3, 0x9, 0x4, 0x7fffffff, 0x7, 0x7e, 0x774, 0x7, 0x5, 0x8, 0xffffffff, 0x9, 0x10001, 0x10, 0x5, 0x5, 0x1, 0x6, 0x6, 0x8270, 0x4, 0xaae, 0x44f6, 0x3, 0x0, 0x6, 0x4, 0x0, 0x6, 0x4, 0x9, 0xe, 0xe, 0x7, 0x1, 0x3d, 0xfffffffc, 0x40, 0x3, 0x3, 0x0, 0x10, 0x9, 0x3, 0x8, 0x9d, 0xfffff001, 0x0, 0xfffffff9, 0x1, 0xfffffff7, 0x8, 0x34, 0x0, 0x9, 0x569, 0x5, 0x0, 0xb, 0xc900000, 0x3, 0x4, 0x40, 0x6, 0x5, 0x0, 0x86, 0xe517, 0x0, 0x5, 0x4, 0xa0000, 0xffffffff, 0x0, 0x5, 0x466, 0x5, 0x0, 0x0, 0x7fff, 0x1, 0x9, 0x3, 0x2, 0x6, 0x9, 0x94c6, 0x1cc, 0xfffffffc, 0x5, 0x1023, 0xe1, 0x100, 0xea, 0x5, 0x4, 0x3, 0x5, 0x3, 0xe01, 0x7, 0x5, 0x3, 0xad4, 0x400, 0x80000000, 0x1, 0x9, 0x46, 0x28000000, 0x1, 0x0, 0x4, 0x1, 0xab, 0x8, 0xb, 0x3, 0x9, 0x9, 0x7, 0x6, 0x1, 0x4bc, 0x7, 0x373, 0x9, 0x9, 0xb42, 0x2, 0x7fff, 0xfffffff9, 0xfffffffa, 0x1, 0x400, 0x5, 0x6d, 0x9, 0x3ff, 0x7f, 0x9, 0x101, 0xb, 0x348, 0x8, 0x6, 0x3ff, 0x4, 0x6, 0x8, 0x2, 0xff, 0x2, 0xfffffff9, 0x3, 0xfffff155, 0x1000, 0x101, 0x6, 0x7, 0x9, 0x2d9, 0x400, 0x7, 0x9, 0xffffff7a, 0xb2, 0xffffffff, 0xd34, 0x1, 0x6c, 0xb6b, 0x9, 0xa8, 0x5, 0x0, 0x3, 0x9, 0x1, 0x9, 0x9, 0x4, 0x100, 0x64, 0x3, 0x2, 0xa3, 0x8, 0x3, 0x5, 0x7, 0x7fffffff, 0x2, 0x5, 0xfffffff9, 0x3, 0xc5, 0xffffffff, 0x1ff, 0x9, 0x5, 0x4, 0xc30, 0x4, 0x6, 0xa, 0xd, 0x100, 0x6, 0x1c00, 0x81, 0xb6, 0x2, 0x2, 0xed, 0x6e0, 0xe335, 0x7, 0x6, 0xfff, 0x7fff, 0xffffffff, 0x2, 0x2, 0x7fffffff, 0x4, 0x40, 0x3, 0x36, 0xa82, 0xfffffffe, 0xfffff801, 0x72, 0x6000, 0x7, 0xe958, 0x2, 0xfc1ba46, 0x4, 0x4, 0x85, 0x0, 0x3, 0x5, 0xc1, 0x2, 0x2, 0x0, 0x9, 0x5, 0x8000, 0xc, 0x7, 0x4, 0xffffffff, 0x2, 0x101, 0xfffffffe, 0x80000000, 0x4, 0x5, 0x100, 0x8, 0x0, 0x0, 0x7fff, 0x8, 0x7, 0x8, 0x3, 0x5, 0x3, 0x51f5, 0x3, 0x9, 0x1, 0x899, 0x2, 0x6, 0x36175c2b, 0x2, 0x40, 0x3, 0xfffffffc, 0x1, 0x400, 0x5, 0xb8, 0x6, 0x309, 0x7fff, 0x7, 0x8001, 0x3ff, 0x2, 0x80000001, 0x3, 0x6, 0x7, 0x7fff, 0xa21a, 0x6, 0x5, 0x5c0f, 0x2, 0x2, 0x5c, 0x3, 0x9, 0x9, 0x8000, 0x0, 0xc1, 0x3, 0x7, 0x9, 0x63, 0x0, 0x99, 0x8, 0xfffffffc, 0x4, 0x100, 0x1, 0xf, 0x9b, 0x3, 0x6, 0x34cb, 0x4, 0x33, 0x0, 0x1, 0x5, 0x9, 0x4, 0x2, 0xb9d000, 0x8, 0x401, 0xfff, 0x8, 0x0, 0x6, 0x401, 0x8, 0xfffffffa, 0x5, 0xe9, 0xa2f, 0x0, 0x8, 0x0, 0x3, 0x5, 0x80, 0xe1, 0x1, 0x0, 0x0, 0xea, 0xa22, 0x100, 0x0, 0x6, 0x40, 0x1], 0x1, 0x400, 0x80})

7.04818338s ago: executing program 0 (id=226):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xd1, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4840)
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
prlimit64(0x0, 0x8, 0x0, &(0x7f0000000340))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00')
setsockopt$sock_int(r1, 0x1, 0x28, &(0x7f00000003c0)=0x5, 0x4)
r2 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f00000006c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x3, r2, &(0x7f0000000480)="e4b5eea546a2b4", 0x7, 0x494}])
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r1, &(0x7f00000002c0)="23000000010006", 0x7)
getrlimit(0xa, &(0x7f0000000180))
bind$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x1, @empty, 0x0, 0x3}, 0x20)

6.911981048s ago: executing program 2 (id=227):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x3741, 0x0, 0x1, 0xc}]})
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000e00)={0x0, 0x0, 0x0}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$unix(0x1, 0x2, 0x0)
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x65)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0x0, 0x0)
r4 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
close(r4)
sendto$inet6(r3, &(0x7f0000847fff), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmsg$netlink(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000e80)={&(0x7f0000000cc0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x1, 0x101}, 0x28)
mkdir(&(0x7f0000000180)='./file0\x00', 0x30)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140))
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)='jfs\x00', 0x0, &(0x7f00000000c0)='grpquota')

6.302432441s ago: executing program 1 (id=228):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
msgget$private(0x0, 0x20)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='squashfs\x00', 0x0, 0x0)

4.004254415s ago: executing program 2 (id=229):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x4, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
socket$inet_udplite(0x2, 0x2, 0x88)
close(0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r3 = userfaultfd(0x80801)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xf0ffffff)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000600))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000})
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
lseek(0xffffffffffffffff, 0x9, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$nl_sock_diag(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, &(0x7f0000000040)=0x12, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000006000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bc0900000000000055090100000000009500000000000000bf91000000000000b702000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x2, 0x100b, &(0x7f0000001e40)=""/4107}, 0x94)

3.80537782s ago: executing program 1 (id=230):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
socket$inet_tcp(0x2, 0x1, 0x0)
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000240)={0xaa, 0x50})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x3})
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xf)

3.005052842s ago: executing program 2 (id=231):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
add_key(0x0, 0x0, &(0x7f0000000100)="305c0605e182d1", 0x7, 0xfffffffffffffffe)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850", 0x4, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='H\x00\x00', @ANYBLOB], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xffffffffffffff02, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

3.004502925s ago: executing program 4 (id=232):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
syz_emit_ethernet(0x42, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$sndpcmc(0x0, 0x1, 0x100)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000380), 0x4)
syz_emit_ethernet(0x6a, &(0x7f0000000040)={@link_local, @dev, @val={@void, {0x8100, 0x0, 0x0, 0x4}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x30, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @mcast1={0xff, 0x0, '\x00', 0x0}}}}}}}}, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f000015bffc)='nfs\x00', 0x0, 0x0)

2.727000246s ago: executing program 1 (id=233):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000100)="06010000246837f7", 0x8}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3", 0xfd}], 0x3)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = creat(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r5 = fanotify_init(0xf00, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
fanotify_mark(r5, 0x105, 0x40009975, r4, 0x0)
r6 = syz_open_dev$video4linux(&(0x7f0000000080), 0x6d6b, 0x480)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r6, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x2})
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$IP_VS_SO_GET_SERVICE(r7, 0x0, 0x30, 0x0, &(0x7f0000000180))
ioctl$VIDIOC_QUERYMENU(r6, 0xc008561c, &(0x7f0000000000)={0x980900, 0x81, @value=0x327})

2.697739975s ago: executing program 0 (id=234):
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80801)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000339000/0x1000)=nil, 0x800000})

1.683139034s ago: executing program 0 (id=235):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
creat(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r3, 0x84, 0x16, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x6)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x2})

1.682729789s ago: executing program 4 (id=236):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = fsopen(&(0x7f00000002c0)='ocfs2_dlmfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)

366.897784ms ago: executing program 4 (id=237):
socket$inet6(0xa, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
socket$inet_tcp(0x2, 0x1, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000000203010200000000000000000000000008000340000000000900020000000000020000000800010001"], 0x30}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c000000020301"], 0x1c}}, 0x0)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f00000002c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000100)={@my=0x1})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r5, 0x7b1, &(0x7f00000001c0)={&(0x7f0000001180)=[0xf, 0x7, 0x3, 0x3, 0x4, 0x9af, 0x1, 0x6, 0x5, 0x5, 0x6e776bc4, 0x10000, 0x7f, 0x7, 0x3, 0x101, 0xff, 0x4, 0x1, 0x9, 0x5, 0xb4, 0x5, 0x81, 0x2, 0x2, 0x0, 0x0, 0x2ba, 0x800, 0x8, 0xfd, 0xd, 0x0, 0x9, 0x9, 0x3, 0xb6, 0x7, 0x348, 0x7, 0x7fff, 0x2, 0x15f9, 0x1, 0x8, 0x2, 0x79e, 0x4, 0x0, 0x300, 0x8, 0x5, 0x53f, 0x6, 0x2, 0xd, 0x8000, 0x630, 0x4, 0x2, 0x6, 0x8, 0x0, 0x6, 0x5ec, 0x6, 0x0, 0x7, 0x4a5c3d98, 0xfffffff0, 0x8000, 0x809, 0x200, 0x9, 0xd, 0x9, 0x80, 0x4, 0xee, 0x4, 0xbfee, 0x7, 0x7ff, 0x2, 0x1, 0x5, 0x80000001, 0x4, 0x37a, 0xc, 0x8000, 0x678c, 0x3, 0x8001, 0x7, 0x3893, 0xfffffff8, 0x8, 0x6, 0x5, 0x200, 0x4, 0x10001, 0x80000001, 0x4, 0x7, 0x9, 0xcde, 0xfffeffff, 0x9, 0x0, 0x94, 0x0, 0x200, 0x5, 0x0, 0x7f, 0x0, 0xfffff910, 0x7, 0x629, 0x7, 0x10001, 0x1000, 0xfffffffb, 0xfffffff7, 0x16, 0x3, 0x8, 0x21533b78, 0x4, 0x1, 0x1000, 0x7, 0x4, 0x7f, 0x2, 0x80, 0x8, 0x4, 0x2, 0x6, 0x1000, 0x9, 0x9, 0x88a, 0x7fff, 0xff, 0x65, 0x7, 0x7, 0xff, 0x1, 0x3, 0x1, 0x80000000, 0x1a3b, 0x800, 0x0, 0x7, 0x4, 0xbc7, 0x9a7, 0x6, 0x4, 0xe, 0x1a, 0x1, 0x401, 0x9, 0xcc, 0x96, 0x9, 0x0, 0x0, 0x20000, 0x6, 0x3, 0xa19, 0x1, 0x7fff, 0x80000000, 0x1b3, 0x80, 0xfffffffa, 0x0, 0x10000, 0x2, 0x6, 0xe48, 0x0, 0x1f78, 0x3, 0x800, 0x5, 0x8c3, 0x3, 0x9, 0x7b35, 0x10, 0x5a, 0x1, 0xd, 0x8, 0x2, 0x64, 0x4, 0xb09, 0x10001, 0x0, 0x3, 0x1, 0x5, 0x9, 0xfffffc01, 0x6, 0x40, 0xffff, 0x8fb, 0x6, 0x2, 0x81, 0x785, 0x4, 0xd, 0x6, 0xff, 0x10001, 0x5c40, 0x7, 0x6, 0xb7, 0xc, 0x7, 0x7, 0xb, 0x2, 0xfffff671, 0x7, 0x6, 0x2, 0xb93, 0x3, 0xc4df, 0x8, 0x9, 0x8000, 0x5, 0x9, 0x8, 0x3, 0x2, 0x7, 0x162, 0x2, 0x7, 0x7, 0x40, 0x8, 0x65, 0x3, 0xd71, 0x4, 0x8, 0x333a, 0x3, 0xa8, 0xe, 0xfffffff6, 0x8000, 0x69ed, 0x2, 0x9, 0x6, 0xd, 0x1, 0x7, 0x0, 0xe, 0x6547, 0xe0000000, 0xd89e, 0x6, 0x0, 0x9, 0x3, 0xbd79, 0x1c7, 0x81, 0x9, 0x9, 0x4, 0x35c8, 0x35, 0x2, 0x4, 0xa6, 0xf, 0x1, 0x1000, 0x3, 0x6, 0x7, 0x8, 0x8, 0x7, 0x3a622ced, 0x6620, 0x5, 0x9, 0x8, 0x8, 0x9, 0xfffffffe, 0x9, 0x6, 0x3, 0x10, 0xa9, 0x8, 0xffff9762, 0x6, 0x1ff, 0x5, 0xfffffe85, 0x10001, 0x200, 0xff, 0x0, 0x0, 0x9, 0x7f, 0x7, 0x7fffffff, 0xf3, 0x2, 0x7a, 0x49be568, 0x3, 0x3, 0x8, 0x6, 0xda75, 0x5, 0x8, 0x6, 0x5, 0x7fff, 0x9, 0xbc, 0x1, 0x4, 0x7, 0x8, 0xfa7, 0x8, 0xfff, 0x6, 0x5, 0xffff, 0xfffffffa, 0xf, 0x8b09, 0x3, 0x5, 0x7, 0x0, 0x3ff, 0x4, 0x80000000, 0x9, 0x690, 0x800, 0xf, 0x7, 0xfffffffb, 0xf96, 0xfffffffd, 0x5, 0xe6, 0x8, 0x5, 0x5b, 0x976, 0xdc3f, 0x401, 0x0, 0x7e, 0xaa3, 0x7, 0x5, 0xfee, 0x3, 0x5, 0x7fff, 0x3, 0x2, 0x1, 0x0, 0x9, 0x80, 0xdd6f77c8, 0x8, 0x400, 0xc, 0x100, 0x3fa, 0xff, 0x4, 0x6, 0x6, 0x8, 0x9, 0x9, 0x7, 0x1, 0x9, 0xffff, 0x7f, 0x0, 0x101, 0x4800, 0x5, 0x7, 0x9, 0x7fff, 0x81, 0x8, 0x46, 0x5, 0x8, 0x1, 0x7fffffff, 0x1, 0x3, 0x9, 0x2, 0x1, 0x9, 0x4, 0x629c0ef0, 0x3, 0x9742, 0x3, 0x4b, 0xc09d, 0xe, 0x42e0, 0x2, 0x2, 0xa, 0x5, 0x9, 0x0, 0xffff, 0x8, 0x0, 0x0, 0x0, 0x2, 0x5, 0xa, 0x7, 0x6, 0x6, 0x867, 0x0, 0x9, 0x5, 0x0, 0x3, 0x3, 0x2, 0x4, 0x2, 0x9, 0x3, 0x8001, 0x10000, 0xff, 0x4, 0x3, 0x80000001, 0xff, 0x5, 0x2, 0x2, 0x4, 0xfffffffe, 0x8, 0x5, 0x9, 0x6, 0x3f, 0x0, 0x6, 0x9, 0xffffffff, 0x1, 0x138, 0x3, 0x5, 0x69bf, 0x9c, 0xe, 0x112, 0x289e, 0x3, 0x7ff, 0x2, 0x538, 0x8, 0x7, 0x4, 0x9, 0x3, 0x8, 0x4, 0x1000, 0x8, 0x0, 0x1ff, 0x5, 0x2, 0x0, 0x3, 0x8, 0x3, 0xfffffff8, 0xe, 0x5, 0x1, 0x3, 0x1, 0x9, 0xa9a0574c, 0xa565, 0x3, 0x7f, 0x6, 0x2, 0x10000, 0xffffffff, 0x10001, 0x10001, 0x8, 0x1, 0x3, 0x396136b0, 0x7fff, 0x6, 0xc6b, 0x7, 0x3, 0x2cbc2423, 0xfffffff7, 0x2, 0x4, 0x5, 0x69, 0x9, 0x7, 0x3, 0x8, 0x302a, 0x3ff, 0x9, 0xffff, 0x5, 0x4, 0x9, 0x4, 0x8, 0xa, 0x7, 0x8, 0x0, 0x80000, 0x5, 0xa, 0x9, 0x8, 0x40, 0x60, 0x9, 0x1, 0x9, 0x2, 0x5, 0x4ff0, 0x200, 0xe, 0x3, 0x80000000, 0x9, 0x9, 0x0, 0xae, 0x3, 0xe8, 0x200, 0x0, 0x6, 0x0, 0x3, 0x5, 0x9, 0x0, 0x4, 0x0, 0x0, 0x6, 0xbfb3, 0x4, 0x2, 0x417a4c16, 0x1, 0x6, 0x8dc, 0x2, 0x9, 0x166, 0x0, 0xc, 0x9, 0x9, 0x9, 0xb842, 0x0, 0x4c5, 0x1ff, 0x9, 0x286, 0xa, 0x8, 0x7fff, 0x9, 0x8001, 0x4, 0x5, 0x6, 0x4, 0x800, 0x7fff, 0xc, 0x5, 0x9, 0x862, 0xf0, 0x4, 0x3, 0x9, 0xfff, 0x9, 0x6, 0x2, 0x3, 0x9, 0x4, 0x7fffffff, 0x7, 0x7e, 0x774, 0x7, 0x5, 0x8, 0xffffffff, 0x9, 0x10001, 0x10, 0x5, 0x5, 0x1, 0x6, 0x6, 0x8270, 0x4, 0xaae, 0x44f6, 0x3, 0x0, 0x6, 0x4, 0x0, 0x6, 0x4, 0x9, 0xe, 0xe, 0x7, 0x1, 0x3d, 0xfffffffc, 0x40, 0x3, 0x3, 0x0, 0x10, 0x9, 0x3, 0x8, 0x9d, 0xfffff001, 0x0, 0xfffffff9, 0x1, 0xfffffff7, 0x8, 0x34, 0x0, 0x9, 0x569, 0x5, 0x0, 0xb, 0xc900000, 0x3, 0x4, 0x40, 0x6, 0x5, 0x0, 0x86, 0xe517, 0x0, 0x5, 0x4, 0xa0000, 0xffffffff, 0x0, 0x5, 0x466, 0x5, 0x0, 0x0, 0x7fff, 0x1, 0x9, 0x3, 0x2, 0x6, 0x9, 0x94c6, 0x1cc, 0xfffffffc, 0x5, 0x1023, 0xe1, 0x100, 0xea, 0x5, 0x4, 0x3, 0x5, 0x3, 0xe01, 0x7, 0x5, 0x3, 0xad4, 0x400, 0x80000000, 0x1, 0x9, 0x46, 0x28000000, 0x1, 0x0, 0x4, 0x1, 0xab, 0x8, 0xb, 0x3, 0x9, 0x9, 0x7, 0x6, 0x1, 0x4bc, 0x7, 0x373, 0x9, 0x9, 0xb42, 0x2, 0x7fff, 0xfffffff9, 0xfffffffa, 0x1, 0x400, 0x5, 0x6d, 0x9, 0x3ff, 0x7f, 0x9, 0x101, 0xb, 0x348, 0x8, 0x6, 0x3ff, 0x4, 0x6, 0x8, 0x2, 0xff, 0x2, 0xfffffff9, 0x3, 0xfffff155, 0x1000, 0x101, 0x6, 0x7, 0x9, 0x2d9, 0x400, 0x7, 0x9, 0xffffff7a, 0xb2, 0xffffffff, 0xd34, 0x1, 0x6c, 0xb6b, 0x9, 0xa8, 0x5, 0x0, 0x3, 0x9, 0x1, 0x9, 0x9, 0x4, 0x100, 0x64, 0x3, 0x2, 0xa3, 0x8, 0x3, 0x5, 0x7, 0x7fffffff, 0x2, 0x5, 0xfffffff9, 0x3, 0xc5, 0xffffffff, 0x1ff, 0x9, 0x5, 0x4, 0xc30, 0x4, 0x6, 0xa, 0xd, 0x100, 0x6, 0x1c00, 0x81, 0xb6, 0x2, 0x2, 0xed, 0x6e0, 0xe335, 0x7, 0x6, 0xfff, 0x7fff, 0xffffffff, 0x2, 0x2, 0x7fffffff, 0x4, 0x40, 0x3, 0x36, 0xa82, 0xfffffffe, 0xfffff801, 0x72, 0x6000, 0x7, 0xe958, 0x2, 0xfc1ba46, 0x4, 0x4, 0x85, 0x0, 0x3, 0x5, 0xc1, 0x2, 0x2, 0x0, 0x9, 0x5, 0x8000, 0xc, 0x7, 0x4, 0xffffffff, 0x2, 0x101, 0xfffffffe, 0x80000000, 0x4, 0x5, 0x100, 0x8, 0x0, 0x0, 0x7fff, 0x8, 0x7, 0x8, 0x3, 0x5, 0x3, 0x51f5, 0x3, 0x9, 0x1, 0x899, 0x2, 0x6, 0x36175c2b, 0x2, 0x40, 0x3, 0xfffffffc, 0x1, 0x400, 0x5, 0xb8, 0x6, 0x309, 0x7fff, 0x7, 0x8001, 0x3ff, 0x2, 0x80000001, 0x3, 0x6, 0x7, 0x7fff, 0xa21a, 0x6, 0x5, 0x5c0f, 0x2, 0x2, 0x5c, 0x3, 0x9, 0x9, 0x8000, 0x0, 0xc1, 0x3, 0x7, 0x9, 0x63, 0x0, 0x99, 0x8, 0xfffffffc, 0x4, 0x100, 0x1, 0xf, 0x9b, 0x3, 0x6, 0x34cb, 0x4, 0x33, 0x0, 0x1, 0x5, 0x9, 0x4, 0x2, 0xb9d000, 0x8, 0x401, 0xfff, 0x8, 0x0, 0x6, 0x401, 0x8, 0xfffffffa, 0x5, 0xe9, 0xa2f, 0x0, 0x8, 0x0, 0x3, 0x5, 0x80, 0xe1, 0x1, 0x0, 0x0, 0xea, 0xa22, 0x100, 0x0, 0x6, 0x40, 0x1], 0x1, 0x400, 0x80})

0s ago: executing program 0 (id=238):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x3741, 0x0, 0x1, 0xc}]})
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000e00)={0x0, 0x0, 0x0}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$unix(0x1, 0x2, 0x0)
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x65)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0x0, 0x0)
r4 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
close(r4)
sendto$inet6(r3, &(0x7f0000847fff), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmsg$netlink(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000e80)={&(0x7f0000000cc0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x1, 0x101}, 0x28)
mkdir(&(0x7f0000000180)='./file0\x00', 0x30)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140))
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)='jfs\x00', 0x0, &(0x7f00000000c0)='grpquota')

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.121' (ED25519) to the list of known hosts.
[   65.626251][   T30] audit: type=1400 audit(1750813388.128:62): avc:  denied  { mounton } for  pid=5798 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   65.631201][ T5798] cgroup: Unknown subsys name 'net'
[   65.649070][   T30] audit: type=1400 audit(1750813388.128:63): avc:  denied  { mount } for  pid=5798 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   65.676976][   T30] audit: type=1400 audit(1750813388.158:64): avc:  denied  { unmount } for  pid=5798 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   65.837495][ T5798] cgroup: Unknown subsys name 'cpuset'
[   65.846103][ T5798] cgroup: Unknown subsys name 'rlimit'
[   66.082450][   T30] audit: type=1400 audit(1750813388.578:65): avc:  denied  { setattr } for  pid=5798 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   66.106092][   T30] audit: type=1400 audit(1750813388.578:66): avc:  denied  { create } for  pid=5798 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   66.142420][   T30] audit: type=1400 audit(1750813388.578:67): avc:  denied  { write } for  pid=5798 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   66.163750][   T30] audit: type=1400 audit(1750813388.578:68): avc:  denied  { read } for  pid=5798 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   66.185654][   T30] audit: type=1400 audit(1750813388.608:69): avc:  denied  { mounton } for  pid=5798 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   66.210762][   T30] audit: type=1400 audit(1750813388.608:70): avc:  denied  { mount } for  pid=5798 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   66.212260][ T5800] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   66.235505][   T30] audit: type=1400 audit(1750813388.638:71): avc:  denied  { read } for  pid=5480 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[   67.199757][ T5798] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   69.529854][ T5820] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   69.537818][ T5818] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   69.538704][ T5820] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   69.551059][ T5816] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   69.553209][ T5820] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   69.568479][ T5820] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   69.570117][ T5816] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   69.576320][ T5820] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   69.590492][ T5818] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   69.593741][ T5820] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   69.597979][ T5816] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   69.605736][ T5820] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   69.619797][ T5818] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   69.620553][ T5820] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   69.627912][ T5818] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   69.635929][ T5820] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   69.640879][ T5816] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   69.652032][ T5820] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   69.663414][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   69.673405][ T5820] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   69.695859][ T5819] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   69.703973][ T5819] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   69.711469][ T5819] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   69.720243][ T5819] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   69.732866][ T5819] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   70.162191][ T5812] chnl_net:caif_netlink_parms(): no params data found
[   70.227034][ T5825] chnl_net:caif_netlink_parms(): no params data found
[   70.351488][ T5808] chnl_net:caif_netlink_parms(): no params data found
[   70.385819][ T5811] chnl_net:caif_netlink_parms(): no params data found
[   70.419901][ T5812] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.428225][ T5812] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.436396][ T5812] bridge_slave_0: entered allmulticast mode
[   70.443569][ T5812] bridge_slave_0: entered promiscuous mode
[   70.485029][ T5812] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.492121][ T5812] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.500223][ T5812] bridge_slave_1: entered allmulticast mode
[   70.508053][ T5812] bridge_slave_1: entered promiscuous mode
[   70.541129][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.548421][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.555616][ T5825] bridge_slave_0: entered allmulticast mode
[   70.562374][ T5825] bridge_slave_0: entered promiscuous mode
[   70.572473][ T5814] chnl_net:caif_netlink_parms(): no params data found
[   70.607520][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.614759][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.621871][ T5825] bridge_slave_1: entered allmulticast mode
[   70.629435][ T5825] bridge_slave_1: entered promiscuous mode
[   70.642413][ T5812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.686101][ T5812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.711033][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.724661][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.809778][ T5812] team0: Port device team_slave_0 added
[   70.816417][ T5811] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.825933][ T5811] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.833501][ T5811] bridge_slave_0: entered allmulticast mode
[   70.840314][ T5811] bridge_slave_0: entered promiscuous mode
[   70.848000][ T5808] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.855310][ T5808] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.862459][ T5808] bridge_slave_0: entered allmulticast mode
[   70.869481][ T5808] bridge_slave_0: entered promiscuous mode
[   70.892668][ T5812] team0: Port device team_slave_1 added
[   70.908188][ T5811] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.915567][ T5811] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.922671][ T5811] bridge_slave_1: entered allmulticast mode
[   70.929936][ T5811] bridge_slave_1: entered promiscuous mode
[   70.936377][ T5808] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.943944][ T5808] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.951059][ T5808] bridge_slave_1: entered allmulticast mode
[   70.958032][ T5808] bridge_slave_1: entered promiscuous mode
[   70.967149][ T5825] team0: Port device team_slave_0 added
[   71.020629][ T5825] team0: Port device team_slave_1 added
[   71.026606][ T5814] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.034138][ T5814] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.041280][ T5814] bridge_slave_0: entered allmulticast mode
[   71.048214][ T5814] bridge_slave_0: entered promiscuous mode
[   71.055799][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.062756][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.089063][ T5812] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.127095][ T5814] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.134394][ T5814] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.141577][ T5814] bridge_slave_1: entered allmulticast mode
[   71.148959][ T5814] bridge_slave_1: entered promiscuous mode
[   71.158746][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[   71.169027][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[   71.182687][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.190329][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.216785][ T5812] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.236283][ T5811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.248686][ T5811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.260533][ T5808] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.294078][ T5814] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.319229][ T5808] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.329435][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.336843][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.363277][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.376246][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.383464][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.409476][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.423408][ T5814] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.488427][ T5811] team0: Port device team_slave_0 added
[   71.505887][ T5808] team0: Port device team_slave_0 added
[   71.537995][ T5812] hsr_slave_0: entered promiscuous mode
[   71.545816][ T5812] hsr_slave_1: entered promiscuous mode
[   71.553921][ T5811] team0: Port device team_slave_1 added
[   71.561550][ T5808] team0: Port device team_slave_1 added
[   71.581034][ T5814] team0: Port device team_slave_0 added
[   71.590795][ T5814] team0: Port device team_slave_1 added
[   71.619014][ T5825] hsr_slave_0: entered promiscuous mode
[   71.625187][ T5825] hsr_slave_1: entered promiscuous mode
[   71.631091][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   71.639138][ T5825] Cannot create hsr debugfs directory
[   71.714331][ T5820] Bluetooth: hci3: command tx timeout
[   71.714760][ T5813] Bluetooth: hci1: command tx timeout
[   71.720298][ T5820] Bluetooth: hci2: command tx timeout
[   71.726013][ T5819] Bluetooth: hci0: command tx timeout
[   71.741032][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.748470][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.774626][ T5811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.786545][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.794404][ T5819] Bluetooth: hci4: command tx timeout
[   71.796226][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.826136][ T5808] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.847512][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.854559][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.880604][ T5814] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.892067][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.899448][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.926288][ T5811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.937943][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.944947][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.971853][ T5808] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.001854][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.008935][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.034981][ T5814] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.186848][ T5811] hsr_slave_0: entered promiscuous mode
[   72.193689][ T5811] hsr_slave_1: entered promiscuous mode
[   72.199871][ T5811] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   72.207496][ T5811] Cannot create hsr debugfs directory
[   72.219765][ T5808] hsr_slave_0: entered promiscuous mode
[   72.226041][ T5808] hsr_slave_1: entered promiscuous mode
[   72.232021][ T5808] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   72.240032][ T5808] Cannot create hsr debugfs directory
[   72.249489][ T5814] hsr_slave_0: entered promiscuous mode
[   72.256461][ T5814] hsr_slave_1: entered promiscuous mode
[   72.262401][ T5814] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   72.270046][ T5814] Cannot create hsr debugfs directory
[   72.545448][ T5812] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   72.558652][ T5812] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   72.601026][ T5812] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   72.639496][ T5812] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   72.704756][ T5825] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   72.716445][ T5825] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   72.728277][ T5825] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   72.757435][ T5825] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   72.812214][ T5808] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   72.835519][ T5808] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   72.849687][ T5808] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   72.858740][ T5808] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   72.927872][ T5811] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   72.946696][ T5811] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   72.970037][ T5811] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   72.980838][ T5811] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   73.016429][ T5812] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.030705][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.093855][ T5825] 8021q: adding VLAN 0 to HW filter on device team0
[   73.135920][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.143116][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.158004][ T5812] 8021q: adding VLAN 0 to HW filter on device team0
[   73.184398][ T5814] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   73.198237][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.205380][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.216615][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.223779][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.251218][ T5814] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   73.263784][ T1008] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.270913][ T1008] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.288465][ T5814] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   73.299016][ T5814] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   73.414807][ T5808] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.458032][ T5811] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.496064][ T5811] 8021q: adding VLAN 0 to HW filter on device team0
[   73.497078][   T30] kauditd_printk_skb: 14 callbacks suppressed
[   73.497092][   T30] audit: type=1400 audit(1750813395.998:86): avc:  denied  { sys_module } for  pid=5812 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   73.549332][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.556536][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.587883][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.595101][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.609815][ T5808] 8021q: adding VLAN 0 to HW filter on device team0
[   73.641201][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.648388][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.711040][ T5814] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.736805][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.744018][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.797817][ T5819] Bluetooth: hci2: command tx timeout
[   73.797833][ T5820] Bluetooth: hci0: command tx timeout
[   73.797863][ T5820] Bluetooth: hci1: command tx timeout
[   73.803848][ T5819] Bluetooth: hci3: command tx timeout
[   73.865034][ T5814] 8021q: adding VLAN 0 to HW filter on device team0
[   73.873436][   T51] Bluetooth: hci4: command tx timeout
[   73.900918][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.908066][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.925855][ T5812] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.937320][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.956297][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.963473][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.050329][ T5812] veth0_vlan: entered promiscuous mode
[   74.111512][ T5812] veth1_vlan: entered promiscuous mode
[   74.198525][ T5812] veth0_macvtap: entered promiscuous mode
[   74.239818][ T5812] veth1_macvtap: entered promiscuous mode
[   74.285320][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.296904][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.327324][ T5812] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.354344][ T5812] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.363531][ T5812] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.372240][ T5812] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.423804][ T5808] 8021q: adding VLAN 0 to HW filter on device batadv0
[   74.465740][ T5811] 8021q: adding VLAN 0 to HW filter on device batadv0
[   74.577141][ T5808] veth0_vlan: entered promiscuous mode
[   74.632480][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.650463][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.660727][ T5808] veth1_vlan: entered promiscuous mode
[   74.701488][ T5814] 8021q: adding VLAN 0 to HW filter on device batadv0
[   74.720200][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.722023][ T5811] veth0_vlan: entered promiscuous mode
[   74.739362][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.751043][ T5825] veth0_vlan: entered promiscuous mode
[   74.769602][   T30] audit: type=1400 audit(1750813397.268:87): avc:  denied  { mounton } for  pid=5812 comm="syz-executor" path="/root/syzkaller.kb6eTN/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   74.806356][   T30] audit: type=1400 audit(1750813397.298:88): avc:  denied  { mount } for  pid=5812 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   74.807151][ T5808] veth0_macvtap: entered promiscuous mode
[   74.831138][   T30] audit: type=1400 audit(1750813397.298:89): avc:  denied  { mounton } for  pid=5812 comm="syz-executor" path="/root/syzkaller.kb6eTN/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   74.856220][ T5811] veth1_vlan: entered promiscuous mode
[   74.868034][   T30] audit: type=1400 audit(1750813397.338:90): avc:  denied  { mount } for  pid=5812 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   74.918492][   T30] audit: type=1400 audit(1750813397.338:91): avc:  denied  { mounton } for  pid=5812 comm="syz-executor" path="/root/syzkaller.kb6eTN/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   74.927156][ T5812] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   74.956445][   T30] audit: type=1400 audit(1750813397.338:92): avc:  denied  { mounton } for  pid=5812 comm="syz-executor" path="/root/syzkaller.kb6eTN/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=6327 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   74.975675][ T5808] veth1_macvtap: entered promiscuous mode
[   74.995928][   T30] audit: type=1400 audit(1750813397.338:93): avc:  denied  { unmount } for  pid=5812 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   75.004193][ T5825] veth1_vlan: entered promiscuous mode
[   75.021398][   T30] audit: type=1400 audit(1750813397.368:94): avc:  denied  { mounton } for  pid=5812 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2774 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   75.040542][ T5814] veth0_vlan: entered promiscuous mode
[   75.051929][   T30] audit: type=1400 audit(1750813397.368:95): avc:  denied  { mount } for  pid=5812 comm="syz-executor" name="/" dev="gadgetfs" ino=6332 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   75.131695][ T5811] veth0_macvtap: entered promiscuous mode
[   75.152651][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_0
[   75.176424][ T5814] veth1_vlan: entered promiscuous mode
[   75.208723][ T5825] veth0_macvtap: entered promiscuous mode
[   75.217142][ T5811] veth1_macvtap: entered promiscuous mode
[   75.225821][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.243659][ T5825] veth1_macvtap: entered promiscuous mode
[   75.575344][ T5808] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.598731][ T5808] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.615701][ T5808] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.636322][ T5808] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.748870][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_0
[   75.761147][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0
[   75.778136][ T5814] veth0_macvtap: entered promiscuous mode
[   75.792119][ T5814] veth1_macvtap: entered promiscuous mode
[   75.801195][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.812174][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.833921][ T5811] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.842623][ T5811] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.852062][ T5811] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.860832][ T5811] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.873305][   T51] Bluetooth: hci3: command tx timeout
[   75.878720][   T51] Bluetooth: hci1: command tx timeout
[   75.884658][ T5820] Bluetooth: hci0: command tx timeout
[   75.890122][ T5819] Bluetooth: hci2: command tx timeout
[   75.911647][ T5825] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.921290][ T5825] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.930316][ T5825] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.939128][ T5825] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.953991][ T5819] Bluetooth: hci4: command tx timeout
[   75.956893][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.003811][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.012626][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.031960][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.047656][ T5814] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.059719][ T5814] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.068959][ T5814] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.079339][ T5814] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.157268][ T5932] warning: `syz.1.6' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   76.196302][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.228737][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.302664][   T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.350425][   T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.424708][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.449130][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.583596][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.591440][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.654280][ T5944] cgroup: Need name or subsystem set
[   77.041647][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.080180][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.111373][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.147132][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.274436][ T5954] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   77.315854][ T5954] mmap: syz.1.11 (5954) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   77.896414][ T5958] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   77.907756][ T5958] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   78.704626][   T30] kauditd_printk_skb: 33 callbacks suppressed
[   78.704643][   T30] audit: type=1400 audit(1750813400.388:129): avc:  denied  { mount } for  pid=5957 comm="syz.1.12" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   79.694344][   T30] audit: type=1400 audit(1750813400.398:130): avc:  denied  { unlink } for  pid=5957 comm="syz.1.12" name="#1" dev="tmpfs" ino=61 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   79.860112][   T30] audit: type=1400 audit(1750813400.418:131): avc:  denied  { mount } for  pid=5957 comm="syz.1.12" name="/" dev="overlay" ino=56 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   79.896726][   T30] audit: type=1400 audit(1750813401.188:132): avc:  denied  { unmount } for  pid=5812 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   79.906229][ T5819] Bluetooth: hci2: command tx timeout
[   79.921256][   T51] Bluetooth: hci1: command tx timeout
[   79.922603][ T5819] Bluetooth: hci0: command tx timeout
[   79.927481][ T5820] Bluetooth: hci3: command tx timeout
[   79.932844][ T5819] Bluetooth: hci4: command tx timeout
[   79.934373][ T3446] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   79.967434][ T3446] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.159544][   T30] audit: type=1400 audit(1750813401.968:133): avc:  denied  { create } for  pid=5955 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   80.179130][   T30] audit: type=1400 audit(1750813402.088:134): avc:  denied  { connect } for  pid=5955 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   80.212733][   T30] audit: type=1400 audit(1750813402.558:135): avc:  denied  { create } for  pid=5963 comm="syz.0.14" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   80.247188][ T5967] netlink: 96 bytes leftover after parsing attributes in process `syz.2.15'.
[   80.318677][ T5969] Can't find a SQUASHFS superblock on nullb0
[   80.659747][   T30] audit: type=1400 audit(1750813402.578:136): avc:  denied  { mounton } for  pid=5963 comm="syz.0.14" path="/1/file1" dev="tmpfs" ino=24 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   80.683387][   T30] audit: type=1400 audit(1750813402.638:137): avc:  denied  { mount } for  pid=5814 comm="syz-executor" name="/" dev="gadgetfs" ino=6332 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   80.892864][   T30] audit: type=1400 audit(1750813402.808:138): avc:  denied  { mounton } for  pid=5961 comm="syz.1.13" path="/syzcgroup/unified/syz1" dev="cgroup2" ino=38 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   81.035734][ T5975] syz.1.16 uses obsolete (PF_INET,SOCK_PACKET)
[   81.075366][ T5979] netlink: 12 bytes leftover after parsing attributes in process `syz.2.18'.
[   81.313111][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   81.395410][    T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!!
[   81.404305][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   81.475845][   T44] cfg80211: failed to load regulatory.db
[   81.542361][ T5979] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[   81.792253][ T5991] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   82.097055][ T5993] 8021q: adding VLAN 0 to HW filter on device bond1
[   82.108555][ T5991] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   83.363004][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   83.371691][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   83.763022][   T30] kauditd_printk_skb: 4 callbacks suppressed
[   83.763057][   T30] audit: type=1400 audit(1750813406.218:143): avc:  denied  { block_suspend } for  pid=6013 comm="syz.2.27" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   84.723423][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[   84.733044][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[   84.827205][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   84.922903][   T30] audit: type=1400 audit(1750813407.378:144): avc:  denied  { read } for  pid=6020 comm="syz.3.28" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   85.033558][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   85.042584][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   85.109251][   T30] audit: type=1400 audit(1750813407.378:145): avc:  denied  { open } for  pid=6020 comm="syz.3.28" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   85.427478][   T30] audit: type=1400 audit(1750813407.378:146): avc:  denied  { ioctl } for  pid=6020 comm="syz.3.28" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   86.168045][ T6035] tipc: Started in network mode
[   86.173337][ T6035] tipc: Node identity ac14140f, cluster identity 4711
[   86.181122][ T6035] tipc: New replicast peer: 172.30.1.4
[   86.186925][ T6035] tipc: Enabled bearer <udp:syz2>, priority 10
[   86.196994][ T6035] Zero length message leads to an empty skb
[   86.222945][   T30] audit: type=1400 audit(1750813408.668:147): avc:  denied  { connect } for  pid=6027 comm="syz.3.31" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   86.991574][   T30] audit: type=1400 audit(1750813408.668:148): avc:  denied  { setopt } for  pid=6027 comm="syz.3.31" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   87.302236][   T44] tipc: Node number set to 2886997007
[   87.502904][   T30] audit: type=1400 audit(1750813409.828:149): avc:  denied  { create } for  pid=6032 comm="syz.0.33" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   87.607343][   T30] audit: type=1400 audit(1750813409.838:150): avc:  denied  { setopt } for  pid=6032 comm="syz.0.33" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   87.626795][   T30] audit: type=1400 audit(1750813409.838:151): avc:  denied  { write } for  pid=6032 comm="syz.0.33" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   87.669845][   T30] audit: type=1400 audit(1750813409.838:152): avc:  denied  { connect } for  pid=6032 comm="syz.0.33" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   89.626553][ T6055] input: syz0 as /devices/virtual/input/input5
[   89.693043][   T30] kauditd_printk_skb: 3 callbacks suppressed
[   89.693058][   T30] audit: type=1400 audit(1750813412.118:156): avc:  denied  { create } for  pid=6049 comm="syz.3.37" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   89.834808][   T30] audit: type=1400 audit(1750813412.118:157): avc:  denied  { bind } for  pid=6049 comm="syz.3.37" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   89.874716][   T30] audit: type=1400 audit(1750813668.131:158): avc:  denied  { read write } for  pid=6051 comm="syz.2.29" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   90.008454][   T30] audit: type=1400 audit(1750813668.131:159): avc:  denied  { open } for  pid=6051 comm="syz.2.29" path="/dev/uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   90.342952][   T30] audit: type=1400 audit(1750813668.131:160): avc:  denied  { ioctl } for  pid=6051 comm="syz.2.29" path="/dev/uinput" dev="devtmpfs" ino=920 ioctlcmd=0x5501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   90.402549][   T30] audit: type=1400 audit(1750813668.141:161): avc:  denied  { listen } for  pid=6049 comm="syz.3.37" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   90.524946][   T30] audit: type=1326 audit(1750813668.171:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6056 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d798e929 code=0x7ffc0000
[   90.663197][   T30] audit: type=1326 audit(1750813668.171:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6056 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7f96d798e929 code=0x7ffc0000
[   91.154860][   T30] audit: type=1326 audit(1750813668.171:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6056 comm="syz.0.40" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96d798e929 code=0x7ffc0000
[   91.179428][   T30] audit: type=1400 audit(1750813668.191:165): avc:  denied  { read write } for  pid=6049 comm="syz.3.37" name="video3" dev="devtmpfs" ino=934 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[   91.661724][ T6082] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   92.173158][ T6082] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   92.419934][ T6089] tipc: Started in network mode
[   92.433306][ T6089] tipc: Node identity ac14140f, cluster identity 4711
[   92.508487][ T6089] tipc: New replicast peer: 172.30.1.3
[   92.528584][ T6089] tipc: Enabled bearer <udp:syz2>, priority 10
[   93.584523][ T6097] evm: overlay not supported
[   93.642928][ T5924] tipc: Node number set to 2886997007
[   93.752853][ T6072] Cannot find map_set index 0 as target
[   95.835795][   T30] kauditd_printk_skb: 17 callbacks suppressed
[   95.835811][   T30] audit: type=1400 audit(1750813930.334:183): avc:  denied  { append } for  pid=6120 comm="syz.3.57" name="001" dev="devtmpfs" ino=739 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   97.883112][   T30] audit: type=1400 audit(1750813932.374:184): avc:  denied  { read } for  pid=6146 comm="syz.2.66" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  100.453531][   T30] audit: type=1400 audit(1750813932.414:185): avc:  denied  { open } for  pid=6146 comm="syz.2.66" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  100.966459][   T30] audit: type=1400 audit(1750813932.464:186): avc:  denied  { ioctl } for  pid=6146 comm="syz.2.66" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  101.677816][   T30] audit: type=1400 audit(1750813932.484:187): avc:  denied  { set_context_mgr } for  pid=6146 comm="syz.2.66" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  101.702981][   T30] audit: type=1400 audit(1750813932.554:188): avc:  denied  { write } for  pid=6146 comm="syz.2.66" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  101.796281][   T30] audit: type=1400 audit(1750813932.574:189): avc:  denied  { map } for  pid=6146 comm="syz.2.66" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  101.882659][   T30] audit: type=1400 audit(1750813932.714:190): avc:  denied  { call } for  pid=6146 comm="syz.2.66" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  101.955963][   T30] audit: type=1326 audit(1750814191.644:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6157 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfa558e929 code=0x7ffc0000
[  102.077009][ T6173] tipc: Started in network mode
[  102.106458][   T30] audit: type=1326 audit(1750814191.644:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6157 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfa558e929 code=0x7ffc0000
[  102.193114][ T6173] tipc: Node identity ac14140f, cluster identity 4711
[  102.200732][ T6173] tipc: New replicast peer: 172.30.1.2
[  102.217483][   T30] audit: type=1326 audit(1750814191.654:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6157 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdfa558e929 code=0x7ffc0000
[  102.290645][ T6180] input: syz0 as /devices/virtual/input/input6
[  102.594557][ T6173] tipc: Enabled bearer <udp:syz2>, priority 10
[  102.687763][   T30] audit: type=1326 audit(1750814191.654:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6157 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfa558e929 code=0x7ffc0000
[  102.712520][   T30] audit: type=1326 audit(1750814191.654:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6157 comm="syz.1.68" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fdfa558e929 code=0x7ffc0000
[  102.736558][    C0] vkms_vblank_simulate: vblank timer overrun
[  103.712927][ T5888] tipc: Node number set to 2886997007
[  105.691473][ T6201] infiniband syz2: set down
[  105.696206][ T6201] infiniband syz2: added ipvlan1
[  105.737157][ T6201] RDS/IB: syz2: added
[  105.741723][ T6201] smc: adding ib device syz2 with port count 1
[  105.748741][ T6201] smc:    ib device syz2 port 1 has pnetid 
[  106.666090][   T30] kauditd_printk_skb: 34 callbacks suppressed
[  106.666105][   T30] audit: type=1400 audit(1750814453.170:230): avc:  denied  { ioctl } for  pid=6208 comm="syz.2.82" path="socket:[7110]" dev="sockfs" ino=7110 ioctlcmd=0x9363 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  106.816944][ T6214] netlink: 28 bytes leftover after parsing attributes in process `syz.2.82'.
[  107.752335][ T6219] netlink: 36 bytes leftover after parsing attributes in process `syz.3.83'.
[  108.203844][ T6220] Cannot find map_set index 0 as target
[  109.100860][ T6235] Can't find a SQUASHFS superblock on nullb0
[  109.659718][ T6239] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  110.987970][ T6247] input: syz0 as /devices/virtual/input/input7
[  114.103540][   T30] audit: type=1400 audit(1750814972.294:231): avc:  denied  { create } for  pid=6250 comm="syz.4.92" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  114.170614][   T30] audit: type=1400 audit(1750814972.314:232): avc:  denied  { write } for  pid=6250 comm="syz.4.92" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  114.190715][   T30] audit: type=1400 audit(1750814972.314:233): avc:  denied  { setopt } for  pid=6250 comm="syz.4.92" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  114.611035][ T6262] netlink: 36 bytes leftover after parsing attributes in process `syz.4.94'.
[  115.978978][   T30] audit: type=1400 audit(1750814974.274:234): avc:  denied  { read write } for  pid=6259 comm="syz.1.93" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  116.002006][    C0] vkms_vblank_simulate: vblank timer overrun
[  116.009714][ T6267] netlink: 28 bytes leftover after parsing attributes in process `syz.2.96'.
[  116.483793][   T30] audit: type=1400 audit(1750814974.274:235): avc:  denied  { open } for  pid=6259 comm="syz.1.93" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  117.439363][   T30] audit: type=1400 audit(1750814974.284:236): avc:  denied  { mounton } for  pid=6259 comm="syz.1.93" path="/23/file0" dev="tmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  117.462140][   T30] audit: type=1400 audit(1750815230.537:237): avc:  denied  { unmount } for  pid=5812 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  117.484376][   T30] audit: type=1400 audit(1750815231.907:238): avc:  denied  { search } for  pid=5480 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  117.512198][   T30] audit: type=1400 audit(1750815231.907:239): avc:  denied  { search } for  pid=5480 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  117.564912][   T30] audit: type=1400 audit(1750815231.907:240): avc:  denied  { search } for  pid=5480 comm="dhcpcd" name="data" dev="tmpfs" ino=14 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  117.862572][ T6281] Can't find a SQUASHFS superblock on nullb0
[  118.808448][ T6286] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  118.928990][ T6286] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  119.689035][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  119.689051][   T30] audit: type=1400 audit(1750815234.187:246): avc:  denied  { create } for  pid=6299 comm="syz.0.106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  120.438662][   T30] audit: type=1400 audit(1750815234.937:247): avc:  denied  { add_name } for  pid=6278 comm="dhcpcd-run-hook" name="resolv.conf.sl0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  120.469247][   T30] audit: type=1400 audit(1750815234.967:248): avc:  denied  { create } for  pid=6278 comm="dhcpcd-run-hook" name="resolv.conf.sl0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  120.538544][ T6319] netlink: 36 bytes leftover after parsing attributes in process `syz.4.110'.
[  121.333041][   T30] audit: type=1400 audit(1750815234.967:249): avc:  denied  { write } for  pid=6278 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.sl0.link" dev="tmpfs" ino=2315 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  121.432981][   T30] audit: type=1400 audit(1750815234.967:250): avc:  denied  { append } for  pid=6278 comm="dhcpcd-run-hook" name="resolv.conf.sl0.link" dev="tmpfs" ino=2315 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  121.512882][   T30] audit: type=1400 audit(1750815235.977:251): avc:  denied  { read write } for  pid=6306 comm="syz.0.109" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  121.746965][ T6327] netlink: 8 bytes leftover after parsing attributes in process `syz.1.111'.
[  121.951953][   T30] audit: type=1400 audit(1750815235.977:252): avc:  denied  { open } for  pid=6306 comm="syz.0.109" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  122.122399][   T30] audit: type=1400 audit(1750815235.977:253): avc:  denied  { allowed } for  pid=6306 comm="syz.0.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  122.141755][   T30] audit: type=1400 audit(1750815235.987:254): avc:  denied  { map } for  pid=6306 comm="syz.0.109" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=9303 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  122.246788][   T30] audit: type=1400 audit(1750815235.987:255): avc:  denied  { write } for  pid=6306 comm="syz.0.109" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=9303 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  123.097545][ T6345] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  123.800649][ T6352] Can't find a SQUASHFS superblock on nullb0
[  125.201076][ T6369] input: syz0 as /devices/virtual/input/input8
[  125.794135][ T6375] =======================================================
[  125.794135][ T6375] WARNING: The mand mount option has been deprecated and
[  125.794135][ T6375]          and is ignored by this kernel. Remove the mand
[  125.794135][ T6375]          option from the mount to silence this warning.
[  125.794135][ T6375] =======================================================
[  125.829016][    C1] vkms_vblank_simulate: vblank timer overrun
[  125.995840][ T6375] tmpfs: Unknown parameter '/'
[  126.632888][ T6390] netlink: 28 bytes leftover after parsing attributes in process `syz.0.125'.
[  128.069674][   T30] kauditd_printk_skb: 12 callbacks suppressed
[  128.069706][   T30] audit: type=1400 audit(1750815754.528:268): avc:  denied  { bind } for  pid=6394 comm="syz.4.126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  128.103664][ T6401] xt_CT: You must specify a L4 protocol and not use inversions on it
[  128.228508][   T30] audit: type=1400 audit(1750815754.528:269): avc:  denied  { write } for  pid=6394 comm="syz.4.126" path="socket:[9389]" dev="sockfs" ino=9389 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  129.009562][ T6415] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  129.362089][ T6415] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  129.749646][ T6423] input: syz0 as /devices/virtual/input/input9
[  131.501604][ T6436] tmpfs: Unknown parameter '/'
[  133.220498][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  133.254072][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  133.403694][ T6447] netlink: 28 bytes leftover after parsing attributes in process `syz.1.140'.
[  133.475866][   T30] audit: type=1400 audit(1750816271.972:270): avc:  denied  { setopt } for  pid=6443 comm="syz.4.139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  134.274501][ T6442] syz.2.138: attempt to access beyond end of device
[  134.274501][ T6442] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  134.513625][ T6442] syz.2.138: attempt to access beyond end of device
[  134.513625][ T6442] nbd2: rw=0, sector=120, nr_sectors = 8 limit=0
[  134.673857][ T6442] Mount JFS Failure: -5
[  134.678065][ T6442] jfs_mount failed w/return code = -5
[  135.519546][   T30] audit: type=1400 audit(1750816273.562:271): avc:  denied  { create } for  pid=6456 comm="syz.0.143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  135.809579][   T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  135.824762][   T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  135.846346][   T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  135.855542][   T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  135.863208][   T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  137.755380][ T6487] xt_CT: You must specify a L4 protocol and not use inversions on it
[  137.953168][ T5820] Bluetooth: hci5: command tx timeout
[  138.059394][ T6292] Set syz1 is full, maxelem 65536 reached
[  138.206776][ T6492] netlink: 8 bytes leftover after parsing attributes in process `syz.1.152'.
[  138.603166][   T30] audit: type=1400 audit(1750816276.732:272): avc:  denied  { write } for  pid=6488 comm="syz.1.152" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  138.669895][   T30] audit: type=1400 audit(1750816276.732:273): avc:  denied  { nlmsg_read } for  pid=6488 comm="syz.1.152" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  140.033035][ T5820] Bluetooth: hci5: command tx timeout
[  140.535777][ T6466] chnl_net:caif_netlink_parms(): no params data found
[  140.725512][ T6518] netlink: 28 bytes leftover after parsing attributes in process `syz.1.158'.
[  142.541261][ T5820] Bluetooth: hci5: command tx timeout
[  143.312834][   T30] audit: type=1400 audit(1750816537.788:274): avc:  denied  { create } for  pid=6543 comm="syz.0.164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  143.689568][   T30] audit: type=1400 audit(1750816537.848:275): avc:  denied  { connect } for  pid=6543 comm="syz.0.164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  144.262014][   T30] audit: type=1400 audit(1750816538.018:276): avc:  denied  { write } for  pid=6543 comm="syz.0.164" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  144.387193][   T30] audit: type=1400 audit(1750816538.028:277): avc:  denied  { bind } for  pid=6543 comm="syz.0.164" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  144.448505][ T6552] syz.0.167: attempt to access beyond end of device
[  144.448505][ T6552] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[  144.604948][ T5820] Bluetooth: hci5: command tx timeout
[  144.737997][ T6552] syz.0.167: attempt to access beyond end of device
[  144.737997][ T6552] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0
[  144.751057][   T30] audit: type=1400 audit(1750816538.028:278): avc:  denied  { node_bind } for  pid=6543 comm="syz.0.164" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  145.128636][   T30] audit: type=1400 audit(1750816538.178:279): avc:  denied  { write } for  pid=6545 comm="syz.2.165" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  145.154445][ T6466] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.174547][ T6552] Mount JFS Failure: -5
[  145.206335][ T6466] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.216314][ T6552] jfs_mount failed w/return code = -5
[  145.266716][ T6466] bridge_slave_0: entered allmulticast mode
[  145.306936][ T6466] bridge_slave_0: entered promiscuous mode
[  145.488033][ T6562] netlink: 28 bytes leftover after parsing attributes in process `syz.4.170'.
[  146.558532][ T1142] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.581940][ T6466] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.594355][ T6466] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.601713][ T6466] bridge_slave_1: entered allmulticast mode
[  146.612710][ T6466] bridge_slave_1: entered promiscuous mode
[  146.742026][ T1142] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.839298][ T6573] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  146.872178][   T30] audit: type=1400 audit(1750816797.342:280): avc:  denied  { setopt } for  pid=6554 comm="syz.2.168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  146.904339][   T30] audit: type=1400 audit(1750816797.392:281): avc:  denied  { read } for  pid=6554 comm="syz.2.168" path="socket:[8829]" dev="sockfs" ino=8829 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  147.178259][ T5820] Bluetooth: hci0: Malformed LE Event: 0x1b
[  147.956519][ T6466] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  148.001031][ T6466] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  148.646590][ T6588] netlink: 8 bytes leftover after parsing attributes in process `syz.4.177'.
[  148.839034][ T1142] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.936432][ T1142] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.992594][ T6466] team0: Port device team_slave_0 added
[  149.009637][ T6466] team0: Port device team_slave_1 added
[  149.143313][ T5887] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  149.157823][ T6594] xt_CT: You must specify a L4 protocol and not use inversions on it
[  149.554912][ T6466] batman_adv: batadv0: Adding interface: batadv_slave_0
[  149.575917][ T6466] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  149.603932][ T6598] syz.4.180: attempt to access beyond end of device
[  149.603932][ T6598] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[  149.657323][ T6598] syz.4.180: attempt to access beyond end of device
[  149.657323][ T6598] nbd4: rw=0, sector=120, nr_sectors = 8 limit=0
[  149.701291][ T6466] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  149.723630][ T6598] Mount JFS Failure: -5
[  149.727878][ T6598] jfs_mount failed w/return code = -5
[  149.782685][ T6466] batman_adv: batadv0: Adding interface: batadv_slave_1
[  149.820448][ T6466] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  149.920171][ T6466] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  150.042811][ T5887] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  150.055664][ T5887] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  150.065507][ T5887] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  150.078448][ T5887] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  150.087539][ T5887] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.100399][ T5887] usb 1-1: config 0 descriptor??
[  150.188651][ T6466] hsr_slave_0: entered promiscuous mode
[  150.195403][ T6466] hsr_slave_1: entered promiscuous mode
[  150.201692][ T6466] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  150.210790][ T6466] Cannot create hsr debugfs directory
[  150.497801][ T6605] Can't find a SQUASHFS superblock on nullb0
[  150.573737][ T5887] plantronics 0003:047F:FFFF.0001: reserved main item tag 0xd
[  150.601575][ T5887] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[  150.679843][   T30] audit: type=1400 audit(1750816801.162:282): avc:  denied  { write } for  pid=6602 comm="syz.1.182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  151.047099][ T5887] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  151.195423][ T5887] usb 1-1: USB disconnect, device number 2
[  151.566505][ T6616] xt_nat: multiple ranges no longer supported
[  151.577217][ T6616] rdma_rxe: rxe_newlink: failed to add ipvlan1
[  151.597669][ T5820] Bluetooth: hci1: Malformed LE Event: 0x1b
[  151.686068][ T6620] netlink: 28 bytes leftover after parsing attributes in process `syz.0.186'.
[  152.500288][ T6608] fido_id[6608]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  152.526047][ T1142] bridge_slave_1: left allmulticast mode
[  152.565447][ T1142] bridge_slave_1: left promiscuous mode
[  152.572251][ T1142] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.584949][   T30] audit: type=1400 audit(1750817059.080:283): avc:  denied  { write } for  pid=6623 comm="syz.4.187" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  152.615533][ T1142] bridge_slave_0: left allmulticast mode
[  152.628412][ T1142] bridge_slave_0: left promiscuous mode
[  152.636531][ T1142] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.989732][   T30] audit: type=1400 audit(1750817059.480:284): avc:  denied  { ioctl } for  pid=6613 comm="syz.1.184" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  153.686043][ T6646] netlink: 8 bytes leftover after parsing attributes in process `syz.1.189'.
[  153.706677][   T30] audit: type=1400 audit(1750817060.200:285): avc:  denied  { read write } for  pid=6643 comm="syz.1.189" name="vmci" dev="devtmpfs" ino=697 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  154.050043][   T30] audit: type=1400 audit(1750817060.200:286): avc:  denied  { open } for  pid=6643 comm="syz.1.189" path="/dev/vmci" dev="devtmpfs" ino=697 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  154.092941][   T30] audit: type=1400 audit(1750817060.200:287): avc:  denied  { ioctl } for  pid=6643 comm="syz.1.189" path="/dev/vmci" dev="devtmpfs" ino=697 ioctlcmd=0x7a7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  154.327992][ T6652] syz.4.190: attempt to access beyond end of device
[  154.327992][ T6652] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[  154.427755][ T6652] syz.4.190: attempt to access beyond end of device
[  154.427755][ T6652] nbd4: rw=0, sector=120, nr_sectors = 8 limit=0
[  155.293517][ T6652] Mount JFS Failure: -5
[  155.297792][ T6652] jfs_mount failed w/return code = -5
[  155.423766][ T1142] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  155.466202][ T1142] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  155.514764][ T6654] tmpfs: Unknown parameter '/'
[  155.527722][ T1142] bond0 (unregistering): Released all slaves
[  156.029184][ T6664] Can't find a SQUASHFS superblock on nullb0
[  156.199434][ T1142] tipc: Disabling bearer <udp:syz2>
[  156.214094][ T1142] tipc: Left network mode
[  157.506294][ T6466] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  157.760560][ T6684] xt_CT: You must specify a L4 protocol and not use inversions on it
[  158.633678][ T6466] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  158.692218][ T6466] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  158.793144][ T6695] syz.2.201: attempt to access beyond end of device
[  158.793144][ T6695] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  158.845628][ T6466] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  158.893174][ T6699] capability: warning: `syz.1.203' uses deprecated v2 capabilities in a way that may be insecure
[  158.926033][ T6695] syz.2.201: attempt to access beyond end of device
[  158.926033][ T6695] nbd2: rw=0, sector=120, nr_sectors = 8 limit=0
[  159.861559][ T6703] input: syz0 as /devices/virtual/input/input11
[  159.868099][ T6695] Mount JFS Failure: -5
[  159.872317][ T6695] jfs_mount failed w/return code = -5
[  160.798510][ T6466] 8021q: adding VLAN 0 to HW filter on device bond0
[  160.863513][ T6466] 8021q: adding VLAN 0 to HW filter on device team0
[  160.984885][ T5971] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.992013][ T5971] bridge0: port 1(bridge_slave_0) entered forwarding state
[  161.003880][ T5820] Bluetooth: hci2: Malformed LE Event: 0x1b
[  161.737371][ T5971] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.744632][ T5971] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.567084][ T1142] hsr_slave_0: left promiscuous mode
[  162.581177][ T1142] hsr_slave_1: left promiscuous mode
[  162.715076][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  162.722738][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_0
[  162.905652][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  162.932894][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_1
[  163.217815][ T6744] xt_CT: You must specify a L4 protocol and not use inversions on it
[  163.670314][ T1142] veth1_macvtap: left promiscuous mode
[  163.687373][ T1142] veth0_macvtap: left promiscuous mode
[  163.694780][ T1142] veth1_vlan: left promiscuous mode
[  163.703636][ T1142] veth0_vlan: left promiscuous mode
[  164.008188][ T6749] netlink: 36 bytes leftover after parsing attributes in process `syz.2.206'.
[  164.091843][ T6752] netlink: 8 bytes leftover after parsing attributes in process `syz.4.213'.
[  164.681119][ T6755] Bluetooth: MGMT ver 1.23
[  164.691464][   T30] audit: type=1400 audit(1750817327.171:288): avc:  denied  { setopt } for  pid=6753 comm="syz.1.214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  164.711252][    C1] vkms_vblank_simulate: vblank timer overrun
[  165.055372][ T1008] smc: removing ib device syz2
[  168.344329][ T6761] syz.0.215: attempt to access beyond end of device
[  168.344329][ T6761] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[  168.434358][ T6762] input: syz0 as /devices/virtual/input/input12
[  169.010062][ T6761] syz.0.215: attempt to access beyond end of device
[  169.010062][ T6761] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0
[  169.023075][ T6761] Mount JFS Failure: -5
[  169.027290][ T6761] jfs_mount failed w/return code = -5
[  169.325353][ T5820] Bluetooth: hci2: Malformed LE Event: 0x1b
[  171.501485][ T6780] Cannot find map_set index 0 as target
[  172.821277][ T6796] netlink: 8 bytes leftover after parsing attributes in process `syz.1.225'.
[  173.312654][ T1142] team0 (unregistering): Port device team_slave_1 removed
[  173.405084][ T1142] team0 (unregistering): Port device team_slave_0 removed
[  175.224443][ T6802] syz.2.227: attempt to access beyond end of device
[  175.224443][ T6802] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  175.421829][ T6802] syz.2.227: attempt to access beyond end of device
[  175.421829][ T6802] nbd2: rw=0, sector=120, nr_sectors = 8 limit=0
[  176.276740][ T6802] Mount JFS Failure: -5
[  176.280983][ T6802] jfs_mount failed w/return code = -5
[  176.415319][ T6806] Can't find a SQUASHFS superblock on nullb0
[  179.229142][   T30] audit: type=1400 audit(1750817597.673:289): avc:  denied  { watch } for  pid=6821 comm="syz.1.233" path="/67/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=412 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  179.455839][   T30] audit: type=1400 audit(1750817597.673:290): avc:  denied  { watch_sb watch_reads } for  pid=6821 comm="syz.1.233" path="/67/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=412 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  179.503999][   T30] audit: type=1400 audit(1750817597.673:291): avc:  denied  { append } for  pid=6821 comm="syz.1.233" name="v4l-subdev1" dev="devtmpfs" ino=941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  180.366400][ T6838] netlink: 8 bytes leftover after parsing attributes in process `syz.4.237'.
[  180.765208][   T30] audit: type=1400 audit(1750817599.253:292): avc:  denied  { write } for  pid=6840 comm="syz.2.231" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  180.788214][   T44] ==================================================================
[  180.796295][   T44] BUG: KASAN: slab-use-after-free in __ethtool_get_link_ksettings+0x1bf/0x200
[  180.805160][   T44] Read of size 8 at addr ffff888024fa62e8 by task kworker/1:1/44
[  180.812876][   T44] 
[  180.815216][   T44] CPU: 1 UID: 0 PID: 44 Comm: kworker/1:1 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  180.815241][   T44] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  180.815254][   T44] Workqueue: events smc_ib_port_event_work
[  180.815287][   T44] Call Trace:
[  180.815294][   T44]  <TASK>
[  180.815304][   T44]  dump_stack_lvl+0x116/0x1f0
[  180.815334][   T44]  print_report+0xcd/0x680
[  180.815359][   T44]  ? __virt_addr_valid+0x81/0x610
[  180.815380][   T44]  ? __phys_addr+0xe8/0x180
[  180.815400][   T44]  ? __ethtool_get_link_ksettings+0x1bf/0x200
[  180.815424][   T44]  kasan_report+0xe0/0x110
[  180.815449][   T44]  ? __ethtool_get_link_ksettings+0x1bf/0x200
[  180.815475][   T44]  __ethtool_get_link_ksettings+0x1bf/0x200
[  180.815499][   T44]  __ethtool_get_link_ksettings+0x145/0x200
[  180.815523][   T44]  ib_get_eth_speed+0x122/0xb50
[  180.815551][   T44]  ? __pfx_ib_get_eth_speed+0x10/0x10
[  180.815576][   T44]  ? __pfx___mutex_lock+0x10/0x10
[  180.815608][   T44]  ? do_raw_spin_unlock+0x172/0x230
[  180.815631][   T44]  rxe_query_port+0x108/0x330
[  180.815662][   T44]  ib_query_port+0x43e/0x8a0
[  180.815689][   T44]  smc_ib_port_event_work+0x12f/0xbf0
[  180.815719][   T44]  ? rcu_is_watching+0x12/0xc0
[  180.815743][   T44]  process_one_work+0x9cc/0x1b70
[  180.815768][   T44]  ? __pfx_process_one_work+0x10/0x10
[  180.815790][   T44]  ? assign_work+0x1a0/0x250
[  180.815820][   T44]  worker_thread+0x6c8/0xf10
[  180.815845][   T44]  ? __pfx_worker_thread+0x10/0x10
[  180.815862][   T44]  kthread+0x3c2/0x780
[  180.815879][   T44]  ? __pfx_kthread+0x10/0x10
[  180.815897][   T44]  ? rcu_is_watching+0x12/0xc0
[  180.815918][   T44]  ? __pfx_kthread+0x10/0x10
[  180.815935][   T44]  ret_from_fork+0x5d4/0x6f0
[  180.815959][   T44]  ? __pfx_kthread+0x10/0x10
[  180.815976][   T44]  ret_from_fork_asm+0x1a/0x30
[  180.816003][   T44]  </TASK>
[  180.816010][   T44] 
[  180.997652][   T44] Allocated by task 5814:
[  181.001957][   T44]  kasan_save_stack+0x33/0x60
[  181.006618][   T44]  kasan_save_track+0x14/0x30
[  181.011274][   T44]  __kasan_kmalloc+0xaa/0xb0
[  181.015845][   T44]  __kvmalloc_node_noprof+0x27b/0x620
[  181.021198][   T44]  alloc_netdev_mqs+0xd2/0x1570
[  181.026032][   T44]  rtnl_create_link+0xc08/0xf90
[  181.030864][   T44]  rtnl_newlink+0xb69/0x2000
[  181.035437][   T44]  rtnetlink_rcv_msg+0x95e/0xe90
[  181.040357][   T44]  netlink_rcv_skb+0x158/0x420
[  181.045105][   T44]  netlink_unicast+0x53a/0x7f0
[  181.049848][   T44]  netlink_sendmsg+0x8d1/0xdd0
[  181.054589][   T44]  __sys_sendto+0x4a0/0x520
[  181.059073][   T44]  __x64_sys_sendto+0xe0/0x1c0
[  181.063820][   T44]  do_syscall_64+0xcd/0x4c0
[  181.068307][   T44]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.074178][   T44] 
[  181.076477][   T44] Freed by task 1142:
[  181.080433][   T44]  kasan_save_stack+0x33/0x60
[  181.085098][   T44]  kasan_save_track+0x14/0x30
[  181.089773][   T44]  kasan_save_free_info+0x3b/0x60
[  181.094778][   T44]  __kasan_slab_free+0x51/0x70
[  181.099525][   T44]  kfree+0x2b4/0x4d0
[  181.103397][   T44]  device_release+0xa4/0x240
[  181.107967][   T44]  kobject_put+0x1e7/0x5a0
[  181.112367][   T44]  netdev_run_todo+0x7e9/0x1320
[  181.117203][   T44]  default_device_exit_batch+0x858/0xaf0
[  181.122819][   T44]  ops_undo_list+0x363/0xab0
[  181.127399][   T44]  cleanup_net+0x408/0x890
[  181.131792][   T44]  process_one_work+0x9cc/0x1b70
[  181.136707][   T44]  worker_thread+0x6c8/0xf10
[  181.141274][   T44]  kthread+0x3c2/0x780
[  181.145318][   T44]  ret_from_fork+0x5d4/0x6f0
[  181.149891][   T44]  ret_from_fork_asm+0x1a/0x30
[  181.154633][   T44] 
[  181.156938][   T44] The buggy address belongs to the object at ffff888024fa6000
[  181.156938][   T44]  which belongs to the cache kmalloc-cg-4k of size 4096
[  181.171227][   T44] The buggy address is located 744 bytes inside of
[  181.171227][   T44]  freed 4096-byte region [ffff888024fa6000, ffff888024fa7000)
[  181.185092][   T44] 
[  181.187400][   T44] The buggy address belongs to the physical page:
[  181.193795][   T44] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x24fa0
[  181.202540][   T44] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  181.211015][   T44] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  181.218542][   T44] page_type: f5(slab)
[  181.222510][   T44] raw: 00fff00000000040 ffff88801b84b500 dead000000000122 0000000000000000
[  181.231071][   T44] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  181.239637][   T44] head: 00fff00000000040 ffff88801b84b500 dead000000000122 0000000000000000
[  181.248284][   T44] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  181.256933][   T44] head: 00fff00000000003 ffffea000093e801 00000000ffffffff 00000000ffffffff
[  181.265581][   T44] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  181.274234][   T44] page dumped because: kasan: bad access detected
[  181.280633][   T44] page_owner tracks the page as allocated
[  181.286332][   T44] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5811, tgid 5811 (syz-executor), ts 72391445794, free_ts 72343610598
[  181.307690][   T44]  post_alloc_hook+0x1c0/0x230
[  181.312446][   T44]  get_page_from_freelist+0x1321/0x3890
[  181.317974][   T44]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  181.323853][   T44]  alloc_pages_mpol+0x1fb/0x550
[  181.328689][   T44]  new_slab+0x23b/0x330
[  181.332839][   T44]  ___slab_alloc+0xd9c/0x1940
[  181.337510][   T44]  __slab_alloc.constprop.0+0x56/0xb0
[  181.342868][   T44]  __kmalloc_cache_noprof+0xfb/0x3e0
[  181.348136][   T44]  ipv6_add_dev+0x6b7/0x15f0
[  181.352711][   T44]  addrconf_notify+0x53e/0x19e0
[  181.357543][   T44]  notifier_call_chain+0xb9/0x410
[  181.362554][   T44]  call_netdevice_notifiers_info+0xbe/0x140
[  181.368440][   T44]  register_netdevice+0x182e/0x2270
[  181.373623][   T44]  macvlan_common_newlink+0x10e7/0x1a20
[  181.379155][   T44]  rtnl_newlink+0xc42/0x2000
[  181.383727][   T44]  rtnetlink_rcv_msg+0x95e/0xe90
[  181.388655][   T44] page last free pid 5825 tgid 5825 stack trace:
[  181.394978][   T44]  __free_frozen_pages+0x7fe/0x1180
[  181.400173][   T44]  qlist_free_all+0x4d/0x120
[  181.404759][   T44]  kasan_quarantine_reduce+0x195/0x1e0
[  181.410219][   T44]  __kasan_slab_alloc+0x69/0x90
[  181.415057][   T44]  __kmalloc_cache_noprof+0x1f1/0x3e0
[  181.420416][   T44]  ref_tracker_alloc+0x18e/0x5b0
[  181.425341][   T44]  register_netdevice+0x1689/0x2270
[  181.430525][   T44]  macvlan_common_newlink+0x10e7/0x1a20
[  181.436059][   T44]  macvtap_newlink+0x17a/0x240
[  181.440808][   T44]  rtnl_newlink+0xc42/0x2000
[  181.445382][   T44]  rtnetlink_rcv_msg+0x95e/0xe90
[  181.450305][   T44]  netlink_rcv_skb+0x158/0x420
[  181.455049][   T44]  netlink_unicast+0x53a/0x7f0
[  181.459790][   T44]  netlink_sendmsg+0x8d1/0xdd0
[  181.464542][   T44]  __sys_sendto+0x4a0/0x520
[  181.469042][   T44]  __x64_sys_sendto+0xe0/0x1c0
[  181.473804][   T44] 
[  181.476110][   T44] Memory state around the buggy address:
[  181.481720][   T44]  ffff888024fa6180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  181.489788][   T44]  ffff888024fa6200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  181.497837][   T44] >ffff888024fa6280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  181.505877][   T44]                                                           ^
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  181.513316][   T44]  ffff888024fa6300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  181.521366][   T44]  ffff888024fa6380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  181.529418][   T44] ==================================================================
[  181.641654][ T6842] syz.0.238: attempt to access beyond end of device
[  181.641654][ T6842] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[  181.659396][   T30] audit: type=1400 audit(1750817600.163:293): avc:  denied  { read } for  pid=5167 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  181.698549][ T6842] syz.0.238: attempt to access beyond end of device
[  181.698549][ T6842] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0
[  181.747062][   T30] audit: type=1400 audit(1750817600.163:294): avc:  denied  { search } for  pid=5167 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  181.748125][   T44] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  181.748143][   T44] CPU: 1 UID: 0 PID: 44 Comm: kworker/1:1 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[  181.748167][   T44] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  181.748179][   T44] Workqueue: events smc_ib_port_event_work
[  181.748210][   T44] Call Trace:
[  181.748216][   T44]  <TASK>
[  181.748223][   T44]  dump_stack_lvl+0x3d/0x1f0
[  181.748250][   T44]  panic+0x71c/0x800
[  181.748276][   T44]  ? __pfx_panic+0x10/0x10
[  181.748300][   T44]  ? mark_held_locks+0x49/0x80
[  181.748329][   T44]  ? preempt_schedule_thunk+0x16/0x30
[  181.748352][   T44]  ? __ethtool_get_link_ksettings+0x1bf/0x200
[  181.748375][   T44]  ? preempt_schedule_common+0x44/0xc0
[  181.748401][   T44]  ? check_panic_on_warn+0x1f/0xb0
[  181.748428][   T44]  ? __ethtool_get_link_ksettings+0x1bf/0x200
[  181.748450][   T44]  check_panic_on_warn+0xab/0xb0
[  181.748476][   T44]  end_report+0x107/0x170
[  181.748501][   T44]  kasan_report+0xee/0x110
[  181.748527][   T44]  ? __ethtool_get_link_ksettings+0x1bf/0x200
[  181.748553][   T44]  __ethtool_get_link_ksettings+0x1bf/0x200
[  181.748576][   T44]  __ethtool_get_link_ksettings+0x145/0x200
[  181.748600][   T44]  ib_get_eth_speed+0x122/0xb50
[  181.748627][   T44]  ? __pfx_ib_get_eth_speed+0x10/0x10
[  181.748653][   T44]  ? __pfx___mutex_lock+0x10/0x10
[  181.748683][   T44]  ? do_raw_spin_unlock+0x172/0x230
[  181.748704][   T44]  rxe_query_port+0x108/0x330
[  181.748734][   T44]  ib_query_port+0x43e/0x8a0
[  181.748760][   T44]  smc_ib_port_event_work+0x12f/0xbf0
[  181.748788][   T44]  ? rcu_is_watching+0x12/0xc0
[  181.748813][   T44]  process_one_work+0x9cc/0x1b70
[  181.748837][   T44]  ? __pfx_process_one_work+0x10/0x10
[  181.748859][   T44]  ? assign_work+0x1a0/0x250
[  181.748888][   T44]  worker_thread+0x6c8/0xf10
[  181.748912][   T44]  ? __pfx_worker_thread+0x10/0x10
[  181.748930][   T44]  kthread+0x3c2/0x780
[  181.748946][   T44]  ? __pfx_kthread+0x10/0x10
[  181.748963][   T44]  ? rcu_is_watching+0x12/0xc0
[  181.748984][   T44]  ? __pfx_kthread+0x10/0x10
[  181.749007][   T44]  ret_from_fork+0x5d4/0x6f0
[  181.749031][   T44]  ? __pfx_kthread+0x10/0x10
[  181.749048][   T44]  ret_from_fork_asm+0x1a/0x30
[  181.749073][   T44]  </TASK>
[  181.768713][   T44] Kernel Offset: disabled